Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2023
Ran by PDsystems (administrator) on DESKTOP-R45PQ2U (MSI MS-7996) (10-10-2023 18:58:38)
Running from C:\Users\PDsystems\Downloads\FRST64.exe
Loaded Profiles: PDsystems
Platform: Microsoft Windows 11 Home Version 21H2 22000.2416 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(DriverStore\FileRepository\u0396094.inf_amd64_a90ea54eeab05481\B395672\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0396094.inf_amd64_a90ea54eeab05481\B395672\atieclxx.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <12>
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0396094.inf_amd64_a90ea54eeab05481\B395672\atiesrxx.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_12a8d6d742c436e2\RtkAudUService64.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.7272.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.7272.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.23500.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.22000.2355_none_828ef538fef166f8\TiWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_12a8d6d742c436e2\RtkAudUService64.exe [1211184 2020-12-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Policies\Explorer: [NoThumbnailCache] 0
HKLM\...\Policies\Explorer: [DisableThumbnailCache] 0
HKU\S-1-5-21-2930814660-1282691726-3213042862-1001\...\Run: [MicrosoftEdgeAutoLaunch_B5AA4C3654BF3976353484844FDFE401] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4210232 2023-10-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2930814660-1282691726-3213042862-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2930814660-1282691726-3213042862-1001\...\Policies\Explorer: [NoThumbnailCache] 0
HKU\S-1-5-21-2930814660-1282691726-3213042862-1001\...\Policies\Explorer: [DisableThumbnailCache] 0
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {BD7FD238-49CD-46FC-8DCB-F764B8CC2196} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2023-09-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {6A8C525E-73EA-45E5-8478-A7DB5EBD6C6B} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2023-09-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {B533B6CE-7ACE-4F19-8863-F7C8091AB917} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {F64B6874-3B48-4627-AB73-98AA5B3A40FE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\system32\MRT.exe [177941912 2023-09-13] (Microsoft Windows -> Microsoft Corporation)
Task: {5C5AD2DA-09BD-4659-9F62-D0D75E9D7142} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C36C1CEE-0031-4AB6-92FF-B6CF99641B99} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {39BBA4F5-18C7-4F17-B120-7F2C96CCAB6E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F6EF8E04-B8AC-4C31-BA57-2820D2956591} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3F2DD9FC-A277-420A-BC16-5C1967D2CCAC} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2023-09-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{69cd67ae-3379-4ef2-ba73-22b98ef0eabf}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{c8dc9cce-4343-469d-b252-74e901653c5d}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d1f7847a-d553-49a5-8cb8-d7bb462f93b2}: [DhcpNameServer] 192.168.228.40
Tcpip\..\Interfaces\{f588718d-9f79-40c9-a752-c210ad66dbd3}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\PDsystems\AppData\Local\Microsoft\Edge\User Data\Default [2023-10-10]
Edge Extension: (Dokumenty Google offline) - C:\Users\PDsystems\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-08]
Edge Extension: (Edge relevant text changes) - C:\Users\PDsystems\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-13]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe [3116904 2023-10-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe [133584 2023-10-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Rockstar Service; "C:\Program Files\Rockstar Games\Launcher\RockstarService.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [25584 2023-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_54807f69fe156f14\amdsafd.sys [113088 2023-04-13] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0396094.inf_amd64_a90ea54eeab05481\B395672\amdkmdag.sys [106388000 2023-09-20] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [61888 2023-05-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 athur; C:\Windows\System32\drivers\athuw8x.sys [2919936 2013-06-02] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R1 HWiNFO_172; C:\Windows\system32\drivers\HWiNFO64A_172.SYS [56888 2023-03-24] (Microsoft Windows Hardware Compatibility Publisher -> REALiX(tm))
R3 MpKsl86ae55ea; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{479B2B1B-FB60-426A-B8C4-00F57DB0871A}\MpKslDrv.sys [263560 2023-10-10] (Microsoft Windows -> Microsoft Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_d2a498d51a4f7bec\rtcx21x64.sys [409000 2021-06-01] (Realtek Semiconductor Corp. -> Realtek)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55856 2023-10-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [103656 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [572712 2023-10-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105872 2023-10-08] (Microsoft Windows -> Microsoft Corporation)
S4 NVHDA; \SystemRoot\system32\drivers\nvhda64v.sys [X]
S4 nvlddmkm; \SystemRoot\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_50916785244854f2\nvlddmkm.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-10-10 18:58 - 2023-10-10 18:59 - 000011527 _____ C:\Users\PDsystems\Downloads\FRST.txt
2023-10-10 18:58 - 2023-10-10 18:58 - 000000000 ____D C:\FRST
2023-10-10 18:56 - 2023-10-10 18:57 - 002383360 _____ (Farbar) C:\Users\PDsystems\Downloads\Nepotvrzeno 79073.crdownload
2023-10-10 18:56 - 2023-10-10 18:57 - 002383360 _____ (Farbar) C:\Users\PDsystems\Downloads\FRST64.exe
2023-10-10 18:54 - 2023-10-10 18:54 - 000003126 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2023-10-10 18:54 - 2023-10-10 18:54 - 000003118 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2023-10-08 14:57 - 2023-10-08 15:13 - 000000000 ____D C:\MSI
2023-10-08 14:47 - 2023-10-08 14:47 - 000000000 ____D C:\Users\PDsystems\AppData\Local\EpicOnlineServicesUIHelper
2023-10-01 19:47 - 2023-10-08 14:46 - 000000000 ____D C:\Users\PDsystems\Documents\Rockstar Games
2023-10-01 19:47 - 2023-10-01 19:58 - 000000000 ____D C:\Users\PDsystems\AppData\Local\Rockstar Games
2023-10-01 19:47 - 2023-10-01 19:47 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2023-10-01 19:47 - 2023-10-01 19:47 - 000000000 ____D C:\Program Files\Reference Assemblies
2023-10-01 19:47 - 2023-10-01 19:47 - 000000000 ____D C:\Program Files\MSBuild
2023-10-01 19:47 - 2023-10-01 19:47 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2023-10-01 19:47 - 2023-10-01 19:47 - 000000000 ____D C:\Program Files (x86)\MSBuild
2023-10-01 19:46 - 2023-10-08 14:46 - 000000000 ____D C:\Users\PDsystems\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2023-10-01 19:44 - 2023-10-08 14:46 - 000000000 ____D C:\ProgramData\Rockstar Games
2023-10-01 19:44 - 2023-10-08 14:46 - 000000000 ____D C:\Program Files\Rockstar Games
2023-10-01 19:44 - 2023-10-08 14:46 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2023-09-30 19:39 - 2023-09-30 19:39 - 000003388 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2930814660-1282691726-3213042862-1001
2023-09-30 19:39 - 2023-09-30 19:39 - 000002393 _____ C:\Users\PDsystems\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-09-29 18:32 - 2023-09-29 18:32 - 000000000 ____D C:\Users\PDsystems\AppData\Local\Epic Games
2023-09-29 18:31 - 2023-10-08 14:48 - 000000000 ____D C:\ProgramData\Epic
2023-09-29 18:06 - 2021-12-10 23:33 - 011031040 _____ C:\Windows\SysWOW64\steamclient64.dll
2023-09-29 18:06 - 2021-12-10 23:33 - 011031040 _____ C:\Windows\system32\steamclient64.dll
2023-09-29 18:06 - 2021-12-10 23:33 - 000398232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xrnm.dll
2023-09-29 18:06 - 2021-12-10 23:33 - 000398232 _____ (Microsoft Corporation) C:\Windows\system32\xrnm.dll
2023-09-29 18:06 - 2021-12-10 23:33 - 000003260 _____ C:\Windows\SysWOW64\hlm.ini
2023-09-29 18:06 - 2021-12-10 23:33 - 000003260 _____ C:\Windows\system32\hlm.ini
2023-09-27 21:04 - 2023-09-27 21:04 - 000000000 ____D C:\Users\PDsystems\AppData\Local\PunkBuster
2023-09-27 20:14 - 2023-09-27 20:14 - 000000000 ____D C:\Users\PDsystems\AppData\Local\HaloInfinite
2023-09-27 19:45 - 2023-09-27 19:45 - 000000000 ____D C:\Users\Public\Documents\Steam
2023-09-27 19:43 - 2023-09-27 21:11 - 000000000 ____D C:\Users\PDsystems\AppData\Local\GHISLER
2023-09-27 19:42 - 2023-09-27 19:43 - 000001064 _____ C:\Users\PDsystems\Desktop\Total Commander.lnk
2023-09-27 19:42 - 2023-09-27 19:43 - 000000000 ____D C:\Program Files\totalcmd
2023-09-27 19:42 - 2023-09-27 19:42 - 000000000 ____D C:\Users\PDsystems\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2023-09-27 19:42 - 2023-09-27 19:42 - 000000000 ____D C:\Users\PDsystems\AppData\Roaming\GHISLER
2023-09-27 19:22 - 2023-10-08 14:49 - 000001999 _____ C:\Users\PDsystems\Desktop\FPS Monitor.lnk
2023-09-24 16:33 - 2023-09-24 16:33 - 000000000 ____D C:\Users\PDsystems\AppData\LocalLow\AMD
2023-09-24 16:26 - 2023-09-24 16:26 - 000003484 _____ C:\Windows\system32\Tasks\ModifyLinkUpdate
2023-09-24 16:26 - 2023-09-24 16:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2023-09-24 16:26 - 2023-09-12 05:33 - 002967432 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\AMDBugReportTool.exe
2023-09-24 16:09 - 2023-09-20 17:58 - 000856712 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2023-09-24 16:09 - 2023-09-20 17:58 - 000856712 _____ C:\Windows\system32\vulkaninfo.exe
2023-09-24 16:09 - 2023-09-20 17:58 - 000737424 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-09-24 16:09 - 2023-09-20 17:58 - 000737424 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2023-09-24 16:09 - 2023-09-20 17:58 - 000682144 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2023-09-24 16:09 - 2023-09-20 17:58 - 000682144 _____ C:\Windows\system32\vulkan-1.dll
2023-09-24 16:09 - 2023-09-20 17:58 - 000667736 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2023-09-24 16:09 - 2023-09-20 17:58 - 000667736 _____ C:\Windows\SysWOW64\vulkan-1.dll
2023-09-24 16:09 - 2023-09-20 17:58 - 000548896 _____ C:\Windows\system32\libsmi_guest.dll
2023-09-24 16:09 - 2023-09-20 17:58 - 000524320 _____ C:\Windows\system32\libsmi_host.dll
2023-09-24 16:09 - 2023-09-20 17:58 - 000207496 _____ C:\Windows\system32\mantle64.dll
2023-09-24 16:09 - 2023-09-20 17:58 - 000186512 _____ C:\Windows\system32\mantleaxl64.dll
2023-09-24 16:09 - 2023-09-20 17:58 - 000165408 _____ C:\Windows\SysWOW64\mantle32.dll
2023-09-24 16:09 - 2023-09-20 17:58 - 000149128 _____ C:\Windows\SysWOW64\mantleaxl32.dll
2023-09-24 16:09 - 2023-09-20 17:57 - 002099744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2023-09-24 16:09 - 2023-09-20 17:57 - 001617336 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2023-09-24 16:09 - 2023-09-20 17:57 - 001617336 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2023-09-24 16:09 - 2023-09-20 17:57 - 000975392 _____ (AMD) C:\Windows\system32\atieclxx.exe
2023-09-24 16:09 - 2023-09-20 17:57 - 000607776 _____ C:\Windows\system32\GameManager64.dll
2023-09-24 16:09 - 2023-09-20 17:57 - 000537120 _____ C:\Windows\system32\atieah64.exe
2023-09-24 16:09 - 2023-09-20 17:57 - 000503952 _____ C:\Windows\system32\EEURestart.exe
2023-09-24 16:09 - 2023-09-20 17:57 - 000473120 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2023-09-24 16:09 - 2023-09-20 17:57 - 000462368 _____ C:\Windows\SysWOW64\GameManager32.dll
2023-09-24 16:09 - 2023-09-20 17:57 - 000405944 _____ C:\Windows\SysWOW64\atieah32.exe
2023-09-24 16:09 - 2023-09-20 17:57 - 000266792 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2023-09-24 16:09 - 2023-09-20 17:57 - 000228896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2023-09-24 16:09 - 2023-09-20 17:57 - 000210768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2023-09-24 16:09 - 2023-09-20 17:57 - 000196128 _____ (AMD) C:\Windows\system32\atimuixx.dll
2023-09-24 16:09 - 2023-09-20 17:57 - 000184464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2023-09-24 16:09 - 2023-09-20 17:57 - 000174584 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2023-09-24 16:09 - 2023-09-20 17:57 - 000148616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2023-09-24 16:09 - 2023-09-20 17:56 - 011757048 _____ C:\Windows\system32\amdsmi.exe
2023-09-24 16:09 - 2023-09-20 17:56 - 002245256 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdsasrv64.dll
2023-09-24 16:09 - 2023-09-20 17:56 - 001338504 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdsacli64.dll
2023-09-24 16:09 - 2023-09-20 17:56 - 001059256 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdsacli32.dll
2023-09-24 16:09 - 2023-09-20 17:56 - 000943656 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2023-09-24 16:09 - 2023-09-20 17:56 - 000771000 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2023-09-24 16:09 - 2023-09-20 17:56 - 000142368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2023-09-24 16:09 - 2023-09-20 17:56 - 000138888 _____ C:\Windows\system32\amdxc64.dll
2023-09-24 16:09 - 2023-09-20 17:56 - 000118304 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2023-09-24 16:09 - 2023-09-20 17:56 - 000114720 _____ C:\Windows\SysWOW64\amdxc32.dll
2023-09-24 16:09 - 2023-09-20 17:56 - 000074680 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ati2erec.dll
2023-09-24 16:09 - 2023-09-20 17:55 - 105409976 _____ C:\Windows\system32\amd_comgr.dll
2023-09-24 16:09 - 2023-09-20 17:55 - 088606240 _____ C:\Windows\SysWOW64\amd_comgr32.dll
2023-09-24 16:09 - 2023-09-20 17:55 - 004384696 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdadlx64.dll
2023-09-24 16:09 - 2023-09-20 17:55 - 004189728 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdadlx32.dll
2023-09-24 16:09 - 2023-09-20 17:55 - 000801312 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2023-09-24 16:09 - 2023-09-20 17:55 - 000678328 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2023-09-24 16:09 - 2023-09-20 17:55 - 000569784 _____ C:\Windows\system32\amdgfxinfo64.dll
2023-09-24 16:09 - 2023-09-20 17:55 - 000542752 _____ C:\Windows\system32\dgtrayicon.exe
2023-09-24 16:09 - 2023-09-20 17:55 - 000524832 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2023-09-24 16:09 - 2023-09-20 17:55 - 000471176 _____ C:\Windows\system32\amdlogum.exe
2023-09-24 16:09 - 2023-09-20 17:55 - 000433592 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2023-09-24 16:09 - 2023-09-20 17:55 - 000390584 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2023-09-24 16:09 - 2023-09-20 17:55 - 000337776 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdfendr.stz
2023-09-24 16:09 - 2023-09-20 17:55 - 000232312 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
2023-09-24 16:09 - 2023-09-20 17:55 - 000187480 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll
2023-09-24 16:09 - 2023-09-20 17:55 - 000167160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2023-09-24 16:09 - 2023-09-20 17:55 - 000158672 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2023-09-24 16:09 - 2023-09-20 17:55 - 000138232 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2023-09-24 16:09 - 2023-09-20 17:55 - 000132408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2023-09-24 16:09 - 2023-09-20 17:55 - 000103048 _____ C:\Windows\system32\clinfo.exe
2023-09-24 16:09 - 2023-09-20 17:55 - 000056280 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdfendrmgr.stz
2023-09-24 16:09 - 2023-09-20 17:55 - 000051232 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2023-09-24 16:09 - 2023-09-20 17:55 - 000048160 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2023-09-24 16:09 - 2023-09-20 17:54 - 019433912 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdhip64.dll
2023-09-24 16:09 - 2023-09-20 17:54 - 001725560 _____ (AMD) C:\Windows\system32\amf-mft-mjpeg-decoder64.dll
2023-09-24 16:09 - 2023-09-20 17:54 - 001400128 _____ (AMD) C:\Windows\SysWOW64\amf-mft-mjpeg-decoder32.dll
2023-09-24 16:09 - 2023-09-20 17:54 - 000572064 _____ C:\Windows\system32\amdmiracast.dll
2023-09-24 16:09 - 2023-09-20 17:54 - 000177704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2023-09-24 16:09 - 2023-09-20 17:54 - 000176568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2023-09-24 16:09 - 2023-09-20 17:54 - 000167168 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2023-09-24 16:09 - 2023-09-20 17:54 - 000152144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2023-09-24 16:09 - 2023-09-20 17:54 - 000145336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl.dll
2023-09-24 16:09 - 2023-09-20 17:54 - 000138240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2023-09-24 16:09 - 2023-09-20 17:21 - 109628240 _____ C:\Windows\system32\amdxc64.so
2023-09-13 17:36 - 2023-09-13 17:37 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-10-10 18:57 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SystemTemp
2023-10-10 18:54 - 2023-03-15 19:13 - 000000000 ____D C:\Intel
2023-10-10 18:54 - 2023-03-01 14:18 - 000012288 ___SH C:\DumpStack.log.tmp
2023-10-10 18:54 - 2023-03-01 14:18 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-10-10 18:54 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-10-10 18:52 - 2023-03-01 14:38 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2023-10-10 18:52 - 2021-06-05 14:01 - 000262144 _____ C:\Windows\system32\config\BBI
2023-10-10 18:35 - 2023-03-01 14:24 - 001714894 _____ C:\Windows\system32\PerfStringBackup.INI
2023-10-10 18:35 - 2021-06-05 19:20 - 000724600 _____ C:\Windows\system32\perfh005.dat
2023-10-10 18:35 - 2021-06-05 19:20 - 000150562 _____ C:\Windows\system32\perfc005.dat
2023-10-10 18:35 - 2021-06-05 14:09 - 000000000 ____D C:\Windows\INF
2023-10-10 18:30 - 2023-03-01 14:18 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-10-08 15:36 - 2023-09-09 11:00 - 000000000 ____D C:\Users\PDsystems\Desktop\Hry
2023-10-08 15:36 - 2023-04-14 17:53 - 000000000 ____D C:\Users\PDsystems\Documents\The Witcher 3
2023-10-08 15:35 - 2023-09-09 10:02 - 000000000 ____D C:\Users\PDsystems\AppData\Roaming\Wargaming.net
2023-10-08 14:54 - 2021-06-05 14:10 - 000000000 ___HD C:\Program Files\WindowsApps
2023-10-08 14:54 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\AppReadiness
2023-10-08 14:46 - 2023-03-01 14:29 - 000000000 ____D C:\Users\PDsystems\AppData\Local\D3DSCache
2023-10-08 14:11 - 2023-03-01 14:18 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-10-08 14:08 - 2023-03-01 14:18 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-10-08 14:08 - 2023-03-01 14:18 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-10-01 20:17 - 2023-03-24 16:30 - 000060916 _____ C:\Users\PDsystems\Documents\FPSMonitor.txt
2023-10-01 19:48 - 2021-06-05 14:01 - 000000000 ____D C:\Windows\CbsTemp
2023-10-01 19:47 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SysWOW64\MUI
2023-10-01 19:47 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\MUI
2023-09-30 19:39 - 2023-03-02 19:40 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2930814660-1282691726-3213042862-1001
2023-09-29 18:44 - 2023-03-01 14:56 - 000000000 ____D C:\ProgramData\Package Cache
2023-09-29 18:14 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\NDF
2023-09-27 19:30 - 2018-06-04 14:57 - 000249120 _____ (Valve Corporation) C:\Windows\SysWOW64\steam_api64.dll
2023-09-27 19:30 - 2018-06-04 14:57 - 000249120 _____ (Valve Corporation) C:\Windows\system32\steam_api64.dll
2023-09-24 21:11 - 2023-03-01 14:55 - 000000000 ____D C:\Program Files\AMD
2023-09-24 21:10 - 2023-03-01 14:46 - 000000000 ____D C:\AMD
2023-09-24 16:26 - 2023-03-01 14:38 - 000000000 ____D C:\Users\PDsystems\AppData\Local\AMD
2023-09-24 16:25 - 2023-03-01 14:29 - 000000000 ____D C:\Users\PDsystems\AppData\Local\Packages
2023-09-24 15:53 - 2023-04-14 17:44 - 000000000 ____D C:\Users\PDsystems\AppData\Local\AMD_Common
2023-09-13 19:50 - 2023-03-01 14:33 - 000000000 ____D C:\Users\PDsystems\AppData\Roaming\Microsoft\MMC
2023-09-13 17:50 - 2023-03-01 15:02 - 000000000 ____D C:\Windows\system32\MRT
2023-09-13 17:49 - 2023-03-01 15:02 - 177941912 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-09-13 17:44 - 2023-03-01 14:18 - 000304056 _____ C:\Windows\system32\FNTCACHE.DAT
2023-09-13 17:43 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\WUModels
2023-09-13 17:43 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\SystemResources
2023-09-13 17:43 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\system32\appraiser
2023-09-13 17:43 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-09-13 17:43 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\bcastdvr
2023-09-13 17:40 - 2023-03-01 14:22 - 003109376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-09-13 17:23 - 2021-06-05 14:10 - 000000000 ____D C:\Windows\LiveKernelReports
==================== Files in the root of some directories ========
2023-04-18 19:50 - 2023-04-18 19:50 - 000208896 _____ () C:\Users\PDsystems\AppData\Roaming\emp.bin
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2023
Ran by PDsystems (10-10-2023 18:59:48)
Running from C:\Users\PDsystems\Downloads
Microsoft Windows 11 Home Version 21H2 22000.2416 (X64) (2023-03-01 12:20:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2930814660-1282691726-3213042862-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2930814660-1282691726-3213042862-503 - Limited - Disabled)
Guest (S-1-5-21-2930814660-1282691726-3213042862-501 - Limited - Disabled)
PDsystems (S-1-5-21-2930814660-1282691726-3213042862-1001 - Administrator - Enabled) => C:\Users\PDsystems
WDAGUtilityAccount (S-1-5-21-2930814660-1282691726-3213042862-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 23.9.2 - Advanced Micro Devices, Inc.)
CrystalDiskInfo 9.1.1 (HKLM\...\CrystalDiskInfo_is1) (Version: 9.1.1 - Crystal Dew World)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FPS Monitor (HKLM-x32\...\FPS Monitor_is1) (Version: 1 - )
Intel(R) Chipset Device Software (HKLM\...\{0FCE256E-F9AA-4070-886F-7C75AED03FB5}) (Version: 10.1.19444.8378 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{8e171961-44e9-48e3-9a1e-7e05e5387200}) (Version: 10.1.19444.8378 - Intel(R) Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.60 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.47 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2930814660-1282691726-3213042862-1001\...\OneDriveSetup.exe) (Version: 23.189.0910.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{CB344172-1257-447E-8D6B-6E9DE15DA449}) (Version: 4.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31938 (HKLM-x32\...\{d92971ab-f030-43c8-8545-c66c818d0e05}) (Version: 14.34.31938.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31938 (HKLM-x32\...\{4f84f2dc-3f70-433a-8f50-8293e0089b0f}) (Version: 14.34.31938.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31938 (HKLM\...\{7DA37AE3-D8AE-49B1-9BDC-23CA0AB9FF22}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31938 (HKLM\...\{0AE39060-F209-4D05-ABC7-54B8F9CFA32E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31938 (HKLM-x32\...\{080D8397-60F4-44B3-BB95-FBB950CB0B4E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31938 (HKLM-x32\...\{8DE5B0D4-A6D8-4F72-B8EF-28776A2EE5D5}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
SSDFresh 2023 (HKLM\...\{71149886-0AA3-4F31-81F9-CC90EA0D55EF}_is1) (Version: 12.08 - Abelssoft)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 11.00 - Ghisler Software GmbH)
Wise Game Booster 1.5.7 (HKLM-x32\...\Wise Game Booster_is1) (Version: 1.5.7 - WiseCleaner.com, Inc.)
Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-09-09] (Microsoft Corporation)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5185.0_x64__8j3eq9eme6ctt [2023-09-19] (INTEL CORP) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.20.238.0_x64__dt26b99r8h8gj [2023-03-15] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-10-08] (Microsoft Studios) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2021-06-05 14:08 - 2021-06-05 14:08 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2930814660-1282691726-3213042862-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PDsystems\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\R.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKU\S-1-5-21-2930814660-1282691726-3213042862-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{7204D05C-A204-48AF-BE70-4EA537A852B8}D:\hogwarts.legacy-full.game-cracked.by.empress\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Allow) D:\hogwarts.legacy-full.game-cracked.by.empress\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [UDP Query User{1DFB3805-39C6-4C04-93C1-B5DEDAEC09FC}D:\hogwarts.legacy-full.game-cracked.by.empress\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Allow) D:\hogwarts.legacy-full.game-cracked.by.empress\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [{FB73AB65-272F-44D3-A01F-2C00F39C0B43}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23119.303.2080.2726_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EF148C9F-F77E-451E-AAB8-FDDC86486130}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23119.303.2080.2726_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{0B605D34-9ECE-4976-9E88-24781DC66D59}E:\hogwarts.legacy-full.game-cracked.by.empress\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Allow) E:\hogwarts.legacy-full.game-cracked.by.empress\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [UDP Query User{0756E076-67BC-4E6C-B756-7683697FB03F}E:\hogwarts.legacy-full.game-cracked.by.empress\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Allow) E:\hogwarts.legacy-full.game-cracked.by.empress\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [TCP Query User{AFF6FF1E-031F-40B0-80EC-396CC9E41C11}D:\hry\hogwarts.legacy-full.game-cracked.by.empress\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Allow) D:\hry\hogwarts.legacy-full.game-cracked.by.empress\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [UDP Query User{FFD51F36-6332-40A7-ACD6-449B77B0F031}D:\hry\hogwarts.legacy-full.game-cracked.by.empress\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Allow) D:\hry\hogwarts.legacy-full.game-cracked.by.empress\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [TCP Query User{DB5CE35C-40EF-4846-AA9E-12BCD0F88FDC}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [UDP Query User{2F519312-CED7-4B69-8B6E-BF48A9808174}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [TCP Query User{F0E18189-8BC2-4E97-98A2-99FC9947D35B}D:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) D:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [UDP Query User{C09D352B-C5C5-4516-97E9-00BDD9A3E830}D:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) D:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [TCP Query User{F58A9AA7-5BAB-434F-877B-840308B35400}E:\halo infinite\haloinfinite.exe] => (Allow) E:\halo infinite\haloinfinite.exe => No File
FirewallRules: [UDP Query User{0B277DB5-B87E-4D83-B8A0-C99171A70994}E:\halo infinite\haloinfinite.exe] => (Allow) E:\halo infinite\haloinfinite.exe => No File
FirewallRules: [TCP Query User{7C653A8B-4B09-4AF1-AF60-5DC1F259678C}E:\call of duty 4 - modern warfare\iw3mp.exe] => (Block) E:\call of duty 4 - modern warfare\iw3mp.exe => No File
FirewallRules: [UDP Query User{962E85D7-E354-4821-82EA-2DBE7B6069D7}E:\call of duty 4 - modern warfare\iw3mp.exe] => (Block) E:\call of duty 4 - modern warfare\iw3mp.exe => No File
FirewallRules: [TCP Query User{010E8607-631A-40D4-81A4-2832E6F1F7B2}D:\games\gtav\gta5.exe] => (Allow) D:\games\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{0D32153F-131D-4A65-A3CF-578D73E9F78C}D:\games\gtav\gta5.exe] => (Allow) D:\games\gtav\gta5.exe => No File
FirewallRules: [{4BCF3115-FB04-4749-8E51-8D042C9D5147}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
13-09-2023 17:33:18 Instalační služba modulů systému Windows
24-09-2023 16:19:59 Naplánovaný kontrolní bod
29-09-2023 18:08:11 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
01-10-2023 19:46:31 Nainstalováno rozhraní DirectX
08-10-2023 14:47:09 Removed Epic Online Services
==================== Faulty Device Manager Devices ============
Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: ========================
Application errors:
==================
Error: (09/27/2023 07:52:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program CoD_SP.exe verze 1.3.0.15989 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: c68
Čas spuštění: 01d9f16b4d9d73d4
Čas ukončení: 4294967295
Cesta k aplikaci: E:\Call of Duty WWII\CoD_SP.exe
ID hlášení: 56fca1e4-39f0-47cb-884c-247176824bf6
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Top level window is idle
Error: (09/27/2023 07:32:20 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (09/27/2023 07:31:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: s2_mp64_ship.exe, verze: 1.3.1.15989, časové razítko: 0x59fb233d
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x2070
Čas spuštění chybující aplikace: 0x01d9f16879a88363
Cesta k chybující aplikaci: E:\Call of Duty WWII\s2_mp64_ship.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 8a97fabe-f693-423a-824d-86afbbf9aa8f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (09/24/2023 04:33:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Widgets.exe, verze: 421.20070.1820.0, časové razítko: 0x64e54318
Název chybujícího modulu: ntdll.dll, verze: 10.0.22000.2360, časové razítko: 0xfaf833bc
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000000935cf
ID chybujícího procesu: 0x1254
Čas spuštění chybující aplikace: 0x01d9eeedadc8968b
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.23500.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: f24fcdb1-2444-45ca-90fb-68a37bf94cc1
Úplný název chybujícího balíčku: MicrosoftWindows.Client.WebExperience_423.23500.0.0_x64__cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: Widgets
Error: (09/24/2023 04:24:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RadeonSoftware.exe, verze: 10.1.2.1980, časové razítko: 0x64e7735e
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.22000.1, časové razítko: 0x00e78ce9
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007dd7e
ID chybujícího procesu: 0x22dc
Čas spuštění chybující aplikace: 0x01d9eeedb6fdbc5f
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
Cesta k chybujícímu modulu: C:\Windows\System32\ucrtbase.dll
ID zprávy: 1e7c2fe2-d7ac-4c70-9d20-9f37c08fb538
Úplný název chybujícího balíčku: AdvancedMicroDevicesInc-RSXCM_22.10.0.0_x64__fhmx3h6dzfmvj
ID aplikace související s chybujícím balíčkem: AMDRadeonSoftwareDesktop
Error: (09/09/2023 10:09:03 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program dllhost.exe verze 10.0.22000.1 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 808
Čas spuštění: 01d9e2e1ec0d687b
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\System32\dllhost.exe
ID hlášení: f9be1e98-0454-45bd-97f2-734b568ccfa5
Úplný název balíčku s chybou: AdvancedMicroDevicesInc-RSXCM_22.10.0.0_x64__fhmx3h6dzfmvj
ID aplikace relativní podle balíčku s chybou: AMDRadeonSoftwareDesktop
Typ zablokování: Quiesce
Error: (09/09/2023 07:36:22 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (09/09/2023 07:36:22 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
System errors:
=============
Error: (10/10/2023 06:55:57 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-R45PQ2U)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/10/2023 06:52:43 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-R45PQ2U)
Description: Služba DCOM zjistila chybu 1053 při pokusu o spuštění služby BcastDVRUserService_5c183 s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Media.Capture.Internal.AppCaptureShell
Error: (10/10/2023 06:52:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Uživatelská služba pro GameDVR a vysílání her_5c183 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (10/10/2023 06:52:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Uživatelská služba pro GameDVR a vysílání her_5c183 bylo dosaženo časového limitu (30000 ms).
Error: (10/08/2023 03:38:07 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-R45PQ2U)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/08/2023 02:05:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-R45PQ2U)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/08/2023 02:04:39 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{F588718D-9F79-40C9-A752-C210AD66DBD3}, protože jiný počítač v síti má stejný název. Server nelze spustit.
Error: (10/01/2023 06:31:37 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{69CD67AE-3379-4EF2-BA73-22B98EF0EABF}, protože jiný počítač v síti má stejný název. Server nelze spustit.
Windows Defender:
================
Date: 2023-09-09 10:07:07
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUABundler:Win32/CandyOpen
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\PDsystems\Downloads\InstallFreeRARExtractFrog.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-R45PQ2U\PDsystems
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.397.634.0, AS: 1.397.634.0, NIS: 1.397.634.0
Verze modulu: AM: 1.1.23080.2005, NIS: 1.1.23080.2005
Date: 2023-09-09 10:04:02
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUABundler:Win32/CandyOpen
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Program Files (x86)\Free RAR Extract Frog\FreeRARExtractFrog.exe; file:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free RAR Extract Frog\Free RAR Extract Frog.lnk; regkey:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Free RAR Extract Frog; startup:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free RAR Extract Frog\Free RAR Extract Frog.lnk; uninstall:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Free RAR Extract Frog
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-R45PQ2U\PDsystems
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.397.634.0, AS: 1.397.634.0, NIS: 1.397.634.0
Verze modulu: AM: 1.1.23080.2005, NIS: 1.1.23080.2005
Date: 2023-09-09 10:03:18
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUABundler:Win32/CandyOpen
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Program Files (x86)\Free RAR Extract Frog\FreeRARExtractFrog.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-R45PQ2U\PDsystems
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.397.634.0, AS: 1.397.634.0, NIS: 1.397.634.0
Verze modulu: AM: 1.1.23080.2005, NIS: 1.1.23080.2005
Date: 2023-09-09 07:48:35
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D3E73A28-338A-4159-A81C-651BEF7FABFF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-09-09 07:22:23
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DCB4C748-D45F-4627-8E8B-56E903A10BC7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\NETWORK SERVICE
Event[0]
Date: 2023-06-16 18:26:06
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.391.1318.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23050.3
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2023-05-07 12:11:32
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.389.448.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20300.3
Kód chyby: 0x8007045b
Popis chyby: Probíhá vypnutí systému.
Date: 2023-04-21 18:59:27
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.387.1781.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x80245001
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===============
Date: 2023-03-24 16:44:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\ProgramData\FPSMonitor\hooks\fps-mon64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 2.C0 04/20/2017
Motherboard: MSI H110M PRO-VH (MS-7996)
Processor: Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz
Percentage of memory in use: 21%
Total physical RAM: 16348.13 MB
Available physical RAM: 12786.69 MB
Total Virtual: 18780.13 MB
Available Virtual: 13867.13 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:222.93 GB) (Free:170.62 GB) (Model: ADATA SU630) NTFS
Drive d: (Nový svazek) (Fixed) (Total:465.15 GB) (Free:271.38 GB) (Model: ST500LM030-1RK17D) NTFS
\\?\Volume{d7e2f32c-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{8e9df733-1bb9-45b1-92bd-477e30e373e2}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{d7e2f32c-0000-0000-0000-90be37000000}\ () (Fixed) (Total:0.59 GB) (Free:0.08 GB) NTFS
\\?\Volume{c00a6c0c-82d0-495f-ac7e-2d4f8ae834d0}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: D7E2F32C)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=605 MB) - (Type=27)
==========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: B2FF0C8F)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu - PC koupeno na bazaru
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu - PC koupeno na bazaru
ahoj,
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>
Kód: Vybrat vše
Start
CloseProcesses:
S3 Rockstar Service; "C:\Program Files\Rockstar Games\Launcher\RockstarService.exe" [X]
S4 NVHDA; \SystemRoot\system32\drivers\nvhda64v.sys [X]
S4 nvlddmkm; \SystemRoot\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_50916785244854f2\nvlddmkm.sys [X]
FirewallRules: [TCP Query User{0B605D34-9ECE-4976-9E88-24781DC66D59}E:\hogwarts.legacy-full.game-cracked.by.empress\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Allow) E:\hogwarts.legacy-full.game-cracked.by.empress\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [UDP Query User{0756E076-67BC-4E6C-B756-7683697FB03F}E:\hogwarts.legacy-full.game-cracked.by.empress\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Allow) E:\hogwarts.legacy-full.game-cracked.by.empress\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [TCP Query User{AFF6FF1E-031F-40B0-80EC-396CC9E41C11}D:\hry\hogwarts.legacy-full.game-cracked.by.empress\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Allow) D:\hry\hogwarts.legacy-full.game-cracked.by.empress\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [UDP Query User{FFD51F36-6332-40A7-ACD6-449B77B0F031}D:\hry\hogwarts.legacy-full.game-cracked.by.empress\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Allow) D:\hry\hogwarts.legacy-full.game-cracked.by.empress\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [TCP Query User{DB5CE35C-40EF-4846-AA9E-12BCD0F88FDC}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [UDP Query User{2F519312-CED7-4B69-8B6E-BF48A9808174}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [TCP Query User{F0E18189-8BC2-4E97-98A2-99FC9947D35B}D:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) D:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [UDP Query User{C09D352B-C5C5-4516-97E9-00BDD9A3E830}D:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) D:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [TCP Query User{F58A9AA7-5BAB-434F-877B-840308B35400}E:\halo infinite\haloinfinite.exe] => (Allow) E:\halo infinite\haloinfinite.exe => No File
FirewallRules: [UDP Query User{0B277DB5-B87E-4D83-B8A0-C99171A70994}E:\halo infinite\haloinfinite.exe] => (Allow) E:\halo infinite\haloinfinite.exe => No File
FirewallRules: [TCP Query User{7C653A8B-4B09-4AF1-AF60-5DC1F259678C}E:\call of duty 4 - modern warfare\iw3mp.exe] => (Block) E:\call of duty 4 - modern warfare\iw3mp.exe => No File
FirewallRules: [UDP Query User{962E85D7-E354-4821-82EA-2DBE7B6069D7}E:\call of duty 4 - modern warfare\iw3mp.exe] => (Block) E:\call of duty 4 - modern warfare\iw3mp.exe => No File
FirewallRules: [TCP Query User{010E8607-631A-40D4-81A4-2832E6F1F7B2}D:\games\gtav\gta5.exe] => (Allow) D:\games\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{0D32153F-131D-4A65-A3CF-578D73E9F78C}D:\games\gtav\gta5.exe] => (Allow) D:\games\gtav\gta5.exe => No File
EmptyTemp:
Reboot:
End
•Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txtFRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
-
Kema
- Návštěvník
- Příspěvky: 152
- Registrován: 08 led 2005 18:15
- Bydliště: Bohosudov
- Kontaktovat uživatele:
Re: Prosím o kontrolu - PC koupeno na bazaru
Ahoj.
Díky za pomoc.
Už to ale nemohu udělat.
Já dnes dopoledne odvezl počítač vnučce.
Tak snad příležitostně až pojedu na návštěvu.
Hezký den a ještě jednou díky.
KEMA.
Díky za pomoc.
Už to ale nemohu udělat.
Já dnes dopoledne odvezl počítač vnučce.
Tak snad příležitostně až pojedu na návštěvu.
Hezký den a ještě jednou díky.
KEMA.
Re: Prosím o kontrolu - PC koupeno na bazaru
Za malo 
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?