Prosím o kontrolu PC, děkuji.

[lemonak]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-12-2021
Ran by Draeg (administrator) on DESKTOP-HONZA (Gigabyte Technology Co., Ltd. A320M-S2H) (13-12-2021 17:49:30)
Running from E:\Stažené soubory
Loaded Profiles: Draeg
Platform: Microsoft Windows 11 Pro Version 21H2 22000.318 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\DSDCS\InputMapper 1.7\HidGuardian\InputMapperCerberusWhitelister.exe
() <==== ATTENTION [zero byte File/Folder] C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0373733.inf_amd64_a70fcd9f085a1b58\B373745\atieclxx.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0373733.inf_amd64_a70fcd9f085a1b58\B373745\atiesrxx.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(Electronic Arts, Inc. -> Electronic Arts) E:\origin\OriginWebHelperService.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <29>
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Draeg\AppData\Local\Microsoft\Teams\current\Teams.exe <10>
(Microsoft Corporation -> Microsoft Corporation) E:\Microsoft VS Code\Code.exe <14>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.2001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.2001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(NortonLifeLock Inc. -> Broadcom) C:\Program Files\Norton Security\Engine\22.21.10.40\NortonSecurity.exe <2>
(NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.21.10.40\nsWscSvc.exe
(OOO "XMAC" -> ) E:\HoneyGain\Honeygain.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.185.0.12\OverwolfHelper.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.185.0.12\OverwolfHelper64.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.185.0.12\OverwolfBrowser.exe <3>
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Pango Inc. -> Pango Inc.) C:\Program Files (x86)\Hotspot Shield\10.22.4\bin\cmw_srv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngineProcess.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corp. -> Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve Corp. -> Valve Corporation) E:\Steam\steam.exe
(ZONER software, a.s. -> ZONER software) C:\Users\Draeg\AppData\Local\Programs\Zoner\ZPS X\binary\Program32\ZPSTray.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [961824 2019-08-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [101284632 2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [GoogleChromeAutoLaunch_32C7B48F92CD06D05B6EE9E3E54CA62B] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [Steam] => E:\Steam\steam.exe [4267432 2021-11-22] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [EpicGamesLauncher] => E:\EpicGames\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33585632 2021-12-08] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Draeg\AppData\Local\Microsoft\Teams\Update.exe [2459344 2021-12-06] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1807192 2021-11-23] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Users\Draeg\AppData\Local\Programs\Zoner\ZPS X\binary\Program32\ZPSTRAY.EXE [814240 2021-11-11] (ZONER software, a.s. -> ZONER software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\96.0.4664.93\Installer\chrmstp.exe [2021-12-09] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HoneygainUpdater.lnk [2021-06-02]
ShortcutTarget: HoneygainUpdater.lnk -> E:\HoneyGain\HoneygainUpdater.exe (OOO "XMAC" -> Honeygain)
Startup: C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2021-04-07]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00B49A01-85E4-4899-A777-4536400A8AF5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22799320 2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {02F2409B-269D-402D-A240-401F8635C85E} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [55288 2021-11-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {05D3EE42-5F32-4E86-90E4-74B5BB964AD2} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-11-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {254BDDD3-167E-4B2B-B3ED-B3D0628E8C8B} - System32\Tasks\AutoStartTask => C:\Users\Draeg\AppData\Local\DriverAssist\app-5.0.0-retail0017\DriverAssist.exe /Autostart (No File)
Task: {2C5FE631-7155-4343-A52A-7EFD0D7738AD} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4189840 2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {3046D3E4-08ED-4E91-9B17-7A4C471FD9EF} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.21.10.40\SymErr.exe [108752 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {3AD39A79-B07F-4A26-BECB-D6E082A5C5E9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8386448 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {417BE8E2-0AAD-4147-BEEE-5037CFC359CC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8386448 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {623E9AB2-11F8-4EAA-8C81-F8ADD93DBBE9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22799320 2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {7275187B-A9D1-479A-A6B9-662392F82C4A} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.21.10.40\SymErr.exe [108752 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {797E78AB-E220-4922-B6C5-9BE90D22E6CC} - System32\Tasks\Zoner.Updater.S-1-5-21-2893592886-4133754699-2489620301-1001 => C:\ProgramData\Zoner\Zoner.Installer.Core\Updater.exe [1602464 2021-07-09] (ZONER software, a.s. -> ZONER software, a.s.)
Task: {7DD5F619-3492-4C0B-8972-7A35BB258BC0} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-11-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {97E66349-4A3A-4C45-BC89-171A9C9B073E} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-11-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {A286E0D0-2D5B-4B73-83AF-D7821D354E94} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139656 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {AE08FBEE-02AD-4C3A-903E-187C7905814A} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2484056 2021-11-23] (Overwolf Ltd -> Overwolf LTD)
Task: {BC362D43-5D52-447B-BB9B-F32E2AE12165} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [329216 2021-11-16] (Advanced Micro Devices, Inc.) [File not signed]
Task: {C0CD7972-E260-45E0-969D-332F5E51AF3D} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2352488 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {D04DE528-688B-4EE5-A399-A7189D0245FF} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.21.10.40\WSCStub.exe [646520 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {DC81F515-3543-4BF3-BB51-7815F5A4F631} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [1145 2020-12-04] () [File not signed]
Task: {E4302D83-8A16-4968-9A2B-6ABE40283EE0} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.21.10.40\SymErr.exe [108752 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {E5756B3F-73F4-499E-B5E0-62937169EF24} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139656 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {F01D8315-4CBA-4C99-AB79-53A14DFCADE5} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [260600 2021-11-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {F5CC1621-B5B8-4462-AB50-CB949F4AB376} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NoUACCheck

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{01e84170-00bb-4287-a61e-bf149ab03eaf}: [DhcpNameServer] 192.168.0.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Draeg\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-11]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2021-09-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2021-09-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default [2021-12-13]
CHR DownloadDir: E:\Stažené soubory
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.omniboxes.com/?type=hp&ts=142409595 ... oogle.com/"
CHR Extension: (Prezentace) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-24]
CHR Extension: (Talend API Tester - Free Edition) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aejoelaoggembcahagimdiliamlcdmfm [2021-11-08]
CHR Extension: (Dokumenty) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-24]
CHR Extension: (Disk Google) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-24]
CHR Extension: (JSON Formatter) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjindcccaagfpapjjmafapmmgkkhgoa [2021-10-26]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2021-10-26]
CHR Extension: (YouTube) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-24]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-11-24]
CHR Extension: (Watch2Gether) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\cimpffimgeipdhnhjohpbehjkcdpjolg [2021-12-12]
CHR Extension: (Tampermonkey) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2021-06-04]
CHR Extension: (Anti Testportal) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpgfbfopkfdfmlfdpmoanamopdnibhkl [2021-02-25]
CHR Extension: (Tabulky) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-24]
CHR Extension: (WebSocket Test Client) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgponpodhbmadfljofbimhhlengambbn [2021-12-13]
CHR Extension: (Norton Safe Web) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2021-10-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-01]
CHR Extension: (Hangouts Google) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2021-08-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-24]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129160 2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
R2 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [10008216 2021-12-09] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2021-10-01] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [926176 2021-03-16] (Epic Games Inc. -> Epic Games, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-08] (HP Inc. -> HP Inc.)
R2 hshld_10.22.4; C:\Program Files (x86)\Hotspot Shield\10.22.4\bin\cmw_srv.exe [242776 2021-10-22] (Pango Inc. -> Pango Inc.)
R2 InputMapper Cerberus Whitelister; C:\Program Files (x86)\DSDCS\InputMapper 1.7\HidGuardian\InputMapperCerberusWhitelister.exe [15360 2020-01-10] () [File not signed]
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.21.10.40\NortonSecurity.exe [343336 2021-10-29] (NortonLifeLock Inc. -> Broadcom)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.21.10.40\nsWscSvc.exe [1059176 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 Origin Client Service; E:\origin\OriginClientService.exe [2533952 2021-01-21] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; E:\origin\OriginWebHelperService.exe [3479624 2021-01-21] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2484056 2021-11-23] (Overwolf Ltd -> Overwolf LTD)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2021-03-22] (Even Balance, Inc. -> )
S3 Rockstar Service; E:\Rockstar Games\Launcher\RockstarService.exe [1934744 2021-07-22] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5549632 2021-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 VBoxSDS; E:\oracle\Virtual Box\VBoxSDS.exe [746504 2020-10-16] (Oracle Corporation -> Oracle Corporation)
S3 wampapache64; E:\wamp64\bin\apache\apache2.4.41\bin\httpd.exe [29696 2019-08-09] (Apache Software Foundation) [File not signed]
S3 wampmariadb64; E:\wamp64\bin\mariadb\mariadb10.4.10\bin\mysqld.exe [15837608 2019-11-07] (MariaDB Corporation Ab -> )
S3 wampmysqld64; E:\wamp64\bin\mysql\mysql8.0.18\bin\mysqld.exe [48781920 2019-09-20] (Oracle America, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 AdobeUpdateService; "C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [25016 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R2 AMDRyzenMasterDriverV19; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [43336 2021-07-07] (Advanced Micro Devices INC. -> Advanced Micro Devices)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_50fee1227e96ec14\amdsafd.sys [100792 2021-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0373733.inf_amd64_a70fcd9f085a1b58\B373745\amdkmdag.sys [80543792 2021-11-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.20.5.40\Definitions\BASHDefs\20211211.011\BHDrvx64.sys [2018784 2021-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\16150A0.028\ccSetx64.sys [192256 2021-10-29] (Symantec Corporation -> Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [509904 2021-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [145376 2021-11-10] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 gdrv2; C:\Windows\gdrv2.sys [32600 2020-12-24] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 HidGuardian; C:\WINDOWS\System32\drivers\HidGuardian.sys [26736 2017-04-17] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
R3 hsstap; C:\WINDOWS\System32\drivers\hsstap.sys [39424 2020-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Pango)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.20.5.40\Definitions\IPSDefs\20211212.061\IDSvia64.sys [1480144 2021-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [37824 2021-01-02] (SoftEther Corporation -> SoftEther Corporation)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [74616 2020-12-11] (Insecure.Com LLC -> Insecure.Com LLC.)
S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\16150A0.028\nsvst.sys [56080 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R1 pango_netfilter2; C:\WINDOWS\System32\drivers\pango_netfilter2.sys [94600 2021-10-22] (Pango Inc. -> Pango Inc)
R1 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\16150A0.028\SRTSP64.SYS [892600 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\16150A0.028\SRTSPX64.SYS [48824 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\16150A0.028\SYMEFASI64.SYS [2030792 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\16150A0.028\SymELAM.sys [31984 2021-10-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [93152 2021-08-06] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.20.5.40\SymPlatform\SymEvnt.sys [712432 2021-07-13] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\16150A0.028\Ironx64.SYS [319152 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\16150A0.028\symnets.sys [575344 2021-10-29] (Symantec Corporation -> Symantec Corporation)
R3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [239432 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249344 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R1 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [165744 2020-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
R3 vjoy; C:\WINDOWS\System32\drivers\vjoy.sys [67448 2019-07-14] (On-site Dental Systems (Justin Shafer) -> Shaul Eizikovich)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2021-09-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [433384 2021-09-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-09-18] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\16150A0.028\wpCtrlDrv.sys [1015760 2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-12-12 23:03 - 2021-12-12 23:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2021-12-11 16:24 - 2021-12-11 16:24 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2893592886-4133754699-2489620301-1001
2021-12-11 11:29 - 2021-12-11 11:29 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsignd4b8ca819dcaf240
2021-12-11 11:29 - 2021-12-11 11:29 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsign627875649c7231f3
2021-12-11 11:29 - 2021-12-11 11:29 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsign295c2d348c5368a2
2021-12-11 11:29 - 2021-12-11 11:29 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsign0b3792c5888057c1
2021-12-11 11:17 - 2021-12-11 11:17 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsign3ce674d826d60ac1
2021-12-11 10:23 - 2021-12-11 10:23 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsignfd7742352c882535
2021-12-11 10:23 - 2021-12-11 10:23 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsigne81f2b08b331cfe8
2021-12-11 10:23 - 2021-12-11 10:23 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsignbde0582a450bf8c2
2021-12-11 10:23 - 2021-12-11 10:23 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsign941ff53abe63c91b
2021-12-11 10:22 - 2021-12-11 13:33 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\Adobe
2021-12-11 10:11 - 2021-12-11 10:15 - 000000000 ____D C:\Program Files (x86)\hMailServer
2021-12-11 10:11 - 2021-12-11 10:11 - 000000000 ____D C:\Users\Draeg\AppData\Local\Halvar Information
2021-12-11 10:11 - 2021-12-11 10:11 - 000000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2021-12-11 10:11 - 2021-12-11 10:11 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2021-12-09 20:28 - 2021-12-09 20:28 - 000000000 ____D C:\Users\Draeg\AppData\LocalLow\Gaggle Studios INC
2021-12-09 20:26 - 2021-12-09 20:26 - 000000203 _____ C:\Users\Draeg\Desktop\Goose Goose Duck.url
2021-12-08 15:35 - 2021-12-08 15:35 - 002633676 _____ C:\WINDOWS\Minidump\120821-10234-01.dmp
2021-12-06 21:50 - 2021-12-06 21:50 - 002742484 _____ C:\WINDOWS\Minidump\120621-12437-01.dmp
2021-12-06 16:32 - 2021-12-06 16:32 - 000002402 _____ C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams (work or school).lnk
2021-12-06 16:32 - 2021-12-06 16:32 - 000002394 _____ C:\Users\Draeg\Desktop\Microsoft Teams (work or school).lnk
2021-12-05 19:34 - 2021-12-11 13:33 - 002845927 _____ C:\Users\Draeg\Documents\slevy-shopnet.psd
2021-12-05 16:34 - 2021-12-05 16:34 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsign74e47fa15f46fa0c
2021-12-05 16:33 - 2021-12-05 16:33 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsigncc47ca0efdb82fc2
2021-12-05 16:19 - 2021-12-05 16:19 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsign9a5dbde9468a8bc6
2021-12-05 16:19 - 2021-12-05 16:19 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsign82d985cc1fe5170c
2021-12-05 16:17 - 2021-12-05 16:17 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsign6b99ef86be5dda1a
2021-12-05 16:17 - 2021-12-05 16:17 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsign5491fb59991580c6
2021-12-05 16:17 - 2021-12-05 16:17 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsign17ea239da3f277a8
2021-12-05 12:26 - 2021-12-05 12:26 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsign923601f313bcad10
2021-12-05 12:26 - 2021-12-05 12:26 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsign6aa5247a606e42a5
2021-12-05 12:25 - 2021-12-05 12:25 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsignc7df4a3a21589619
2021-12-05 12:25 - 2021-12-05 12:25 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsign38c73b76a015a037
2021-12-05 12:17 - 2021-12-05 12:17 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsigncbbeb008e14a2487
2021-12-05 12:17 - 2021-12-05 12:17 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsign97b1323da4c76491
2021-12-05 12:17 - 2021-12-05 12:17 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsign8d1b98620be0e980
2021-12-05 12:17 - 2021-12-05 12:17 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsign635bca1356738448
2021-12-05 11:24 - 2021-12-05 11:24 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsignf405fd0afc530e9b
2021-12-05 11:24 - 2021-12-05 11:24 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsignb427f4eef496a33e
2021-12-05 11:24 - 2021-12-05 11:24 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsignb0cc24169b93b8ba
2021-12-05 11:24 - 2021-12-05 11:24 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsigna987540ad10b2b1b
2021-12-05 11:24 - 2021-12-05 11:24 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsign9479d10496d78c7d
2021-12-05 11:24 - 2021-12-05 11:24 - 000000000 ____D C:\Users\Draeg\AppData\Local\Tempzxpsign78729adefb48ba7d
2021-11-29 21:54 - 2021-11-30 15:16 - 000000616 _____ C:\Users\Draeg\Desktop\QuadcoreM2.lnk
2021-11-29 21:54 - 2021-11-29 21:54 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuadcoreM2
2021-11-27 12:18 - 2021-11-27 12:18 - 002812436 _____ C:\WINDOWS\Minidump\112721-11031-01.dmp
2021-11-26 17:10 - 2021-11-26 17:10 - 000074730 _____ C:\Users\Draeg\Documents\LO-2021-Diplom.pdf
2021-11-26 16:03 - 2021-11-26 16:03 - 000000000 ____D C:\Users\Draeg\AppData\Local\AMDIdentifyWindow
2021-11-26 16:01 - 2021-12-13 16:58 - 000003114 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2021-11-26 16:01 - 2021-12-13 16:58 - 000003078 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2021-11-26 16:01 - 2021-11-26 16:01 - 000003488 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2021-11-26 16:01 - 2021-11-26 16:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2021-11-26 16:00 - 2021-11-26 16:00 - 000003160 _____ C:\WINDOWS\system32\Tasks\StartCN
2021-11-26 16:00 - 2021-11-26 16:00 - 000003080 _____ C:\WINDOWS\system32\Tasks\StartDVR
2021-11-26 16:00 - 2021-11-26 16:00 - 000002622 _____ C:\WINDOWS\system32\Tasks\AMDRyzenMasterSDKTask
2021-11-26 16:00 - 2021-11-26 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2021-11-26 16:00 - 2021-11-26 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Link For Windows
2021-11-26 16:00 - 2021-11-17 02:48 - 000109504 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2021-11-26 15:59 - 2021-11-26 16:02 - 000000000 ____D C:\ProgramData\AMD
2021-11-26 15:59 - 2021-11-17 00:39 - 002413080 _____ (AMD Inc.) C:\WINDOWS\SysWOW64\AMDBugReportTool.exe
2021-11-26 15:57 - 2021-11-26 15:57 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\ATI
2021-11-26 15:57 - 2021-11-17 02:49 - 001875520 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-11-26 15:57 - 2021-11-17 02:49 - 001875520 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-11-26 15:57 - 2021-11-17 02:49 - 001450560 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-11-26 15:57 - 2021-11-17 02:49 - 001450560 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-11-26 15:57 - 2021-11-17 02:49 - 001115432 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-11-26 15:57 - 2021-11-17 02:49 - 001115432 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-11-26 15:57 - 2021-11-17 02:49 - 000968600 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-11-26 15:57 - 2021-11-17 02:49 - 000968600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-11-26 15:57 - 2021-11-17 02:49 - 000839720 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2021-11-26 15:57 - 2021-11-17 02:49 - 000788520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2021-11-26 15:57 - 2021-11-17 02:49 - 000665664 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2021-11-26 15:57 - 2021-11-17 02:49 - 000548928 _____ C:\WINDOWS\system32\GameManager64.dll
2021-11-26 15:57 - 2021-11-17 02:49 - 000516136 _____ C:\WINDOWS\system32\atieah64.exe
2021-11-26 15:57 - 2021-11-17 02:49 - 000492072 _____ C:\WINDOWS\system32\dgtrayicon.exe
2021-11-26 15:57 - 2021-11-17 02:49 - 000482864 _____ C:\WINDOWS\system32\EEURestart.exe
2021-11-26 15:57 - 2021-11-17 02:49 - 000410176 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2021-11-26 15:57 - 2021-11-17 02:49 - 000384552 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2021-11-26 15:57 - 2021-11-17 02:49 - 000335400 _____ C:\WINDOWS\system32\clinfo.exe
2021-11-26 15:57 - 2021-11-17 02:49 - 000251944 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2021-11-26 15:57 - 2021-11-17 02:49 - 000210984 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2021-11-26 15:57 - 2021-11-17 02:49 - 000193088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2021-11-26 15:57 - 2021-11-17 02:49 - 000172608 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2021-11-26 15:57 - 2021-11-17 02:49 - 000170024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2021-11-26 15:57 - 2021-11-17 02:49 - 000158240 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2021-11-26 15:57 - 2021-11-17 02:49 - 000149568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2021-11-26 15:57 - 2021-11-17 02:49 - 000134208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2021-11-26 15:57 - 2021-11-17 02:49 - 000132648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2021-11-26 15:57 - 2021-11-17 02:49 - 000082496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mcl64.dll
2021-11-26 15:57 - 2021-11-17 02:49 - 000067136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mcl32.dll
2021-11-26 15:57 - 2021-11-17 02:49 - 000038464 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2021-11-26 15:57 - 2021-11-17 02:49 - 000035368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2021-11-26 15:57 - 2021-11-17 02:49 - 000019912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2021-11-26 15:57 - 2021-11-17 02:49 - 000019912 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2021-11-26 15:57 - 2021-11-17 02:48 - 084027936 _____ C:\WINDOWS\system32\amd_comgr.dll
2021-11-26 15:57 - 2021-11-17 02:48 - 069085736 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2021-11-26 15:57 - 2021-11-17 02:48 - 001839648 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2021-11-26 15:57 - 2021-11-17 02:48 - 001528360 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiacm64.dll
2021-11-26 15:57 - 2021-11-17 02:48 - 001386560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2021-11-26 15:57 - 2021-11-17 02:48 - 001386560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2021-11-26 15:57 - 2021-11-17 02:48 - 000933424 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2021-11-26 15:57 - 2021-11-17 02:48 - 000760880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2021-11-26 15:57 - 2021-11-17 02:48 - 000460352 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2021-11-26 15:57 - 2021-11-17 02:48 - 000458288 _____ C:\WINDOWS\system32\amdlogum.exe
2021-11-26 15:57 - 2021-11-17 02:48 - 000202680 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2021-11-26 15:57 - 2021-11-17 02:48 - 000193432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2021-11-26 15:57 - 2021-11-17 02:48 - 000170232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2021-11-26 15:57 - 2021-11-17 02:48 - 000157344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2021-11-26 15:57 - 2021-11-17 02:48 - 000141888 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-11-26 15:57 - 2021-11-17 02:48 - 000130600 _____ C:\WINDOWS\system32\atidxx64.dll
2021-11-26 15:57 - 2021-11-17 02:48 - 000129064 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2021-11-26 15:57 - 2021-11-17 02:48 - 000124960 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2021-11-26 15:57 - 2021-11-17 02:48 - 000122920 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-11-26 15:57 - 2021-11-17 02:48 - 000105000 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2021-11-26 15:57 - 2021-11-17 02:48 - 000104488 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2021-11-26 15:57 - 2021-11-17 02:48 - 000101416 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2021-11-26 15:57 - 2021-11-17 02:48 - 000061992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2021-11-26 15:57 - 2021-11-17 02:47 - 069800496 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2021-11-26 15:57 - 2021-11-17 02:47 - 001689376 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2021-11-26 15:57 - 2021-11-17 02:47 - 001368224 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2021-11-26 15:57 - 2021-11-17 02:47 - 000548928 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2021-11-26 15:57 - 2021-11-17 02:47 - 000535544 _____ C:\WINDOWS\system32\amdmiracast.dll
2021-11-26 15:57 - 2021-11-17 02:47 - 000412192 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2021-11-26 15:57 - 2021-11-17 02:47 - 000150072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2021-11-26 15:57 - 2021-11-17 02:47 - 000139728 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2021-11-26 15:57 - 2021-11-17 02:47 - 000139728 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2021-11-26 15:57 - 2021-11-17 02:47 - 000125592 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2021-11-26 15:57 - 2021-11-17 02:47 - 000111064 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2021-11-26 15:57 - 2021-11-17 02:47 - 000111056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2021-11-26 15:57 - 2021-11-17 00:20 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2021-11-26 15:57 - 2021-11-17 00:20 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2021-11-26 15:57 - 2021-11-17 00:18 - 000204952 _____ C:\WINDOWS\SysWOW64\ativvsvl.dat
2021-11-26 15:57 - 2021-11-17 00:18 - 000204952 _____ C:\WINDOWS\system32\ativvsvl.dat
2021-11-26 15:57 - 2021-11-17 00:18 - 000157144 _____ C:\WINDOWS\SysWOW64\ativvsva.dat
2021-11-26 15:57 - 2021-11-17 00:18 - 000157144 _____ C:\WINDOWS\system32\ativvsva.dat
2021-11-26 15:57 - 2021-11-17 00:12 - 058799224 _____ C:\WINDOWS\system32\amdxc64.so
2021-11-26 15:57 - 2021-11-17 00:09 - 000563184 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2021-11-26 15:57 - 2021-11-17 00:09 - 000563184 _____ C:\WINDOWS\system32\atiapfxx.blb
2021-11-26 15:57 - 2021-10-29 13:04 - 000586680 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdfendrsr.exe
2021-11-26 15:57 - 2021-10-29 13:04 - 000147872 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdfendr.sys
2021-11-26 15:57 - 2021-10-29 13:04 - 000025016 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdfendrmgr.sys
2021-11-26 15:57 - 2021-08-17 17:34 - 000065168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdxe.sys
2021-11-26 15:57 - 2021-08-03 06:55 - 000246200 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdWT6.sys
2021-11-26 15:57 - 2020-12-08 21:15 - 000128048 _____ C:\WINDOWS\system32\kapp_ci.sbin
2021-11-26 15:57 - 2020-12-02 07:56 - 000012344 _____ C:\WINDOWS\system32\brandingRSX.bmp
2021-11-26 15:57 - 2020-10-22 05:36 - 000012344 _____ C:\WINDOWS\system32\brandingWS_RSX.bmp
2021-11-26 15:57 - 2020-08-05 08:50 - 000011014 _____ C:\WINDOWS\system32\atiacmLocalisation.ini
2021-11-26 15:57 - 2020-07-17 19:29 - 000076237 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2021-11-26 15:57 - 2020-05-22 16:23 - 000000822 _____ C:\WINDOWS\system32\branding.bmp
2021-11-26 15:57 - 2019-01-11 23:27 - 000121168 _____ C:\WINDOWS\system32\kapp_si.sbin
2021-11-26 15:57 - 2016-09-02 16:24 - 000154384 _____ C:\WINDOWS\system32\samu_krnl_ci.sbin
2021-11-26 15:57 - 2013-12-12 14:53 - 000138832 _____ C:\WINDOWS\system32\samu_krnl_isv_ci.sbin
2021-11-24 20:32 - 2021-11-24 20:32 - 000000000 ____D C:\Program Files\ViGEm HidGuardian
2021-11-24 20:16 - 2021-11-24 20:16 - 000002122 _____ C:\Users\Public\Desktop\InputMapper.lnk
2021-11-24 20:16 - 2021-11-24 20:16 - 000000000 ____D C:\Users\Draeg\AppData\Local\Geckofx
2021-11-24 20:16 - 2021-11-24 20:16 - 000000000 ____D C:\ProgramData\Caphyon
2021-11-24 20:16 - 2021-11-24 20:16 - 000000000 ____D C:\Program Files (x86)\DSDCS
2021-11-24 20:15 - 2021-11-24 20:23 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\InputMapper
2021-11-24 20:15 - 2021-11-24 20:15 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\DSDCS
2021-11-24 20:15 - 2021-11-24 20:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InputMapper 1.7
2021-11-23 22:31 - 2021-11-23 22:31 - 000119296 _____ C:\WINDOWS\SysWOW64\zlib.dll
2021-11-23 22:31 - 2021-11-23 22:31 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\PowerUp Software
2021-11-23 22:31 - 2021-11-23 22:31 - 000000000 ____D C:\ProgramData\PowerUp Software
2021-11-23 22:31 - 2016-01-03 11:32 - 001227264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dx8vb.dll
2021-11-23 22:31 - 2016-01-03 11:32 - 000057344 _____ () C:\WINDOWS\SysWOW64\ADsSecurity.dll
2021-11-23 22:31 - 2016-01-03 11:32 - 000045056 _____ (vbAccelerator) C:\WINDOWS\SysWOW64\SSubTmr6.dll
2021-11-23 22:31 - 2016-01-03 11:32 - 000045056 _____ (Microsoft) C:\WINDOWS\SysWOW64\NTSVC.ocx
2021-11-23 22:31 - 2001-04-05 05:43 - 000094208 ___RS (Microsoft Corporation) C:\WINDOWS\SysWOW64\msstkprp.dll
2021-11-23 22:31 - 1998-06-17 23:00 - 000089360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB5DB.DLL
2021-11-23 22:22 - 2021-11-23 22:22 - 000000000 ____D C:\Program Files\Nefarius Software Solutions
2021-11-23 22:22 - 2021-11-23 22:22 - 000000000 ____D C:\Program Files\dotnet
2021-11-19 12:57 - 2021-11-19 12:57 - 000000000 ___HD C:\$WinREAgent
2021-11-17 09:33 - 2021-12-09 15:46 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7d68632ff0254
2021-11-15 20:36 - 2021-11-15 20:36 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\Valve Corporation
2021-11-14 22:16 - 2021-12-08 15:36 - 000000000 ____D C:\WINDOWS\Minidump
2021-11-14 22:16 - 2021-11-14 22:16 - 001997932 _____ C:\WINDOWS\Minidump\111421-10468-01.dmp
2021-11-13 09:37 - 2021-12-12 11:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton Security
2021-11-13 09:37 - 2021-11-13 09:37 - 000003378 _____ C:\WINDOWS\system32\Tasks\Norton WSC Integration
2021-11-13 09:37 - 2021-11-13 09:37 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-12-13 17:49 - 2021-10-26 09:02 - 000000000 ____D C:\FRST
2021-12-13 17:49 - 2021-06-05 13:09 - 000000000 ____D C:\WINDOWS\INF
2021-12-13 17:44 - 2020-12-24 22:52 - 000000000 ____D C:\Program Files (x86)\Google
2021-12-13 17:35 - 2021-06-05 13:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-13 17:03 - 2021-09-28 18:41 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\Code
2021-12-13 17:02 - 2021-09-28 18:41 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2021-12-13 15:39 - 2020-12-24 22:50 - 000000000 ____D C:\Users\Draeg\AppData\Local\D3DSCache
2021-12-13 15:35 - 2021-06-05 13:10 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-13 15:35 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-12-13 15:22 - 2021-01-29 20:08 - 000002321 _____ C:\Users\Draeg\Desktop\Porofessor.gg.lnk
2021-12-13 15:22 - 2021-01-29 20:05 - 000000000 ____D C:\Users\Draeg\AppData\Local\Overwolf
2021-12-13 15:22 - 2020-12-24 23:55 - 000000000 ___RD C:\Users\Draeg\OneDrive - Vyssi odborna skola a Stredni skola technicka Ceska Trebova
2021-12-13 15:22 - 2020-12-24 22:33 - 000000000 ___RD C:\Users\Draeg\OneDrive
2021-12-12 23:03 - 2020-12-25 00:30 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\discord
2021-12-12 23:01 - 2020-12-25 00:30 - 000000000 ____D C:\Users\Draeg\AppData\Local\Discord
2021-12-12 17:00 - 2020-12-25 00:20 - 000000000 ____D C:\ProgramData\Riot Games
2021-12-11 13:33 - 2021-01-28 18:48 - 000000000 ____D C:\Users\Draeg\AppData\LocalLow\Adobe
2021-12-11 13:06 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-11 11:29 - 2021-01-28 18:48 - 000000033 _____ C:\Users\Draeg\AppData\Roaming\AdobeWLCMCache.dat
2021-12-11 08:11 - 2021-11-10 23:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-12-11 08:11 - 2020-09-27 08:58 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-11 08:11 - 2020-09-27 08:58 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-12-10 21:01 - 2020-12-24 23:53 - 000000000 ____D C:\Users\Draeg\AppData\Local\AMD_Common
2021-12-10 14:06 - 2020-12-25 00:21 - 000000000 ____D C:\Program Files\Microsoft Office
2021-12-09 20:26 - 2021-06-16 07:00 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-12-09 16:26 - 2020-12-24 23:06 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-12-09 16:26 - 2020-12-24 23:06 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-12-09 15:46 - 2021-11-10 23:56 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-08 23:12 - 2021-11-10 23:27 - 000000000 ____D C:\Users\Draeg
2021-12-08 18:09 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\Registration
2021-12-08 15:42 - 2021-11-11 00:04 - 001714894 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-12-08 15:42 - 2021-06-05 18:22 - 000724600 _____ C:\WINDOWS\system32\perfh005.dat
2021-12-08 15:42 - 2021-06-05 18:22 - 000150562 _____ C:\WINDOWS\system32\perfc005.dat
2021-12-08 15:36 - 2020-12-24 22:32 - 000000000 ____D C:\Users\Draeg\AppData\Local\Packages
2021-12-08 15:36 - 2020-09-27 08:59 - 000000000 ____D C:\ProgramData\Packages
2021-12-08 15:35 - 2021-11-10 23:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-12-08 15:35 - 2021-10-21 18:52 - 1447440555 _____ C:\WINDOWS\MEMORY.DMP
2021-12-08 15:35 - 2020-09-27 06:55 - 000012288 ___SH C:\DumpStack.log.tmp
2021-12-07 22:27 - 2021-06-05 13:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-12-07 16:22 - 2020-12-25 13:41 - 002229736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2021-12-07 16:22 - 2020-12-25 13:41 - 000332224 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2021-12-07 16:22 - 2020-12-25 13:41 - 000218600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2021-12-07 16:22 - 2020-12-25 13:41 - 000198120 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2021-12-07 16:22 - 2020-12-25 13:41 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2021-12-07 16:22 - 2020-12-25 13:41 - 000062952 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2021-12-06 21:50 - 2021-06-05 13:01 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-12-05 22:03 - 2020-12-25 00:36 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\TS3Client
2021-12-05 19:33 - 2020-12-27 15:28 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\.minecraft
2021-12-05 10:53 - 2020-12-24 22:34 - 000000000 ____D C:\Users\Draeg\AppData\Local\PlaceholderTileLogoFolder
2021-12-02 18:58 - 2021-01-29 20:07 - 000000000 ____D C:\Program Files (x86)\Overwolf
2021-11-30 19:20 - 2021-11-10 23:56 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2893592886-4133754699-2489620301-1001
2021-11-30 19:20 - 2020-12-24 22:30 - 000002381 _____ C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-27 18:28 - 2020-12-25 11:21 - 000000000 ____D C:\Users\Draeg\.VirtualBox
2021-11-27 18:24 - 2020-12-25 11:21 - 000000000 ____D C:\ProgramData\VirtualBox
2021-11-27 18:19 - 2021-02-25 22:22 - 000000000 ____D C:\Users\Draeg\VirtualBox VMs
2021-11-27 10:05 - 2021-01-13 12:59 - 000000000 ____D C:\Users\Draeg\AppData\Local\CrashDumps
2021-11-27 09:24 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-11-27 08:32 - 2020-12-24 23:52 - 000000000 ____D C:\Users\Draeg\AppData\Local\AMD
2021-11-26 16:01 - 2020-12-24 23:01 - 000000000 ____D C:\Users\Draeg\AppData\LocalLow\AMD
2021-11-26 16:00 - 2021-11-10 23:26 - 000000000 ____D C:\WINDOWS\system32\AMD
2021-11-26 16:00 - 2020-12-24 23:18 - 000000000 ____D C:\ProgramData\Package Cache
2021-11-26 16:00 - 2020-12-24 22:56 - 000000000 ____D C:\Program Files\AMD
2021-11-26 15:58 - 2021-06-05 13:01 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-11-26 15:57 - 2020-12-24 23:28 - 000000000 ____D C:\AMD
2021-11-25 16:00 - 2020-12-25 12:02 - 000000000 ____D C:\ProgramData\Zoner
2021-11-24 22:49 - 2020-12-24 22:56 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-11-24 22:37 - 2021-11-10 23:54 - 000565008 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-24 22:18 - 2020-12-24 22:32 - 000000000 ____D C:\Users\Draeg\AppData\Local\ConnectedDevicesPlatform
2021-11-23 22:35 - 2021-01-29 20:08 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2021-11-23 22:31 - 2020-12-24 23:22 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-11-22 16:30 - 2021-11-10 22:52 - 000000000 ___DC C:\WINDOWS\Panther
2021-11-20 15:30 - 2021-02-12 17:02 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-11-17 12:33 - 2021-11-03 22:26 - 000000000 ____D C:\Users\Draeg\Cisco Packet Tracer 8.0.1
2021-11-17 12:33 - 2021-01-08 11:24 - 000000428 _____ C:\Users\Draeg\.packettracer
2021-11-15 20:34 - 2020-12-25 00:37 - 000000000 ___RD C:\Users\Draeg\Desktop\Honza
2021-11-13 18:08 - 2020-12-25 12:04 - 000001563 _____ C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Zoner Photo Studio X.lnk
2021-11-13 18:08 - 2020-12-25 12:04 - 000001561 _____ C:\Users\Draeg\Desktop\Zoner Photo Studio X.lnk
2021-11-13 10:02 - 2020-12-25 00:42 - 000000000 ____D C:\Program Files\Common Files\AV
2021-11-13 09:37 - 2021-06-05 13:10 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-11-13 09:37 - 2020-12-24 23:23 - 000002429 _____ C:\Users\Public\Desktop\Norton Security.lnk
2021-11-13 09:37 - 2020-12-24 23:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2021-11-13 09:10 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\CbsTemp

==================== Files in the root of some directories ========

2021-01-28 18:48 - 2021-12-11 11:29 - 000000033 _____ () C:\Users\Draeg\AppData\Roaming\AdobeWLCMCache.dat
2021-01-20 08:24 - 2021-01-20 08:24 - 000000110 _____ () C:\Users\Draeg\AppData\Roaming\debug.log
2021-01-31 09:52 - 2021-05-20 10:21 - 000007380 _____ () C:\Users\Draeg\AppData\Local\oobelibMkey.log
2021-09-21 20:03 - 2021-09-21 20:03 - 000000715 _____ () C:\Users\Draeg\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-12-2021
Ran by Draeg (13-12-2021 17:50:19)
Running from E:\Stažené soubory
Microsoft Windows 11 Pro Version 21H2 22000.318 (X64) (2021-11-10 23:01:16)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2893592886-4133754699-2489620301-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2893592886-4133754699-2489620301-503 - Limited - Disabled)
Draeg (S-1-5-21-2893592886-4133754699-2489620301-1001 - Administrator - Enabled) => C:\Users\Draeg
Guest (S-1-5-21-2893592886-4133754699-2489620301-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2893592886-4133754699-2489620301-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Enabled - Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
AV: Norton Security (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton Security (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: Norton Security (Enabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\uTorrent) (Version: 3.5.5.45852 - BitTorrent Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_0) (Version: 21.0.0 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.11.3 - Advanced Micro Devices, Inc.)
Anaconda3 2021.05 (Python 3.8.8 64-bit) (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Anaconda3 2021.05 (Python 3.8.8 64-bit)) (Version: 2021.05 - Anaconda, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Branding64 (HKLM\...\{C871FC62-0186-40ED-BAEA-7C65BE367755}) (Version: 1.00.0006 - Advanced Micro Devices, Inc.) Hidden
Cisco Packet Tracer 8.0 64Bit (HKLM\...\Cisco Packet Tracer 8.0 64Bit_is1) (Version: - Cisco Systems, Inc.)
Cisco Packet Tracer 8.0.1 64Bit (HKLM\...\Cisco Packet Tracer 8.0.1 64Bit_is1) (Version: - Cisco Systems, Inc.)
Dia (pouze odstranit) (HKLM-x32\...\Dia) (Version: - )
Discord (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.0.171.5063 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{d3e84f4a-a180-492d-985f-40cdbc8681a1}) (Version: 12.0.171.5063 - Electronic Arts)
Epic Games Launcher (HKLM-x32\...\{FEF3A9BA-A962-4469-AD62-04839D4BB847}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{0B736177-814A-4ADE-81D1-66A0FDD55BB4}) (Version: 1.1.11.0 - Epic Games, Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
GlassFish Server Open Source Edition 4.1.1 (HKLM\...\nbi-glassfish-mod-4.1.1.0.1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.93 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Honeygain (HKLM-x32\...\{C1922E93-B15E-460D-9C01-53E71109C2C6}) (Version: 0.10.2.0 - Honeygain)
Hotspot Shield 10.22.4 (HKLM-x32\...\{4de134ec-1612-4548-bed4-35bf05f8cfe2}) (Version: 10.22.4.12022 - Pango Inc.)
Hotspot Shield 10.22.4 (HKLM-x32\...\{AF599C42-A2E5-4251-B7EE-4925F287F119}) (Version: 10.22.4.12022 - Pango Inc.) Hidden
Hotspot Shield 10.22.4 (HKLM-x32\...\HotspotShield) (Version: 10.22.4 - Pango Inc.) Hidden
HotspotShield TAP-Windows 9.24.4 (HKLM\...\HotspotShield TAP-Windows) (Version: 9.24.4 - Pango Inc.) Hidden
Cheat Engine 7.2 (HKLM\...\Cheat Engine_is1) (Version: - Cheat Engine)
InputMapper 1.7 (HKLM-x32\...\{E42A4987-1F86-4E8F-A708-60CAAC1E3DA7}) (Version: 1.7.7452.13622 - DSDCS) Hidden
InputMapper 1.7 (HKLM-x32\...\InputMapper 1.7 1.7.7452.13622) (Version: 1.7.7452.13622 - DSDCS)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java SE Development Kit 8 Update 101 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180101}) (Version: 8.0.1010.13 - Oracle Corporation)
JavaFX Scene Builder 2.0 (HKLM-x32\...\{B4665EB1-1F7A-44F5-AD07-C20A938E8BC2}) (Version: 2.0 - Oracle)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{E496AFB7-CB04-46CF-8FBB-5D665BC8811B}) (Version: 3.3.2110.22002 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.14701.20226 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.53 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 96.0.1054.53 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\OneDriveSetup.exe) (Version: 21.230.1107.0004 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 ENU (HKLM-x32\...\{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Teams) (Version: 1.4.00.31569 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2FA9DAAC-895B-4E99-99D9-DC2965FBE79C}) (Version: 2.87.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.63.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.12 (x64) (HKLM-x32\...\{ce8037d8-35f7-4142-ad18-23609ac5db17}) (Version: 5.0.12.30623 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{27B34E47-68AE-4802-822A-9F0C187AF84A}) (Version: 1.0.0.0 - Mojang)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
Nefarius Virtual Gamepad Emulation Bus Driver (HKLM\...\{93D91F60-7C94-4A79-863F-EA713D2EB3F3}) (Version: 1.17.333.0 - Nefarius Software Solutions e.U.)
NetBeans IDE 8.1 (HKLM\...\nbi-nb-base-8.1.0.0.201510222201) (Version: 8.1 - NetBeans.org)
Norton Security (HKLM-x32\...\NGC) (Version: 22.21.10.40 - NortonLifeLock Inc)
Npcap (HKLM-x32\...\NpcapInst) (Version: 1.10 - Nmap Project)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20226 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20226 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 6.1.16 (HKLM\...\{8979282D-1F43-4810-B819-AA1B06F2C085}) (Version: 6.1.16 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.91.46291 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.185.0.12 - Overwolf Ltd.)
Pomocník s instalací Windows 11 (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.1341 - Microsoft Corporation)
Porofessor.gg (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Overwolf_pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh) (Version: 2.7.95 - Overwolf app)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.4.543 - Jan Fiala)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python 3.9.6 (64-bit) (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\{178e8fd0-1b1d-4cdf-8e5c-f5f53d25e0e4}) (Version: 3.9.6150.0 - Python Software Foundation)
Python 3.9.6 Core Interpreter (64-bit) (HKLM\...\{C4B7FF79-1195-436F-AA85-28EE995151B7}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 Development Libraries (64-bit) (HKLM\...\{D6580352-5B95-49A9-B2F3-313D12D13968}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 Documentation (64-bit) (HKLM\...\{2994270E-FE74-49E5-98BB-E65F5F0EC304}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 Executables (64-bit) (HKLM\...\{9BE9E7F0-F9F1-487B-A2FC-790CD2898388}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 pip Bootstrap (64-bit) (HKLM\...\{69BCB7EC-54AF-47F2-A891-D335CE44A530}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 Standard Library (64-bit) (HKLM\...\{4DD10049-CC97-48AE-BE76-4CB6E3111F7B}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 Tcl/Tk Support (64-bit) (HKLM\...\{7C56D977-225C-4EBA-8308-E47DF9FA867F}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 Test Suite (64-bit) (HKLM\...\{5C5B7907-C4E8-4E09-8CD6-3E844C7D65E2}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 Utility Scripts (64-bit) (HKLM\...\{511119D2-41C4-48E1-A3DA-0A6A1E68AC76}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{3CC89AD9-6FF2-40BE-ADF4-8ADDD3030FCE}) (Version: 3.9.7483.0 - Python Software Foundation)
Quest Software Toad Data Modeler Freeware 2.25 (HKLM-x32\...\Quest Software Toad Data Modeler Freeware 2.25_is1) (Version: - Quest Software, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.32.1206.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8773.1 - Realtek Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.42.369 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.5 - Rockstar Games)
RyzenMasterSDK (HKLM\...\{EA8C6C72-2CEE-4568-8CFA-F4B8C362C022}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
SPEEDLINK STRIKE Gamepad (HKLM-x32\...\{DFF7CD2E-2BB5-40C3-9592-078F64677EFF}) (Version: 1.00.0000 - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.26064 - Microsoft Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 117.0.10324 - Ubisoft)
USB RACING WHEEL (HKLM-x32\...\{DED994FF-D39B-4937-9DB9-87EC4E91B316}) (Version: 1.00.0000 - Y-J-R)
VEGAS Pro 18.0 (HKLM\...\{75111FE1-CE55-11EA-8B12-00155D43CFCE}) (Version: 18.0.284 - VEGAS)
vJoy Device Driver 2.1.9.1 (HKLM\...\{8E31F76F-74C3-47F1-9550-E041EEDC5FBB}_is1) (Version: 2.1.9.1 - Shaul Eizikovich)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vzum (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\6cfa0c5674100ff8) (Version: 1.0.0.38 - Vzum)
Wampserver64 3.2.0 (HKLM\...\{wampserver64}_is1) (Version: 3.2.0 - Dominique Ottello aka Otomatic)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Wireshark 3.4.3 64-bit (HKLM-x32\...\Wireshark) (Version: 3.4.3 - The Wireshark developer community, hxxps://www.wireshark.org)
Zoner Callisto 5 FREE (HKLM-x32\...\ZonerCallisto5_CZ_is1) (Version: 5.0.5000.16 - ZONER software)
Zoner Photo Studio X CS (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\ZPS X) (Version: 19.2109.2.352 - ZONER software)

Packages:
=========
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-10-25] (Microsoft Corporation)
Forza Horizon 5 -> C:\Program Files\WindowsApps\Microsoft.624F8B84B80_3.414.967.0_x64__8wekyb3d8bbwe [2021-12-04] (Microsoft Studios)
Forza Horizon 5 Expansion 1 -> C:\Program Files\WindowsApps\Microsoft.Expansion1FH5_1.0.0.0_x64__8wekyb3d8bbwe [2021-11-26] (Microsoft Studios)
Forza Horizon 5 Expansion 2 -> C:\Program Files\WindowsApps\Microsoft.Expansion2FH5_1.0.0.0_x64__8wekyb3d8bbwe [2021-11-26] (Microsoft Studios)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_133.1.340.0_x64__v10z8vjag6ke6 [2021-12-13] (HP Inc.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12030.0_x64__8wekyb3d8bbwe [2021-12-09] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.57.43142.0_x64__8wekyb3d8bbwe [2021-11-20] (Microsoft Corporation) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.4.188.0_x64__dt26b99r8h8gj [2020-12-24] (Realtek Semiconductor Corp)
Sea of Thieves -> C:\Program Files\WindowsApps\Microsoft.SeaofThieves_2.106.3544.2_x64__8wekyb3d8bbwe [2021-12-06] (ms-resource:PublisherDisplayName)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0 [2021-12-11] (Spotify AB) [Startup Task]
Telly TV -> C:\Program Files\WindowsApps\4NET.TV.DIGI2GO_1.1.6.0_x64__2epghj4njp6fy [2021-01-23] (4NET.TV)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2893592886-4133754699-2489620301-1001_Classes\CLSID\{04271989-C4D2-4FF5-359E-7F768727B0C6} -> [OneDrive - Vyssi odborna skola a Stredni skola technicka Ceska Trebova] => C:\Users\Draeg\OneDrive - Vyssi odborna skola a Stredni skola technicka Ceska Trebova [2020-12-24 23:55]
CustomCLSID: HKU\S-1-5-21-2893592886-4133754699-2489620301-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Draeg\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21229.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2893592886-4133754699-2489620301-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-2893592886-4133754699-2489620301-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.21.10.40\buShell.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.21.10.40\buShell.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.21.10.40\buShell.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.21.10.40\buShell.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.21.10.40\buShell.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.21.10.40\buShell.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.21.10.40\buShell.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.10.40\NavShExt.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.10.40\NavShExt.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-11-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.21.10.40\buShell.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.10.40\NavShExt.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2893592886-4133754699-2489620301-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Hangouts Google.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl
ShortcutWithArgument: C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt (anaconda).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" E:\anaconda\Scripts\activate.bat E:\anaconda

==================== Loaded Modules (Whitelisted) =============

2021-04-21 03:01 - 2021-04-21 03:01 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2021-11-20 08:23 - 2021-10-06 02:30 - 126961152 _____ () [File not signed] E:\Steam\bin\cef\cef.win7x64\libcef.dll
2021-11-20 08:23 - 2021-10-06 02:30 - 000384000 _____ () [File not signed] E:\Steam\bin\cef\cef.win7x64\libegl.dll
2021-11-20 08:23 - 2021-10-06 02:30 - 008006656 _____ () [File not signed] E:\Steam\bin\cef\cef.win7x64\libglesv2.dll
2021-07-07 05:37 - 2021-07-07 05:37 - 000562688 _____ (Advanced Micro Devices) [File not signed] C:\Program Files\AMD\CNext\CNext\Device.dll
2021-07-07 05:37 - 2021-07-07 05:37 - 000058880 _____ (Advanced Micro Devices) [File not signed] C:\Program Files\AMD\CNext\CNext\Platform.dll
2017-09-04 23:15 - 2017-09-04 23:15 - 004396032 _____ (Microsoft Corporation) [File not signed] C:\Program Files\AMD\CNext\CNext\D3DCompiler_47.dll
2020-12-25 01:04 - 2020-12-25 01:04 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-12-25 01:04 - 2020-12-25 01:04 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2021-11-20 08:23 - 2021-10-06 02:30 - 000983552 _____ (The Chromium Authors) [File not signed] E:\Steam\bin\cef\cef.win7x64\chrome_elf.dll
2021-12-09 20:02 - 2021-12-09 20:02 - 002815488 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2021-12-09 20:02 - 2021-12-09 20:02 - 000678400 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2021-01-29 19:07 - 2021-01-13 14:18 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] E:\origin\LIBEAY32.dll
2021-01-29 19:07 - 2021-01-13 14:18 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] E:\origin\ssleay32.dll
2021-01-29 19:07 - 2021-01-13 14:18 - 001611264 _____ (The Qt Company Ltd) [File not signed] E:\origin\platforms\qwindows.dll
2021-01-29 19:07 - 2021-01-13 14:18 - 005487104 _____ (The Qt Company Ltd) [File not signed] E:\origin\Qt5Core.dll
2021-01-29 19:07 - 2021-01-13 14:18 - 005841920 _____ (The Qt Company Ltd) [File not signed] E:\origin\Qt5Gui.dll
2021-01-29 19:07 - 2021-01-13 14:18 - 001179136 _____ (The Qt Company Ltd) [File not signed] E:\origin\Qt5Network.dll
2021-01-29 19:07 - 2021-01-13 14:18 - 000146432 _____ (The Qt Company Ltd) [File not signed] E:\origin\Qt5WebSockets.dll
2021-01-29 19:07 - 2021-01-13 14:18 - 005089792 _____ (The Qt Company Ltd) [File not signed] E:\origin\Qt5Widgets.dll
2021-01-29 19:07 - 2021-01-13 14:18 - 000184832 _____ (The Qt Company Ltd) [File not signed] E:\origin\Qt5Xml.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000057856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\audio\qtaudio_windows.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000031232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 001455104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 001227776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 006947328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000740352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000123392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 001110528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000326656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 003798528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000440832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000054784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 004255744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000171520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 001128448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000206336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000334336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000396800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 102854656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000133120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 005611008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 002877440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000056832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000290816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000336896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000134144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000106496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000045568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2021-04-21 03:01 - 2021-04-21 03:01 - 000093184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
2021-12-09 20:02 - 2021-12-09 20:02 - 000046592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2021-12-09 20:02 - 2021-12-09 20:02 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2021-12-09 20:02 - 2021-12-09 20:02 - 001389568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2021-12-09 20:02 - 2021-12-09 20:02 - 000157184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll
2021-12-09 20:02 - 2021-12-09 20:02 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:DocumentSummaryInformation [63]
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:SummaryInformation [63]
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2021-09-15] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2021-09-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.21.10.40\coIEPlg.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.21.10.40\coIEPlg.dll [2021-10-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\sharepoint.com -> hxxps://eskola-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2020-12-25 12:14 - 000000039 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
VPN - VPN Client: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
VPN - VPN Client: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Připojení k místní síti: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Připojení k místní síti: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet 2: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_32C7B48F92CD06D05B6EE9E3E54CA62B"
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\StartupApproved\Run: => "electron.app.Honey Miner"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AF5B1F30-F0DC-4949-9A0A-425128464B48}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F9135B17-2D2B-4BF8-B001-CCFE5642B6F1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A7915891-C99B-4086-9A18-E5A4ACC385C9}] => (Allow) E:\Steam\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> EasyAntiCheat Ltd)
FirewallRules: [{AF0D3F48-306F-4C53-9C3A-0F0F84D0821A}] => (Allow) E:\Steam\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> EasyAntiCheat Ltd)
FirewallRules: [{F696734C-8A40-4807-9E3A-9AE5CC79779D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{942D62ED-92B6-40C4-ABBC-1CDE66984410}] => (Allow) E:\Steam\steamapps\common\Battlerite\Battlerite.exe (Stunlock Studios AB -> )
FirewallRules: [{45111B9F-D6D0-47B8-ABB8-6E8AD53BE625}] => (Allow) E:\Steam\steamapps\common\Battlerite\Battlerite.exe (Stunlock Studios AB -> )
FirewallRules: [{81A51F57-493D-46E3-9D14-6A5C30D987C2}] => (Allow) E:\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{014AE090-6ECB-45B2-B151-13C8E2F930B1}] => (Allow) E:\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{F1F7682C-675B-41C8-8AAD-9DB00CBF31FB}] => (Allow) E:\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{EFBACA34-F7A1-4822-954B-E8CA986E602D}] => (Allow) E:\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{EF9504C1-CC1F-4460-94DC-1CFD979BDA8F}] => (Allow) E:\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{D5C8311D-1671-4395-BBC2-58B580DD0442}] => (Allow) E:\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{9E5DCF8E-193C-4302-A802-43CCC87F09A7}] => (Allow) E:\Steam\steamapps\common\Fall Guys\FallGuys_client.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{2FA5BB3E-0633-47D4-AE80-8EB0C1796C88}] => (Allow) E:\Steam\steamapps\common\Fall Guys\FallGuys_client.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{54F649E5-948A-42FF-B328-A3E9DD76DB0F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{1DAD2631-B15E-4D40-9007-DB544DC4979C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{34E249B1-D8CF-414D-8E91-05DE7B44EC9B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{809F83AB-4D26-4A4C-8A09-476AB28CC1E0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{8D59CBD9-2718-4D22-88E6-0510686D4465}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{E05E572F-4218-43AA-9D43-D7D39C1E980E}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{E6323F55-855F-4D22-AA6E-4B983BEE74B3}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8137D1EB-C72E-4366-975B-DEB43C7FD01C}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FF558230-5D62-4F98-A35F-7AB0029D50AC}] => (Allow) E:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{D49A019F-2BD0-40C0-8AF0-3F415E2C1FA6}] => (Allow) E:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{D5651ECA-3978-43E1-97DC-8531CFA7DEDF}] => (Allow) C:\Users\Draeg\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{9F4BC991-69AE-47B7-BD36-A123C383E16D}] => (Allow) C:\Users\Draeg\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{498FABEE-2903-4791-A288-B2483BA54951}] => (Allow) E:\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [File not signed]
FirewallRules: [{931FD824-1193-4640-9031-A0AAB32B9DBF}] => (Allow) E:\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [File not signed]
FirewallRules: [{C5A72D48-42F2-4142-BCDE-08C47DC7A684}] => (Allow) E:\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{AB7CE6E2-DA04-416A-BBC6-6587895A9067}] => (Allow) E:\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [UDP Query User{D29A3B5D-9CDD-41E1-B3AA-8E1D69E20D37}C:\program files\amd\cnext\cnext\radeonsoftware.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsoftware.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [TCP Query User{64C85F5C-4424-48D0-B97A-29C6E3031580}C:\program files\amd\cnext\cnext\radeonsoftware.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsoftware.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [{A7A89DC4-3D6F-44A1-96DE-FFDE56C92B9A}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{812E963D-F288-4D0C-A1CA-B183E9049DAD}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{73C2C48B-808A-4E41-8187-64CA631164F6}] => (Allow) E:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{E17B764B-F9AD-4A05-987C-19EFC6E142DE}] => (Allow) E:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{50821D0C-0447-48CB-A305-D85745520898}] => (Allow) E:\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{84BBAACE-28A3-4ECC-BBE5-15BF34A07BB3}] => (Allow) E:\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{3E17CF80-0AA3-4FE8-913A-AE1A4C7EBDB2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{760ECFED-30C9-49BD-9630-AAA043E016AF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AC27C5D5-81BE-4E45-898A-2FD0996D71D7}] => (Allow) E:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{762E22DE-3C23-45B0-ADDA-AE582D217DA3}] => (Allow) E:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{190A3C4F-3582-4A7C-88ED-B5C115F7BF0E}] => (Allow) C:\Program Files (x86)\Overwolf\0.184.0.35\OverwolfBrowser.exe => No File
FirewallRules: [{0E07D406-2790-4FCE-BE35-BBE2F0A18741}] => (Allow) C:\Program Files (x86)\Overwolf\0.184.0.35\OverwolfBrowser.exe => No File
FirewallRules: [{171AAB2A-3677-49F3-9DDE-8343814E29B8}] => (Block) C:\Program Files (x86)\Overwolf\0.184.0.35\OverwolfBrowser.exe => No File
FirewallRules: [{BF9118CE-1245-4EBC-AE3D-5087ED404D0A}] => (Block) C:\Program Files (x86)\Overwolf\0.184.0.35\OverwolfBrowser.exe => No File
FirewallRules: [{1FC11151-CD0C-429A-BD83-51C69870E391}] => (Allow) C:\Program Files (x86)\Overwolf\0.185.0.12\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{19038D82-F65C-42AE-A395-96C030B9DBB9}] => (Allow) C:\Program Files (x86)\Overwolf\0.185.0.12\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{292B60A3-69C3-4141-9292-F46C4D2A5E3C}] => (Block) C:\Program Files (x86)\Overwolf\0.185.0.12\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{2301F837-EED2-4B04-997A-E8821AD0D8AD}] => (Block) C:\Program Files (x86)\Overwolf\0.185.0.12\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{595DB1C6-9AE5-41FD-84EB-FA1A9BAEEFE2}] => (Allow) E:\Steam\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe () [File not signed]
FirewallRules: [{7352DA34-6F5B-46E5-93CF-3AAD82BDBADF}] => (Allow) E:\Steam\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe () [File not signed]
FirewallRules: [{EFDDBDC6-A0AF-4D23-BBA8-8A7BB97DC741}] => (Allow) E:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{D3DA234C-A01D-429E-AD1D-BD5627DEF110}] => (Allow) E:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{A78A6694-CC5D-4C94-AF61-57B6308FB6D2}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21323.200.1078.109_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D8798ACF-AFD1-4680-975C-85A0E72A8150}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21323.200.1078.109_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8E3FA2B4-54A9-4FF6-9DB5-2E6045AE5CF7}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{6EC22A37-5259-4E8F-8397-FEF90CBB80F5}] => (Allow) E:\Steam\steamapps\common\Goose Goose Duck\Goose Goose Duck.exe (Gaggle Studios, Inc -> )
FirewallRules: [{D41BE946-94A0-4942-BBEC-3F59E10E2E3C}] => (Allow) E:\Steam\steamapps\common\Goose Goose Duck\Goose Goose Duck.exe (Gaggle Studios, Inc -> )
FirewallRules: [{72F8CEBF-D1A1-4A40-B759-4DE45221C855}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BC05F66F-8093-4AC9-AB75-28CA2C0DF50B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BC9808E4-3A0C-445C-87C0-5B2F90BA2FFA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7C9FE52D-9CA2-4108-B66E-E2E4758F18CE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{84DDF9FE-CFE5-4BCE-97F9-A6763DAB8270}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{99F130E4-D1D9-4F23-88DF-D85469B56C51}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{03B486DC-5A04-4573-B9BE-0C0AA21E5A0C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EF6B9F62-8648-4B9E-A702-88EE71D98B9F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.174.631.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C415DA7E-4D53-4022-95D9-6EEF8709C418}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.53\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2E647379-4BD1-4D69-87E2-3072CA189477}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CF980A3A-4895-47B5-BF7C-C353C40ACB2C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{974BD7AC-6876-4E50-A0C1-E936B17E46A3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8A9FD5D9-D166-419E-8468-7CB1B79741CE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.15 GB) (Free:29.82 GB) (27%)

==================== Faulty Device Manager Devices ============

Name: VPN Client Adapter - VPN
Description: VPN Client Adapter - VPN
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: SoftEther Corporation
Service: Neo_VPN
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/12/2021 10:26:51 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1018) (User: DESKTOP-HONZA)
Description: Sběr dat čítače výkonu od služby Lsa byl vypnut z důvodu jedné nebo více chyb generovaných knihovnou čítače výkonu pro tuto službu. Chyby, která vyvolaly tuto akci, byly zapsány do protokolu událostí aplikace.

Error: (12/12/2021 10:26:51 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1005) (User: DESKTOP-HONZA)
Description: Pokus o vyhledání procedury Open OpenLsaPerformanceData v knihovně DLL C:\Windows\System32\Secur32.dll pro službu Lsa selhal s kódem chyby Win32 127. Data o výkonu pro tuto službu nebudou k dispozici.

Error: (12/12/2021 10:26:34 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1018) (User: DESKTOP-HONZA)
Description: Sběr dat čítače výkonu od služby Lsa byl vypnut z důvodu jedné nebo více chyb generovaných knihovnou čítače výkonu pro tuto službu. Chyby, která vyvolaly tuto akci, byly zapsány do protokolu událostí aplikace.

Error: (12/12/2021 10:26:34 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1005) (User: DESKTOP-HONZA)
Description: Pokus o vyhledání procedury Open OpenLsaPerformanceData v knihovně DLL C:\Windows\System32\Secur32.dll pro službu Lsa selhal s kódem chyby Win32 127. Data o výkonu pro tuto službu nebudou k dispozici.

Error: (12/12/2021 10:23:29 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1018) (User: DESKTOP-HONZA)
Description: Sběr dat čítače výkonu od služby Lsa byl vypnut z důvodu jedné nebo více chyb generovaných knihovnou čítače výkonu pro tuto službu. Chyby, která vyvolaly tuto akci, byly zapsány do protokolu událostí aplikace.

Error: (12/12/2021 10:23:29 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1005) (User: DESKTOP-HONZA)
Description: Pokus o vyhledání procedury Open OpenLsaPerformanceData v knihovně DLL C:\Windows\System32\Secur32.dll pro službu Lsa selhal s kódem chyby Win32 127. Data o výkonu pro tuto službu nebudou k dispozici.

Error: (12/12/2021 10:23:27 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1018) (User: DESKTOP-HONZA)
Description: Sběr dat čítače výkonu od služby Lsa byl vypnut z důvodu jedné nebo více chyb generovaných knihovnou čítače výkonu pro tuto službu. Chyby, která vyvolaly tuto akci, byly zapsány do protokolu událostí aplikace.

Error: (12/12/2021 10:23:27 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1005) (User: DESKTOP-HONZA)
Description: Pokus o vyhledání procedury Open OpenLsaPerformanceData v knihovně DLL C:\Windows\System32\Secur32.dll pro službu Lsa selhal s kódem chyby Win32 127. Data o výkonu pro tuto službu nebudou k dispozici.


System errors:
=============
Error: (12/13/2021 03:22:08 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{0208B5F8-5C6C-4C2A-9146-EEC23075B527}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (12/13/2021 03:22:08 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{01E84170-00BB-4287-A61E-BF149AB03EAF}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (12/12/2021 11:03:44 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-HONZA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/12/2021 11:03:44 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-HONZA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/12/2021 11:03:44 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-HONZA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/12/2021 11:03:44 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-HONZA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/12/2021 11:03:44 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-HONZA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/12/2021 11:03:44 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-HONZA)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===============
Date: 2021-12-13 15:22:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume6\Program Files\Norton Security\Engine\22.21.10.40\symamsi.dll that did not meet the Windows signing level requirements. ਍


==================== Memory info ===========================

BIOS: American Megatrends Inc. F52 08/03/2020
Motherboard: Gigabyte Technology Co., Ltd. A320M-S2H-CF
Processor: AMD Ryzen 5 2600X Six-Core Processor
Percentage of memory in use: 49%
Total physical RAM: 16335.21 MB
Available physical RAM: 8320.98 MB
Total Virtual: 19279.21 MB
Available Virtual: 5329.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.15 GB) (Free:29.82 GB) NTFS
Drive d: (škola) (Fixed) (Total:37.27 GB) (Free:33.22 GB) NTFS
Drive e: (Nový svazek) (Fixed) (Total:931.4 GB) (Free:242.86 GB) NTFS

\\?\Volume{720b0721-b665-474f-b2cf-921973e0af9a}\ () (Fixed) (Total:0.62 GB) (Free:0.08 GB) NTFS
\\?\Volume{f5b2cb1e-107e-a4ea-1b52-3ed1d603aec9}\ () (Fixed) (Total:101.92 GB) (Free:0 GB) NTFS
\\?\Volume{2c8d4a56-5754-8dc0-bdb2-51d4222273ae}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS
\\?\Volume{5a1847b4-f61e-e681-1673-885e9dc9b270}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS
\\?\Volume{126f0fba-3125-46dd-b0d9-efcbe18e62db}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 37.3 GB) (Disk ID: A49DC55B)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 54B26478)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)

Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 3.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 4.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 5.

==================== End of Addition.txt =======================

[Rudy]

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Task: {254BDDD3-167E-4B2B-B3ED-B3D0628E8C8B} - System32\Tasks\AutoStartTask => C:\Users\Draeg\AppData\Local\DriverAssist\app-5.0.0-retail0017\DriverAssist.exe /Autostart (No File)
C:\DumpStack.log.tmp
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:DocumentSummaryInformation [63]
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:SummaryInformation [63]
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
FirewallRules: [{190A3C4F-3582-4A7C-88ED-B5C115F7BF0E}] => (Allow) C:\Program Files (x86)\Overwolf\0.184.0.35\OverwolfBrowser.exe => No File
FirewallRules: [{0E07D406-2790-4FCE-BE35-BBE2F0A18741}] => (Allow) C:\Program Files (x86)\Overwolf\0.184.0.35\OverwolfBrowser.exe => No File
FirewallRules: [{171AAB2A-3677-49F3-9DDE-8343814E29B8}] => (Block) C:\Program Files (x86)\Overwolf\0.184.0.35\OverwolfBrowser.exe => No File
FirewallRules: [{BF9118CE-1245-4EBC-AE3D-5087ED404D0A}] => (Block) C:\Program Files (x86)\Overwolf\0.184.0.35\OverwolfBrowser.exe => No File

EmptyTemp:
End

Uložte do E:\Stažené soubory plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.