Zdravím,
prosím o kontrolu a vyčištění PC. Přikládám log z FRST. Taky mám dotaz, jaký máte názor na pravidelné čištění pomocí utility duster z této stránky.?
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-01-2020 01
Ran by Petr (administrator) on DESKTOP-VOQ6VC7 (25-01-2020 12:37:20)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 10 Pro Version 1903 18362.592 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\ATISetup.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FCDBLog.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiESNAC.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiSettings.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiSSLVPNdaemon.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiTray.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\scheduler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(GRETECH -> GOM & Company) [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\GOM64.EXE
(Locktime Software s.r.o. -> Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLClientApp.exe
(Locktime Software s.r.o. -> Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Micron Technology, Inc.) [File not signed] C:\Program Files\Crucial\Crucial Storage Executive\cache\MicronCacheMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngineProcess.exe
(uTorrent.CZ -> BitTorrent, Inc.) [File not signed] C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
(uTorrent.CZ -> emc) [File not signed] C:\Users\Petr\AppData\Roaming\uTorrent\uninstall.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Hry\Steam\Steam.exe
(win.rar GmbH -> Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9277528 2019-07-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [183088 2019-12-16] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-07-19] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [61370712 2019-07-15] (Discord Inc. -> Discord Inc.)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [204272 2018-09-25] (INTERNET PROJECT LLC -> )
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => %LOCALAPPDATA%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default
HKLM-x32\...\Run: [M17A] => C:\WINDOWS\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [94752 2019-08-06] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [File not signed]
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Run: [NetLimiter] => C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe [80800 2019-04-01] (Locktime Software s.r.o. -> Locktime Software)
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Run: [Steam] => E:\Hry\Steam\steam.exe [3311568 2020-01-18] (Valve -> Valve Corporation)
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Run: [Discord] => C:\Users\Petr\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1670472 2019-12-25] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Run: [GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [567296 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-21] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{AC7DD106-EAB6-4b41-AC4F-D52FD62A82C7}] -> C:\Program Files\Fortinet\FortiClient\FortiCredentialProvider2.dll [2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{AC7DD106-EAB6-4b41-AC4F-D52FD62A82C7}] -> C:\Program Files\Fortinet\FortiClient\FortiCredentialProvider2.dll [2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2019-07-15]
GroupPolicy: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {19172F03-E8AC-45A6-9F14-529BDD2C2A82} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24629104 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {2A5BEDB3-0D44-4EA6-8244-9EF87E2A665C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2020-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {35F31498-CE90-4D36-92AC-2898E4B71325} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628672 2020-01-09] (Advanced Micro Devices, Inc.) [File not signed]
Task: {373289A3-C6B8-4D24-94B3-0EDC14C0E8B7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6128536 2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {3FCBB18B-65F2-4506-A6DF-A3104AD85E13} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2610160 2019-09-05] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
Task: {40B26A91-C44D-485C-9026-255819448102} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6128536 2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {42788869-F934-4813-BE05-2AEDC810B5E5} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2050448 2020-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {42C2E4C3-83F8-4DF9-84C4-29740C4DA4E4} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2024536 2020-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {5625747D-32F6-4672-BE8D-FC2CBBFADBC6} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628672 2020-01-09] (Advanced Micro Devices, Inc.) [File not signed]
Task: {5ACA658B-A65D-4538-8F89-32EBF23CF9A7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {63AF9127-393A-4387-AB42-71F25579E0B0} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2436936 2019-12-25] (Overwolf Ltd -> Overwolf LTD)
Task: {6506FD7D-82F5-4836-8F23-8FD467326DB8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {72820DFE-4BBF-4F45-AF1F-498A6A626585} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-01-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {7AC494FA-FC22-4C02-ACDC-DB1B0A1B2E5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-15] (Google Inc -> Google LLC)
Task: {7E86D660-70D6-4D7C-8008-A10A8DB62E0A} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [1628672 2020-01-09] (Advanced Micro Devices, Inc.) [File not signed]
Task: {7F0B35FC-4F34-4E43-B389-650BB8E14B23} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-01-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B9F26416-F0B3-41F5-BB7F-F8CA81842BE6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C2E9DE95-C37F-44D4-ABCD-AE92BFA8E175} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2020-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {C356B165-EB2B-4135-B995-D1738D1B4037} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2050448 2020-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC2970DC-3C37-4B9D-83B7-3DEE08C70DA7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-15] (Google Inc -> Google LLC)
Task: {CE2D92E4-08F5-46DA-A58F-989FE8EE7583} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D3CC5ECF-00CC-4634-8E4C-4775B9ABB0B2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [570240 2017-02-14] (Apple Inc. -> Apple Inc.)
Task: {E2096B07-F85C-42BD-ACA7-C844999DF810} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EE9683E1-E95A-4922-A343-D2EBCD38F826} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24629104 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 1.1.1.1
Tcpip\..\Interfaces\{31d1964d-eb4e-4663-91db-9ccdd3024933}: [NameServer] 1.1.1.1,8.8.4.4
Tcpip\..\Interfaces\{31d1964d-eb4e-4663-91db-9ccdd3024933}: [DhcpNameServer] 8.8.8.8 1.1.1.1
Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2020-01-25]
CHR Notifications: Default -> hxxps://webchat.freenode.net
CHR DefaultSearchURL: Default -> hxxps://github.com/Steffo99/chakra-magic
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-07-15]
CHR Extension: (BetterTTV) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2020-01-13]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-07-15]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-07-15]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-07-15]
CHR Extension: (GeoGebra Klasik) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2020-01-24]
CHR Extension: (uBlock Origin) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-01-05]
CHR Extension: (AHA Music - Music Identifier) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf [2019-12-10]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-07-15]
CHR Extension: (I don't care about cookies) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2019-12-25]
CHR Extension: (AudioPick) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfhcppdamigjkficnjnhmnljljhagaha [2019-07-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-10]
CHR Extension: (Grammarly for Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-01-15]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2020-01-22]
CHR Extension: (Chakra Magic) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldamnagiplkkoeolomjiigkfaobbecbo [2019-10-04]
CHR Extension: (Udělej printscreen celé webové stránky - FireShot) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2019-11-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-07-15]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-11]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0350652.inf_amd64_4885c98c29047623\B350656\atiesrxx.exe [524720 2020-01-09] (Advanced Micro Devices, Inc. -> AMD)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-04-29] (Apple Inc. -> Apple Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11164232 2020-01-07] (Microsoft Corporation -> Microsoft Corporation)
S3 DAUpdaterSvc; E:\Hry\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2019-07-12] (BioWare -> BioWare)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-12-16] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-12-16] (ESET, spol. s r.o. -> ESET)
R2 FA_Scheduler; C:\Program Files\Fortinet\FortiClient\scheduler.exe [138640 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
S3 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [73200 2018-09-25] (INTERNET PROJECT LLC -> Freemake)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
R2 MicronCacheMonitor; C:\Program Files\Crucial\Crucial Storage Executive\cache\MicronCacheMonitor.exe [689152 2016-07-26] (Micron Technology, Inc.) [File not signed]
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [309664 2019-04-01] (Locktime Software s.r.o. -> Locktime Software)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2475312 2019-12-12] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3352376 2019-12-12] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2436936 2019-12-25] (Overwolf Ltd -> Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2019-11-21] (Even Balance, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2019-08-09] (Microsoft) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2019-08-09] (Microsoft) [File not signed]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0350652.inf_amd64_4885c98c29047623\B350656\atikmdag.sys [65749192 2020-01-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDKMDAP; C:\WINDOWS\System32\DriverStore\FileRepository\c0350652.inf_amd64_4885c98c29047623\B350656\atikmpag.sys [592288 2020-01-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [103664 2019-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [108152 2019-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 BrSerIb; C:\WINDOWS\System32\drivers\BrSerIb.sys [95344 2013-11-21] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 BrUsbSIb; C:\WINDOWS\System32\drivers\BrUsbSIb.sys [21872 2013-11-21] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 busenum; C:\WINDOWS\System32\drivers\SteelBus64.sys [146944 2014-10-08] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries Corporation)
R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d68x64.inf_amd64_0d0901f66b76dc48\e1d68x64.sys [598112 2019-07-15] (Intel(R) INTELND1820 -> Intel Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149944 2019-11-09] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [103264 2019-11-09] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-07-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189512 2019-11-09] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50712 2019-11-09] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [79744 2019-12-16] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116696 2019-12-16] (ESET, spol. s r.o. -> ESET)
S0 FlashBoot; C:\WINDOWS\System32\drivers\FlashBoot.sys [17616 2019-07-15] (Challenger Backup Solutions, LLC -> Challenger Backup Solutions, LLC)
S3 fortiapd; C:\WINDOWS\System32\drivers\fortiapd.sys [27688 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R1 FortiFilter; C:\WINDOWS\system32\DRIVERS\FortiFilter.sys [35400 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S1 FortiFW; C:\WINDOWS\System32\drivers\FortiFW2.sys [47144 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 Fortips; C:\WINDOWS\System32\drivers\fortips.sys [157752 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R1 FortiShield; C:\WINDOWS\System32\drivers\FortiShield.sys [83512 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 fortisniff; C:\WINDOWS\System32\drivers\fortisniff2.sys [121384 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 ftsvnic; C:\WINDOWS\System32\drivers\ftsvnic.sys [71320 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
R3 ft_vnic; C:\WINDOWS\System32\drivers\ftvnic.sys [70536 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Corporation)
R1 HWiNFO; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [66128 2019-07-16] (Martin Malik - REALiX -> REALiX(tm))
R0 iaStorE; C:\WINDOWS\System32\drivers\iaStorE.sys [1056096 2019-07-15] (Intel Corporation -> Intel Corporation)
R0 iaStorF; C:\WINDOWS\System32\drivers\iaStorF.sys [40288 2019-07-15] (Intel Corporation -> Intel Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
S3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2018-10-05] (Logitech Inc -> Logitech Inc.)
S3 LGJoyHidLo; C:\WINDOWS\system32\drivers\LGJoyHidLo.sys [47256 2018-10-05] (Logitech Inc -> Logitech Inc.)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.)
S3 LGSHidFilt; C:\WINDOWS\System32\drivers\LGSHidFilt.Sys [64280 2018-10-05] (Logitech -> Logitech Inc.)
S3 LGSUsbFilt; C:\WINDOWS\System32\drivers\LGSUsbFilt.Sys [41752 2018-10-05] (Logitech -> Logitech Inc.)
R3 MEIx64; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_84dfa9390100e6bc\x64\TeeDriverW8x64.sys [253840 2019-10-15] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 mticache; C:\WINDOWS\System32\Drivers\mticache.sys [61512 2015-07-13] (Micron Technology, Inc. -> Micron Technology, Inc.) [File not signed]
R1 mtihint; C:\WINDOWS\system32\Drivers\mtihint.sys [18504 2015-07-13] (Micron Technology, Inc. -> Micron Technology, Inc.) [File not signed]
R0 nldrv; C:\WINDOWS\System32\drivers\nldrv.sys [178944 2019-04-01] (Locktime Software s.r.o. -> Locktime Software)
R3 pppop; C:\WINDOWS\System32\drivers\pppop64.sys [54344 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
S3 rdacpi; C:\WINDOWS\System32\drivers\rdacpi.sys [41784 2019-07-15] (EA Excelsior Hang Tong Computer Technology Limited -> )
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 rspWhySoSlow; C:\WINDOWS\System32\DRIVERS\rspWhy64.sys [28928 2016-12-17] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 SAlphamBth; C:\WINDOWS\System32\drivers\SAlphabt64.sys [31232 2014-10-08] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries Corporation)
S3 SAlphamHid; C:\WINDOWS\System32\drivers\SAlpham64.sys [39168 2014-10-08] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries Corporation)
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [163644 2019-07-28] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [53912 2019-07-15] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [54928 2019-07-15] (Synaptics Incorporated -> Synaptics Incorporated)
S3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [47824 2019-05-24] (SteelSeries ApS -> SteelSeries ApS)
S3 STTub30; C:\WINDOWS\System32\Drivers\STTub30.sys [54104 2019-02-01] (STMicroelectronics -> STMicroelectronics)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-08] (Microsoft Windows -> Microsoft Corporation)
R3 XENfiltv; C:\WINDOWS\system32\drivers\XENfiltv.sys [25600 2019-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
S3 cpuz148; \??\C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [X]
S3 VBAudioVMAUXVAIOMME; \SystemRoot\System32\drivers\vbaudio_vmauxvaio64_win10.sys [X]
S3 VBAudioVMVAIOMME; \SystemRoot\System32\drivers\vbaudio_vmvaio64_win10.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-25 12:37 - 2020-01-25 12:37 - 000037250 _____ C:\Users\Petr\Desktop\FRST.txt
2020-01-25 12:36 - 2020-01-25 12:37 - 000000000 ____D C:\FRST
2020-01-25 12:35 - 2020-01-25 12:35 - 002580480 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2020-01-25 12:24 - 2020-01-25 12:24 - 000002633 _____ C:\Users\Public\Desktop\Battle Painters.lnk
2020-01-25 12:24 - 2020-01-25 12:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Saito Games
2020-01-25 12:24 - 2020-01-25 12:24 - 000000000 ____D C:\Program Files (x86)\Saito Games
2020-01-17 12:26 - 2020-01-17 20:59 - 000000000 ____D C:\Users\Petr\AppData\Roaming\WeMod
2020-01-17 12:26 - 2020-01-17 12:26 - 000002156 _____ C:\Users\Petr\Desktop\WeMod.lnk
2020-01-17 12:26 - 2020-01-17 12:26 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod
2020-01-17 12:26 - 2020-01-17 12:26 - 000000000 ____D C:\Users\Petr\AppData\Local\WeMod
2020-01-17 09:47 - 2020-01-17 20:59 - 000000000 ____D C:\Users\Petr\AppData\Roaming\ControlCenter4
2020-01-16 20:16 - 2020-01-16 20:16 - 000000000 ____D C:\Users\Petr\AppData\Local\NMS_MCDAMM
2020-01-16 13:39 - 2020-01-16 13:39 - 000000000 ____D C:\Users\Petr\AppData\Local\Nuance
2020-01-16 13:39 - 2020-01-16 13:39 - 000000000 ____D C:\Users\Petr\AppData\Local\Brother
2020-01-16 13:39 - 2020-01-16 13:39 - 000000000 ____D C:\ProgramData\Nuance
2020-01-16 13:35 - 2020-01-17 09:47 - 000000000 ____D C:\ProgramData\ControlCenter4
2020-01-16 13:35 - 2020-01-16 13:45 - 000000000 ____D C:\Program Files (x86)\Browny02
2020-01-16 13:35 - 2020-01-16 13:43 - 000000000 ____D C:\Program Files (x86)\ControlCenter4
2020-01-16 13:35 - 2020-01-16 13:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2020-01-16 13:35 - 2020-01-16 13:35 - 000000000 ____D C:\Program Files (x86)\ControlCenter4 CSDK
2020-01-16 13:30 - 2020-01-16 13:40 - 000000000 ____D C:\Program Files (x86)\Brother
2020-01-16 13:21 - 2020-01-16 13:21 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-01-15 22:47 - 2020-01-15 22:47 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-15 22:47 - 2020-01-15 22:47 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-15 22:47 - 2020-01-15 22:47 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-15 22:47 - 2020-01-15 22:47 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-15 22:47 - 2020-01-15 22:47 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-15 22:47 - 2020-01-15 22:47 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-15 22:47 - 2020-01-15 22:47 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
2020-01-15 22:47 - 2020-01-15 22:47 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbscan.sys
2020-01-15 22:47 - 2020-01-15 22:47 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-15 22:44 - 2020-01-15 22:44 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-15 22:44 - 2020-01-15 22:44 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-15 00:23 - 2020-01-15 00:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2020-01-15 00:23 - 2020-01-15 00:23 - 000000000 ____D C:\Program Files (x86)\AMD
2020-01-15 00:12 - 2020-01-09 18:35 - 001073296 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-01-15 00:12 - 2020-01-09 18:35 - 001073296 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-01-15 00:12 - 2020-01-09 18:35 - 000929888 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-01-15 00:12 - 2020-01-09 18:35 - 000929888 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-01-15 00:12 - 2020-01-09 18:35 - 000852168 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-01-15 00:12 - 2020-01-09 18:35 - 000852168 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-01-15 00:12 - 2020-01-09 18:35 - 000710040 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-01-15 00:12 - 2020-01-09 18:35 - 000710040 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-01-15 00:12 - 2020-01-09 18:35 - 000020384 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2020-01-15 00:12 - 2020-01-09 18:34 - 001243544 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2020-01-15 00:12 - 2020-01-09 18:34 - 000135584 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-01-15 00:12 - 2020-01-09 18:34 - 000121760 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-01-15 00:06 - 2020-01-15 00:06 - 000000000 ____D C:\Users\Petr\AppData\Roaming\HelloGames
2020-01-15 00:03 - 2020-01-15 00:03 - 000000881 _____ C:\Users\Public\Desktop\No Man's Sky.lnk
2020-01-15 00:03 - 2020-01-15 00:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\No Man's Sky [GOG.com]
2020-01-05 15:48 - 2020-01-05 18:14 - 000000000 ____D C:\Users\Petr\AppData\Roaming\TS3Client
2020-01-05 15:48 - 2020-01-05 15:48 - 000000976 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2020-01-05 15:48 - 2020-01-05 15:48 - 000000000 ____D C:\Users\Petr\AppData\Local\TeamSpeak 3
2020-01-05 15:48 - 2020-01-05 15:48 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client
2019-12-30 13:44 - 2020-01-19 10:38 - 000000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
2019-12-30 13:30 - 2019-12-30 13:30 - 000000773 _____ C:\Users\Public\Desktop\BioShock 2 Remastered.lnk
2019-12-28 17:23 - 2019-12-28 17:23 - 000001413 _____ C:\Users\Petr\Desktop\The Beginner's Guide.lnk
2019-12-28 17:23 - 2019-12-28 17:23 - 000000000 ____D C:\Users\Petr\AppData\Roaming\The Beginner's Guide
2019-12-28 17:23 - 2019-12-28 17:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2019-12-28 17:21 - 2019-12-28 17:21 - 000000000 ____D C:\Program Files (x86)\R.G. Mechanics
2019-12-28 16:25 - 2019-12-28 16:25 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\David OReilly
2019-12-28 16:24 - 2019-12-28 16:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Everything [GOG.com]
2019-12-28 16:24 - 2019-12-28 16:24 - 000000000 ____D C:\ProgramData\GOG.com
2019-12-26 22:08 - 2019-12-26 22:08 - 000000000 ____D C:\WINDOWS\Panther
2019-12-26 20:54 - 2019-12-26 20:54 - 000000000 ____D C:\Users\Petr\AppData\Local\Electronic Arts
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-25 12:36 - 2019-07-02 18:20 - 000000000 ____D C:\AMD
2020-01-25 12:32 - 2019-07-15 16:33 - 000000000 ____D C:\Users\Petr\AppData\Roaming\uTorrent
2020-01-25 12:22 - 2019-07-15 16:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-25 10:17 - 2019-07-15 17:05 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-25 10:17 - 2019-07-15 17:05 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-25 09:38 - 2019-12-19 12:12 - 000003124 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2020-01-25 09:38 - 2019-09-26 12:34 - 000003110 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2020-01-24 22:24 - 2019-07-15 16:29 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages
2020-01-21 20:42 - 2019-07-15 16:32 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-21 20:42 - 2019-07-15 16:32 - 000002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-20 13:34 - 2019-07-15 17:05 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-01-20 13:27 - 2019-07-15 17:51 - 000000000 ____D C:\Users\Petr\AppData\Local\ElevatedDiagnostics
2020-01-20 12:46 - 2019-07-15 17:48 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Discord
2020-01-20 00:49 - 2019-07-15 16:21 - 000000000 ____D C:\Users\Petr
2020-01-19 10:26 - 2019-07-15 17:15 - 000000000 ____D C:\Program Files\Microsoft Office
2020-01-19 10:24 - 2019-07-15 17:06 - 000893016 _____ C:\WINDOWS\system32\perfh005.dat
2020-01-19 10:24 - 2019-07-15 17:06 - 000199390 _____ C:\WINDOWS\system32\perfc005.dat
2020-01-19 10:24 - 2019-07-15 16:30 - 000005810 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-19 10:17 - 2019-07-15 16:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-18 23:58 - 2019-07-15 17:05 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-17 12:44 - 2019-07-15 17:05 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-01-17 12:41 - 2019-10-24 11:27 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2020-01-17 12:26 - 2019-07-15 17:48 - 000000000 ____D C:\Users\Petr\AppData\Local\SquirrelTemp
2020-01-17 12:20 - 2019-12-23 20:13 - 000000000 ____D C:\Program Files\Cheat Engine 7.0
2020-01-16 20:12 - 2019-11-10 15:50 - 000000000 ____D C:\Users\Petr\AppData\Local\ModOrganizer
2020-01-16 13:45 - 2019-07-15 16:16 - 000000000 ____D C:\ProgramData\Brother
2020-01-16 13:39 - 2019-08-13 17:05 - 000000000 ___RD C:\Users\Petr\AppData\Roaming\Brother
2020-01-16 13:35 - 2019-07-15 16:37 - 000000000 ____D C:\ProgramData\Package Cache
2020-01-16 13:30 - 2019-07-15 17:04 - 000000000 ____D C:\WINDOWS\INF
2020-01-16 10:28 - 2019-07-15 16:14 - 000439864 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-15 23:17 - 2019-07-15 17:05 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-15 23:17 - 2019-07-15 17:05 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-15 23:17 - 2019-07-15 17:05 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-15 23:17 - 2019-07-15 17:05 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-15 23:17 - 2019-07-15 17:01 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-01-15 23:17 - 2019-07-15 16:15 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-01-15 22:52 - 2019-07-15 16:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-15 22:49 - 2019-07-15 17:02 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-15 22:49 - 2019-07-15 16:36 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-15 22:32 - 2019-11-09 15:47 - 000000000 ____D C:\Intel
2020-01-15 16:27 - 2019-07-15 17:39 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Telegram Desktop
2020-01-15 14:16 - 2019-07-15 16:48 - 000000000 ____D C:\Users\Petr\AppData\Local\D3DSCache
2020-01-15 00:23 - 2019-07-15 16:15 - 000000000 ____D C:\Program Files\AMD
2020-01-13 16:21 - 2019-07-15 17:05 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-01-12 10:35 - 2019-08-26 11:52 - 000000000 ____D C:\Program Files\Warcraft III
2020-01-12 10:35 - 2019-07-27 20:08 - 000000000 ____D C:\Users\Petr\AppData\Local\Blizzard
2020-01-11 12:53 - 2019-09-05 16:53 - 000000000 ____D C:\Program Files (x86)\Overwolf
2020-01-09 18:35 - 2019-12-19 12:10 - 001594056 _____ (AMD) C:\WINDOWS\system32\coinst_19.50.dll
2020-01-09 18:35 - 2019-12-19 12:10 - 000020616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2020-01-09 18:35 - 2018-12-05 18:48 - 000761240 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2020-01-09 18:35 - 2018-12-05 18:48 - 000574880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2020-01-09 18:35 - 2018-12-05 18:48 - 000493768 _____ C:\WINDOWS\system32\dgtrayicon.exe
2020-01-09 18:35 - 2018-12-05 18:48 - 000491720 _____ C:\WINDOWS\system32\GameManager64.dll
2020-01-09 18:35 - 2018-12-05 18:48 - 000485784 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2020-01-09 18:35 - 2018-12-05 18:48 - 000451992 _____ C:\WINDOWS\system32\atieah64.exe
2020-01-09 18:35 - 2018-12-05 18:48 - 000374472 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2020-01-09 18:35 - 2018-12-05 18:48 - 000344776 _____ C:\WINDOWS\system32\clinfo.exe
2020-01-09 18:35 - 2018-12-05 18:48 - 000242080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2020-01-09 18:35 - 2018-12-05 18:48 - 000209312 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2020-01-09 18:35 - 2018-12-05 18:48 - 000184520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2020-01-09 18:35 - 2018-12-05 18:48 - 000163224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2020-01-09 18:35 - 2018-12-05 18:48 - 000159432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2020-01-09 18:35 - 2018-12-05 18:48 - 000153504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2020-01-09 18:35 - 2018-12-05 18:48 - 000138648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2020-01-09 18:35 - 2018-12-05 18:48 - 000136608 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2020-01-09 18:35 - 2018-12-05 18:48 - 000136600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2020-01-09 18:35 - 2018-12-05 18:48 - 000047304 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2020-01-09 18:35 - 2018-12-05 18:48 - 000044448 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2020-01-09 18:34 - 2019-12-19 12:10 - 062867864 _____ C:\WINDOWS\system32\amd_comgr.dll
2020-01-09 18:34 - 2019-12-19 12:10 - 052403400 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2020-01-09 18:34 - 2019-07-04 07:55 - 000197384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2020-01-09 18:34 - 2019-07-04 07:55 - 000166984 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2020-01-09 18:34 - 2018-12-05 18:48 - 004564168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2020-01-09 18:34 - 2018-12-05 18:48 - 004076960 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2020-01-09 18:34 - 2018-12-05 18:48 - 001730760 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2020-01-09 18:34 - 2018-12-05 18:48 - 001243544 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2020-01-09 18:34 - 2018-12-05 18:48 - 000941768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2020-01-09 18:34 - 2018-12-05 18:48 - 000769224 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2020-01-09 18:34 - 2018-12-05 18:48 - 000554184 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2020-01-09 18:34 - 2018-12-05 18:48 - 000484552 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2020-01-09 18:34 - 2018-12-05 18:48 - 000469192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2020-01-09 18:34 - 2018-12-05 18:48 - 000384200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2020-01-09 18:34 - 2018-12-05 18:48 - 000373960 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2020-01-09 18:34 - 2018-12-05 18:48 - 000346008 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2020-01-09 18:34 - 2018-12-05 18:48 - 000179056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2020-01-09 18:34 - 2018-12-05 18:48 - 000158200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2020-01-09 18:34 - 2018-12-05 18:48 - 000124824 _____ C:\WINDOWS\system32\atidxx64.dll
2020-01-09 18:34 - 2018-12-05 18:48 - 000121248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2020-01-09 18:34 - 2018-12-05 18:48 - 000107440 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2020-01-09 18:34 - 2018-12-05 18:48 - 000106184 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2020-01-09 18:34 - 2018-12-05 18:48 - 000071072 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2020-01-09 18:33 - 2018-12-05 18:48 - 000546528 _____ C:\WINDOWS\system32\amdmiracast.dll
2020-01-09 18:33 - 2018-12-05 18:48 - 000134928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2020-01-09 18:33 - 2018-12-05 18:48 - 000128728 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2020-01-09 18:33 - 2018-12-05 18:48 - 000128728 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2020-01-09 18:33 - 2018-12-05 18:48 - 000119848 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2020-01-09 18:33 - 2018-12-05 18:48 - 000108064 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2020-01-09 18:33 - 2018-12-05 18:48 - 000107832 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2020-01-09 15:37 - 2018-12-05 18:48 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2020-01-09 15:37 - 2018-12-05 18:48 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2020-01-09 15:28 - 2018-12-05 18:48 - 000541392 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2020-01-09 15:28 - 2018-12-05 18:48 - 000541392 _____ C:\WINDOWS\system32\atiapfxx.blb
2020-01-06 23:02 - 2019-09-05 16:53 - 000002176 _____ C:\Users\Petr\Desktop\DotaPlus.lnk
2020-01-06 12:16 - 2019-09-05 16:52 - 000000000 ____D C:\Users\Petr\AppData\Local\Overwolf
2019-12-30 20:43 - 2019-12-12 15:21 - 000000000 ____D C:\Users\Petr\Documents\BioshockHD
2019-12-30 20:43 - 2019-12-12 15:21 - 000000000 ____D C:\Users\Petr\AppData\Roaming\BioshockHD
2019-12-26 22:34 - 2019-10-07 22:14 - 000000000 ____D C:\Users\Petr\AppData\Roaming\jupyter
2019-12-26 20:55 - 2019-11-21 02:59 - 000348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2019-12-26 20:55 - 2019-11-20 18:37 - 000348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2019-12-26 20:55 - 2019-11-20 18:37 - 000280904 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2019-12-26 20:55 - 2019-11-20 14:52 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Origin
2019-12-26 20:54 - 2019-11-20 14:56 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-12-26 20:54 - 2019-11-20 14:55 - 000000000 ____D C:\Program Files (x86)\Origin
2019-12-26 20:54 - 2019-11-20 14:52 - 000000000 ____D C:\Users\Petr\AppData\Local\Origin
2019-12-26 20:54 - 2019-11-20 14:52 - 000000000 ____D C:\ProgramData\Origin
==================== Files in the root of some directories ========
2019-07-21 19:16 - 2019-07-21 19:16 - 000034135 _____ () C:\Users\Petr\AppData\Roaming\VoiceMeeterBananaDefault.xml
2019-07-21 17:48 - 2019-07-21 19:03 - 000004652 _____ () C:\Users\Petr\AppData\Roaming\VoiceMeeterDefault.xml
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o preventivní kontrolu a vyčištění PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o preventivní kontrolu a vyčištění PC
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-01-2020 01
Ran by Petr (25-01-2020 12:38:25)
Running from C:\Users\Petr\Desktop
Windows 10 Pro Version 1903 18362.592 (X64) (2019-07-15 15:28:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1247212818-2744187641-637679726-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1247212818-2744187641-637679726-503 - Limited - Disabled)
Guest (S-1-5-21-1247212818-2744187641-637679726-501 - Limited - Disabled)
Petr (S-1-5-21-1247212818-2744187641-637679726-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-1247212818-2744187641-637679726-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
A Plague Tale: Innocence (HKLM-x32\...\A Plague Tale: Innocence_is1) (Version: - )
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_2) (Version: 20.0.2 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.1.1 - Advanced Micro Devices, Inc.)
Anaconda3 2019.07 (Python 3.7.3 64-bit) (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Anaconda3 2019.07 (Python 3.7.3 64-bit)) (Version: 2019.07 - Anaconda, Inc.)
Apple Mobile Device Support (HKLM\...\{B5A46811-3612-4DA5-8A5A-E6DED5D7C523}) (Version: 12.2.1.12 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Baldur's Gate - Enhanced Edition (HKLM-x32\...\Baldur's Gate - Enhanced Edition_is1) (Version: - )
Battle Painters (HKLM-x32\...\{A58E2FFC-18B9-4EFB-9925-4E2429C47005}) (Version: 2.1.0 - Saito Games)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.52.0 - Bethesda Softworks)
BioShock 2 Remastered (HKLM-x32\...\BioShock 2 Remastered_is1) (Version: - )
BioShock Remastered (HKLM-x32\...\BioShock Remastered_is1) (Version: - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Branding64 (HKLM\...\{133E6274-9FD4-4ABD-80A8-2A954E89EAD6}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{569f9640-fd0a-4a52-97f2-11277f65a3f0}) (Version: 4.4.0.33 - Brother Industries, Ltd.)
Brother iPrint&Scan (HKLM-x32\...\{FE65E525-8FCA-43BE-8D7F-0C4665FAE1A5}) (Version: 4.4.0.33 - Brother Industries, Ltd.) Hidden
Brother Port Driver (HKLM-x32\...\{42B7DE8A-B2BF-41E3-9F0C-F3C10DAB9189}) (Version: 1.0.5.1 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{DFDF4BFA-1551-47EC-93BF-EBC1C305CD47}) (Version: 1.6.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{49F15DD6-D83B-4756-BB57-66E00570C186}) (Version: 1.0.22.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
Community Modpack for Mafia: The City of Lost Heaven (HKLM-x32\...\Community Modpack for Mafia: The City of Lost Heaven_is1) (Version: - Rimsky)
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
Crucial Storage Executive (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Crucial Storage Executive 3.65.012019.06) (Version: 5.05.082019.02 - Crucial)
Discord (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Doomsday 2.2.0.3261 (HKLM\...\{DCF62B7B-29EB-4341-BEA4-3975CD08FF06}) (Version: 2.2.0.3261 - dengine.net)
DotaPlus (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Overwolf_kpaejaacomnkenpbmclnglmblpmfiapjlebhpcom) (Version: 3.7.88 - Overwolf app)
ESET Security (HKLM\...\{EC96F234-2A42-4D7D-9C33-443566F72BF5}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
Everything (HKLM-x32\...\1549149082_is1) (Version: 1.06.01 - GOG.com)
ffdshow x64 v1.3.4531 [2014-06-28] (HKLM\...\ffdshow64_is1) (Version: 1.3.4531.0 - )
FortiClient (HKLM\...\{6C0A3C5E-7725-49D8-A016-B3ADCACF61C2}) (Version: 6.0.9.0277 - Fortinet Technologies Inc)
Freemake Video Converter verze 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Ellora Assets Corporation)
GitHub Desktop (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\GitHubDesktop) (Version: 2.2.2 - GitHub, Inc.)
GOM Audio (HKLM-x32\...\GOMAudio) (Version: 2.2.21.0 - GOM & Company)
GOM Player Plus (HKLM-x32\...\GOM Player Plus) (Version: 2.3.41.5303 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
HWiNFO64 Version 6.08 (HKLM\...\HWiNFO64_is1) (Version: 6.08 - Martin Malik - REALiX)
Chameleon Shutdown 1.0 (HKLM-x32\...\Chameleon Shutdown) (Version: 1.0 - NeoSoft Tools)
Cheat Engine 7.0 (HKLM\...\Cheat Engine 7.0_is1) (Version: - Cheat Engine)
IntelliJ IDEA 2019.1.3 (HKLM-x32\...\IntelliJ IDEA 2019.1.3) (Version: 191.7479.19 - JetBrains s.r.o.)
iTunes (HKLM\...\{281A8A05-80EB-4B93-B825-C9FBEE17CE85}) (Version: 12.9.6.3 - Apple Inc.)
Java(TM) SE Development Kit 11.0.4 (64-bit) (HKLM\...\{D3E31A1B-9D08-58C9-A7CF-7A78FDF3AA08}) (Version: 11.0.4.0 - Oracle Corporation)
Java(TM) SE Development Kit 12.0.2 (64-bit) (HKLM\...\{3FA68A00-9C88-5E69-870A-B40CB89DC2EF}) (Version: 12.0.2.0 - Oracle Corporation)
LatencyMon 6.71 (HKLM\...\LatencyMon_is1) (Version: - Resplendence Software Projects Sp.)
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
Macro Recorder 5.6.5 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.6.5 - Jitbit Software)
Mafia (HKLM-x32\...\{C72D7008-266D-4DD8-BF3C-296B736127F6}) (Version: 1.02 - )
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.12325.20298 - Microsoft Corporation)
Microsoft Project Standard 2019 - cs-cz (HKLM\...\ProjectStd2019Retail - cs-cz) (Version: 16.0.12325.20298 - Microsoft Corporation)
Microsoft Project Standard 2019 - en-us (HKLM\...\ProjectStd2019Retail - en-us) (Version: 16.0.12325.20298 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Support and Recovery Assistant for Office 365 (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\7181b9498a4ee6aa) (Version: 16.0.3054.6 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NetLimiter 4 (HKLM\...\{62DE00AD-5121-4FA9-885D-18FEECC61AE0}) (Version: 4.0.45.0 - Locktime Software) Hidden
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.45.0) (Version: 4.0.45.0 - Locktime Software)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
No Man's Sky (HKLM-x32\...\1446213994_is1) (Version: 2.24_Synthesis_55356 - GOG.com)
NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.2.1 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20298 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.57.35162 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.140.0.33 - Overwolf Ltd.)
PatchCleaner (HKLM-x32\...\{727DA176-50BB-452C-8DB5-96EE0A573ED4}) (Version: 1.4.20 - HomeDev)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{5C028510-A6A1-409A-A2BF-4DCB43B21EF9}) (Version: 7.6 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{5C7D4FCF-80C5-4520-9934-D50532AAC59C}) (Version: 7.6 - Apple Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Python Launcher (HKLM-x32\...\{D722DA3A-92F5-454A-BD5D-A48C94D82300}) (Version: 3.7.6762.0 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8750.1 - Realtek Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 6.0.0.100 - Samsung Electronics)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
SD_Java~v7 CloneDR (HKLM-x32\...\{BDB78B86-D365-47A6-9A43-2DECD04A6B28}) (Version: 2.2.12 - Semantic Designs, Inc.)
SoftwareUpdateNotification (HKLM-x32\...\{34F12379-C924-41E6-921D-51C71217F58C}) (Version: 1.0.9.0 - Brother Industries, Ltd.) Hidden
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.3.2 - TeamSpeak Systems GmbH)
Telegram Desktop version 1.9.3 (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.9.3 - Telegram FZ-LLC)
The Beginner's Guide (HKLM-x32\...\The Beginner's Guide_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
The Elder Scrolls V Skyrim Special Edition version 1.5.80 (HKLM-x32\...\The Elder Scrolls V Skyrim Special Edition_is1) (Version: 1.5.80 - Bethesda Softworks)
The Ultimate DOOM (HKLM-x32\...\1435827232_is1) (Version: 2.0.0.3 - GOG.com)
Tweaking.com - Simple System Tweaker (HKLM-x32\...\Tweaking.com - Simple System Tweaker) (Version: 2.2.0 - Tweaking.com)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
WeMod (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\WeMod) (Version: 6.2.16 - WeMod)
WhySoSlow 1.51 (HKLM\...\WhySoSlowHome_is1) (Version: - Resplendence Software Projects Sp.)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1247212818-2744187641-637679726-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1247212818-2744187641-637679726-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1247212818-2744187641-637679726-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [FortiClient] -> {7AE5C558-994B-40B7-8730-2DAC2B96781B} => C:\Program Files\Fortinet\FortiClient\FortiCliSh.dll [2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-01-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxDTCM.dll -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [FortiClient] -> {1935F098-AF3C-4AFC-ADA2-12C74B452DF1} => C:\Program Files\Fortinet\FortiClient\FortiCliSh.dll [2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\GeoGebra Klasik.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=bnbaboaihhkjoaolfnfoablhllahjnee
ShortcutWithArgument: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt (Anaconda).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" E:\Anaconda\Scripts\activate.bat E:\Anaconda
==================== Loaded Modules (Whitelisted) =============
2019-07-18 10:22 - 2019-07-18 10:22 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2019-11-08 16:32 - 2014-06-28 16:40 - 004375040 _____ () [File not signed] C:\Program Files\ffdshow\ffdshow.ax
2019-05-21 01:33 - 2019-05-21 01:33 - 002421760 _____ () [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\libass64.dll
2019-05-21 01:33 - 2019-05-21 01:33 - 000120832 _____ () [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\modules\SandollFontApi64.dll
2020-01-09 09:33 - 2020-01-09 09:33 - 001518592 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2019-09-30 02:53 - 2019-09-30 02:53 - 003084288 _____ (Apache Software Foundation) [File not signed] C:\Program Files\AMD\CNext\CNext\xerces-c_2_6.dll
2019-05-21 01:34 - 2019-05-21 01:34 - 000309760 _____ (easyhook.codeplex.com) [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\EasyHook64.dll
2019-05-21 01:34 - 2019-05-21 01:34 - 014284326 _____ (FFmpeg Project) [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\modules\avcodec-gp64-57.dll
2019-05-21 01:34 - 2019-05-21 01:34 - 004118659 _____ (FFmpeg Project) [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\modules\avformat-gp64-57.dll
2019-05-21 01:34 - 2019-05-21 01:34 - 001238384 _____ (FFmpeg Project) [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\modules\avutil-gp64-55.dll
2019-05-21 01:34 - 2019-05-21 01:34 - 000492052 _____ (FFmpeg Project) [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\modules\swresample-gp64-2.dll
2019-05-21 01:34 - 2019-05-21 01:34 - 000959929 _____ (FFmpeg Project) [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\modules\swscale-gp64-4.dll
2019-11-12 17:23 - 2019-11-12 17:23 - 001165842 _____ (Fortinet Inc.) [File not signed] C:\Program Files\Fortinet\FortiClient\utilsdll.dll
2019-05-21 01:33 - 2019-05-21 01:33 - 000213504 _____ (GOM & Company) [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\CrashDumpCollector64.dll
2019-05-21 01:34 - 2019-05-21 01:34 - 000138240 _____ (GOM & Company) [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\modules\GifMaker64.dll
2019-05-21 01:34 - 2019-05-21 01:34 - 004465152 _____ (GOM & Company) [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\modules\Subtitle64.dll
2019-05-21 01:33 - 2019-05-21 01:33 - 001397760 _____ (GOM & Company.) [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\modules\gaf64.ax
2019-05-21 01:33 - 2019-05-21 01:33 - 002692608 _____ (GOM & Company.) [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\modules\grfu64.ax
2019-05-21 01:33 - 2019-05-21 01:33 - 004428800 _____ (GOM & Company.) [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\modules\gvf64.ax
2019-05-21 01:33 - 2019-05-21 01:33 - 004830720 _____ (GOM & Company.) [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\modules\MediaSource64.ax
2019-11-09 16:20 - 2018-03-05 21:27 - 005529600 _____ (Micron Technology, Inc.) [File not signed] C:\Program Files\Crucial\Crucial Storage Executive\mticm.dll
2018-04-06 19:29 - 2018-04-06 19:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll
2018-04-06 19:29 - 2018-04-06 19:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\ssleay32.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000519168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 001431040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000058368 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt\labs\folderlistmodel\qmlfolderlistmodelplugin.dll
2020-01-09 09:43 - 2020-01-09 09:43 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 001083904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000287232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000329216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000312320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-01-09 09:43 - 2020-01-09 09:43 - 000085504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\sharepoint.com -> hxxps://365osu-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-07-15 17:05 - 2020-01-25 12:38 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\SemanticDesigns\DMS\Executables;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Crucial\Crucial Storage Executive
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 1.1.1.1 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 0) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet 3: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Ethernet 2: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Ethernet: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Discord"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "ProductUpdater"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerProgramData"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerLocalAppData"
HKLM\...\StartupApproved\Run32: => "BrotherSoftwareUpdateNotification"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "M17A"
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\StartupApproved\Run: => "Overwolf"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{A1045F96-6FB6-4CE9-8A53-5ACA31413A8C}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{A0B1CC68-8D3F-4727-8BD8-0088D1E9CCD4}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{C83B792D-C42B-4CF4-9B14-EB32DF57C4F0}] => (Allow) E:\Hry\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{44CF06A5-4311-4F22-8152-8ED0EDC15B57}] => (Allow) E:\Hry\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{29AC2856-A4BC-46DF-9ABF-25D34257FA5F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{E461D2DF-C78E-4F69-9C02-C5F2127F169D}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{0EE5B550-E392-4A17-9959-DC28228C66D0}] => (Allow) E:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{1CAEDFB8-569D-4194-A692-8288385A8B92}] => (Allow) E:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [TCP Query User{6DF75371-459F-4081-B1B2-8A29D9BE8D9B}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [UDP Query User{D22040A8-FE76-420A-AB84-9E1E967A5437}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [{77B78CFC-A633-4A4A-A6E2-E85BA2F772A0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{26133B35-7E75-4196-9E3E-45E3FFC27C6F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1E6C4951-C8B2-428C-BB8A-17E01D3FC7C9}] => (Allow) E:\Hry\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{22A33D65-42E7-4CF2-B729-3F19EC78E7CF}] => (Allow) E:\Hry\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{56A40762-7D92-4E30-9FC4-4493F562F4B7}] => (Allow) E:\Hry\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe (BioWare -> BioWare)
FirewallRules: [{3DE8040E-DD05-4F62-A4D7-F15A2FB6435C}] => (Allow) E:\Hry\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe (BioWare -> BioWare)
FirewallRules: [{E9820D00-E11E-499A-8E65-38ADA26EED3A}] => (Allow) E:\Hry\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe (BioWare -> BioWare)
FirewallRules: [{74BCB38E-D3B7-46F5-942A-00E02A22807C}] => (Allow) E:\Hry\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe (BioWare -> BioWare)
FirewallRules: [{39A572BF-1D6D-4448-AE39-B7F32D6D22E0}] => (Allow) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{AB5CB961-1D24-4401-BDD7-593AEBC9EA85}] => (Allow) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{268193FC-7890-43F2-ACBE-09D4920C6397}] => (Allow) E:\Hry\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{18DE7964-791C-4B7A-BCF9-33C06C8882E9}] => (Allow) E:\Hry\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{5B58FA60-4BEE-49A3-9EBB-B94C65E043FE}] => (Allow) G:\Hry\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{E3B807C5-FB00-4A4A-B066-A577EAD94CB0}] => (Allow) G:\Hry\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{DF2BE885-05AA-499C-8807-2BF66C8BEF7E}] => (Allow) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe No File
FirewallRules: [{ECA6A176-7111-4C17-9487-D7348D754C7A}] => (Allow) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe No File
FirewallRules: [{EFB40D5B-FADD-4194-9CBA-AED3251E1889}] => (Allow) G:\Hry\Mr DJ\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe No File
FirewallRules: [{3C568573-D8A7-4D95-AF2C-63ADD7114EBC}] => (Allow) G:\Hry\Mr DJ\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe No File
FirewallRules: [{92159109-B638-470C-AAD5-F9F4440E00D2}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E9E8D23D-7428-461C-9FD6-0EAD82554E0E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AFE63610-A770-487F-977C-F313262C9494}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F56AE2C6-8EBA-4D66-AA97-08EF4C520A20}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9AA25613-6C73-4917-9834-B81262F89A27}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8318ABAE-B231-486E-B450-889571EFD0AF}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{36122839-781F-401B-A05B-6CCA313C7794}C:\program files\jetbrains\intellij idea 2019.1.3\bin\idea64.exe] => (Allow) C:\program files\jetbrains\intellij idea 2019.1.3\bin\idea64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [UDP Query User{E60C2FB3-DA19-40D1-AC69-C3CB08BF5859}C:\program files\jetbrains\intellij idea 2019.1.3\bin\idea64.exe] => (Allow) C:\program files\jetbrains\intellij idea 2019.1.3\bin\idea64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [{302B7461-1944-4F2E-A702-ADE34FB6D8E8}] => (Block) C:\program files\jetbrains\intellij idea 2019.1.3\bin\idea64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [{0AFFFDE5-FF82-43E1-BA61-941102D8F0F1}] => (Block) C:\program files\jetbrains\intellij idea 2019.1.3\bin\idea64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [{FC421253-A4A5-4A0B-BF03-E54B5E96F91A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{99107CBC-60A3-4D7E-8FC9-45CAB99E35CF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FA2C957E-E880-4EA4-A791-8C36D4FAFB68}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AC7D6AF6-F7A9-4712-8D7F-8876815C9F06}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe No File
FirewallRules: [{4C70FFE1-CA61-47BC-8A16-EDEC6EB046C1}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe No File
FirewallRules: [{8AC5057C-FF55-4CBD-820B-1DDD8FEE3ACF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{CCBF09EB-92F3-466E-BB17-B1226D5BA7F5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{5AB6D97A-C3C5-4F76-A9BA-D90448C382F8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{9500D564-9562-450F-87C1-05055BFFB75B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{4F66DFC7-ABE0-484E-811F-5791B30B8A8C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{98DB2D4C-DCCC-4C5B-9039-BF6530598D8F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{29C58D36-5793-4051-A303-B35430C5E46A}] => (Allow) C:\Program Files\Fortinet\FortiClient\FortiProxy.exe No File
FirewallRules: [{7F9AB3FE-EDD0-4630-9100-E1D1AE8D99DA}] => (Allow) C:\Program Files\Fortinet\FortiClient\ipsec.exe (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
FirewallRules: [{41E959D7-A58E-4102-AF6F-53779B745C6A}] => (Allow) C:\Program Files\Fortinet\FortiClient\FortiWad.exe No File
FirewallRules: [{378C6D38-6296-4073-B843-6A19DEE88187}] => (Allow) C:\Program Files\Fortinet\FortiClient\fortiesnac.exe (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
FirewallRules: [{BEE36F21-3A05-423D-9AA8-28DB2C8D09D5}] => (Allow) C:\Program Files\Fortinet\FortiClient\fortifws.exe (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
FirewallRules: [{C79399F8-4CC1-43BC-B8BE-0B90FA13CC21}] => (Allow) E:\Hry\Steam\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe No File
FirewallRules: [{A857AE94-4E41-4E11-961A-35CEA4BD6C22}] => (Allow) E:\Hry\Steam\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe No File
FirewallRules: [{C76976C9-FD17-4047-A92E-AFD028CE898A}] => (Allow) E:\Hry\Steam\steamapps\common\SS2\SS2.exe No File
FirewallRules: [{089759CA-B005-474B-965A-8F2E8B6B3636}] => (Allow) E:\Hry\Steam\steamapps\common\SS2\SS2.exe No File
FirewallRules: [{322601C2-66FD-4861-BEE9-E31F216D33BC}] => (Allow) LPort=54950
FirewallRules: [{A0DAE8D8-FD39-41EA-BF42-1321E5632263}] => (Allow) LPort=54955
FirewallRules: [{6D8D941D-BB5E-4A19-847B-A463F45435B4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
24-01-2020 10:02:43 Naplánovaný kontrolní bod
25-01-2020 12:24:18 Installed Battle Painters
==================== Faulty Device Manager Devices ============
Name: Fortinet SSL VPN Virtual Ethernet Adapter
Description: Fortinet SSL VPN Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Fortinet Inc.
Service: ftsvnic
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: HID-compliant headset
Description: HID-compliant headset
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service: WUDFRd
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (01/25/2020 12:30:05 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2976,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/25/2020 10:22:43 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13412,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/25/2020 09:48:32 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13368,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/25/2020 09:38:55 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: Velikost požadované vyrovnávací paměti je větší než velikost vyrovnávací paměti předané do funkce Collect knihovny DLL rozšiřitelných čítačů C:\Windows\System32\perfts.dll pro službu LSM. Velikost dané vyrovnávací paměti: 28136; požadovaná velikost: 33224.
Error: (01/24/2020 09:54:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15164,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/24/2020 10:08:08 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15992,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/24/2020 10:02:28 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15364,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/23/2020 10:12:37 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14900,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (01/24/2020 09:52:00 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.
Error: (01/22/2020 09:36:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (01/22/2020 09:36:11 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).
Error: (01/21/2020 10:11:28 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.
Error: (01/21/2020 12:12:14 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.
Error: (01/20/2020 04:47:42 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error: (01/19/2020 10:18:23 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Web Helper Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/19/2020 10:18:24 AM) (Source: RemoteAccess) (EventID: 20063) (User: )
Description: Remote Access Connection Manager failed to start because the Protocol engine [IKEv2] failed to initialize. Požadavek není podporován.
CodeIntegrity:
===================================
Date: 2020-01-25 12:38:43.574
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-25 12:38:43.573
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-25 12:38:15.787
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-25 12:38:15.786
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-25 12:38:08.894
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-25 12:38:08.893
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-25 12:38:08.664
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-25 12:38:08.663
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 0904 09/14/2018
Motherboard: ASUSTeK COMPUTER INC. TUF B360-PLUS GAMING
Processor: Intel(R) Core(TM) i5-8400 CPU @ 2.80GHz
Percentage of memory in use: 69%
Total physical RAM: 16302.67 MB
Available physical RAM: 5049.83 MB
Total Virtual: 28164.26 MB
Available Virtual: 12325.95 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:195.23 GB) (Free:82.83 GB) NTFS
Drive d: (Data HDD) (Fixed) (Total:732.42 GB) (Free:374.02 GB) NTFS
Drive e: (Data SSD) (Fixed) (Total:643.03 GB) (Free:203.12 GB) NTFS
Drive f: (Programy) (Fixed) (Total:199.09 GB) (Free:37.78 GB) NTFS
Drive g: (Old SSD) (Fixed) (Total:111.19 GB) (Free:34.36 GB) NTFS
\\?\Volume{fff756d2-1de5-4165-9669-528f822265be}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.1 GB) NTFS
\\?\Volume{91f2d278-d25d-49f6-8542-5823122e3ff3}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32
\\?\Volume{2579efb3-ac67-4b50-aa9e-9229e7320667}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0008C0E8)
Partition 1: (Not Active) - (Size=732.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=199.1 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 5D2C5193)
Partition: GPT.
==========================================================
Disk: 2 (Size: 111.8 GB) (Disk ID: E5572F99)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by Petr (25-01-2020 12:38:25)
Running from C:\Users\Petr\Desktop
Windows 10 Pro Version 1903 18362.592 (X64) (2019-07-15 15:28:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1247212818-2744187641-637679726-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1247212818-2744187641-637679726-503 - Limited - Disabled)
Guest (S-1-5-21-1247212818-2744187641-637679726-501 - Limited - Disabled)
Petr (S-1-5-21-1247212818-2744187641-637679726-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-1247212818-2744187641-637679726-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
A Plague Tale: Innocence (HKLM-x32\...\A Plague Tale: Innocence_is1) (Version: - )
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_2) (Version: 20.0.2 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.1.1 - Advanced Micro Devices, Inc.)
Anaconda3 2019.07 (Python 3.7.3 64-bit) (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Anaconda3 2019.07 (Python 3.7.3 64-bit)) (Version: 2019.07 - Anaconda, Inc.)
Apple Mobile Device Support (HKLM\...\{B5A46811-3612-4DA5-8A5A-E6DED5D7C523}) (Version: 12.2.1.12 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Baldur's Gate - Enhanced Edition (HKLM-x32\...\Baldur's Gate - Enhanced Edition_is1) (Version: - )
Battle Painters (HKLM-x32\...\{A58E2FFC-18B9-4EFB-9925-4E2429C47005}) (Version: 2.1.0 - Saito Games)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.52.0 - Bethesda Softworks)
BioShock 2 Remastered (HKLM-x32\...\BioShock 2 Remastered_is1) (Version: - )
BioShock Remastered (HKLM-x32\...\BioShock Remastered_is1) (Version: - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Branding64 (HKLM\...\{133E6274-9FD4-4ABD-80A8-2A954E89EAD6}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{569f9640-fd0a-4a52-97f2-11277f65a3f0}) (Version: 4.4.0.33 - Brother Industries, Ltd.)
Brother iPrint&Scan (HKLM-x32\...\{FE65E525-8FCA-43BE-8D7F-0C4665FAE1A5}) (Version: 4.4.0.33 - Brother Industries, Ltd.) Hidden
Brother Port Driver (HKLM-x32\...\{42B7DE8A-B2BF-41E3-9F0C-F3C10DAB9189}) (Version: 1.0.5.1 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{DFDF4BFA-1551-47EC-93BF-EBC1C305CD47}) (Version: 1.6.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{49F15DD6-D83B-4756-BB57-66E00570C186}) (Version: 1.0.22.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
Community Modpack for Mafia: The City of Lost Heaven (HKLM-x32\...\Community Modpack for Mafia: The City of Lost Heaven_is1) (Version: - Rimsky)
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
Crucial Storage Executive (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Crucial Storage Executive 3.65.012019.06) (Version: 5.05.082019.02 - Crucial)
Discord (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Doomsday 2.2.0.3261 (HKLM\...\{DCF62B7B-29EB-4341-BEA4-3975CD08FF06}) (Version: 2.2.0.3261 - dengine.net)
DotaPlus (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Overwolf_kpaejaacomnkenpbmclnglmblpmfiapjlebhpcom) (Version: 3.7.88 - Overwolf app)
ESET Security (HKLM\...\{EC96F234-2A42-4D7D-9C33-443566F72BF5}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
Everything (HKLM-x32\...\1549149082_is1) (Version: 1.06.01 - GOG.com)
ffdshow x64 v1.3.4531 [2014-06-28] (HKLM\...\ffdshow64_is1) (Version: 1.3.4531.0 - )
FortiClient (HKLM\...\{6C0A3C5E-7725-49D8-A016-B3ADCACF61C2}) (Version: 6.0.9.0277 - Fortinet Technologies Inc)
Freemake Video Converter verze 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Ellora Assets Corporation)
GitHub Desktop (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\GitHubDesktop) (Version: 2.2.2 - GitHub, Inc.)
GOM Audio (HKLM-x32\...\GOMAudio) (Version: 2.2.21.0 - GOM & Company)
GOM Player Plus (HKLM-x32\...\GOM Player Plus) (Version: 2.3.41.5303 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
HWiNFO64 Version 6.08 (HKLM\...\HWiNFO64_is1) (Version: 6.08 - Martin Malik - REALiX)
Chameleon Shutdown 1.0 (HKLM-x32\...\Chameleon Shutdown) (Version: 1.0 - NeoSoft Tools)
Cheat Engine 7.0 (HKLM\...\Cheat Engine 7.0_is1) (Version: - Cheat Engine)
IntelliJ IDEA 2019.1.3 (HKLM-x32\...\IntelliJ IDEA 2019.1.3) (Version: 191.7479.19 - JetBrains s.r.o.)
iTunes (HKLM\...\{281A8A05-80EB-4B93-B825-C9FBEE17CE85}) (Version: 12.9.6.3 - Apple Inc.)
Java(TM) SE Development Kit 11.0.4 (64-bit) (HKLM\...\{D3E31A1B-9D08-58C9-A7CF-7A78FDF3AA08}) (Version: 11.0.4.0 - Oracle Corporation)
Java(TM) SE Development Kit 12.0.2 (64-bit) (HKLM\...\{3FA68A00-9C88-5E69-870A-B40CB89DC2EF}) (Version: 12.0.2.0 - Oracle Corporation)
LatencyMon 6.71 (HKLM\...\LatencyMon_is1) (Version: - Resplendence Software Projects Sp.)
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
Macro Recorder 5.6.5 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.6.5 - Jitbit Software)
Mafia (HKLM-x32\...\{C72D7008-266D-4DD8-BF3C-296B736127F6}) (Version: 1.02 - )
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.12325.20298 - Microsoft Corporation)
Microsoft Project Standard 2019 - cs-cz (HKLM\...\ProjectStd2019Retail - cs-cz) (Version: 16.0.12325.20298 - Microsoft Corporation)
Microsoft Project Standard 2019 - en-us (HKLM\...\ProjectStd2019Retail - en-us) (Version: 16.0.12325.20298 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Support and Recovery Assistant for Office 365 (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\7181b9498a4ee6aa) (Version: 16.0.3054.6 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NetLimiter 4 (HKLM\...\{62DE00AD-5121-4FA9-885D-18FEECC61AE0}) (Version: 4.0.45.0 - Locktime Software) Hidden
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.45.0) (Version: 4.0.45.0 - Locktime Software)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
No Man's Sky (HKLM-x32\...\1446213994_is1) (Version: 2.24_Synthesis_55356 - GOG.com)
NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.2.1 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20298 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.57.35162 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.140.0.33 - Overwolf Ltd.)
PatchCleaner (HKLM-x32\...\{727DA176-50BB-452C-8DB5-96EE0A573ED4}) (Version: 1.4.20 - HomeDev)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{5C028510-A6A1-409A-A2BF-4DCB43B21EF9}) (Version: 7.6 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{5C7D4FCF-80C5-4520-9934-D50532AAC59C}) (Version: 7.6 - Apple Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Python Launcher (HKLM-x32\...\{D722DA3A-92F5-454A-BD5D-A48C94D82300}) (Version: 3.7.6762.0 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8750.1 - Realtek Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 6.0.0.100 - Samsung Electronics)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
SD_Java~v7 CloneDR (HKLM-x32\...\{BDB78B86-D365-47A6-9A43-2DECD04A6B28}) (Version: 2.2.12 - Semantic Designs, Inc.)
SoftwareUpdateNotification (HKLM-x32\...\{34F12379-C924-41E6-921D-51C71217F58C}) (Version: 1.0.9.0 - Brother Industries, Ltd.) Hidden
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.3.2 - TeamSpeak Systems GmbH)
Telegram Desktop version 1.9.3 (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.9.3 - Telegram FZ-LLC)
The Beginner's Guide (HKLM-x32\...\The Beginner's Guide_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
The Elder Scrolls V Skyrim Special Edition version 1.5.80 (HKLM-x32\...\The Elder Scrolls V Skyrim Special Edition_is1) (Version: 1.5.80 - Bethesda Softworks)
The Ultimate DOOM (HKLM-x32\...\1435827232_is1) (Version: 2.0.0.3 - GOG.com)
Tweaking.com - Simple System Tweaker (HKLM-x32\...\Tweaking.com - Simple System Tweaker) (Version: 2.2.0 - Tweaking.com)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
WeMod (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\WeMod) (Version: 6.2.16 - WeMod)
WhySoSlow 1.51 (HKLM\...\WhySoSlowHome_is1) (Version: - Resplendence Software Projects Sp.)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1247212818-2744187641-637679726-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1247212818-2744187641-637679726-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1247212818-2744187641-637679726-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [FortiClient] -> {7AE5C558-994B-40B7-8730-2DAC2B96781B} => C:\Program Files\Fortinet\FortiClient\FortiCliSh.dll [2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-01-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxDTCM.dll -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [FortiClient] -> {1935F098-AF3C-4AFC-ADA2-12C74B452DF1} => C:\Program Files\Fortinet\FortiClient\FortiCliSh.dll [2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\GeoGebra Klasik.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=bnbaboaihhkjoaolfnfoablhllahjnee
ShortcutWithArgument: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt (Anaconda).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" E:\Anaconda\Scripts\activate.bat E:\Anaconda
==================== Loaded Modules (Whitelisted) =============
2019-07-18 10:22 - 2019-07-18 10:22 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2019-11-08 16:32 - 2014-06-28 16:40 - 004375040 _____ () [File not signed] C:\Program Files\ffdshow\ffdshow.ax
2019-05-21 01:33 - 2019-05-21 01:33 - 002421760 _____ () [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\libass64.dll
2019-05-21 01:33 - 2019-05-21 01:33 - 000120832 _____ () [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\modules\SandollFontApi64.dll
2020-01-09 09:33 - 2020-01-09 09:33 - 001518592 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2019-09-30 02:53 - 2019-09-30 02:53 - 003084288 _____ (Apache Software Foundation) [File not signed] C:\Program Files\AMD\CNext\CNext\xerces-c_2_6.dll
2019-05-21 01:34 - 2019-05-21 01:34 - 000309760 _____ (easyhook.codeplex.com) [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\EasyHook64.dll
2019-05-21 01:34 - 2019-05-21 01:34 - 014284326 _____ (FFmpeg Project) [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\modules\avcodec-gp64-57.dll
2019-05-21 01:34 - 2019-05-21 01:34 - 004118659 _____ (FFmpeg Project) [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\modules\avformat-gp64-57.dll
2019-05-21 01:34 - 2019-05-21 01:34 - 001238384 _____ (FFmpeg Project) [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\modules\avutil-gp64-55.dll
2019-05-21 01:34 - 2019-05-21 01:34 - 000492052 _____ (FFmpeg Project) [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\modules\swresample-gp64-2.dll
2019-05-21 01:34 - 2019-05-21 01:34 - 000959929 _____ (FFmpeg Project) [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\modules\swscale-gp64-4.dll
2019-11-12 17:23 - 2019-11-12 17:23 - 001165842 _____ (Fortinet Inc.) [File not signed] C:\Program Files\Fortinet\FortiClient\utilsdll.dll
2019-05-21 01:33 - 2019-05-21 01:33 - 000213504 _____ (GOM & Company) [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\CrashDumpCollector64.dll
2019-05-21 01:34 - 2019-05-21 01:34 - 000138240 _____ (GOM & Company) [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\modules\GifMaker64.dll
2019-05-21 01:34 - 2019-05-21 01:34 - 004465152 _____ (GOM & Company) [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\modules\Subtitle64.dll
2019-05-21 01:33 - 2019-05-21 01:33 - 001397760 _____ (GOM & Company.) [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\modules\gaf64.ax
2019-05-21 01:33 - 2019-05-21 01:33 - 002692608 _____ (GOM & Company.) [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\modules\grfu64.ax
2019-05-21 01:33 - 2019-05-21 01:33 - 004428800 _____ (GOM & Company.) [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\modules\gvf64.ax
2019-05-21 01:33 - 2019-05-21 01:33 - 004830720 _____ (GOM & Company.) [File not signed] C:\Program Files\GRETECH\GOMPlayerPlus\modules\MediaSource64.ax
2019-11-09 16:20 - 2018-03-05 21:27 - 005529600 _____ (Micron Technology, Inc.) [File not signed] C:\Program Files\Crucial\Crucial Storage Executive\mticm.dll
2018-04-06 19:29 - 2018-04-06 19:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll
2018-04-06 19:29 - 2018-04-06 19:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\ssleay32.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000519168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 001431040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000058368 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt\labs\folderlistmodel\qmlfolderlistmodelplugin.dll
2020-01-09 09:43 - 2020-01-09 09:43 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 001083904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000287232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000329216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000312320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-07-18 10:22 - 2019-07-18 10:22 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-01-09 09:43 - 2020-01-09 09:43 - 000085504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\sharepoint.com -> hxxps://365osu-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-07-15 17:05 - 2020-01-25 12:38 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\SemanticDesigns\DMS\Executables;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Crucial\Crucial Storage Executive
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 1.1.1.1 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 0) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet 3: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Ethernet 2: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Ethernet: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Discord"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "ProductUpdater"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerProgramData"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerLocalAppData"
HKLM\...\StartupApproved\Run32: => "BrotherSoftwareUpdateNotification"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "M17A"
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\StartupApproved\Run: => "Overwolf"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{A1045F96-6FB6-4CE9-8A53-5ACA31413A8C}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{A0B1CC68-8D3F-4727-8BD8-0088D1E9CCD4}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{C83B792D-C42B-4CF4-9B14-EB32DF57C4F0}] => (Allow) E:\Hry\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{44CF06A5-4311-4F22-8152-8ED0EDC15B57}] => (Allow) E:\Hry\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{29AC2856-A4BC-46DF-9ABF-25D34257FA5F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{E461D2DF-C78E-4F69-9C02-C5F2127F169D}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{0EE5B550-E392-4A17-9959-DC28228C66D0}] => (Allow) E:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{1CAEDFB8-569D-4194-A692-8288385A8B92}] => (Allow) E:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [TCP Query User{6DF75371-459F-4081-B1B2-8A29D9BE8D9B}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [UDP Query User{D22040A8-FE76-420A-AB84-9E1E967A5437}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [{77B78CFC-A633-4A4A-A6E2-E85BA2F772A0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{26133B35-7E75-4196-9E3E-45E3FFC27C6F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1E6C4951-C8B2-428C-BB8A-17E01D3FC7C9}] => (Allow) E:\Hry\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{22A33D65-42E7-4CF2-B729-3F19EC78E7CF}] => (Allow) E:\Hry\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{56A40762-7D92-4E30-9FC4-4493F562F4B7}] => (Allow) E:\Hry\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe (BioWare -> BioWare)
FirewallRules: [{3DE8040E-DD05-4F62-A4D7-F15A2FB6435C}] => (Allow) E:\Hry\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe (BioWare -> BioWare)
FirewallRules: [{E9820D00-E11E-499A-8E65-38ADA26EED3A}] => (Allow) E:\Hry\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe (BioWare -> BioWare)
FirewallRules: [{74BCB38E-D3B7-46F5-942A-00E02A22807C}] => (Allow) E:\Hry\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe (BioWare -> BioWare)
FirewallRules: [{39A572BF-1D6D-4448-AE39-B7F32D6D22E0}] => (Allow) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{AB5CB961-1D24-4401-BDD7-593AEBC9EA85}] => (Allow) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{268193FC-7890-43F2-ACBE-09D4920C6397}] => (Allow) E:\Hry\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{18DE7964-791C-4B7A-BCF9-33C06C8882E9}] => (Allow) E:\Hry\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{5B58FA60-4BEE-49A3-9EBB-B94C65E043FE}] => (Allow) G:\Hry\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{E3B807C5-FB00-4A4A-B066-A577EAD94CB0}] => (Allow) G:\Hry\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{DF2BE885-05AA-499C-8807-2BF66C8BEF7E}] => (Allow) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe No File
FirewallRules: [{ECA6A176-7111-4C17-9487-D7348D754C7A}] => (Allow) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe No File
FirewallRules: [{EFB40D5B-FADD-4194-9CBA-AED3251E1889}] => (Allow) G:\Hry\Mr DJ\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe No File
FirewallRules: [{3C568573-D8A7-4D95-AF2C-63ADD7114EBC}] => (Allow) G:\Hry\Mr DJ\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe No File
FirewallRules: [{92159109-B638-470C-AAD5-F9F4440E00D2}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E9E8D23D-7428-461C-9FD6-0EAD82554E0E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AFE63610-A770-487F-977C-F313262C9494}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F56AE2C6-8EBA-4D66-AA97-08EF4C520A20}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9AA25613-6C73-4917-9834-B81262F89A27}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8318ABAE-B231-486E-B450-889571EFD0AF}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{36122839-781F-401B-A05B-6CCA313C7794}C:\program files\jetbrains\intellij idea 2019.1.3\bin\idea64.exe] => (Allow) C:\program files\jetbrains\intellij idea 2019.1.3\bin\idea64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [UDP Query User{E60C2FB3-DA19-40D1-AC69-C3CB08BF5859}C:\program files\jetbrains\intellij idea 2019.1.3\bin\idea64.exe] => (Allow) C:\program files\jetbrains\intellij idea 2019.1.3\bin\idea64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [{302B7461-1944-4F2E-A702-ADE34FB6D8E8}] => (Block) C:\program files\jetbrains\intellij idea 2019.1.3\bin\idea64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [{0AFFFDE5-FF82-43E1-BA61-941102D8F0F1}] => (Block) C:\program files\jetbrains\intellij idea 2019.1.3\bin\idea64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [{FC421253-A4A5-4A0B-BF03-E54B5E96F91A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{99107CBC-60A3-4D7E-8FC9-45CAB99E35CF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FA2C957E-E880-4EA4-A791-8C36D4FAFB68}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AC7D6AF6-F7A9-4712-8D7F-8876815C9F06}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe No File
FirewallRules: [{4C70FFE1-CA61-47BC-8A16-EDEC6EB046C1}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe No File
FirewallRules: [{8AC5057C-FF55-4CBD-820B-1DDD8FEE3ACF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{CCBF09EB-92F3-466E-BB17-B1226D5BA7F5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{5AB6D97A-C3C5-4F76-A9BA-D90448C382F8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{9500D564-9562-450F-87C1-05055BFFB75B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{4F66DFC7-ABE0-484E-811F-5791B30B8A8C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{98DB2D4C-DCCC-4C5B-9039-BF6530598D8F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{29C58D36-5793-4051-A303-B35430C5E46A}] => (Allow) C:\Program Files\Fortinet\FortiClient\FortiProxy.exe No File
FirewallRules: [{7F9AB3FE-EDD0-4630-9100-E1D1AE8D99DA}] => (Allow) C:\Program Files\Fortinet\FortiClient\ipsec.exe (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
FirewallRules: [{41E959D7-A58E-4102-AF6F-53779B745C6A}] => (Allow) C:\Program Files\Fortinet\FortiClient\FortiWad.exe No File
FirewallRules: [{378C6D38-6296-4073-B843-6A19DEE88187}] => (Allow) C:\Program Files\Fortinet\FortiClient\fortiesnac.exe (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
FirewallRules: [{BEE36F21-3A05-423D-9AA8-28DB2C8D09D5}] => (Allow) C:\Program Files\Fortinet\FortiClient\fortifws.exe (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
FirewallRules: [{C79399F8-4CC1-43BC-B8BE-0B90FA13CC21}] => (Allow) E:\Hry\Steam\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe No File
FirewallRules: [{A857AE94-4E41-4E11-961A-35CEA4BD6C22}] => (Allow) E:\Hry\Steam\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe No File
FirewallRules: [{C76976C9-FD17-4047-A92E-AFD028CE898A}] => (Allow) E:\Hry\Steam\steamapps\common\SS2\SS2.exe No File
FirewallRules: [{089759CA-B005-474B-965A-8F2E8B6B3636}] => (Allow) E:\Hry\Steam\steamapps\common\SS2\SS2.exe No File
FirewallRules: [{322601C2-66FD-4861-BEE9-E31F216D33BC}] => (Allow) LPort=54950
FirewallRules: [{A0DAE8D8-FD39-41EA-BF42-1321E5632263}] => (Allow) LPort=54955
FirewallRules: [{6D8D941D-BB5E-4A19-847B-A463F45435B4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
24-01-2020 10:02:43 Naplánovaný kontrolní bod
25-01-2020 12:24:18 Installed Battle Painters
==================== Faulty Device Manager Devices ============
Name: Fortinet SSL VPN Virtual Ethernet Adapter
Description: Fortinet SSL VPN Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Fortinet Inc.
Service: ftsvnic
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: HID-compliant headset
Description: HID-compliant headset
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service: WUDFRd
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (01/25/2020 12:30:05 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2976,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/25/2020 10:22:43 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13412,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/25/2020 09:48:32 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13368,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/25/2020 09:38:55 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: Velikost požadované vyrovnávací paměti je větší než velikost vyrovnávací paměti předané do funkce Collect knihovny DLL rozšiřitelných čítačů C:\Windows\System32\perfts.dll pro službu LSM. Velikost dané vyrovnávací paměti: 28136; požadovaná velikost: 33224.
Error: (01/24/2020 09:54:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15164,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/24/2020 10:08:08 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15992,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/24/2020 10:02:28 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15364,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/23/2020 10:12:37 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14900,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (01/24/2020 09:52:00 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.
Error: (01/22/2020 09:36:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (01/22/2020 09:36:11 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).
Error: (01/21/2020 10:11:28 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.
Error: (01/21/2020 12:12:14 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.
Error: (01/20/2020 04:47:42 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error: (01/19/2020 10:18:23 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Web Helper Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/19/2020 10:18:24 AM) (Source: RemoteAccess) (EventID: 20063) (User: )
Description: Remote Access Connection Manager failed to start because the Protocol engine [IKEv2] failed to initialize. Požadavek není podporován.
CodeIntegrity:
===================================
Date: 2020-01-25 12:38:43.574
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-25 12:38:43.573
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-25 12:38:15.787
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-25 12:38:15.786
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-25 12:38:08.894
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-25 12:38:08.893
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-25 12:38:08.664
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-25 12:38:08.663
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 0904 09/14/2018
Motherboard: ASUSTeK COMPUTER INC. TUF B360-PLUS GAMING
Processor: Intel(R) Core(TM) i5-8400 CPU @ 2.80GHz
Percentage of memory in use: 69%
Total physical RAM: 16302.67 MB
Available physical RAM: 5049.83 MB
Total Virtual: 28164.26 MB
Available Virtual: 12325.95 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:195.23 GB) (Free:82.83 GB) NTFS
Drive d: (Data HDD) (Fixed) (Total:732.42 GB) (Free:374.02 GB) NTFS
Drive e: (Data SSD) (Fixed) (Total:643.03 GB) (Free:203.12 GB) NTFS
Drive f: (Programy) (Fixed) (Total:199.09 GB) (Free:37.78 GB) NTFS
Drive g: (Old SSD) (Fixed) (Total:111.19 GB) (Free:34.36 GB) NTFS
\\?\Volume{fff756d2-1de5-4165-9669-528f822265be}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.1 GB) NTFS
\\?\Volume{91f2d278-d25d-49f6-8542-5823122e3ff3}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32
\\?\Volume{2579efb3-ac67-4b50-aa9e-9229e7320667}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0008C0E8)
Partition 1: (Not Active) - (Size=732.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=199.1 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 5D2C5193)
Partition: GPT.
==========================================================
Disk: 2 (Size: 111.8 GB) (Disk ID: E5572F99)
Partition: GPT.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu a vyčištění PC
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o preventivní kontrolu a vyčištění PC
# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-27-2020
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 3
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\csastats
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ProductUpdater
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner_Debug.log - [12377 octets] - [09/11/2019 16:05:29]
AdwCleaner[S00].txt - [1652 octets] - [09/11/2019 16:05:58]
AdwCleaner[C00].txt - [1600 octets] - [09/11/2019 16:06:19]
AdwCleaner[S01].txt - [1766 octets] - [27/01/2020 11:13:52]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-27-2020
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 3
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\csastats
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ProductUpdater
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner_Debug.log - [12377 octets] - [09/11/2019 16:05:29]
AdwCleaner[S00].txt - [1652 octets] - [09/11/2019 16:05:58]
AdwCleaner[C00].txt - [1600 octets] - [09/11/2019 16:06:19]
AdwCleaner[S01].txt - [1766 octets] - [27/01/2020 11:13:52]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu a vyčištění PC
Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o preventivní kontrolu a vyčištění PC
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-01-2020
Ran by Petr (administrator) on DESKTOP-VOQ6VC7 (27-01-2020 16:23:03)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 10 Pro Version 1903 18362.592 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0351045.inf_amd64_d758c402b88f6280\B351053\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0351045.inf_amd64_d758c402b88f6280\B351053\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FCDBLog.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiESNAC.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiSettings.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiSSLVPNdaemon.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiTray.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\scheduler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Locktime Software s.r.o. -> Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLClientApp.exe
(Locktime Software s.r.o. -> Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Micron Technology, Inc.) [File not signed] C:\Program Files\Crucial\Crucial Storage Executive\cache\MicronCacheMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Telegram FZ-LLC -> Telegram FZ-LLC) C:\Users\Petr\AppData\Roaming\Telegram Desktop\Telegram.exe
(uTorrent.CZ -> BitTorrent, Inc.) [File not signed] C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
(uTorrent.CZ -> emc) [File not signed] C:\Users\Petr\AppData\Roaming\uTorrent\uninstall.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Hry\Steam\Steam.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9277528 2019-07-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [183088 2019-12-16] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-07-19] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [61370712 2019-07-15] (Discord Inc. -> Discord Inc.)
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => %LOCALAPPDATA%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default
HKLM-x32\...\Run: [M17A] => C:\WINDOWS\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [94752 2019-08-06] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [File not signed]
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Run: [NetLimiter] => C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe [80800 2019-04-01] (Locktime Software s.r.o. -> Locktime Software)
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Run: [Steam] => E:\Hry\Steam\steam.exe [3311568 2020-01-18] (Valve -> Valve Corporation)
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Run: [Discord] => C:\Users\Petr\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1670472 2019-12-25] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Run: [GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [567296 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-21] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{AC7DD106-EAB6-4b41-AC4F-D52FD62A82C7}] -> C:\Program Files\Fortinet\FortiClient\FortiCredentialProvider2.dll [2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{AC7DD106-EAB6-4b41-AC4F-D52FD62A82C7}] -> C:\Program Files\Fortinet\FortiClient\FortiCredentialProvider2.dll [2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2019-07-15]
GroupPolicy: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {06D74EF8-F23C-491F-B392-886264FA4FCD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6128536 2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {1295EE31-6BAA-4378-ACC6-0B33D2543CE1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2020-01-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {12F8F6B8-19F6-4793-A5D9-C93290268C4A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2050456 2020-01-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {148EFA11-1A3D-4009-A117-73A0E03EDFC3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6128536 2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {35F31498-CE90-4D36-92AC-2898E4B71325} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628672 2020-01-17] (Advanced Micro Devices, Inc.) [File not signed]
Task: {3FCBB18B-65F2-4506-A6DF-A3104AD85E13} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2610160 2019-09-05] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
Task: {42C2E4C3-83F8-4DF9-84C4-29740C4DA4E4} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2024320 2020-01-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {5ACA658B-A65D-4538-8F89-32EBF23CF9A7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {5ED57259-FE7D-4E60-B2CF-6F9BFFC89734} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [1628672 2020-01-17] (Advanced Micro Devices, Inc.) [File not signed]
Task: {63AF9127-393A-4387-AB42-71F25579E0B0} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2436936 2019-12-25] (Overwolf Ltd -> Overwolf LTD)
Task: {6506FD7D-82F5-4836-8F23-8FD467326DB8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {72820DFE-4BBF-4F45-AF1F-498A6A626585} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-01-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {7AC494FA-FC22-4C02-ACDC-DB1B0A1B2E5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-15] (Google Inc -> Google LLC)
Task: {7F0B35FC-4F34-4E43-B389-650BB8E14B23} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-01-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {80F8FEF3-7026-4DA7-A583-509B8AA626F7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24629104 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {8C763221-A3D1-4FF2-A739-AE52AE50169D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24629104 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {A456C71F-F58C-482F-94CF-2FF935D44E00} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2050456 2020-01-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {A9ACC8E2-41AC-4DF0-930B-4405F96472C5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2020-01-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9F26416-F0B3-41F5-BB7F-F8CA81842BE6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CC2970DC-3C37-4B9D-83B7-3DEE08C70DA7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-15] (Google Inc -> Google LLC)
Task: {CE2D92E4-08F5-46DA-A58F-989FE8EE7583} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D3CC5ECF-00CC-4634-8E4C-4775B9ABB0B2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [570240 2017-02-14] (Apple Inc. -> Apple Inc.)
Task: {E2096B07-F85C-42BD-ACA7-C844999DF810} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F007473D-4B4B-4877-9027-B3B59558AC3D} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628672 2020-01-17] (Advanced Micro Devices, Inc.) [File not signed]
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 1.1.1.1
Tcpip\..\Interfaces\{31d1964d-eb4e-4663-91db-9ccdd3024933}: [NameServer] 1.1.1.1,8.8.4.4
Tcpip\..\Interfaces\{31d1964d-eb4e-4663-91db-9ccdd3024933}: [DhcpNameServer] 8.8.8.8 1.1.1.1
Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2020-01-27]
CHR Notifications: Default -> hxxps://webchat.freenode.net
CHR DefaultSearchURL: Default -> hxxps://github.com/Steffo99/chakra-magic
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-07-15]
CHR Extension: (BetterTTV) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2020-01-13]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-07-15]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-07-15]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-07-15]
CHR Extension: (GeoGebra Klasik) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2020-01-24]
CHR Extension: (uBlock Origin) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-01-05]
CHR Extension: (AHA Music - Music Identifier) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf [2019-12-10]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-07-15]
CHR Extension: (I don't care about cookies) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2020-01-27]
CHR Extension: (AudioPick) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfhcppdamigjkficnjnhmnljljhagaha [2019-07-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-10]
CHR Extension: (Grammarly for Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-01-27]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2020-01-22]
CHR Extension: (Chakra Magic) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldamnagiplkkoeolomjiigkfaobbecbo [2019-10-04]
CHR Extension: (Udělej printscreen celé webové stránky - FireShot) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2019-11-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-07-15]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-11]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0351045.inf_amd64_d758c402b88f6280\B351053\atiesrxx.exe [524504 2020-01-20] (Advanced Micro Devices, Inc. -> AMD)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-04-29] (Apple Inc. -> Apple Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11164232 2020-01-07] (Microsoft Corporation -> Microsoft Corporation)
S3 DAUpdaterSvc; E:\Hry\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2019-07-12] (BioWare -> BioWare)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-12-16] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-12-16] (ESET, spol. s r.o. -> ESET)
R2 FA_Scheduler; C:\Program Files\Fortinet\FortiClient\scheduler.exe [138640 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
S3 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [73200 2018-09-25] (INTERNET PROJECT LLC -> Freemake)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
R2 MicronCacheMonitor; C:\Program Files\Crucial\Crucial Storage Executive\cache\MicronCacheMonitor.exe [689152 2016-07-26] (Micron Technology, Inc.) [File not signed]
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [309664 2019-04-01] (Locktime Software s.r.o. -> Locktime Software)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2475312 2019-12-12] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3352376 2019-12-12] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2436936 2019-12-25] (Overwolf Ltd -> Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2019-11-21] (Even Balance, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2019-08-09] (Microsoft) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2019-08-09] (Microsoft) [File not signed]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0351045.inf_amd64_d758c402b88f6280\B351053\atikmdag.sys [65753304 2020-01-20] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDKMDAP; C:\WINDOWS\System32\DriverStore\FileRepository\c0351045.inf_amd64_d758c402b88f6280\B351053\atikmpag.sys [592088 2020-01-20] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [103664 2019-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [108152 2019-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 BrSerIb; C:\WINDOWS\System32\drivers\BrSerIb.sys [95344 2013-11-21] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 BrUsbSIb; C:\WINDOWS\System32\drivers\BrUsbSIb.sys [21872 2013-11-21] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 busenum; C:\WINDOWS\System32\drivers\SteelBus64.sys [146944 2014-10-08] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries Corporation)
R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d68x64.inf_amd64_0d0901f66b76dc48\e1d68x64.sys [598112 2019-07-15] (Intel(R) INTELND1820 -> Intel Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149944 2019-11-09] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [103264 2019-11-09] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-07-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189512 2019-11-09] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50712 2019-11-09] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [79744 2019-12-16] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116696 2019-12-16] (ESET, spol. s r.o. -> ESET)
S0 FlashBoot; C:\WINDOWS\System32\drivers\FlashBoot.sys [17616 2019-07-15] (Challenger Backup Solutions, LLC -> Challenger Backup Solutions, LLC)
S3 fortiapd; C:\WINDOWS\System32\drivers\fortiapd.sys [27688 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R1 FortiFilter; C:\WINDOWS\system32\DRIVERS\FortiFilter.sys [35400 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S1 FortiFW; C:\WINDOWS\System32\drivers\FortiFW2.sys [47144 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 Fortips; C:\WINDOWS\System32\drivers\fortips.sys [157752 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R1 FortiShield; C:\WINDOWS\System32\drivers\FortiShield.sys [83512 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 fortisniff; C:\WINDOWS\System32\drivers\fortisniff2.sys [121384 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 ftsvnic; C:\WINDOWS\System32\drivers\ftsvnic.sys [71320 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
R3 ft_vnic; C:\WINDOWS\System32\drivers\ftvnic.sys [70536 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Corporation)
R1 HWiNFO; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [66128 2019-07-16] (Martin Malik - REALiX -> REALiX(tm))
R0 iaStorE; C:\WINDOWS\System32\drivers\iaStorE.sys [1056096 2019-07-15] (Intel Corporation -> Intel Corporation)
R0 iaStorF; C:\WINDOWS\System32\drivers\iaStorF.sys [40288 2019-07-15] (Intel Corporation -> Intel Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
S3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2018-10-05] (Logitech Inc -> Logitech Inc.)
S3 LGJoyHidLo; C:\WINDOWS\system32\drivers\LGJoyHidLo.sys [47256 2018-10-05] (Logitech Inc -> Logitech Inc.)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.)
S3 LGSHidFilt; C:\WINDOWS\System32\drivers\LGSHidFilt.Sys [64280 2018-10-05] (Logitech -> Logitech Inc.)
S3 LGSUsbFilt; C:\WINDOWS\System32\drivers\LGSUsbFilt.Sys [41752 2018-10-05] (Logitech -> Logitech Inc.)
R3 MEIx64; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_84dfa9390100e6bc\x64\TeeDriverW8x64.sys [253840 2019-10-15] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 mticache; C:\WINDOWS\System32\Drivers\mticache.sys [61512 2015-07-13] (Micron Technology, Inc. -> Micron Technology, Inc.) [File not signed]
R1 mtihint; C:\WINDOWS\system32\Drivers\mtihint.sys [18504 2015-07-13] (Micron Technology, Inc. -> Micron Technology, Inc.) [File not signed]
R0 nldrv; C:\WINDOWS\System32\drivers\nldrv.sys [178944 2019-04-01] (Locktime Software s.r.o. -> Locktime Software)
R3 pppop; C:\WINDOWS\System32\drivers\pppop64.sys [54344 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
S3 rdacpi; C:\WINDOWS\System32\drivers\rdacpi.sys [41784 2019-07-15] (EA Excelsior Hang Tong Computer Technology Limited -> )
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 rspWhySoSlow; C:\WINDOWS\System32\DRIVERS\rspWhy64.sys [28928 2016-12-17] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 SAlphamBth; C:\WINDOWS\System32\drivers\SAlphabt64.sys [31232 2014-10-08] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries Corporation)
S3 SAlphamHid; C:\WINDOWS\System32\drivers\SAlpham64.sys [39168 2014-10-08] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries Corporation)
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [163644 2019-07-28] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [53912 2019-07-15] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [54928 2019-07-15] (Synaptics Incorporated -> Synaptics Incorporated)
S3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [47824 2019-05-24] (SteelSeries ApS -> SteelSeries ApS)
S3 STTub30; C:\WINDOWS\System32\Drivers\STTub30.sys [54104 2019-02-01] (STMicroelectronics -> STMicroelectronics)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-08] (Microsoft Windows -> Microsoft Corporation)
R3 XENfiltv; C:\WINDOWS\system32\drivers\XENfiltv.sys [25600 2019-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
S3 cpuz148; \??\C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [X]
S3 VBAudioVMAUXVAIOMME; \SystemRoot\System32\drivers\vbaudio_vmauxvaio64_win10.sys [X]
S3 VBAudioVMVAIOMME; \SystemRoot\System32\drivers\vbaudio_vmvaio64_win10.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-27 16:22 - 2020-01-27 16:22 - 000000000 ____D C:\Users\Petr\Desktop\FRST-OlderVersion
2020-01-27 13:23 - 2020-01-27 13:23 - 000000000 ____D C:\Users\Petr\Downloads\Telegram Desktop
2020-01-27 12:36 - 2020-01-27 12:36 - 000037224 _____ C:\Users\Petr\Downloads\MP59G.zip
2020-01-27 12:36 - 2020-01-27 12:36 - 000037201 _____ C:\Users\Petr\Downloads\MP59G (1).zip
2020-01-27 11:13 - 2020-01-27 11:13 - 008237744 _____ (Malwarebytes) C:\Users\Petr\Downloads\adwcleaner_8.0.1.exe
2020-01-25 22:02 - 2020-01-25 22:02 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\ZAUM Studio
2020-01-25 21:44 - 2020-01-25 21:44 - 000000505 _____ C:\Users\Public\Desktop\Disco Elysium.lnk
2020-01-25 17:56 - 2020-01-25 17:56 - 000000000 ____D C:\Users\Petr\Documents\Paradox Interactive
2020-01-25 17:56 - 2020-01-25 17:56 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Iceflake Studios
2020-01-25 16:34 - 2020-01-25 16:34 - 000000000 ____D C:\WINDOWS\LastGood
2020-01-25 16:34 - 2020-01-25 16:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2020-01-25 16:34 - 2020-01-25 16:34 - 000000000 ____D C:\Program Files (x86)\AMD
2020-01-25 16:15 - 2020-01-25 16:15 - 000025949 _____ C:\Users\Petr\Downloads\the.sopranos.s05.e06.sentimental.education.(2004).eng.1cd.(3610204).zip
2020-01-25 16:13 - 2020-01-25 16:13 - 000023040 _____ C:\Users\Petr\Downloads\the.sopranos.s05.e06.sentimental.education.(2004).pob.1cd.(7394467).zip
2020-01-25 16:13 - 2020-01-25 16:13 - 000023040 _____ C:\Users\Petr\Downloads\the.sopranos.s05.e06.sentimental.education.(2004).pob.1cd.(7394467) (1).zip
2020-01-25 14:06 - 2020-01-25 14:06 - 000023170 _____ C:\Users\Petr\Downloads\the.sopranos.s05.e05.irregular.around.the.margins.(2004).eng.1cd.(7079262).zip
2020-01-25 14:06 - 2020-01-25 14:06 - 000023170 _____ C:\Users\Petr\Downloads\the.sopranos.s05.e05.irregular.around.the.margins.(2004).eng.1cd.(7079262) (1).zip
2020-01-25 12:47 - 2020-01-25 12:47 - 000024069 _____ C:\Users\Petr\Downloads\The Sopranos_5x04_en.zip
2020-01-25 12:44 - 2020-01-20 15:51 - 001765592 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-01-25 12:44 - 2020-01-20 15:51 - 001765592 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-01-25 12:44 - 2020-01-20 15:51 - 001360088 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-01-25 12:44 - 2020-01-20 15:51 - 001360088 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-01-25 12:44 - 2020-01-20 15:51 - 001243352 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2020-01-25 12:44 - 2020-01-20 15:51 - 001084952 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-01-25 12:44 - 2020-01-20 15:51 - 001084952 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-01-25 12:44 - 2020-01-20 15:51 - 000943800 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-01-25 12:44 - 2020-01-20 15:51 - 000943800 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-01-25 12:44 - 2020-01-20 15:51 - 000135384 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-01-25 12:44 - 2020-01-20 15:51 - 000121560 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-01-25 12:44 - 2020-01-20 15:51 - 000020392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2020-01-25 12:44 - 2020-01-20 15:51 - 000020392 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2020-01-25 12:38 - 2020-01-25 12:39 - 000054329 _____ C:\Users\Petr\Desktop\Addition.txt
2020-01-25 12:37 - 2020-01-27 16:23 - 000036837 _____ C:\Users\Petr\Desktop\FRST.txt
2020-01-25 12:36 - 2020-01-27 16:23 - 000000000 ____D C:\FRST
2020-01-25 12:35 - 2020-01-27 16:22 - 002581504 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2020-01-25 12:24 - 2020-01-25 12:24 - 000002633 _____ C:\Users\Public\Desktop\Battle Painters.lnk
2020-01-25 12:24 - 2020-01-25 12:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Saito Games
2020-01-25 12:24 - 2020-01-25 12:24 - 000000000 ____D C:\Program Files (x86)\Saito Games
2020-01-17 12:26 - 2020-01-17 20:59 - 000000000 ____D C:\Users\Petr\AppData\Roaming\WeMod
2020-01-17 12:26 - 2020-01-17 12:26 - 000002156 _____ C:\Users\Petr\Desktop\WeMod.lnk
2020-01-17 12:26 - 2020-01-17 12:26 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod
2020-01-17 12:26 - 2020-01-17 12:26 - 000000000 ____D C:\Users\Petr\AppData\Local\WeMod
2020-01-17 09:47 - 2020-01-17 20:59 - 000000000 ____D C:\Users\Petr\AppData\Roaming\ControlCenter4
2020-01-16 20:16 - 2020-01-16 20:16 - 000000000 ____D C:\Users\Petr\AppData\Local\NMS_MCDAMM
2020-01-16 13:39 - 2020-01-16 13:39 - 000000000 ____D C:\Users\Petr\AppData\Local\Nuance
2020-01-16 13:39 - 2020-01-16 13:39 - 000000000 ____D C:\Users\Petr\AppData\Local\Brother
2020-01-16 13:39 - 2020-01-16 13:39 - 000000000 ____D C:\ProgramData\Nuance
2020-01-16 13:35 - 2020-01-17 09:47 - 000000000 ____D C:\ProgramData\ControlCenter4
2020-01-16 13:35 - 2020-01-16 13:45 - 000000000 ____D C:\Program Files (x86)\Browny02
2020-01-16 13:35 - 2020-01-16 13:43 - 000000000 ____D C:\Program Files (x86)\ControlCenter4
2020-01-16 13:35 - 2020-01-16 13:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2020-01-16 13:35 - 2020-01-16 13:35 - 000000000 ____D C:\Program Files (x86)\ControlCenter4 CSDK
2020-01-16 13:30 - 2020-01-16 13:40 - 000000000 ____D C:\Program Files (x86)\Brother
2020-01-16 13:21 - 2020-01-16 13:21 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-01-15 22:47 - 2020-01-15 22:47 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-15 22:47 - 2020-01-15 22:47 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-15 22:47 - 2020-01-15 22:47 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-15 22:47 - 2020-01-15 22:47 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-15 22:47 - 2020-01-15 22:47 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-15 22:47 - 2020-01-15 22:47 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-15 22:47 - 2020-01-15 22:47 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
2020-01-15 22:47 - 2020-01-15 22:47 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbscan.sys
2020-01-15 22:47 - 2020-01-15 22:47 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-15 22:44 - 2020-01-15 22:44 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-15 22:44 - 2020-01-15 22:44 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-15 00:06 - 2020-01-15 00:06 - 000000000 ____D C:\Users\Petr\AppData\Roaming\HelloGames
2020-01-15 00:03 - 2020-01-15 00:03 - 000000881 _____ C:\Users\Public\Desktop\No Man's Sky.lnk
2020-01-15 00:03 - 2020-01-15 00:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\No Man's Sky [GOG.com]
2020-01-05 15:48 - 2020-01-05 18:14 - 000000000 ____D C:\Users\Petr\AppData\Roaming\TS3Client
2020-01-05 15:48 - 2020-01-05 15:48 - 000000976 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2020-01-05 15:48 - 2020-01-05 15:48 - 000000000 ____D C:\Users\Petr\AppData\Local\TeamSpeak 3
2020-01-05 15:48 - 2020-01-05 15:48 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client
2019-12-30 13:44 - 2020-01-19 10:38 - 000000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
2019-12-30 13:30 - 2019-12-30 13:30 - 000000773 _____ C:\Users\Public\Desktop\BioShock 2 Remastered.lnk
2019-12-28 17:23 - 2019-12-28 17:23 - 000001413 _____ C:\Users\Petr\Desktop\The Beginner's Guide.lnk
2019-12-28 17:23 - 2019-12-28 17:23 - 000000000 ____D C:\Users\Petr\AppData\Roaming\The Beginner's Guide
2019-12-28 17:23 - 2019-12-28 17:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2019-12-28 17:21 - 2019-12-28 17:21 - 000000000 ____D C:\Program Files (x86)\R.G. Mechanics
2019-12-28 16:25 - 2019-12-28 16:25 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\David OReilly
2019-12-28 16:24 - 2019-12-28 16:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Everything [GOG.com]
2019-12-28 16:24 - 2019-12-28 16:24 - 000000000 ____D C:\ProgramData\GOG.com
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-27 16:23 - 2019-07-15 16:33 - 000000000 ____D C:\Users\Petr\AppData\Roaming\uTorrent
2020-01-27 15:38 - 2019-07-15 17:05 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-27 14:30 - 2019-10-24 11:27 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2020-01-27 13:23 - 2019-07-15 17:39 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Telegram Desktop
2020-01-27 11:57 - 2019-07-15 17:06 - 000906560 _____ C:\WINDOWS\system32\perfh005.dat
2020-01-27 11:57 - 2019-07-15 17:06 - 000203572 _____ C:\WINDOWS\system32\perfc005.dat
2020-01-27 11:57 - 2019-07-15 16:30 - 000005810 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-27 11:15 - 2019-12-19 12:12 - 000003124 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2020-01-27 11:15 - 2019-09-26 12:34 - 000003110 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2020-01-27 11:15 - 2019-07-15 16:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-27 11:14 - 2019-07-15 17:01 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-01-27 11:14 - 2019-07-15 16:15 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-01-27 11:03 - 2019-07-15 17:05 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-01-27 11:02 - 2019-07-15 17:15 - 000000000 ____D C:\Program Files\Microsoft Office
2020-01-26 23:44 - 2019-07-15 16:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-26 14:49 - 2019-07-15 17:05 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-26 14:49 - 2019-07-15 17:05 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-26 12:25 - 2019-07-15 17:04 - 000000000 ____D C:\WINDOWS\INF
2020-01-25 18:29 - 2019-08-26 11:52 - 000000000 ____D C:\Program Files\Warcraft III
2020-01-25 18:29 - 2019-07-27 20:08 - 000000000 ____D C:\Users\Petr\AppData\Local\Blizzard
2020-01-25 16:34 - 2019-07-15 16:15 - 000000000 ____D C:\Program Files\AMD
2020-01-25 12:44 - 2019-07-02 18:20 - 000000000 ____D C:\AMD
2020-01-24 22:24 - 2019-07-15 16:29 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages
2020-01-21 20:42 - 2019-07-15 16:32 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-21 20:42 - 2019-07-15 16:32 - 000002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-20 15:51 - 2019-12-19 12:10 - 062867672 _____ C:\WINDOWS\system32\amd_comgr.dll
2020-01-20 15:51 - 2019-12-19 12:10 - 052403416 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2020-01-20 15:51 - 2019-12-19 12:10 - 001594072 _____ (AMD) C:\WINDOWS\system32\coinst_19.50.dll
2020-01-20 15:51 - 2019-07-04 07:55 - 000197392 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2020-01-20 15:51 - 2019-07-04 07:55 - 000166992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 004585168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 004093144 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2020-01-20 15:51 - 2018-12-05 18:48 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2020-01-20 15:51 - 2018-12-05 18:48 - 001730776 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 001243352 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000941784 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000769240 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000761048 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2020-01-20 15:51 - 2018-12-05 18:48 - 000574680 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000554200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000546328 _____ C:\WINDOWS\system32\amdmiracast.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000541392 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2020-01-20 15:51 - 2018-12-05 18:48 - 000541392 _____ C:\WINDOWS\system32\atiapfxx.blb
2020-01-20 15:51 - 2018-12-05 18:48 - 000493784 _____ C:\WINDOWS\system32\dgtrayicon.exe
2020-01-20 15:51 - 2018-12-05 18:48 - 000491728 _____ C:\WINDOWS\system32\GameManager64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000485592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000484568 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000469208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000451800 _____ C:\WINDOWS\system32\atieah64.exe
2020-01-20 15:51 - 2018-12-05 18:48 - 000384216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000374488 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000373976 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000345816 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2020-01-20 15:51 - 2018-12-05 18:48 - 000344792 _____ C:\WINDOWS\system32\clinfo.exe
2020-01-20 15:51 - 2018-12-05 18:48 - 000241880 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000209112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000184536 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000178864 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000163032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000159448 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000158216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000153304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000138456 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000136408 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000136408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000134944 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000128736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000128736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000124632 _____ C:\WINDOWS\system32\atidxx64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000121048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000119856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000107840 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000107840 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000107216 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000106200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000070872 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000047320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000044248 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2020-01-20 13:34 - 2019-07-15 17:05 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-01-20 13:27 - 2019-07-15 17:51 - 000000000 ____D C:\Users\Petr\AppData\Local\ElevatedDiagnostics
2020-01-20 12:46 - 2019-07-15 17:48 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Discord
2020-01-20 00:49 - 2019-07-15 16:21 - 000000000 ____D C:\Users\Petr
2020-01-17 12:44 - 2019-07-15 17:05 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-01-17 12:26 - 2019-07-15 17:48 - 000000000 ____D C:\Users\Petr\AppData\Local\SquirrelTemp
2020-01-17 12:20 - 2019-12-23 20:13 - 000000000 ____D C:\Program Files\Cheat Engine 7.0
2020-01-16 20:12 - 2019-11-10 15:50 - 000000000 ____D C:\Users\Petr\AppData\Local\ModOrganizer
2020-01-16 13:45 - 2019-07-15 16:16 - 000000000 ____D C:\ProgramData\Brother
2020-01-16 13:39 - 2019-08-13 17:05 - 000000000 ___RD C:\Users\Petr\AppData\Roaming\Brother
2020-01-16 13:35 - 2019-07-15 16:37 - 000000000 ____D C:\ProgramData\Package Cache
2020-01-16 10:28 - 2019-07-15 16:14 - 000439864 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-15 23:17 - 2019-07-15 17:05 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-15 23:17 - 2019-07-15 17:05 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-15 23:17 - 2019-07-15 17:05 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-15 23:17 - 2019-07-15 17:05 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-15 22:52 - 2019-07-15 16:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-15 22:49 - 2019-07-15 17:02 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-15 22:49 - 2019-07-15 16:36 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-15 22:32 - 2019-11-09 15:47 - 000000000 ____D C:\Intel
2020-01-15 14:16 - 2019-07-15 16:48 - 000000000 ____D C:\Users\Petr\AppData\Local\D3DSCache
2020-01-11 12:53 - 2019-09-05 16:53 - 000000000 ____D C:\Program Files (x86)\Overwolf
2020-01-06 23:02 - 2019-09-05 16:53 - 000002176 _____ C:\Users\Petr\Desktop\DotaPlus.lnk
2020-01-06 12:16 - 2019-09-05 16:52 - 000000000 ____D C:\Users\Petr\AppData\Local\Overwolf
2019-12-30 20:43 - 2019-12-12 15:21 - 000000000 ____D C:\Users\Petr\Documents\BioshockHD
2019-12-30 20:43 - 2019-12-12 15:21 - 000000000 ____D C:\Users\Petr\AppData\Roaming\BioshockHD
==================== Files in the root of some directories ========
2019-07-21 19:16 - 2019-07-21 19:16 - 000034135 _____ () C:\Users\Petr\AppData\Roaming\VoiceMeeterBananaDefault.xml
2019-07-21 17:48 - 2019-07-21 19:03 - 000004652 _____ () C:\Users\Petr\AppData\Roaming\VoiceMeeterDefault.xml
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Ran by Petr (administrator) on DESKTOP-VOQ6VC7 (27-01-2020 16:23:03)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 10 Pro Version 1903 18362.592 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0351045.inf_amd64_d758c402b88f6280\B351053\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0351045.inf_amd64_d758c402b88f6280\B351053\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FCDBLog.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiESNAC.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiSettings.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiSSLVPNdaemon.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\FortiTray.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files\Fortinet\FortiClient\scheduler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Locktime Software s.r.o. -> Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLClientApp.exe
(Locktime Software s.r.o. -> Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Micron Technology, Inc.) [File not signed] C:\Program Files\Crucial\Crucial Storage Executive\cache\MicronCacheMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Telegram FZ-LLC -> Telegram FZ-LLC) C:\Users\Petr\AppData\Roaming\Telegram Desktop\Telegram.exe
(uTorrent.CZ -> BitTorrent, Inc.) [File not signed] C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
(uTorrent.CZ -> emc) [File not signed] C:\Users\Petr\AppData\Roaming\uTorrent\uninstall.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Hry\Steam\Steam.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9277528 2019-07-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [183088 2019-12-16] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-07-19] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [61370712 2019-07-15] (Discord Inc. -> Discord Inc.)
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => %LOCALAPPDATA%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default
HKLM-x32\...\Run: [M17A] => C:\WINDOWS\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [94752 2019-08-06] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [File not signed]
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Run: [NetLimiter] => C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe [80800 2019-04-01] (Locktime Software s.r.o. -> Locktime Software)
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Run: [Steam] => E:\Hry\Steam\steam.exe [3311568 2020-01-18] (Valve -> Valve Corporation)
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Run: [Discord] => C:\Users\Petr\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1670472 2019-12-25] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Run: [GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [567296 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-21] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{AC7DD106-EAB6-4b41-AC4F-D52FD62A82C7}] -> C:\Program Files\Fortinet\FortiClient\FortiCredentialProvider2.dll [2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{AC7DD106-EAB6-4b41-AC4F-D52FD62A82C7}] -> C:\Program Files\Fortinet\FortiClient\FortiCredentialProvider2.dll [2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2019-07-15]
GroupPolicy: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {06D74EF8-F23C-491F-B392-886264FA4FCD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6128536 2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {1295EE31-6BAA-4378-ACC6-0B33D2543CE1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2020-01-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {12F8F6B8-19F6-4793-A5D9-C93290268C4A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2050456 2020-01-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {148EFA11-1A3D-4009-A117-73A0E03EDFC3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6128536 2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {35F31498-CE90-4D36-92AC-2898E4B71325} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628672 2020-01-17] (Advanced Micro Devices, Inc.) [File not signed]
Task: {3FCBB18B-65F2-4506-A6DF-A3104AD85E13} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2610160 2019-09-05] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
Task: {42C2E4C3-83F8-4DF9-84C4-29740C4DA4E4} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2024320 2020-01-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {5ACA658B-A65D-4538-8F89-32EBF23CF9A7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {5ED57259-FE7D-4E60-B2CF-6F9BFFC89734} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [1628672 2020-01-17] (Advanced Micro Devices, Inc.) [File not signed]
Task: {63AF9127-393A-4387-AB42-71F25579E0B0} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2436936 2019-12-25] (Overwolf Ltd -> Overwolf LTD)
Task: {6506FD7D-82F5-4836-8F23-8FD467326DB8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {72820DFE-4BBF-4F45-AF1F-498A6A626585} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-01-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {7AC494FA-FC22-4C02-ACDC-DB1B0A1B2E5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-15] (Google Inc -> Google LLC)
Task: {7F0B35FC-4F34-4E43-B389-650BB8E14B23} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-01-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {80F8FEF3-7026-4DA7-A583-509B8AA626F7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24629104 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {8C763221-A3D1-4FF2-A739-AE52AE50169D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24629104 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {A456C71F-F58C-482F-94CF-2FF935D44E00} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2050456 2020-01-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {A9ACC8E2-41AC-4DF0-930B-4405F96472C5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158552 2020-01-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9F26416-F0B3-41F5-BB7F-F8CA81842BE6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CC2970DC-3C37-4B9D-83B7-3DEE08C70DA7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-15] (Google Inc -> Google LLC)
Task: {CE2D92E4-08F5-46DA-A58F-989FE8EE7583} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D3CC5ECF-00CC-4634-8E4C-4775B9ABB0B2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [570240 2017-02-14] (Apple Inc. -> Apple Inc.)
Task: {E2096B07-F85C-42BD-ACA7-C844999DF810} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F007473D-4B4B-4877-9027-B3B59558AC3D} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628672 2020-01-17] (Advanced Micro Devices, Inc.) [File not signed]
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 1.1.1.1
Tcpip\..\Interfaces\{31d1964d-eb4e-4663-91db-9ccdd3024933}: [NameServer] 1.1.1.1,8.8.4.4
Tcpip\..\Interfaces\{31d1964d-eb4e-4663-91db-9ccdd3024933}: [DhcpNameServer] 8.8.8.8 1.1.1.1
Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2020-01-27]
CHR Notifications: Default -> hxxps://webchat.freenode.net
CHR DefaultSearchURL: Default -> hxxps://github.com/Steffo99/chakra-magic
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-07-15]
CHR Extension: (BetterTTV) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2020-01-13]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-07-15]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-07-15]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-07-15]
CHR Extension: (GeoGebra Klasik) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2020-01-24]
CHR Extension: (uBlock Origin) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-01-05]
CHR Extension: (AHA Music - Music Identifier) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf [2019-12-10]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-07-15]
CHR Extension: (I don't care about cookies) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2020-01-27]
CHR Extension: (AudioPick) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfhcppdamigjkficnjnhmnljljhagaha [2019-07-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-10]
CHR Extension: (Grammarly for Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-01-27]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2020-01-22]
CHR Extension: (Chakra Magic) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldamnagiplkkoeolomjiigkfaobbecbo [2019-10-04]
CHR Extension: (Udělej printscreen celé webové stránky - FireShot) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2019-11-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-07-15]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-11]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0351045.inf_amd64_d758c402b88f6280\B351053\atiesrxx.exe [524504 2020-01-20] (Advanced Micro Devices, Inc. -> AMD)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-04-29] (Apple Inc. -> Apple Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11164232 2020-01-07] (Microsoft Corporation -> Microsoft Corporation)
S3 DAUpdaterSvc; E:\Hry\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2019-07-12] (BioWare -> BioWare)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-12-16] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-12-16] (ESET, spol. s r.o. -> ESET)
R2 FA_Scheduler; C:\Program Files\Fortinet\FortiClient\scheduler.exe [138640 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
S3 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [73200 2018-09-25] (INTERNET PROJECT LLC -> Freemake)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
R2 MicronCacheMonitor; C:\Program Files\Crucial\Crucial Storage Executive\cache\MicronCacheMonitor.exe [689152 2016-07-26] (Micron Technology, Inc.) [File not signed]
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [309664 2019-04-01] (Locktime Software s.r.o. -> Locktime Software)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2475312 2019-12-12] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3352376 2019-12-12] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2436936 2019-12-25] (Overwolf Ltd -> Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2019-11-21] (Even Balance, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2019-08-09] (Microsoft) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2019-08-09] (Microsoft) [File not signed]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0351045.inf_amd64_d758c402b88f6280\B351053\atikmdag.sys [65753304 2020-01-20] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDKMDAP; C:\WINDOWS\System32\DriverStore\FileRepository\c0351045.inf_amd64_d758c402b88f6280\B351053\atikmpag.sys [592088 2020-01-20] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [103664 2019-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [108152 2019-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 BrSerIb; C:\WINDOWS\System32\drivers\BrSerIb.sys [95344 2013-11-21] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 BrUsbSIb; C:\WINDOWS\System32\drivers\BrUsbSIb.sys [21872 2013-11-21] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 busenum; C:\WINDOWS\System32\drivers\SteelBus64.sys [146944 2014-10-08] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries Corporation)
R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d68x64.inf_amd64_0d0901f66b76dc48\e1d68x64.sys [598112 2019-07-15] (Intel(R) INTELND1820 -> Intel Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149944 2019-11-09] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [103264 2019-11-09] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-07-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189512 2019-11-09] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50712 2019-11-09] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [79744 2019-12-16] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116696 2019-12-16] (ESET, spol. s r.o. -> ESET)
S0 FlashBoot; C:\WINDOWS\System32\drivers\FlashBoot.sys [17616 2019-07-15] (Challenger Backup Solutions, LLC -> Challenger Backup Solutions, LLC)
S3 fortiapd; C:\WINDOWS\System32\drivers\fortiapd.sys [27688 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R1 FortiFilter; C:\WINDOWS\system32\DRIVERS\FortiFilter.sys [35400 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S1 FortiFW; C:\WINDOWS\System32\drivers\FortiFW2.sys [47144 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 Fortips; C:\WINDOWS\System32\drivers\fortips.sys [157752 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R1 FortiShield; C:\WINDOWS\System32\drivers\FortiShield.sys [83512 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 fortisniff; C:\WINDOWS\System32\drivers\fortisniff2.sys [121384 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 ftsvnic; C:\WINDOWS\System32\drivers\ftsvnic.sys [71320 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
R3 ft_vnic; C:\WINDOWS\System32\drivers\ftvnic.sys [70536 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Corporation)
R1 HWiNFO; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [66128 2019-07-16] (Martin Malik - REALiX -> REALiX(tm))
R0 iaStorE; C:\WINDOWS\System32\drivers\iaStorE.sys [1056096 2019-07-15] (Intel Corporation -> Intel Corporation)
R0 iaStorF; C:\WINDOWS\System32\drivers\iaStorF.sys [40288 2019-07-15] (Intel Corporation -> Intel Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
S3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2018-10-05] (Logitech Inc -> Logitech Inc.)
S3 LGJoyHidLo; C:\WINDOWS\system32\drivers\LGJoyHidLo.sys [47256 2018-10-05] (Logitech Inc -> Logitech Inc.)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.)
S3 LGSHidFilt; C:\WINDOWS\System32\drivers\LGSHidFilt.Sys [64280 2018-10-05] (Logitech -> Logitech Inc.)
S3 LGSUsbFilt; C:\WINDOWS\System32\drivers\LGSUsbFilt.Sys [41752 2018-10-05] (Logitech -> Logitech Inc.)
R3 MEIx64; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_84dfa9390100e6bc\x64\TeeDriverW8x64.sys [253840 2019-10-15] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 mticache; C:\WINDOWS\System32\Drivers\mticache.sys [61512 2015-07-13] (Micron Technology, Inc. -> Micron Technology, Inc.) [File not signed]
R1 mtihint; C:\WINDOWS\system32\Drivers\mtihint.sys [18504 2015-07-13] (Micron Technology, Inc. -> Micron Technology, Inc.) [File not signed]
R0 nldrv; C:\WINDOWS\System32\drivers\nldrv.sys [178944 2019-04-01] (Locktime Software s.r.o. -> Locktime Software)
R3 pppop; C:\WINDOWS\System32\drivers\pppop64.sys [54344 2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
S3 rdacpi; C:\WINDOWS\System32\drivers\rdacpi.sys [41784 2019-07-15] (EA Excelsior Hang Tong Computer Technology Limited -> )
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 rspWhySoSlow; C:\WINDOWS\System32\DRIVERS\rspWhy64.sys [28928 2016-12-17] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 SAlphamBth; C:\WINDOWS\System32\drivers\SAlphabt64.sys [31232 2014-10-08] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries Corporation)
S3 SAlphamHid; C:\WINDOWS\System32\drivers\SAlpham64.sys [39168 2014-10-08] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries Corporation)
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [163644 2019-07-28] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [53912 2019-07-15] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [54928 2019-07-15] (Synaptics Incorporated -> Synaptics Incorporated)
S3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [47824 2019-05-24] (SteelSeries ApS -> SteelSeries ApS)
S3 STTub30; C:\WINDOWS\System32\Drivers\STTub30.sys [54104 2019-02-01] (STMicroelectronics -> STMicroelectronics)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-08] (Microsoft Windows -> Microsoft Corporation)
R3 XENfiltv; C:\WINDOWS\system32\drivers\XENfiltv.sys [25600 2019-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
S3 cpuz148; \??\C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [X]
S3 VBAudioVMAUXVAIOMME; \SystemRoot\System32\drivers\vbaudio_vmauxvaio64_win10.sys [X]
S3 VBAudioVMVAIOMME; \SystemRoot\System32\drivers\vbaudio_vmvaio64_win10.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-27 16:22 - 2020-01-27 16:22 - 000000000 ____D C:\Users\Petr\Desktop\FRST-OlderVersion
2020-01-27 13:23 - 2020-01-27 13:23 - 000000000 ____D C:\Users\Petr\Downloads\Telegram Desktop
2020-01-27 12:36 - 2020-01-27 12:36 - 000037224 _____ C:\Users\Petr\Downloads\MP59G.zip
2020-01-27 12:36 - 2020-01-27 12:36 - 000037201 _____ C:\Users\Petr\Downloads\MP59G (1).zip
2020-01-27 11:13 - 2020-01-27 11:13 - 008237744 _____ (Malwarebytes) C:\Users\Petr\Downloads\adwcleaner_8.0.1.exe
2020-01-25 22:02 - 2020-01-25 22:02 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\ZAUM Studio
2020-01-25 21:44 - 2020-01-25 21:44 - 000000505 _____ C:\Users\Public\Desktop\Disco Elysium.lnk
2020-01-25 17:56 - 2020-01-25 17:56 - 000000000 ____D C:\Users\Petr\Documents\Paradox Interactive
2020-01-25 17:56 - 2020-01-25 17:56 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Iceflake Studios
2020-01-25 16:34 - 2020-01-25 16:34 - 000000000 ____D C:\WINDOWS\LastGood
2020-01-25 16:34 - 2020-01-25 16:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2020-01-25 16:34 - 2020-01-25 16:34 - 000000000 ____D C:\Program Files (x86)\AMD
2020-01-25 16:15 - 2020-01-25 16:15 - 000025949 _____ C:\Users\Petr\Downloads\the.sopranos.s05.e06.sentimental.education.(2004).eng.1cd.(3610204).zip
2020-01-25 16:13 - 2020-01-25 16:13 - 000023040 _____ C:\Users\Petr\Downloads\the.sopranos.s05.e06.sentimental.education.(2004).pob.1cd.(7394467).zip
2020-01-25 16:13 - 2020-01-25 16:13 - 000023040 _____ C:\Users\Petr\Downloads\the.sopranos.s05.e06.sentimental.education.(2004).pob.1cd.(7394467) (1).zip
2020-01-25 14:06 - 2020-01-25 14:06 - 000023170 _____ C:\Users\Petr\Downloads\the.sopranos.s05.e05.irregular.around.the.margins.(2004).eng.1cd.(7079262).zip
2020-01-25 14:06 - 2020-01-25 14:06 - 000023170 _____ C:\Users\Petr\Downloads\the.sopranos.s05.e05.irregular.around.the.margins.(2004).eng.1cd.(7079262) (1).zip
2020-01-25 12:47 - 2020-01-25 12:47 - 000024069 _____ C:\Users\Petr\Downloads\The Sopranos_5x04_en.zip
2020-01-25 12:44 - 2020-01-20 15:51 - 001765592 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-01-25 12:44 - 2020-01-20 15:51 - 001765592 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-01-25 12:44 - 2020-01-20 15:51 - 001360088 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-01-25 12:44 - 2020-01-20 15:51 - 001360088 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-01-25 12:44 - 2020-01-20 15:51 - 001243352 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2020-01-25 12:44 - 2020-01-20 15:51 - 001084952 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-01-25 12:44 - 2020-01-20 15:51 - 001084952 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-01-25 12:44 - 2020-01-20 15:51 - 000943800 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-01-25 12:44 - 2020-01-20 15:51 - 000943800 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-01-25 12:44 - 2020-01-20 15:51 - 000135384 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-01-25 12:44 - 2020-01-20 15:51 - 000121560 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-01-25 12:44 - 2020-01-20 15:51 - 000020392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2020-01-25 12:44 - 2020-01-20 15:51 - 000020392 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2020-01-25 12:38 - 2020-01-25 12:39 - 000054329 _____ C:\Users\Petr\Desktop\Addition.txt
2020-01-25 12:37 - 2020-01-27 16:23 - 000036837 _____ C:\Users\Petr\Desktop\FRST.txt
2020-01-25 12:36 - 2020-01-27 16:23 - 000000000 ____D C:\FRST
2020-01-25 12:35 - 2020-01-27 16:22 - 002581504 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2020-01-25 12:24 - 2020-01-25 12:24 - 000002633 _____ C:\Users\Public\Desktop\Battle Painters.lnk
2020-01-25 12:24 - 2020-01-25 12:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Saito Games
2020-01-25 12:24 - 2020-01-25 12:24 - 000000000 ____D C:\Program Files (x86)\Saito Games
2020-01-17 12:26 - 2020-01-17 20:59 - 000000000 ____D C:\Users\Petr\AppData\Roaming\WeMod
2020-01-17 12:26 - 2020-01-17 12:26 - 000002156 _____ C:\Users\Petr\Desktop\WeMod.lnk
2020-01-17 12:26 - 2020-01-17 12:26 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod
2020-01-17 12:26 - 2020-01-17 12:26 - 000000000 ____D C:\Users\Petr\AppData\Local\WeMod
2020-01-17 09:47 - 2020-01-17 20:59 - 000000000 ____D C:\Users\Petr\AppData\Roaming\ControlCenter4
2020-01-16 20:16 - 2020-01-16 20:16 - 000000000 ____D C:\Users\Petr\AppData\Local\NMS_MCDAMM
2020-01-16 13:39 - 2020-01-16 13:39 - 000000000 ____D C:\Users\Petr\AppData\Local\Nuance
2020-01-16 13:39 - 2020-01-16 13:39 - 000000000 ____D C:\Users\Petr\AppData\Local\Brother
2020-01-16 13:39 - 2020-01-16 13:39 - 000000000 ____D C:\ProgramData\Nuance
2020-01-16 13:35 - 2020-01-17 09:47 - 000000000 ____D C:\ProgramData\ControlCenter4
2020-01-16 13:35 - 2020-01-16 13:45 - 000000000 ____D C:\Program Files (x86)\Browny02
2020-01-16 13:35 - 2020-01-16 13:43 - 000000000 ____D C:\Program Files (x86)\ControlCenter4
2020-01-16 13:35 - 2020-01-16 13:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2020-01-16 13:35 - 2020-01-16 13:35 - 000000000 ____D C:\Program Files (x86)\ControlCenter4 CSDK
2020-01-16 13:30 - 2020-01-16 13:40 - 000000000 ____D C:\Program Files (x86)\Brother
2020-01-16 13:21 - 2020-01-16 13:21 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-01-15 22:47 - 2020-01-15 22:47 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-15 22:47 - 2020-01-15 22:47 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-15 22:47 - 2020-01-15 22:47 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-15 22:47 - 2020-01-15 22:47 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-15 22:47 - 2020-01-15 22:47 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-15 22:47 - 2020-01-15 22:47 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-15 22:47 - 2020-01-15 22:47 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
2020-01-15 22:47 - 2020-01-15 22:47 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-15 22:47 - 2020-01-15 22:47 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbscan.sys
2020-01-15 22:47 - 2020-01-15 22:47 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-15 22:47 - 2020-01-15 22:47 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-15 22:44 - 2020-01-15 22:44 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-15 22:44 - 2020-01-15 22:44 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-15 00:06 - 2020-01-15 00:06 - 000000000 ____D C:\Users\Petr\AppData\Roaming\HelloGames
2020-01-15 00:03 - 2020-01-15 00:03 - 000000881 _____ C:\Users\Public\Desktop\No Man's Sky.lnk
2020-01-15 00:03 - 2020-01-15 00:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\No Man's Sky [GOG.com]
2020-01-05 15:48 - 2020-01-05 18:14 - 000000000 ____D C:\Users\Petr\AppData\Roaming\TS3Client
2020-01-05 15:48 - 2020-01-05 15:48 - 000000976 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2020-01-05 15:48 - 2020-01-05 15:48 - 000000000 ____D C:\Users\Petr\AppData\Local\TeamSpeak 3
2020-01-05 15:48 - 2020-01-05 15:48 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client
2019-12-30 13:44 - 2020-01-19 10:38 - 000000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
2019-12-30 13:30 - 2019-12-30 13:30 - 000000773 _____ C:\Users\Public\Desktop\BioShock 2 Remastered.lnk
2019-12-28 17:23 - 2019-12-28 17:23 - 000001413 _____ C:\Users\Petr\Desktop\The Beginner's Guide.lnk
2019-12-28 17:23 - 2019-12-28 17:23 - 000000000 ____D C:\Users\Petr\AppData\Roaming\The Beginner's Guide
2019-12-28 17:23 - 2019-12-28 17:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2019-12-28 17:21 - 2019-12-28 17:21 - 000000000 ____D C:\Program Files (x86)\R.G. Mechanics
2019-12-28 16:25 - 2019-12-28 16:25 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\David OReilly
2019-12-28 16:24 - 2019-12-28 16:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Everything [GOG.com]
2019-12-28 16:24 - 2019-12-28 16:24 - 000000000 ____D C:\ProgramData\GOG.com
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-27 16:23 - 2019-07-15 16:33 - 000000000 ____D C:\Users\Petr\AppData\Roaming\uTorrent
2020-01-27 15:38 - 2019-07-15 17:05 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-27 14:30 - 2019-10-24 11:27 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2020-01-27 13:23 - 2019-07-15 17:39 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Telegram Desktop
2020-01-27 11:57 - 2019-07-15 17:06 - 000906560 _____ C:\WINDOWS\system32\perfh005.dat
2020-01-27 11:57 - 2019-07-15 17:06 - 000203572 _____ C:\WINDOWS\system32\perfc005.dat
2020-01-27 11:57 - 2019-07-15 16:30 - 000005810 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-27 11:15 - 2019-12-19 12:12 - 000003124 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2020-01-27 11:15 - 2019-09-26 12:34 - 000003110 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2020-01-27 11:15 - 2019-07-15 16:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-27 11:14 - 2019-07-15 17:01 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-01-27 11:14 - 2019-07-15 16:15 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-01-27 11:03 - 2019-07-15 17:05 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-01-27 11:02 - 2019-07-15 17:15 - 000000000 ____D C:\Program Files\Microsoft Office
2020-01-26 23:44 - 2019-07-15 16:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-26 14:49 - 2019-07-15 17:05 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-26 14:49 - 2019-07-15 17:05 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-26 12:25 - 2019-07-15 17:04 - 000000000 ____D C:\WINDOWS\INF
2020-01-25 18:29 - 2019-08-26 11:52 - 000000000 ____D C:\Program Files\Warcraft III
2020-01-25 18:29 - 2019-07-27 20:08 - 000000000 ____D C:\Users\Petr\AppData\Local\Blizzard
2020-01-25 16:34 - 2019-07-15 16:15 - 000000000 ____D C:\Program Files\AMD
2020-01-25 12:44 - 2019-07-02 18:20 - 000000000 ____D C:\AMD
2020-01-24 22:24 - 2019-07-15 16:29 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages
2020-01-21 20:42 - 2019-07-15 16:32 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-21 20:42 - 2019-07-15 16:32 - 000002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-20 15:51 - 2019-12-19 12:10 - 062867672 _____ C:\WINDOWS\system32\amd_comgr.dll
2020-01-20 15:51 - 2019-12-19 12:10 - 052403416 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2020-01-20 15:51 - 2019-12-19 12:10 - 001594072 _____ (AMD) C:\WINDOWS\system32\coinst_19.50.dll
2020-01-20 15:51 - 2019-07-04 07:55 - 000197392 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2020-01-20 15:51 - 2019-07-04 07:55 - 000166992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 004585168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 004093144 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2020-01-20 15:51 - 2018-12-05 18:48 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2020-01-20 15:51 - 2018-12-05 18:48 - 001730776 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 001243352 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000941784 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000769240 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000761048 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2020-01-20 15:51 - 2018-12-05 18:48 - 000574680 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000554200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000546328 _____ C:\WINDOWS\system32\amdmiracast.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000541392 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2020-01-20 15:51 - 2018-12-05 18:48 - 000541392 _____ C:\WINDOWS\system32\atiapfxx.blb
2020-01-20 15:51 - 2018-12-05 18:48 - 000493784 _____ C:\WINDOWS\system32\dgtrayicon.exe
2020-01-20 15:51 - 2018-12-05 18:48 - 000491728 _____ C:\WINDOWS\system32\GameManager64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000485592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000484568 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000469208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000451800 _____ C:\WINDOWS\system32\atieah64.exe
2020-01-20 15:51 - 2018-12-05 18:48 - 000384216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000374488 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000373976 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000345816 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2020-01-20 15:51 - 2018-12-05 18:48 - 000344792 _____ C:\WINDOWS\system32\clinfo.exe
2020-01-20 15:51 - 2018-12-05 18:48 - 000241880 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000209112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000184536 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000178864 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000163032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000159448 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000158216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000153304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000138456 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000136408 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000136408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000134944 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000128736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000128736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000124632 _____ C:\WINDOWS\system32\atidxx64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000121048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000119856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000107840 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000107840 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000107216 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000106200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000070872 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000047320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2020-01-20 15:51 - 2018-12-05 18:48 - 000044248 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2020-01-20 13:34 - 2019-07-15 17:05 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-01-20 13:27 - 2019-07-15 17:51 - 000000000 ____D C:\Users\Petr\AppData\Local\ElevatedDiagnostics
2020-01-20 12:46 - 2019-07-15 17:48 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Discord
2020-01-20 00:49 - 2019-07-15 16:21 - 000000000 ____D C:\Users\Petr
2020-01-17 12:44 - 2019-07-15 17:05 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-01-17 12:26 - 2019-07-15 17:48 - 000000000 ____D C:\Users\Petr\AppData\Local\SquirrelTemp
2020-01-17 12:20 - 2019-12-23 20:13 - 000000000 ____D C:\Program Files\Cheat Engine 7.0
2020-01-16 20:12 - 2019-11-10 15:50 - 000000000 ____D C:\Users\Petr\AppData\Local\ModOrganizer
2020-01-16 13:45 - 2019-07-15 16:16 - 000000000 ____D C:\ProgramData\Brother
2020-01-16 13:39 - 2019-08-13 17:05 - 000000000 ___RD C:\Users\Petr\AppData\Roaming\Brother
2020-01-16 13:35 - 2019-07-15 16:37 - 000000000 ____D C:\ProgramData\Package Cache
2020-01-16 10:28 - 2019-07-15 16:14 - 000439864 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-15 23:17 - 2019-07-15 17:05 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-15 23:17 - 2019-07-15 17:05 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-15 23:17 - 2019-07-15 17:05 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-15 23:17 - 2019-07-15 17:05 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-15 22:52 - 2019-07-15 16:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-15 22:49 - 2019-07-15 17:02 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-15 22:49 - 2019-07-15 16:36 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-15 22:32 - 2019-11-09 15:47 - 000000000 ____D C:\Intel
2020-01-15 14:16 - 2019-07-15 16:48 - 000000000 ____D C:\Users\Petr\AppData\Local\D3DSCache
2020-01-11 12:53 - 2019-09-05 16:53 - 000000000 ____D C:\Program Files (x86)\Overwolf
2020-01-06 23:02 - 2019-09-05 16:53 - 000002176 _____ C:\Users\Petr\Desktop\DotaPlus.lnk
2020-01-06 12:16 - 2019-09-05 16:52 - 000000000 ____D C:\Users\Petr\AppData\Local\Overwolf
2019-12-30 20:43 - 2019-12-12 15:21 - 000000000 ____D C:\Users\Petr\Documents\BioshockHD
2019-12-30 20:43 - 2019-12-12 15:21 - 000000000 ____D C:\Users\Petr\AppData\Roaming\BioshockHD
==================== Files in the root of some directories ========
2019-07-21 19:16 - 2019-07-21 19:16 - 000034135 _____ () C:\Users\Petr\AppData\Roaming\VoiceMeeterBananaDefault.xml
2019-07-21 17:48 - 2019-07-21 19:03 - 000004652 _____ () C:\Users\Petr\AppData\Roaming\VoiceMeeterDefault.xml
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Re: Prosím o preventivní kontrolu a vyčištění PC
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-01-2020
Ran by Petr (27-01-2020 16:24:07)
Running from C:\Users\Petr\Desktop
Windows 10 Pro Version 1903 18362.592 (X64) (2019-07-15 15:28:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1247212818-2744187641-637679726-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1247212818-2744187641-637679726-503 - Limited - Disabled)
Guest (S-1-5-21-1247212818-2744187641-637679726-501 - Limited - Disabled)
Petr (S-1-5-21-1247212818-2744187641-637679726-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-1247212818-2744187641-637679726-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
A Plague Tale: Innocence (HKLM-x32\...\A Plague Tale: Innocence_is1) (Version: - )
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_2) (Version: 20.0.2 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.1.3 - Advanced Micro Devices, Inc.)
Anaconda3 2019.07 (Python 3.7.3 64-bit) (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Anaconda3 2019.07 (Python 3.7.3 64-bit)) (Version: 2019.07 - Anaconda, Inc.)
Apple Mobile Device Support (HKLM\...\{B5A46811-3612-4DA5-8A5A-E6DED5D7C523}) (Version: 12.2.1.12 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Baldur's Gate - Enhanced Edition (HKLM-x32\...\Baldur's Gate - Enhanced Edition_is1) (Version: - )
Battle Painters (HKLM-x32\...\{A58E2FFC-18B9-4EFB-9925-4E2429C47005}) (Version: 2.1.0 - Saito Games)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.52.0 - Bethesda Softworks)
BioShock 2 Remastered (HKLM-x32\...\BioShock 2 Remastered_is1) (Version: - )
BioShock Remastered (HKLM-x32\...\BioShock Remastered_is1) (Version: - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Branding64 (HKLM\...\{133E6274-9FD4-4ABD-80A8-2A954E89EAD6}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{569f9640-fd0a-4a52-97f2-11277f65a3f0}) (Version: 4.4.0.33 - Brother Industries, Ltd.)
Brother iPrint&Scan (HKLM-x32\...\{FE65E525-8FCA-43BE-8D7F-0C4665FAE1A5}) (Version: 4.4.0.33 - Brother Industries, Ltd.) Hidden
Brother Port Driver (HKLM-x32\...\{42B7DE8A-B2BF-41E3-9F0C-F3C10DAB9189}) (Version: 1.0.5.1 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{DFDF4BFA-1551-47EC-93BF-EBC1C305CD47}) (Version: 1.6.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{49F15DD6-D83B-4756-BB57-66E00570C186}) (Version: 1.0.22.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
Community Modpack for Mafia: The City of Lost Heaven (HKLM-x32\...\Community Modpack for Mafia: The City of Lost Heaven_is1) (Version: - Rimsky)
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
Crucial Storage Executive (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Crucial Storage Executive 3.65.012019.06) (Version: 5.05.082019.02 - Crucial)
Disco Elysium (HKLM-x32\...\Disco Elysium_is1) (Version: - )
Discord (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Doomsday 2.2.0.3261 (HKLM\...\{DCF62B7B-29EB-4341-BEA4-3975CD08FF06}) (Version: 2.2.0.3261 - dengine.net)
DotaPlus (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Overwolf_kpaejaacomnkenpbmclnglmblpmfiapjlebhpcom) (Version: 3.7.88 - Overwolf app)
ESET Security (HKLM\...\{EC96F234-2A42-4D7D-9C33-443566F72BF5}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
Everything (HKLM-x32\...\1549149082_is1) (Version: 1.06.01 - GOG.com)
ffdshow x64 v1.3.4531 [2014-06-28] (HKLM\...\ffdshow64_is1) (Version: 1.3.4531.0 - )
FortiClient (HKLM\...\{6C0A3C5E-7725-49D8-A016-B3ADCACF61C2}) (Version: 6.0.9.0277 - Fortinet Technologies Inc)
Freemake Video Converter verze 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Ellora Assets Corporation)
GitHub Desktop (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\GitHubDesktop) (Version: 2.2.2 - GitHub, Inc.)
GOM Audio (HKLM-x32\...\GOMAudio) (Version: 2.2.21.0 - GOM & Company)
GOM Player Plus (HKLM-x32\...\GOM Player Plus) (Version: 2.3.41.5303 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
HWiNFO64 Version 6.08 (HKLM\...\HWiNFO64_is1) (Version: 6.08 - Martin Malik - REALiX)
Chameleon Shutdown 1.0 (HKLM-x32\...\Chameleon Shutdown) (Version: 1.0 - NeoSoft Tools)
Cheat Engine 7.0 (HKLM\...\Cheat Engine 7.0_is1) (Version: - Cheat Engine)
IntelliJ IDEA 2019.1.3 (HKLM-x32\...\IntelliJ IDEA 2019.1.3) (Version: 191.7479.19 - JetBrains s.r.o.)
iTunes (HKLM\...\{281A8A05-80EB-4B93-B825-C9FBEE17CE85}) (Version: 12.9.6.3 - Apple Inc.)
Java(TM) SE Development Kit 11.0.4 (64-bit) (HKLM\...\{D3E31A1B-9D08-58C9-A7CF-7A78FDF3AA08}) (Version: 11.0.4.0 - Oracle Corporation)
Java(TM) SE Development Kit 12.0.2 (64-bit) (HKLM\...\{3FA68A00-9C88-5E69-870A-B40CB89DC2EF}) (Version: 12.0.2.0 - Oracle Corporation)
LatencyMon 6.71 (HKLM\...\LatencyMon_is1) (Version: - Resplendence Software Projects Sp.)
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
Macro Recorder 5.6.5 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.6.5 - Jitbit Software)
Mafia (HKLM-x32\...\{C72D7008-266D-4DD8-BF3C-296B736127F6}) (Version: 1.02 - )
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.12325.20344 - Microsoft Corporation)
Microsoft Project Standard 2019 - cs-cz (HKLM\...\ProjectStd2019Retail - cs-cz) (Version: 16.0.12325.20344 - Microsoft Corporation)
Microsoft Project Standard 2019 - en-us (HKLM\...\ProjectStd2019Retail - en-us) (Version: 16.0.12325.20344 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Support and Recovery Assistant for Office 365 (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\7181b9498a4ee6aa) (Version: 16.0.3054.6 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NetLimiter 4 (HKLM\...\{62DE00AD-5121-4FA9-885D-18FEECC61AE0}) (Version: 4.0.45.0 - Locktime Software) Hidden
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.45.0) (Version: 4.0.45.0 - Locktime Software)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
No Man's Sky (HKLM-x32\...\1446213994_is1) (Version: 2.24_Synthesis_55356 - GOG.com)
NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.2.1 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12325.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12325.20344 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.57.35162 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.140.0.33 - Overwolf Ltd.)
PatchCleaner (HKLM-x32\...\{727DA176-50BB-452C-8DB5-96EE0A573ED4}) (Version: 1.4.20 - HomeDev)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{5C028510-A6A1-409A-A2BF-4DCB43B21EF9}) (Version: 7.6 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{5C7D4FCF-80C5-4520-9934-D50532AAC59C}) (Version: 7.6 - Apple Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Python Launcher (HKLM-x32\...\{D722DA3A-92F5-454A-BD5D-A48C94D82300}) (Version: 3.7.6762.0 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8750.1 - Realtek Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 6.0.0.100 - Samsung Electronics)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
SD_Java~v7 CloneDR (HKLM-x32\...\{BDB78B86-D365-47A6-9A43-2DECD04A6B28}) (Version: 2.2.12 - Semantic Designs, Inc.)
SoftwareUpdateNotification (HKLM-x32\...\{34F12379-C924-41E6-921D-51C71217F58C}) (Version: 1.0.9.0 - Brother Industries, Ltd.) Hidden
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.3.2 - TeamSpeak Systems GmbH)
Telegram Desktop version 1.9.3 (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.9.3 - Telegram FZ-LLC)
The Beginner's Guide (HKLM-x32\...\The Beginner's Guide_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
The Elder Scrolls V Skyrim Special Edition version 1.5.80 (HKLM-x32\...\The Elder Scrolls V Skyrim Special Edition_is1) (Version: 1.5.80 - Bethesda Softworks)
The Ultimate DOOM (HKLM-x32\...\1435827232_is1) (Version: 2.0.0.3 - GOG.com)
Tweaking.com - Simple System Tweaker (HKLM-x32\...\Tweaking.com - Simple System Tweaker) (Version: 2.2.0 - Tweaking.com)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
WeMod (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\WeMod) (Version: 6.2.16 - WeMod)
WhySoSlow 1.51 (HKLM\...\WhySoSlowHome_is1) (Version: - Resplendence Software Projects Sp.)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1247212818-2744187641-637679726-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1247212818-2744187641-637679726-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1247212818-2744187641-637679726-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [FortiClient] -> {7AE5C558-994B-40B7-8730-2DAC2B96781B} => C:\Program Files\Fortinet\FortiClient\FortiCliSh.dll [2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-01-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxDTCM.dll -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [FortiClient] -> {1935F098-AF3C-4AFC-ADA2-12C74B452DF1} => C:\Program Files\Fortinet\FortiClient\FortiCliSh.dll [2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\GeoGebra Klasik.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=bnbaboaihhkjoaolfnfoablhllahjnee
ShortcutWithArgument: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt (Anaconda).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" E:\Anaconda\Scripts\activate.bat E:\Anaconda
==================== Loaded Modules (Whitelisted) =============
2019-07-18 10:51 - 2019-07-18 10:51 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-01-17 14:56 - 2020-01-17 14:56 - 001518592 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2019-11-12 17:23 - 2019-11-12 17:23 - 001165842 _____ (Fortinet Inc.) [File not signed] C:\Program Files\Fortinet\FortiClient\utilsdll.dll
2019-11-09 16:20 - 2018-03-05 21:27 - 005529600 _____ (Micron Technology, Inc.) [File not signed] C:\Program Files\Crucial\Crucial Storage Executive\mticm.dll
2018-04-06 19:29 - 2018-04-06 19:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll
2018-04-06 19:29 - 2018-04-06 19:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\ssleay32.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000519168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 001431040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-01-17 15:04 - 2020-01-17 15:04 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000724992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000120832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 001083904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000260608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000287232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000329216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000312320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-01-17 15:04 - 2020-01-17 15:04 - 000085504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\sharepoint.com -> hxxps://365osu-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-07-15 17:05 - 2020-01-27 16:24 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\SemanticDesigns\DMS\Executables;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Crucial\Crucial Storage Executive
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 1.1.1.1 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 0) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet 3: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Ethernet 2: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Ethernet: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Discord"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerProgramData"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerLocalAppData"
HKLM\...\StartupApproved\Run32: => "BrotherSoftwareUpdateNotification"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "M17A"
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\StartupApproved\Run: => "Overwolf"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{A1045F96-6FB6-4CE9-8A53-5ACA31413A8C}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{A0B1CC68-8D3F-4727-8BD8-0088D1E9CCD4}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{C83B792D-C42B-4CF4-9B14-EB32DF57C4F0}] => (Allow) E:\Hry\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{44CF06A5-4311-4F22-8152-8ED0EDC15B57}] => (Allow) E:\Hry\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{29AC2856-A4BC-46DF-9ABF-25D34257FA5F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{E461D2DF-C78E-4F69-9C02-C5F2127F169D}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{0EE5B550-E392-4A17-9959-DC28228C66D0}] => (Allow) E:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{1CAEDFB8-569D-4194-A692-8288385A8B92}] => (Allow) E:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [TCP Query User{6DF75371-459F-4081-B1B2-8A29D9BE8D9B}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [UDP Query User{D22040A8-FE76-420A-AB84-9E1E967A5437}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [{77B78CFC-A633-4A4A-A6E2-E85BA2F772A0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{26133B35-7E75-4196-9E3E-45E3FFC27C6F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1E6C4951-C8B2-428C-BB8A-17E01D3FC7C9}] => (Allow) E:\Hry\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{22A33D65-42E7-4CF2-B729-3F19EC78E7CF}] => (Allow) E:\Hry\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{56A40762-7D92-4E30-9FC4-4493F562F4B7}] => (Allow) E:\Hry\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe (BioWare -> BioWare)
FirewallRules: [{3DE8040E-DD05-4F62-A4D7-F15A2FB6435C}] => (Allow) E:\Hry\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe (BioWare -> BioWare)
FirewallRules: [{E9820D00-E11E-499A-8E65-38ADA26EED3A}] => (Allow) E:\Hry\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe (BioWare -> BioWare)
FirewallRules: [{74BCB38E-D3B7-46F5-942A-00E02A22807C}] => (Allow) E:\Hry\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe (BioWare -> BioWare)
FirewallRules: [{39A572BF-1D6D-4448-AE39-B7F32D6D22E0}] => (Allow) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{AB5CB961-1D24-4401-BDD7-593AEBC9EA85}] => (Allow) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{268193FC-7890-43F2-ACBE-09D4920C6397}] => (Allow) E:\Hry\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{18DE7964-791C-4B7A-BCF9-33C06C8882E9}] => (Allow) E:\Hry\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{5B58FA60-4BEE-49A3-9EBB-B94C65E043FE}] => (Allow) G:\Hry\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{E3B807C5-FB00-4A4A-B066-A577EAD94CB0}] => (Allow) G:\Hry\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{DF2BE885-05AA-499C-8807-2BF66C8BEF7E}] => (Allow) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe No File
FirewallRules: [{ECA6A176-7111-4C17-9487-D7348D754C7A}] => (Allow) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe No File
FirewallRules: [{EFB40D5B-FADD-4194-9CBA-AED3251E1889}] => (Allow) G:\Hry\Mr DJ\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe No File
FirewallRules: [{3C568573-D8A7-4D95-AF2C-63ADD7114EBC}] => (Allow) G:\Hry\Mr DJ\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe No File
FirewallRules: [{92159109-B638-470C-AAD5-F9F4440E00D2}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E9E8D23D-7428-461C-9FD6-0EAD82554E0E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AFE63610-A770-487F-977C-F313262C9494}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F56AE2C6-8EBA-4D66-AA97-08EF4C520A20}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9AA25613-6C73-4917-9834-B81262F89A27}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8318ABAE-B231-486E-B450-889571EFD0AF}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{36122839-781F-401B-A05B-6CCA313C7794}C:\program files\jetbrains\intellij idea 2019.1.3\bin\idea64.exe] => (Allow) C:\program files\jetbrains\intellij idea 2019.1.3\bin\idea64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [UDP Query User{E60C2FB3-DA19-40D1-AC69-C3CB08BF5859}C:\program files\jetbrains\intellij idea 2019.1.3\bin\idea64.exe] => (Allow) C:\program files\jetbrains\intellij idea 2019.1.3\bin\idea64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [{302B7461-1944-4F2E-A702-ADE34FB6D8E8}] => (Block) C:\program files\jetbrains\intellij idea 2019.1.3\bin\idea64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [{0AFFFDE5-FF82-43E1-BA61-941102D8F0F1}] => (Block) C:\program files\jetbrains\intellij idea 2019.1.3\bin\idea64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [{FC421253-A4A5-4A0B-BF03-E54B5E96F91A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{99107CBC-60A3-4D7E-8FC9-45CAB99E35CF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FA2C957E-E880-4EA4-A791-8C36D4FAFB68}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AC7D6AF6-F7A9-4712-8D7F-8876815C9F06}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe No File
FirewallRules: [{4C70FFE1-CA61-47BC-8A16-EDEC6EB046C1}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe No File
FirewallRules: [{8AC5057C-FF55-4CBD-820B-1DDD8FEE3ACF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{CCBF09EB-92F3-466E-BB17-B1226D5BA7F5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{5AB6D97A-C3C5-4F76-A9BA-D90448C382F8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{9500D564-9562-450F-87C1-05055BFFB75B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{4F66DFC7-ABE0-484E-811F-5791B30B8A8C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{98DB2D4C-DCCC-4C5B-9039-BF6530598D8F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{29C58D36-5793-4051-A303-B35430C5E46A}] => (Allow) C:\Program Files\Fortinet\FortiClient\FortiProxy.exe No File
FirewallRules: [{7F9AB3FE-EDD0-4630-9100-E1D1AE8D99DA}] => (Allow) C:\Program Files\Fortinet\FortiClient\ipsec.exe (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
FirewallRules: [{41E959D7-A58E-4102-AF6F-53779B745C6A}] => (Allow) C:\Program Files\Fortinet\FortiClient\FortiWad.exe No File
FirewallRules: [{378C6D38-6296-4073-B843-6A19DEE88187}] => (Allow) C:\Program Files\Fortinet\FortiClient\fortiesnac.exe (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
FirewallRules: [{BEE36F21-3A05-423D-9AA8-28DB2C8D09D5}] => (Allow) C:\Program Files\Fortinet\FortiClient\fortifws.exe (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
FirewallRules: [{C79399F8-4CC1-43BC-B8BE-0B90FA13CC21}] => (Allow) E:\Hry\Steam\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe No File
FirewallRules: [{A857AE94-4E41-4E11-961A-35CEA4BD6C22}] => (Allow) E:\Hry\Steam\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe No File
FirewallRules: [{C76976C9-FD17-4047-A92E-AFD028CE898A}] => (Allow) E:\Hry\Steam\steamapps\common\SS2\SS2.exe No File
FirewallRules: [{089759CA-B005-474B-965A-8F2E8B6B3636}] => (Allow) E:\Hry\Steam\steamapps\common\SS2\SS2.exe No File
FirewallRules: [{322601C2-66FD-4861-BEE9-E31F216D33BC}] => (Allow) LPort=54950
FirewallRules: [{A0DAE8D8-FD39-41EA-BF42-1321E5632263}] => (Allow) LPort=54955
FirewallRules: [{6D8D941D-BB5E-4A19-847B-A463F45435B4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
Name: Fortinet SSL VPN Virtual Ethernet Adapter
Description: Fortinet SSL VPN Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Fortinet Inc.
Service: ftsvnic
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (01/27/2020 12:40:26 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (864,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/27/2020 11:26:12 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5764,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/27/2020 11:15:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Název chybujícího modulu: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Kód výjimky: 0xc0000005
Posun chyby: 0x00099d50
ID chybujícího procesu: 0xf10
Čas spuštění chybující aplikace: 0x01d5d4fab9ffe320
Cesta k chybující aplikaci: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
ID zprávy: a315e396-b482-4f47-99e2-735931ed0a2f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/27/2020 11:15:41 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...
Error: (01/27/2020 11:15:41 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.
Error: (01/27/2020 11:15:41 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (01/27/2020 11:15:41 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (01/27/2020 11:15:41 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[1]: 192.168.1.106
System errors:
=============
Error: (01/27/2020 11:15:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Web Helper Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/27/2020 11:15:41 AM) (Source: RemoteAccess) (EventID: 20063) (User: )
Description: Remote Access Connection Manager failed to start because the Protocol engine [IKEv2] failed to initialize. Požadavek není podporován.
Error: (01/27/2020 11:15:41 AM) (Source: RemoteAccess) (EventID: 20063) (User: )
Description: Remote Access Connection Manager failed to start because the Protocol engine [rasgreeng.dll] failed to initialize. Uvedený modul nebyl nalezen.
Error: (01/27/2020 11:15:41 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba WMPNetworkSvc byla ukončena s následující chybou:
Byl proveden pokus o odkaz na neexistující token.
Error: (01/27/2020 11:15:41 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1068 při pokusu o spuštění služby upnphost s argumenty Není k dispozici za účelem spuštění serveru:
{204810B9-73B2-11D4-BF42-00B0D0118B56}
Error: (01/27/2020 11:15:41 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba upnphost závisí na službě SSDPSRV, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
Error: (01/27/2020 11:15:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SecDrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (01/27/2020 11:15:40 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\WINDOWS\SysWow64\drivers\SECDRV.SYS
Windows Defender:
===================================
CodeIntegrity:
===================================
Date: 2020-01-27 16:20:44.744
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-27 16:20:44.743
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-27 16:18:14.108
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-27 16:18:14.107
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-27 16:15:45.066
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-27 16:15:45.065
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-27 16:15:41.706
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-27 16:15:41.705
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 0904 09/14/2018
Motherboard: ASUSTeK COMPUTER INC. TUF B360-PLUS GAMING
Processor: Intel(R) Core(TM) i5-8400 CPU @ 2.80GHz
Percentage of memory in use: 55%
Total physical RAM: 16302.67 MB
Available physical RAM: 7309.39 MB
Total Virtual: 23982.67 MB
Available Virtual: 10883.37 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:195.23 GB) (Free:86.64 GB) NTFS
Drive d: (Data HDD) (Fixed) (Total:732.42 GB) (Free:374.02 GB) NTFS
Drive e: (Data SSD) (Fixed) (Total:643.03 GB) (Free:177.96 GB) NTFS
Drive f: (Programy) (Fixed) (Total:199.09 GB) (Free:37.78 GB) NTFS
Drive g: (Old SSD) (Fixed) (Total:111.19 GB) (Free:34.36 GB) NTFS
\\?\Volume{fff756d2-1de5-4165-9669-528f822265be}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.1 GB) NTFS
\\?\Volume{91f2d278-d25d-49f6-8542-5823122e3ff3}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32
\\?\Volume{2579efb3-ac67-4b50-aa9e-9229e7320667}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0008C0E8)
Partition 1: (Not Active) - (Size=732.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=199.1 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 5D2C5193)
Partition: GPT.
==========================================================
Disk: 2 (Size: 111.8 GB) (Disk ID: E5572F99)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by Petr (27-01-2020 16:24:07)
Running from C:\Users\Petr\Desktop
Windows 10 Pro Version 1903 18362.592 (X64) (2019-07-15 15:28:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1247212818-2744187641-637679726-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1247212818-2744187641-637679726-503 - Limited - Disabled)
Guest (S-1-5-21-1247212818-2744187641-637679726-501 - Limited - Disabled)
Petr (S-1-5-21-1247212818-2744187641-637679726-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-1247212818-2744187641-637679726-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
A Plague Tale: Innocence (HKLM-x32\...\A Plague Tale: Innocence_is1) (Version: - )
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_2) (Version: 20.0.2 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.1.3 - Advanced Micro Devices, Inc.)
Anaconda3 2019.07 (Python 3.7.3 64-bit) (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Anaconda3 2019.07 (Python 3.7.3 64-bit)) (Version: 2019.07 - Anaconda, Inc.)
Apple Mobile Device Support (HKLM\...\{B5A46811-3612-4DA5-8A5A-E6DED5D7C523}) (Version: 12.2.1.12 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Baldur's Gate - Enhanced Edition (HKLM-x32\...\Baldur's Gate - Enhanced Edition_is1) (Version: - )
Battle Painters (HKLM-x32\...\{A58E2FFC-18B9-4EFB-9925-4E2429C47005}) (Version: 2.1.0 - Saito Games)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.52.0 - Bethesda Softworks)
BioShock 2 Remastered (HKLM-x32\...\BioShock 2 Remastered_is1) (Version: - )
BioShock Remastered (HKLM-x32\...\BioShock Remastered_is1) (Version: - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Branding64 (HKLM\...\{133E6274-9FD4-4ABD-80A8-2A954E89EAD6}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{569f9640-fd0a-4a52-97f2-11277f65a3f0}) (Version: 4.4.0.33 - Brother Industries, Ltd.)
Brother iPrint&Scan (HKLM-x32\...\{FE65E525-8FCA-43BE-8D7F-0C4665FAE1A5}) (Version: 4.4.0.33 - Brother Industries, Ltd.) Hidden
Brother Port Driver (HKLM-x32\...\{42B7DE8A-B2BF-41E3-9F0C-F3C10DAB9189}) (Version: 1.0.5.1 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{DFDF4BFA-1551-47EC-93BF-EBC1C305CD47}) (Version: 1.6.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{49F15DD6-D83B-4756-BB57-66E00570C186}) (Version: 1.0.22.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
Community Modpack for Mafia: The City of Lost Heaven (HKLM-x32\...\Community Modpack for Mafia: The City of Lost Heaven_is1) (Version: - Rimsky)
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
Crucial Storage Executive (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Crucial Storage Executive 3.65.012019.06) (Version: 5.05.082019.02 - Crucial)
Disco Elysium (HKLM-x32\...\Disco Elysium_is1) (Version: - )
Discord (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Doomsday 2.2.0.3261 (HKLM\...\{DCF62B7B-29EB-4341-BEA4-3975CD08FF06}) (Version: 2.2.0.3261 - dengine.net)
DotaPlus (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\Overwolf_kpaejaacomnkenpbmclnglmblpmfiapjlebhpcom) (Version: 3.7.88 - Overwolf app)
ESET Security (HKLM\...\{EC96F234-2A42-4D7D-9C33-443566F72BF5}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
Everything (HKLM-x32\...\1549149082_is1) (Version: 1.06.01 - GOG.com)
ffdshow x64 v1.3.4531 [2014-06-28] (HKLM\...\ffdshow64_is1) (Version: 1.3.4531.0 - )
FortiClient (HKLM\...\{6C0A3C5E-7725-49D8-A016-B3ADCACF61C2}) (Version: 6.0.9.0277 - Fortinet Technologies Inc)
Freemake Video Converter verze 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Ellora Assets Corporation)
GitHub Desktop (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\GitHubDesktop) (Version: 2.2.2 - GitHub, Inc.)
GOM Audio (HKLM-x32\...\GOMAudio) (Version: 2.2.21.0 - GOM & Company)
GOM Player Plus (HKLM-x32\...\GOM Player Plus) (Version: 2.3.41.5303 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
HWiNFO64 Version 6.08 (HKLM\...\HWiNFO64_is1) (Version: 6.08 - Martin Malik - REALiX)
Chameleon Shutdown 1.0 (HKLM-x32\...\Chameleon Shutdown) (Version: 1.0 - NeoSoft Tools)
Cheat Engine 7.0 (HKLM\...\Cheat Engine 7.0_is1) (Version: - Cheat Engine)
IntelliJ IDEA 2019.1.3 (HKLM-x32\...\IntelliJ IDEA 2019.1.3) (Version: 191.7479.19 - JetBrains s.r.o.)
iTunes (HKLM\...\{281A8A05-80EB-4B93-B825-C9FBEE17CE85}) (Version: 12.9.6.3 - Apple Inc.)
Java(TM) SE Development Kit 11.0.4 (64-bit) (HKLM\...\{D3E31A1B-9D08-58C9-A7CF-7A78FDF3AA08}) (Version: 11.0.4.0 - Oracle Corporation)
Java(TM) SE Development Kit 12.0.2 (64-bit) (HKLM\...\{3FA68A00-9C88-5E69-870A-B40CB89DC2EF}) (Version: 12.0.2.0 - Oracle Corporation)
LatencyMon 6.71 (HKLM\...\LatencyMon_is1) (Version: - Resplendence Software Projects Sp.)
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
Macro Recorder 5.6.5 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.6.5 - Jitbit Software)
Mafia (HKLM-x32\...\{C72D7008-266D-4DD8-BF3C-296B736127F6}) (Version: 1.02 - )
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.12325.20344 - Microsoft Corporation)
Microsoft Project Standard 2019 - cs-cz (HKLM\...\ProjectStd2019Retail - cs-cz) (Version: 16.0.12325.20344 - Microsoft Corporation)
Microsoft Project Standard 2019 - en-us (HKLM\...\ProjectStd2019Retail - en-us) (Version: 16.0.12325.20344 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Support and Recovery Assistant for Office 365 (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\7181b9498a4ee6aa) (Version: 16.0.3054.6 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NetLimiter 4 (HKLM\...\{62DE00AD-5121-4FA9-885D-18FEECC61AE0}) (Version: 4.0.45.0 - Locktime Software) Hidden
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.45.0) (Version: 4.0.45.0 - Locktime Software)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
No Man's Sky (HKLM-x32\...\1446213994_is1) (Version: 2.24_Synthesis_55356 - GOG.com)
NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.2.1 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12325.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12325.20344 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.57.35162 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.140.0.33 - Overwolf Ltd.)
PatchCleaner (HKLM-x32\...\{727DA176-50BB-452C-8DB5-96EE0A573ED4}) (Version: 1.4.20 - HomeDev)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{5C028510-A6A1-409A-A2BF-4DCB43B21EF9}) (Version: 7.6 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{5C7D4FCF-80C5-4520-9934-D50532AAC59C}) (Version: 7.6 - Apple Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Python Launcher (HKLM-x32\...\{D722DA3A-92F5-454A-BD5D-A48C94D82300}) (Version: 3.7.6762.0 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8750.1 - Realtek Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 6.0.0.100 - Samsung Electronics)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
SD_Java~v7 CloneDR (HKLM-x32\...\{BDB78B86-D365-47A6-9A43-2DECD04A6B28}) (Version: 2.2.12 - Semantic Designs, Inc.)
SoftwareUpdateNotification (HKLM-x32\...\{34F12379-C924-41E6-921D-51C71217F58C}) (Version: 1.0.9.0 - Brother Industries, Ltd.) Hidden
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.3.2 - TeamSpeak Systems GmbH)
Telegram Desktop version 1.9.3 (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.9.3 - Telegram FZ-LLC)
The Beginner's Guide (HKLM-x32\...\The Beginner's Guide_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
The Elder Scrolls V Skyrim Special Edition version 1.5.80 (HKLM-x32\...\The Elder Scrolls V Skyrim Special Edition_is1) (Version: 1.5.80 - Bethesda Softworks)
The Ultimate DOOM (HKLM-x32\...\1435827232_is1) (Version: 2.0.0.3 - GOG.com)
Tweaking.com - Simple System Tweaker (HKLM-x32\...\Tweaking.com - Simple System Tweaker) (Version: 2.2.0 - Tweaking.com)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
WeMod (HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\WeMod) (Version: 6.2.16 - WeMod)
WhySoSlow 1.51 (HKLM\...\WhySoSlowHome_is1) (Version: - Resplendence Software Projects Sp.)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1247212818-2744187641-637679726-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1247212818-2744187641-637679726-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1247212818-2744187641-637679726-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [FortiClient] -> {7AE5C558-994B-40B7-8730-2DAC2B96781B} => C:\Program Files\Fortinet\FortiClient\FortiCliSh.dll [2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-01-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxDTCM.dll -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [FortiClient] -> {1935F098-AF3C-4AFC-ADA2-12C74B452DF1} => C:\Program Files\Fortinet\FortiClient\FortiCliSh.dll [2019-11-12] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\GeoGebra Klasik.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=bnbaboaihhkjoaolfnfoablhllahjnee
ShortcutWithArgument: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt (Anaconda).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" E:\Anaconda\Scripts\activate.bat E:\Anaconda
==================== Loaded Modules (Whitelisted) =============
2019-07-18 10:51 - 2019-07-18 10:51 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-01-17 14:56 - 2020-01-17 14:56 - 001518592 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2019-11-12 17:23 - 2019-11-12 17:23 - 001165842 _____ (Fortinet Inc.) [File not signed] C:\Program Files\Fortinet\FortiClient\utilsdll.dll
2019-11-09 16:20 - 2018-03-05 21:27 - 005529600 _____ (Micron Technology, Inc.) [File not signed] C:\Program Files\Crucial\Crucial Storage Executive\mticm.dll
2018-04-06 19:29 - 2018-04-06 19:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll
2018-04-06 19:29 - 2018-04-06 19:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\ssleay32.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000519168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 001431040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-01-17 15:04 - 2020-01-17 15:04 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000724992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000120832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 001083904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000260608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000287232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000329216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000312320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-07-18 10:51 - 2019-07-18 10:51 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-01-17 15:04 - 2020-01-17 15:04 - 000085504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\sharepoint.com -> hxxps://365osu-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-07-15 17:05 - 2020-01-27 16:24 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\SemanticDesigns\DMS\Executables;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Crucial\Crucial Storage Executive
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 1.1.1.1 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 0) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet 3: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Ethernet 2: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Ethernet: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Discord"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerProgramData"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerLocalAppData"
HKLM\...\StartupApproved\Run32: => "BrotherSoftwareUpdateNotification"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "M17A"
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-1247212818-2744187641-637679726-1001\...\StartupApproved\Run: => "Overwolf"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{A1045F96-6FB6-4CE9-8A53-5ACA31413A8C}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{A0B1CC68-8D3F-4727-8BD8-0088D1E9CCD4}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{C83B792D-C42B-4CF4-9B14-EB32DF57C4F0}] => (Allow) E:\Hry\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{44CF06A5-4311-4F22-8152-8ED0EDC15B57}] => (Allow) E:\Hry\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{29AC2856-A4BC-46DF-9ABF-25D34257FA5F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{E461D2DF-C78E-4F69-9C02-C5F2127F169D}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{0EE5B550-E392-4A17-9959-DC28228C66D0}] => (Allow) E:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{1CAEDFB8-569D-4194-A692-8288385A8B92}] => (Allow) E:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [TCP Query User{6DF75371-459F-4081-B1B2-8A29D9BE8D9B}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [UDP Query User{D22040A8-FE76-420A-AB84-9E1E967A5437}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [{77B78CFC-A633-4A4A-A6E2-E85BA2F772A0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{26133B35-7E75-4196-9E3E-45E3FFC27C6F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1E6C4951-C8B2-428C-BB8A-17E01D3FC7C9}] => (Allow) E:\Hry\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{22A33D65-42E7-4CF2-B729-3F19EC78E7CF}] => (Allow) E:\Hry\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{56A40762-7D92-4E30-9FC4-4493F562F4B7}] => (Allow) E:\Hry\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe (BioWare -> BioWare)
FirewallRules: [{3DE8040E-DD05-4F62-A4D7-F15A2FB6435C}] => (Allow) E:\Hry\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe (BioWare -> BioWare)
FirewallRules: [{E9820D00-E11E-499A-8E65-38ADA26EED3A}] => (Allow) E:\Hry\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe (BioWare -> BioWare)
FirewallRules: [{74BCB38E-D3B7-46F5-942A-00E02A22807C}] => (Allow) E:\Hry\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe (BioWare -> BioWare)
FirewallRules: [{39A572BF-1D6D-4448-AE39-B7F32D6D22E0}] => (Allow) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{AB5CB961-1D24-4401-BDD7-593AEBC9EA85}] => (Allow) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{268193FC-7890-43F2-ACBE-09D4920C6397}] => (Allow) E:\Hry\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{18DE7964-791C-4B7A-BCF9-33C06C8882E9}] => (Allow) E:\Hry\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{5B58FA60-4BEE-49A3-9EBB-B94C65E043FE}] => (Allow) G:\Hry\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{E3B807C5-FB00-4A4A-B066-A577EAD94CB0}] => (Allow) G:\Hry\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{DF2BE885-05AA-499C-8807-2BF66C8BEF7E}] => (Allow) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe No File
FirewallRules: [{ECA6A176-7111-4C17-9487-D7348D754C7A}] => (Allow) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe No File
FirewallRules: [{EFB40D5B-FADD-4194-9CBA-AED3251E1889}] => (Allow) G:\Hry\Mr DJ\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe No File
FirewallRules: [{3C568573-D8A7-4D95-AF2C-63ADD7114EBC}] => (Allow) G:\Hry\Mr DJ\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe No File
FirewallRules: [{92159109-B638-470C-AAD5-F9F4440E00D2}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E9E8D23D-7428-461C-9FD6-0EAD82554E0E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AFE63610-A770-487F-977C-F313262C9494}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F56AE2C6-8EBA-4D66-AA97-08EF4C520A20}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9AA25613-6C73-4917-9834-B81262F89A27}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8318ABAE-B231-486E-B450-889571EFD0AF}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{36122839-781F-401B-A05B-6CCA313C7794}C:\program files\jetbrains\intellij idea 2019.1.3\bin\idea64.exe] => (Allow) C:\program files\jetbrains\intellij idea 2019.1.3\bin\idea64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [UDP Query User{E60C2FB3-DA19-40D1-AC69-C3CB08BF5859}C:\program files\jetbrains\intellij idea 2019.1.3\bin\idea64.exe] => (Allow) C:\program files\jetbrains\intellij idea 2019.1.3\bin\idea64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [{302B7461-1944-4F2E-A702-ADE34FB6D8E8}] => (Block) C:\program files\jetbrains\intellij idea 2019.1.3\bin\idea64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [{0AFFFDE5-FF82-43E1-BA61-941102D8F0F1}] => (Block) C:\program files\jetbrains\intellij idea 2019.1.3\bin\idea64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [{FC421253-A4A5-4A0B-BF03-E54B5E96F91A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{99107CBC-60A3-4D7E-8FC9-45CAB99E35CF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FA2C957E-E880-4EA4-A791-8C36D4FAFB68}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AC7D6AF6-F7A9-4712-8D7F-8876815C9F06}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe No File
FirewallRules: [{4C70FFE1-CA61-47BC-8A16-EDEC6EB046C1}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe No File
FirewallRules: [{8AC5057C-FF55-4CBD-820B-1DDD8FEE3ACF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{CCBF09EB-92F3-466E-BB17-B1226D5BA7F5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{5AB6D97A-C3C5-4F76-A9BA-D90448C382F8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{9500D564-9562-450F-87C1-05055BFFB75B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{4F66DFC7-ABE0-484E-811F-5791B30B8A8C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{98DB2D4C-DCCC-4C5B-9039-BF6530598D8F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{29C58D36-5793-4051-A303-B35430C5E46A}] => (Allow) C:\Program Files\Fortinet\FortiClient\FortiProxy.exe No File
FirewallRules: [{7F9AB3FE-EDD0-4630-9100-E1D1AE8D99DA}] => (Allow) C:\Program Files\Fortinet\FortiClient\ipsec.exe (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
FirewallRules: [{41E959D7-A58E-4102-AF6F-53779B745C6A}] => (Allow) C:\Program Files\Fortinet\FortiClient\FortiWad.exe No File
FirewallRules: [{378C6D38-6296-4073-B843-6A19DEE88187}] => (Allow) C:\Program Files\Fortinet\FortiClient\fortiesnac.exe (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
FirewallRules: [{BEE36F21-3A05-423D-9AA8-28DB2C8D09D5}] => (Allow) C:\Program Files\Fortinet\FortiClient\fortifws.exe (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
FirewallRules: [{C79399F8-4CC1-43BC-B8BE-0B90FA13CC21}] => (Allow) E:\Hry\Steam\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe No File
FirewallRules: [{A857AE94-4E41-4E11-961A-35CEA4BD6C22}] => (Allow) E:\Hry\Steam\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe No File
FirewallRules: [{C76976C9-FD17-4047-A92E-AFD028CE898A}] => (Allow) E:\Hry\Steam\steamapps\common\SS2\SS2.exe No File
FirewallRules: [{089759CA-B005-474B-965A-8F2E8B6B3636}] => (Allow) E:\Hry\Steam\steamapps\common\SS2\SS2.exe No File
FirewallRules: [{322601C2-66FD-4861-BEE9-E31F216D33BC}] => (Allow) LPort=54950
FirewallRules: [{A0DAE8D8-FD39-41EA-BF42-1321E5632263}] => (Allow) LPort=54955
FirewallRules: [{6D8D941D-BB5E-4A19-847B-A463F45435B4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
Name: Fortinet SSL VPN Virtual Ethernet Adapter
Description: Fortinet SSL VPN Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Fortinet Inc.
Service: ftsvnic
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (01/27/2020 12:40:26 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (864,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/27/2020 11:26:12 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5764,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/27/2020 11:15:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Název chybujícího modulu: OriginWebHelperService.exe, verze: 10.5.57.35162, časové razítko: 0x5df243e3
Kód výjimky: 0xc0000005
Posun chyby: 0x00099d50
ID chybujícího procesu: 0xf10
Čas spuštění chybující aplikace: 0x01d5d4fab9ffe320
Cesta k chybující aplikaci: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
ID zprávy: a315e396-b482-4f47-99e2-735931ed0a2f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/27/2020 11:15:41 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...
Error: (01/27/2020 11:15:41 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.
Error: (01/27/2020 11:15:41 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (01/27/2020 11:15:41 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (01/27/2020 11:15:41 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[1]: 192.168.1.106
System errors:
=============
Error: (01/27/2020 11:15:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Web Helper Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/27/2020 11:15:41 AM) (Source: RemoteAccess) (EventID: 20063) (User: )
Description: Remote Access Connection Manager failed to start because the Protocol engine [IKEv2] failed to initialize. Požadavek není podporován.
Error: (01/27/2020 11:15:41 AM) (Source: RemoteAccess) (EventID: 20063) (User: )
Description: Remote Access Connection Manager failed to start because the Protocol engine [rasgreeng.dll] failed to initialize. Uvedený modul nebyl nalezen.
Error: (01/27/2020 11:15:41 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba WMPNetworkSvc byla ukončena s následující chybou:
Byl proveden pokus o odkaz na neexistující token.
Error: (01/27/2020 11:15:41 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1068 při pokusu o spuštění služby upnphost s argumenty Není k dispozici za účelem spuštění serveru:
{204810B9-73B2-11D4-BF42-00B0D0118B56}
Error: (01/27/2020 11:15:41 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba upnphost závisí na službě SSDPSRV, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
Error: (01/27/2020 11:15:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SecDrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (01/27/2020 11:15:40 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\WINDOWS\SysWow64\drivers\SECDRV.SYS
Windows Defender:
===================================
CodeIntegrity:
===================================
Date: 2020-01-27 16:20:44.744
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-27 16:20:44.743
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-27 16:18:14.108
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-27 16:18:14.107
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-27 16:15:45.066
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-27 16:15:45.065
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-27 16:15:41.706
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-27 16:15:41.705
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 0904 09/14/2018
Motherboard: ASUSTeK COMPUTER INC. TUF B360-PLUS GAMING
Processor: Intel(R) Core(TM) i5-8400 CPU @ 2.80GHz
Percentage of memory in use: 55%
Total physical RAM: 16302.67 MB
Available physical RAM: 7309.39 MB
Total Virtual: 23982.67 MB
Available Virtual: 10883.37 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:195.23 GB) (Free:86.64 GB) NTFS
Drive d: (Data HDD) (Fixed) (Total:732.42 GB) (Free:374.02 GB) NTFS
Drive e: (Data SSD) (Fixed) (Total:643.03 GB) (Free:177.96 GB) NTFS
Drive f: (Programy) (Fixed) (Total:199.09 GB) (Free:37.78 GB) NTFS
Drive g: (Old SSD) (Fixed) (Total:111.19 GB) (Free:34.36 GB) NTFS
\\?\Volume{fff756d2-1de5-4165-9669-528f822265be}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.1 GB) NTFS
\\?\Volume{91f2d278-d25d-49f6-8542-5823122e3ff3}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32
\\?\Volume{2579efb3-ac67-4b50-aa9e-9229e7320667}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0008C0E8)
Partition 1: (Not Active) - (Size=732.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=199.1 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 5D2C5193)
Partition: GPT.
==========================================================
Disk: 2 (Size: 111.8 GB) (Disk ID: E5572F99)
Partition: GPT.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu a vyčištění PC
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-1247212818-2744187641-637679726-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1247212818-2744187641-637679726-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1247212818-2744187641-637679726-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxDTCM.dll -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
FirewallRules: [{0EE5B550-E392-4A17-9959-DC28228C66D0}] => (Allow) E:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{1CAEDFB8-569D-4194-A692-8288385A8B92}] => (Allow) E:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{268193FC-7890-43F2-ACBE-09D4920C6397}] => (Allow) E:\Hry\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{18DE7964-791C-4B7A-BCF9-33C06C8882E9}] => (Allow) E:\Hry\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{5B58FA60-4BEE-49A3-9EBB-B94C65E043FE}] => (Allow) G:\Hry\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{E3B807C5-FB00-4A4A-B066-A577EAD94CB0}] => (Allow) G:\Hry\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{DF2BE885-05AA-499C-8807-2BF66C8BEF7E}] => (Allow) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe No File
FirewallRules: [{ECA6A176-7111-4C17-9487-D7348D754C7A}] => (Allow) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe No File
FirewallRules: [{EFB40D5B-FADD-4194-9CBA-AED3251E1889}] => (Allow) G:\Hry\Mr DJ\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe No File
FirewallRules: [{3C568573-D8A7-4D95-AF2C-63ADD7114EBC}] => (Allow) G:\Hry\Mr DJ\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe No File
FirewallRules: [{AC7D6AF6-F7A9-4712-8D7F-8876815C9F06}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe No File
FirewallRules: [{4C70FFE1-CA61-47BC-8A16-EDEC6EB046C1}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe No File
FirewallRules: [{29C58D36-5793-4051-A303-B35430C5E46A}] => (Allow) C:\Program Files\Fortinet\FortiClient\FortiProxy.exe No File
FirewallRules: [{41E959D7-A58E-4102-AF6F-53779B745C6A}] => (Allow) C:\Program Files\Fortinet\FortiClient\FortiWad.exe No File
FirewallRules: [{C79399F8-4CC1-43BC-B8BE-0B90FA13CC21}] => (Allow) E:\Hry\Steam\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe No File
FirewallRules: [{A857AE94-4E41-4E11-961A-35CEA4BD6C22}] => (Allow) E:\Hry\Steam\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe No File
FirewallRules: [{C76976C9-FD17-4047-A92E-AFD028CE898A}] => (Allow) E:\Hry\Steam\steamapps\common\SS2\SS2.exe No File
FirewallRules: [{089759CA-B005-474B-965A-8F2E8B6B3636}] => (Allow) E:\Hry\Steam\steamapps\common\SS2\SS2.exe No File
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Task: {7AC494FA-FC22-4C02-ACDC-DB1B0A1B2E5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-15] (Google Inc -> Google LLC)
Task: {CC2970DC-3C37-4B9D-83B7-3DEE08C70DA7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-15] (Google Inc -> Google LLC)
C:\WINDOWS\LastGood.Tmp
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o preventivní kontrolu a vyčištění PC
Fix result of Farbar Recovery Scan Tool (x64) Version: 26-01-2020
Ran by Petr (27-01-2020 17:08:48) Run:2
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-1247212818-2744187641-637679726-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1247212818-2744187641-637679726-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1247212818-2744187641-637679726-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxDTCM.dll -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
FirewallRules: [{0EE5B550-E392-4A17-9959-DC28228C66D0}] => (Allow) E:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{1CAEDFB8-569D-4194-A692-8288385A8B92}] => (Allow) E:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{268193FC-7890-43F2-ACBE-09D4920C6397}] => (Allow) E:\Hry\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{18DE7964-791C-4B7A-BCF9-33C06C8882E9}] => (Allow) E:\Hry\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{5B58FA60-4BEE-49A3-9EBB-B94C65E043FE}] => (Allow) G:\Hry\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{E3B807C5-FB00-4A4A-B066-A577EAD94CB0}] => (Allow) G:\Hry\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{DF2BE885-05AA-499C-8807-2BF66C8BEF7E}] => (Allow) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe No File
FirewallRules: [{ECA6A176-7111-4C17-9487-D7348D754C7A}] => (Allow) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe No File
FirewallRules: [{EFB40D5B-FADD-4194-9CBA-AED3251E1889}] => (Allow) G:\Hry\Mr DJ\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe No File
FirewallRules: [{3C568573-D8A7-4D95-AF2C-63ADD7114EBC}] => (Allow) G:\Hry\Mr DJ\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe No File
FirewallRules: [{AC7D6AF6-F7A9-4712-8D7F-8876815C9F06}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe No File
FirewallRules: [{4C70FFE1-CA61-47BC-8A16-EDEC6EB046C1}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe No File
FirewallRules: [{29C58D36-5793-4051-A303-B35430C5E46A}] => (Allow) C:\Program Files\Fortinet\FortiClient\FortiProxy.exe No File
FirewallRules: [{41E959D7-A58E-4102-AF6F-53779B745C6A}] => (Allow) C:\Program Files\Fortinet\FortiClient\FortiWad.exe No File
FirewallRules: [{C79399F8-4CC1-43BC-B8BE-0B90FA13CC21}] => (Allow) E:\Hry\Steam\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe No File
FirewallRules: [{A857AE94-4E41-4E11-961A-35CEA4BD6C22}] => (Allow) E:\Hry\Steam\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe No File
FirewallRules: [{C76976C9-FD17-4047-A92E-AFD028CE898A}] => (Allow) E:\Hry\Steam\steamapps\common\SS2\SS2.exe No File
FirewallRules: [{089759CA-B005-474B-965A-8F2E8B6B3636}] => (Allow) E:\Hry\Steam\steamapps\common\SS2\SS2.exe No File
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Task: {7AC494FA-FC22-4C02-ACDC-DB1B0A1B2E5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-15] (Google Inc -> Google LLC)
Task: {CC2970DC-3C37-4B9D-83B7-3DEE08C70DA7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-15] (Google Inc -> Google LLC)
C:\WINDOWS\LastGood.Tmp
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-1247212818-2744187641-637679726-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => removed successfully
HKU\S-1-5-21-1247212818-2744187641-637679726-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C} => removed successfully
HKU\S-1-5-21-1247212818-2744187641-637679726-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxDTCM => removed successfully
HKLM\Software\Classes\CLSID\{9B5F5829-A529-4B12-814A-E81BCB8D93FC} => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0EE5B550-E392-4A17-9959-DC28228C66D0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1CAEDFB8-569D-4194-A692-8288385A8B92}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{268193FC-7890-43F2-ACBE-09D4920C6397}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{18DE7964-791C-4B7A-BCF9-33C06C8882E9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5B58FA60-4BEE-49A3-9EBB-B94C65E043FE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E3B807C5-FB00-4A4A-B066-A577EAD94CB0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DF2BE885-05AA-499C-8807-2BF66C8BEF7E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ECA6A176-7111-4C17-9487-D7348D754C7A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EFB40D5B-FADD-4194-9CBA-AED3251E1889}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3C568573-D8A7-4D95-AF2C-63ADD7114EBC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AC7D6AF6-F7A9-4712-8D7F-8876815C9F06}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4C70FFE1-CA61-47BC-8A16-EDEC6EB046C1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{29C58D36-5793-4051-A303-B35430C5E46A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{41E959D7-A58E-4102-AF6F-53779B745C6A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C79399F8-4CC1-43BC-B8BE-0B90FA13CC21}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A857AE94-4E41-4E11-961A-35CEA4BD6C22}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C76976C9-FD17-4047-A92E-AFD028CE898A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{089759CA-B005-474B-965A-8F2E8B6B3636}" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7AC494FA-FC22-4C02-ACDC-DB1B0A1B2E5D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AC494FA-FC22-4C02-ACDC-DB1B0A1B2E5D}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CC2970DC-3C37-4B9D-83B7-3DEE08C70DA7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC2970DC-3C37-4B9D-83B7-3DEE08C70DA7}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
C:\WINDOWS\LastGood.Tmp => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 258552483 B
Java, Flash, Steam htmlcache => 128277021 B
Windows/system/drivers => 11453619 B
Edge => 2107984 B
Chrome => 1013509569 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 2201526 B
NetworkService => 2905536 B
Petr => 12757761 B
RecycleBin => 0 B
EmptyTemp: => 1.3 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 17:10:38 ====
Ran by Petr (27-01-2020 17:08:48) Run:2
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-1247212818-2744187641-637679726-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1247212818-2744187641-637679726-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1247212818-2744187641-637679726-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxDTCM.dll -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
FirewallRules: [{0EE5B550-E392-4A17-9959-DC28228C66D0}] => (Allow) E:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{1CAEDFB8-569D-4194-A692-8288385A8B92}] => (Allow) E:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{268193FC-7890-43F2-ACBE-09D4920C6397}] => (Allow) E:\Hry\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{18DE7964-791C-4B7A-BCF9-33C06C8882E9}] => (Allow) E:\Hry\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{5B58FA60-4BEE-49A3-9EBB-B94C65E043FE}] => (Allow) G:\Hry\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{E3B807C5-FB00-4A4A-B066-A577EAD94CB0}] => (Allow) G:\Hry\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{DF2BE885-05AA-499C-8807-2BF66C8BEF7E}] => (Allow) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe No File
FirewallRules: [{ECA6A176-7111-4C17-9487-D7348D754C7A}] => (Allow) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe No File
FirewallRules: [{EFB40D5B-FADD-4194-9CBA-AED3251E1889}] => (Allow) G:\Hry\Mr DJ\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe No File
FirewallRules: [{3C568573-D8A7-4D95-AF2C-63ADD7114EBC}] => (Allow) G:\Hry\Mr DJ\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe No File
FirewallRules: [{AC7D6AF6-F7A9-4712-8D7F-8876815C9F06}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe No File
FirewallRules: [{4C70FFE1-CA61-47BC-8A16-EDEC6EB046C1}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe No File
FirewallRules: [{29C58D36-5793-4051-A303-B35430C5E46A}] => (Allow) C:\Program Files\Fortinet\FortiClient\FortiProxy.exe No File
FirewallRules: [{41E959D7-A58E-4102-AF6F-53779B745C6A}] => (Allow) C:\Program Files\Fortinet\FortiClient\FortiWad.exe No File
FirewallRules: [{C79399F8-4CC1-43BC-B8BE-0B90FA13CC21}] => (Allow) E:\Hry\Steam\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe No File
FirewallRules: [{A857AE94-4E41-4E11-961A-35CEA4BD6C22}] => (Allow) E:\Hry\Steam\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe No File
FirewallRules: [{C76976C9-FD17-4047-A92E-AFD028CE898A}] => (Allow) E:\Hry\Steam\steamapps\common\SS2\SS2.exe No File
FirewallRules: [{089759CA-B005-474B-965A-8F2E8B6B3636}] => (Allow) E:\Hry\Steam\steamapps\common\SS2\SS2.exe No File
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Task: {7AC494FA-FC22-4C02-ACDC-DB1B0A1B2E5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-15] (Google Inc -> Google LLC)
Task: {CC2970DC-3C37-4B9D-83B7-3DEE08C70DA7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-15] (Google Inc -> Google LLC)
C:\WINDOWS\LastGood.Tmp
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-1247212818-2744187641-637679726-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => removed successfully
HKU\S-1-5-21-1247212818-2744187641-637679726-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C} => removed successfully
HKU\S-1-5-21-1247212818-2744187641-637679726-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxDTCM => removed successfully
HKLM\Software\Classes\CLSID\{9B5F5829-A529-4B12-814A-E81BCB8D93FC} => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0EE5B550-E392-4A17-9959-DC28228C66D0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1CAEDFB8-569D-4194-A692-8288385A8B92}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{268193FC-7890-43F2-ACBE-09D4920C6397}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{18DE7964-791C-4B7A-BCF9-33C06C8882E9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5B58FA60-4BEE-49A3-9EBB-B94C65E043FE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E3B807C5-FB00-4A4A-B066-A577EAD94CB0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DF2BE885-05AA-499C-8807-2BF66C8BEF7E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ECA6A176-7111-4C17-9487-D7348D754C7A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EFB40D5B-FADD-4194-9CBA-AED3251E1889}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3C568573-D8A7-4D95-AF2C-63ADD7114EBC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AC7D6AF6-F7A9-4712-8D7F-8876815C9F06}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4C70FFE1-CA61-47BC-8A16-EDEC6EB046C1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{29C58D36-5793-4051-A303-B35430C5E46A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{41E959D7-A58E-4102-AF6F-53779B745C6A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C79399F8-4CC1-43BC-B8BE-0B90FA13CC21}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A857AE94-4E41-4E11-961A-35CEA4BD6C22}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C76976C9-FD17-4047-A92E-AFD028CE898A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{089759CA-B005-474B-965A-8F2E8B6B3636}" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7AC494FA-FC22-4C02-ACDC-DB1B0A1B2E5D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AC494FA-FC22-4C02-ACDC-DB1B0A1B2E5D}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CC2970DC-3C37-4B9D-83B7-3DEE08C70DA7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC2970DC-3C37-4B9D-83B7-3DEE08C70DA7}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
C:\WINDOWS\LastGood.Tmp => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 258552483 B
Java, Flash, Steam htmlcache => 128277021 B
Windows/system/drivers => 11453619 B
Edge => 2107984 B
Chrome => 1013509569 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 2201526 B
NetworkService => 2905536 B
Petr => 12757761 B
RecycleBin => 0 B
EmptyTemp: => 1.3 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 17:10:38 ====
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu a vyčištění PC
Smazáno, log je již OK. Co se týče čističů, tento neznám, požívám CCleaner: https://www.stahuj.cz/utility_a_ostatni ... /ccleaner/ a i zde jej doporučuji. čistič má možnost registry před čištěním zálohovat a případně obnovit, pokud by byl registry poškozen. Dlužno dodat, zatím jsem nikdy zálohu nebyl nucen použít.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o preventivní kontrolu a vyčištění PC
Je CCleaner bezpečný? Z toho článku, na který jsem odkazoval to vypadalo, že moc ne.
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu a vyčištění PC
Svého času byla jedna verze, která představovala bezpečnostní riziko (byla napadnutelná). To bylo asi před 2 roky. Další aktualizace tohoto programu byly záplatovány a již bezpečnostní riziko nepředstavují. Pokud nechcete, aby vám smazal něco, co byste mohl potřebovat, ponecte ho v defaultním nastavení, v němž maže dočasné soubory, koš, cache prohlížečů a v registry pouze tzv prázdné klíče a hodnoty. Nikdy jsem s ním neměl problém a to ho používám několik let.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o preventivní kontrolu a vyčištění PC
Dobrá, moc děkuji za pomoc. 
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu a vyčištění PC
Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?