VIRY.CZ

Dobrý den,
dnes jsem nějakým způsobem přišel o admin práva. Odinstalace, spravovat tento počítač... nic nemůžu. Dosud bez problémů. V safe mode vše funguje v pořádku, takže tipuju nějakou infekci. SpyBot a Malwarebytes něco našly a opravily ,ale problém přetrvává. Prosím tedy o kontrolu logu. Děkuju moc.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2020 01
Ran by syslao (administrator) on SYSLAO-PC (Gigabyte Technology Co., Ltd. P35-DS3) (15-05-2020 22:58:28)
Running from C:\Users\syslao\Desktop
Loaded Profiles: syslao
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [180736 2020-04-27] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [AsioThk32Reg] => REGSVR32.EXE /S CTASIO.DLL
HKLM-x32\...\Run: [AsioReg] => REGSVR32 /S CTASIO.DLL
HKU\S-1-5-21-2223748271-3078650066-3298653764-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-2223748271-3078650066-3298653764-1001\...\MountPoints2: E - E:\setup.exe
HKU\S-1-5-21-2223748271-3078650066-3298653764-1001\...\MountPoints2: G - G:\autorun.exe
HKU\S-1-5-21-2223748271-3078650066-3298653764-1001\...\MountPoints2: H - H:\setup.exe
HKU\S-1-5-21-2223748271-3078650066-3298653764-1001\...\MountPoints2: {447dd081-cc82-11e7-bd25-001d7d9f8c74} - G:\OriginSetup.exe
HKU\S-1-5-21-2223748271-3078650066-3298653764-1001\...\MountPoints2: {7247e3d2-75b7-11ea-9f62-001d7d9f8c74} - F:\setup.exe
HKU\S-1-5-21-2223748271-3078650066-3298653764-1001\...\MountPoints2: {d664a879-f3aa-11e7-81c3-001d7d9f8c74} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2223748271-3078650066-3298653764-1001\...\MountPoints2: {d664a88d-f3aa-11e7-81c3-001d7d9f8c74} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2223748271-3078650066-3298653764-1001\...\MountPoints2: {e41aad0a-704c-11ea-af9b-001d7d9f8c74} - E:\setup.exe
HKU\S-1-5-21-2223748271-3078650066-3298653764-1001\...\MountPoints2: {e53bca8c-79ba-11ea-b7f4-001d7d9f8c74} - H:\setup.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2017-11-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-08] (Google LLC -> Google LLC)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06DE9996-3E32-4EDF-84DF-D3504F314AFC} - System32\Tasks\{6CC024F3-9951-4886-A119-C929E7569CB5} => C:\Windows\system32\pcalua.exe -a "D:\Stahování\Batman Arkham - Knight\Batman_AK_CZ_V2.0.exe" -d "D:\Stahování\Batman Arkham - Knight"
Task: {0E5BE295-F5C3-496A-8313-CB924C81A568} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-04-21] (Advanced Micro Devices, Inc.) [File not signed]
Task: {0FD24616-7A80-4BEB-B4D8-6C294C3CB3F7} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-04-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {265D1E1F-FE7C-49A3-9596-1F2C4C9F9938} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {328B88CB-12AF-453B-99A1-49FB085C828A} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-04-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {41E926CA-0BF6-49E6-87D4-DDBB7623DA16} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-18] (Google Inc -> Google Inc.)
Task: {694365A3-66C3-4569-BD45-5F78B57E4412} - System32\Tasks\{421B3903-7C97-482B-ACAE-47C6F02BD2A6} => C:\Windows\system32\pcalua.exe -a "c:\Program Files\Zemana Antimalware\Uninstall.exe"
Task: {6EFBB742-0EF8-41B2-9487-1CB43362BA39} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-04-21] (Advanced Micro Devices, Inc.) [File not signed]
Task: {B49E35B9-2030-4F30-A9FE-60B8BB989490} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [1628160 2020-04-21] (Advanced Micro Devices, Inc.) [File not signed]
Task: {CC493EA8-BAC2-41F2-BB58-C508A414DD2A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
Task: {CDDEC93A-A97A-4627-ABC3-A02E8C653515} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [3676952 2013-08-21] (Piriform Ltd -> Piriform Ltd)
Task: {E0CD75F5-56D6-455E-882D-AB4D9EF0ACFB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {E2318BF0-4628-4530-96ED-9E50363AAC09} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-18] (Google Inc -> Google Inc.)
Task: {FB8AA67A-0694-4A78-9753-4B136D3BFE08} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GMHSkipUAC.job => D:\Stahování\Glarysoft Malware Hunter PRO v.1.97.0.686_Portable cz sk\App\GlarysoftMalwareHunter\MalwareHunter.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{AC8D30A5-CE9A-4405-97C0-6C23A3529BB8}: [DhcpNameServer] 62.129.50.20 85.135.32.100

Internet Explorer:
==================
HKU\S-1-5-21-2223748271-3078650066-3298653764-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2017-11-18] (Sun Microsystems, Inc.) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2017-11-18] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: a8a2883w.default
FF ProfilePath: C:\Users\syslao\AppData\Roaming\Mozilla\Firefox\Profiles\a8a2883w.default [2019-11-22]
FF Homepage: Mozilla\Firefox\Profiles\a8a2883w.default -> google.cz
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2017-11-18] (Sun Microsystems, Inc.) [File not signed]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2010-05-05] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2017-11-18] (Sun Microsystems, Inc.) [File not signed]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default [2020-05-15]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.cz/"
CHR Extension: (Překladač Google) - C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-20]
CHR Extension: (Prezentace) - C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-18]
CHR Extension: (Dokumenty) - C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-18]
CHR Extension: (Disk Google) - C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-18]
CHR Extension: (YouTube) - C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-18]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2018-09-11]
CHR Extension: (Tampermonkey) - C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-01-12]
CHR Extension: (Hudba Google Play) - C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2020-04-22]
CHR Extension: (Tabulky) - C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-20]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-04-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Gmail) - C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-26]
CHR Extension: (Chrome Media Router) - C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-22]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [515256 2020-04-21] (Advanced Micro Devices, Inc. -> AMD)
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [190464 2020-04-21] () [File not signed]
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7252656 2018-09-29] (BattlEye Innovations e.K. -> )
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2019-12-25] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369432 2015-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
S4 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2018-09-29] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2433232 2020-04-27] (ESET, spol. s r.o. -> ESET)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-05-15] (Malwarebytes Inc -> Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S2 AGMService; "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe" [X]
S2 AGSService; "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe" [X]
S4 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [28344 2020-04-21] (Advanced Micro Devices, Inc. -> )
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [65743544 2020-04-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [582840 2020-04-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 amsdk; C:\Windows\system32\drivers\amsdk.sys [232792 2020-05-15] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [105376 2019-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2020-03-27] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47160 2020-03-27] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtproscsibus; C:\Windows\System32\DRIVERS\dtproscsibus.sys [30352 2017-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149144 2020-04-27] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [189232 2020-04-27] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [113336 2020-04-27] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-05-15] (Malwarebytes Corporation -> Malwarebytes)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [214496 2020-05-15] (Malwarebytes Inc -> Malwarebytes)
S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [254520 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [187392 2009-06-10] (Microsoft Windows -> Realtek Corporation )
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2017-11-18] (Disc Soft Ltd -> Duplex Secure Ltd.)
S3 tesrsdt; C:\Windows\system32\drivers\tesrsdt.sys [432840 2019-10-09] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [545568 2019-10-09] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 cpuz145; \??\C:\Windows\temp\cpuz145\cpuz145_x64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-15 22:58 - 2020-05-15 22:59 - 000019599 _____ C:\Users\syslao\Desktop\FRST.txt
2020-05-15 22:57 - 2020-05-15 22:58 - 000000000 ____D C:\FRST
2020-05-15 22:55 - 2020-05-15 22:55 - 002286080 _____ (Farbar) C:\Users\syslao\Desktop\FRST64.exe
2020-05-15 22:36 - 2020-05-15 22:36 - 000000000 ____D C:\Users\syslao\AppData\Local\mbam
2020-05-15 22:35 - 2020-05-15 22:35 - 000214496 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-05-15 22:35 - 2020-05-15 22:35 - 000001960 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-05-15 22:35 - 2020-05-15 22:35 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-05-15 22:35 - 2020-05-15 22:35 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-05-15 22:35 - 2020-05-15 22:35 - 000000000 ____D C:\Users\syslao\AppData\Local\mbamtray
2020-05-15 22:35 - 2020-05-15 22:34 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-05-15 22:34 - 2020-05-15 22:34 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-05-15 22:34 - 2020-05-15 22:34 - 000000000 ____D C:\Program Files\Malwarebytes
2020-05-15 22:31 - 2020-05-15 22:31 - 001980016 _____ (Malwarebytes) C:\Users\syslao\Desktop\MBSetup.exe
2020-05-15 22:05 - 2020-05-15 22:05 - 000003100 _____ C:\Windows\system32\Tasks\{421B3903-7C97-482B-ACAE-47C6F02BD2A6}
2020-05-15 22:00 - 2020-05-15 22:59 - 000064578 _____ C:\Windows\ZAM.krnl.trace
2020-05-15 21:41 - 2020-05-15 21:42 - 000001928 _____ C:\Users\syslao\Desktop\Zemana AntiMalware.lnk
2020-05-15 21:41 - 2020-05-15 21:41 - 000001795 _____ C:\Users\syslao\AppData\Roaming\Microsoft\Windows\Start Menu\Zemana AntiMalware.lnk
2020-05-15 21:41 - 2020-05-15 21:41 - 000001749 _____ C:\Users\syslao\Desktop\Zemana Registr.lnk
2020-05-15 21:41 - 2020-05-15 21:41 - 000000000 ____D C:\Program Files\Zemana Antimalware
2020-05-15 21:39 - 2020-05-15 21:39 - 000000000 ___HD C:\$GlaryQuarantine
2020-05-15 21:05 - 2020-05-15 21:05 - 000000368 _____ C:\Windows\Tasks\GMHSkipUAC.job
2020-05-15 21:04 - 2020-05-15 21:42 - 000232792 _____ (Copyright 2018.) C:\Windows\system32\Drivers\amsdk.sys
2020-05-15 21:04 - 2020-05-15 21:42 - 000000000 ____D C:\Users\syslao\AppData\Local\AMSDK
2020-05-15 21:03 - 2020-05-15 21:03 - 000000000 ____D C:\Users\syslao\AppData\Local\Zemana
2020-05-15 20:30 - 2020-05-15 22:36 - 000131736 _____ C:\Windows\ntbtlog.txt
2020-05-15 20:26 - 2020-05-15 20:26 - 000058213 _____ C:\Users\syslao\Desktop\[CzT]Glarysoft_Malware_Hunter_PRO_v_1_97_0_686_Portable_2020_CZ_SK_.torrent
2020-05-15 20:23 - 2020-05-15 20:23 - 000020551 _____ C:\Users\syslao\Desktop\[CzT]Malwarebytes_Premium_v_3_8_3_2965_CZ_SK_.torrent
2020-05-15 20:19 - 2020-05-15 20:19 - 000008459 _____ C:\Users\syslao\Desktop\[SkT]Zemana_Antimalware_v.3.1.395_CZ_SK.torrent
2020-05-15 20:14 - 2020-05-15 20:14 - 000011095 _____ C:\Users\syslao\Desktop\[SkT]Zemana_AntiMalware_Premium_3.1.395_CZ SK HU_2019_FINAL!.torrent
2020-05-15 19:52 - 2020-05-15 19:52 - 000001294 _____ C:\Users\syslao\Desktop\Computer Management.download
2020-05-15 19:42 - 2020-05-15 19:42 - 000002255 _____ C:\Users\Administrator\Desktop\Google Chrome.lnk
2020-05-15 19:42 - 2020-05-15 19:42 - 000001413 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2020-05-15 19:42 - 2020-05-15 19:42 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2020-05-15 19:42 - 2020-05-15 19:42 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2020-05-15 19:40 - 2020-05-15 19:42 - 000000000 ____D C:\Users\Administrator
2020-05-15 19:40 - 2020-05-15 19:40 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2020-05-15 19:40 - 2009-07-14 09:45 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Media Center Programs
2020-05-15 18:59 - 2020-05-15 18:59 - 000000000 ____D C:\Users\syslao\Desktop\sysel
2020-05-15 18:57 - 2020-05-15 18:57 - 000002259 _____ C:\Users\sysel\Desktop\Google Chrome.lnk
2020-05-15 18:57 - 2020-05-15 18:57 - 000001417 _____ C:\Users\sysel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2020-05-15 18:57 - 2020-05-15 18:57 - 000000000 ____D C:\Users\sysel\AppData\Roaming\Adobe
2020-05-15 18:57 - 2020-05-15 18:57 - 000000000 ____D C:\Users\sysel\AppData\Local\Google
2020-05-15 18:54 - 2020-05-15 18:59 - 000000000 ____D C:\Users\sysel
2020-05-15 18:54 - 2020-05-15 18:54 - 000000020 ___SH C:\Users\sysel\ntuser.ini
2020-05-15 18:54 - 2009-07-14 09:45 - 000000000 ____D C:\Users\sysel\AppData\Roaming\Media Center Programs
2020-05-15 18:37 - 2020-05-15 18:37 - 000069185 _____ C:\Users\syslao\Downloads\[CzT]Foundation_Alpha_v_1_5_11_0203_35879_2019_CZ_.torrent
2020-05-15 17:52 - 2020-05-15 22:43 - 000003106 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2020-05-14 21:04 - 2020-05-14 21:04 - 000000000 ____D C:\Users\syslao\Documents\Polymorph Games
2020-05-14 17:45 - 2020-05-14 17:45 - 000039009 _____ C:\Users\syslao\Downloads\[CzT]Foundation_v_1_5_9_2019_CZ_.torrent
2020-05-13 18:23 - 2020-05-13 18:23 - 000115610 _____ C:\Users\syslao\Downloads\[CzT]Native_Instrument_Guitar_Rig_Pro_v_5_1_1 (2).torrent
2020-05-10 16:13 - 2020-05-10 16:13 - 000000000 ____D C:\Users\syslao\AppData\Local\Ubisoft Game Launcher
2020-05-10 16:08 - 2020-05-10 16:08 - 000000000 ____D C:\Windows\SysWOW64\directx
2020-05-08 20:39 - 2020-05-08 20:39 - 000000000 ____D C:\Users\syslao\AppData\Local\Saber
2020-05-08 20:39 - 2020-05-08 20:39 - 000000000 ____D C:\Users\Public\Documents\Epic
2020-05-08 20:39 - 2020-05-08 20:39 - 000000000 ____D C:\ProgramData\Documents\Epic
2020-05-08 19:05 - 2020-05-08 19:06 - 000345566 _____ C:\Users\syslao\Downloads\Assassin's_Creed__Odyssey_–_Deluxe_Edition_v1.0.6_ _3_DLCs_(2018)(CZ)[FitGirl_Repack].torrent
2020-05-08 18:35 - 2020-05-08 18:35 - 000106769 _____ C:\Users\syslao\Downloads\[CzT]Snowrunner_2020_CZ_.torrent
2020-05-08 18:13 - 2020-05-08 18:13 - 000000000 ____D C:\Users\syslao\AppData\Local\ATI
2020-05-08 18:12 - 2020-05-08 18:12 - 000000000 ____D C:\Users\syslao\AppData\Local\cache
2020-05-08 17:59 - 2020-05-15 22:43 - 000003116 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2020-05-08 17:50 - 2020-05-08 17:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2020-05-08 17:42 - 2020-04-21 23:27 - 062858424 _____ C:\Windows\system32\amd_comgr.dll
2020-05-08 17:42 - 2020-04-21 23:27 - 052394168 _____ C:\Windows\SysWOW64\amd_comgr32.dll
2020-05-08 17:42 - 2020-04-21 23:11 - 000335544 _____ C:\Windows\system32\clinfo.exe
2020-05-08 17:42 - 2020-04-21 23:11 - 000126136 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2020-05-08 17:42 - 2020-04-21 23:11 - 000112312 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2020-05-08 17:42 - 2020-04-21 23:10 - 079081656 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2020-05-08 17:42 - 2020-04-21 23:10 - 065465016 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2020-05-08 17:42 - 2020-04-21 23:10 - 026733752 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2020-05-08 17:42 - 2020-04-21 23:10 - 021286072 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2020-05-08 17:42 - 2020-04-21 23:09 - 078642360 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdhip64.dll
2020-05-08 17:42 - 2020-04-21 23:02 - 001565744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 034385080 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 029762744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 021826024 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 013731296 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 013041184 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 001076712 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 001076712 _____ C:\Windows\system32\vulkan-1.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000935560 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000935560 _____ C:\Windows\SysWOW64\vulkan-1.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000932536 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000759992 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000565432 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000476344 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000350392 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2020-05-08 17:42 - 2020-04-21 23:01 - 000175288 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000162920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amduve64.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000153784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000144056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000139224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amduve32.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000129208 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000118264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000118264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000097616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000097616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000068792 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2020-05-08 17:42 - 2020-04-21 23:01 - 000038072 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000035000 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2020-05-08 17:42 - 2020-04-21 23:00 - 065743544 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2020-05-08 17:42 - 2020-04-21 23:00 - 041844408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxn64.dll
2020-05-08 17:42 - 2020-04-21 23:00 - 037141688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxn32.dll
2020-05-08 17:42 - 2020-04-21 23:00 - 001775288 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2020-05-08 17:42 - 2020-04-21 23:00 - 001775288 _____ C:\Windows\system32\vulkaninfo.exe
2020-05-08 17:42 - 2020-04-21 23:00 - 001365688 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-05-08 17:42 - 2020-04-21 23:00 - 001365688 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2020-05-08 17:42 - 2020-04-21 23:00 - 000150200 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2020-05-08 17:42 - 2020-04-21 23:00 - 000127160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2020-05-08 17:42 - 2020-04-21 23:00 - 000124432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2020-05-08 17:42 - 2020-04-21 23:00 - 000109488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2020-05-08 17:42 - 2020-04-21 23:00 - 000061624 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2020-05-08 17:42 - 2020-04-21 22:59 - 024173752 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk64.dll
2020-05-08 17:42 - 2020-04-21 22:59 - 020606648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk32.dll
2020-05-08 17:42 - 2020-04-21 22:59 - 000140472 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2020-05-08 17:42 - 2020-04-21 22:59 - 000118456 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2020-05-08 17:42 - 2020-04-21 22:58 - 001584824 _____ (AMD) C:\Windows\system32\coinst_19.50.dll
2020-05-08 17:42 - 2020-04-21 22:57 - 004576440 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2020-05-08 17:42 - 2020-04-21 22:57 - 004085944 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2020-05-08 17:42 - 2020-04-21 22:57 - 000544952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2020-05-08 17:42 - 2020-04-21 22:57 - 000374968 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2020-05-08 17:42 - 2020-04-21 22:52 - 041540280 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2020-05-08 17:42 - 2020-04-21 22:48 - 000188664 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
2020-05-08 17:42 - 2020-04-21 22:48 - 000158264 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll
2020-05-08 17:42 - 2020-04-21 22:48 - 000011136 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2020-05-08 17:42 - 2020-04-21 22:47 - 013037576 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2020-05-08 17:42 - 2020-04-21 22:47 - 010363144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2020-05-08 17:42 - 2020-04-21 22:47 - 000582840 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2020-05-08 17:42 - 2020-04-21 22:47 - 000515256 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2020-05-08 17:42 - 2020-04-21 22:47 - 000504504 _____ (AMD) C:\Windows\system32\atitmm64.dll
2020-05-08 17:42 - 2020-04-21 22:47 - 000484536 _____ C:\Windows\system32\dgtrayicon.exe
2020-05-08 17:42 - 2020-04-21 22:47 - 000482488 _____ C:\Windows\system32\GameManager64.dll
2020-05-08 17:42 - 2020-04-21 22:47 - 000365240 _____ C:\Windows\SysWOW64\GameManager32.dll
2020-05-08 17:42 - 2020-04-21 22:47 - 000199864 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2020-05-08 17:42 - 2020-04-21 22:47 - 000193936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2020-05-08 17:42 - 2020-04-21 22:47 - 000176432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2020-05-08 17:42 - 2020-04-21 22:47 - 000156880 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2020-05-08 17:42 - 2020-04-21 22:47 - 000136888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2020-05-08 17:42 - 2020-04-21 22:47 - 000136888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2020-05-08 17:42 - 2020-04-21 22:47 - 000127160 _____ (AMD) C:\Windows\system32\atimuixx.dll
2020-05-08 17:42 - 2020-04-21 22:47 - 000011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2020-05-08 17:42 - 2020-04-21 22:46 - 030992056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll
2020-05-08 17:42 - 2020-04-21 22:46 - 026967224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll
2020-05-08 17:42 - 2020-04-21 22:46 - 001234104 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2020-05-08 17:42 - 2020-04-21 22:46 - 001234104 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2020-05-08 17:42 - 2020-04-21 22:46 - 000751800 _____ (AMD) C:\Windows\system32\atieclxx.exe
2020-05-08 17:42 - 2020-04-21 22:46 - 000475320 _____ C:\Windows\system32\amdgfxinfo64.dll
2020-05-08 17:42 - 2020-04-21 22:46 - 000459960 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2020-05-08 17:42 - 2020-04-21 22:46 - 000457912 _____ C:\Windows\system32\amdlogum.exe
2020-05-08 17:42 - 2020-04-21 22:46 - 000442552 _____ C:\Windows\system32\atieah64.exe
2020-05-08 17:42 - 2020-04-21 22:46 - 000364728 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2020-05-08 17:42 - 2020-04-21 22:46 - 000336568 _____ C:\Windows\SysWOW64\atieah32.exe
2020-05-08 17:42 - 2020-04-21 22:46 - 000028344 _____ C:\Windows\system32\Drivers\amdacpksd.sys
2020-05-08 17:42 - 2020-04-21 22:42 - 003471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2020-05-08 17:42 - 2020-04-21 22:42 - 003437632 _____ C:\Windows\system32\atiumd6a.cap
2020-05-08 17:42 - 2020-04-21 22:32 - 000543168 _____ C:\Windows\SysWOW64\atiapfxx.blb
2020-05-08 17:42 - 2020-04-21 22:32 - 000543168 _____ C:\Windows\system32\atiapfxx.blb
2020-05-08 17:42 - 2020-03-06 21:57 - 000458368 _____ C:\Windows\system32\ativvaxy_nv.dat
2020-05-08 17:42 - 2020-02-26 08:40 - 001156061 _____ C:\Windows\system32\amdicdxx.dat
2020-05-08 17:42 - 2020-02-20 18:34 - 000000703 _____ C:\Windows\SysWOW64\amd-vulkan32.json
2020-05-08 17:42 - 2020-02-20 18:34 - 000000703 _____ C:\Windows\system32\amd-vulkan64.json
2020-05-08 17:42 - 2019-11-29 22:03 - 000356992 _____ C:\Windows\system32\ativvaxy_rv.dat
2020-05-08 17:42 - 2019-10-28 16:52 - 000281101 _____ C:\Windows\system32\amdefctb.dat
2020-05-08 17:42 - 2019-10-25 20:23 - 000375968 _____ C:\Windows\system32\ativvaxy_el_nd.dat
2020-05-08 17:42 - 2019-10-18 15:56 - 000278560 _____ C:\Windows\system32\ativvaxy_stn_nd.dat
2020-05-08 17:42 - 2019-10-18 15:56 - 000272928 _____ C:\Windows\system32\ativvaxy_cz_nd.dat
2020-05-08 17:42 - 2019-10-17 21:30 - 000383264 _____ C:\Windows\system32\ativvaxy_vg20_nd.dat
2020-05-08 17:42 - 2019-10-17 20:52 - 000380448 _____ C:\Windows\system32\ativvaxy_gl_nd.dat
2020-05-08 17:42 - 2019-08-19 20:06 - 000125488 _____ C:\Windows\system32\kapp_ci.sbin
2020-05-08 17:42 - 2019-07-24 07:53 - 000113288 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2020-05-08 17:42 - 2019-07-24 07:53 - 000105376 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys
2020-05-08 17:42 - 2019-07-16 21:58 - 000069770 _____ C:\Windows\system32\AMDKernelEvents.man
2020-05-08 17:42 - 2019-06-27 15:56 - 000173344 _____ C:\Windows\system32\amde40a.dat
2020-05-08 17:42 - 2019-06-21 20:44 - 000268244 _____ C:\Windows\system32\ativvaxy_FJ.dat
2020-05-08 17:42 - 2019-06-21 20:44 - 000267984 _____ C:\Windows\system32\ativvaxy_FJ_nd.dat
2020-05-08 17:42 - 2019-02-26 00:15 - 000166624 _____ C:\Windows\system32\amde34b.dat
2020-05-08 17:42 - 2019-02-26 00:14 - 000166624 _____ C:\Windows\system32\amde34a.dat
2020-05-08 17:42 - 2019-02-12 19:49 - 000324928 _____ C:\Windows\system32\ativvaxy_vi_nd.dat
2020-05-08 17:42 - 2019-02-12 19:48 - 000325188 _____ C:\Windows\system32\ativvaxy_vi.dat
2020-05-08 17:42 - 2019-02-12 19:47 - 000234676 _____ C:\Windows\system32\ativvaxy_cik.dat
2020-05-08 17:42 - 2019-02-12 19:47 - 000234416 _____ C:\Windows\system32\ativvaxy_cik_nd.dat
2020-05-08 17:39 - 2020-05-08 17:39 - 040550000 _____ (AMD Inc.) C:\Users\syslao\Downloads\radeon-software-adrenalin-2020-20.4.2-minimalsetup-200423_64bit.exe
2020-05-08 17:39 - 2020-05-08 17:39 - 000000000 ____D C:\ProgramData\AMD
2020-05-08 16:55 - 2020-05-08 19:07 - 000000000 ____D C:\Program Files (x86)\Assassin's Creed Origins
2020-05-08 11:57 - 2020-05-08 11:57 - 004510099 _____ C:\Users\syslao\Downloads\[CzT]Assassin_s_Creed_Origins_2017_CZ_.torrent
2020-04-29 12:34 - 2020-04-29 12:34 - 000160935 _____ C:\Users\syslao\Downloads\[SkT]Assassin's_Creed__Odyssey_(2018)(CZ) (1).torrent
2020-04-29 12:29 - 2020-04-29 12:29 - 000160935 _____ C:\Users\syslao\Downloads\[SkT]Assassin's_Creed__Odyssey_(2018)(CZ).torrent
2020-04-29 12:19 - 2020-04-29 12:19 - 005131140 _____ C:\Users\syslao\Downloads\[CzT]Assassin_s_Creed_Odyssey_v_1_0_6_2018_CZ_.torrent
2020-04-27 15:43 - 2020-04-27 15:43 - 000057449 _____ C:\Windows\system32\NOTICE_mod
2020-04-27 14:25 - 2020-04-27 14:25 - 000000000 ____D C:\Users\syslao\AppData\Local\Setup Integrity Check
2020-04-22 18:33 - 2020-04-22 18:33 - 000064727 _____ C:\Users\syslao\Downloads\[CzT]Assassin_s_Creed_IV_Black_Flag_Freedom_Cry_DLC_2013_CZ_EN_.torrent
2020-04-22 12:13 - 2020-04-22 12:13 - 000015516 _____ C:\Users\syslao\Downloads\[CzT]Dcera_carodejky_Hadi_dar_Skammerens_datter_II_Slangens_gave_2019_CZ_.torrent
2020-04-22 12:11 - 2020-04-22 12:11 - 000016074 _____ C:\Users\syslao\Downloads\[CzT]Snezny_kluk_Abominable_2019_CZ_.torrent
2020-04-22 12:10 - 2020-04-22 12:10 - 000016939 _____ C:\Users\syslao\Downloads\[CzT]Jezek_Sonic_Sonic_the_Hedgehog_2020_CZ_WebRip_.torrent
2020-04-22 09:50 - 2020-04-22 09:50 - 000012122 _____ C:\Users\syslao\Downloads\[SkT]Zrcadleni_tmy_(2020)(CZ)[WebRip][720p]_=_CSFD_70%.torrent
2020-04-17 20:32 - 2020-04-17 20:32 - 000000000 ____D C:\ProgramData\Ubisoft
2020-04-17 18:18 - 2020-04-17 18:18 - 000014108 _____ C:\Users\syslao\Downloads\[CzT]Assassin_s_Creed_II_Assassin_s_Creed_2_CZ_v1_01_.torrent
2020-04-16 16:42 - 2020-04-16 16:43 - 000000000 ____D C:\Users\syslao\Documents\Witcher 2
2020-04-16 16:42 - 2020-04-16 16:42 - 000000000 ____D C:\Users\syslao\AppData\Local\The Witcher 2
2020-04-16 16:09 - 2020-04-17 19:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 2 (CZ)
2020-04-16 14:35 - 2020-04-16 14:35 - 000039618 _____ C:\Users\syslao\Downloads\[CzT]Zaklinac_2_Vrahove_Kralu_Rozsirena_Edice_The_Witcher_2_Assassins_of_Kings_Enchanced_Edition_CZ_.torrent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-15 22:51 - 2009-07-14 06:45 - 000020704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-05-15 22:51 - 2009-07-14 06:45 - 000020704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-05-15 22:42 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-05-15 22:32 - 2017-11-18 20:36 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2020-05-15 21:55 - 2017-12-30 15:45 - 000000000 ____D C:\games
2020-05-15 21:39 - 2019-03-04 22:39 - 000000000 ____D C:\Users\syslao\Downloads\Paint Shop Pro 7.0
2020-05-15 20:29 - 2017-11-18 19:57 - 000000000 ____D C:\Users\syslao\AppData\Roaming\uTorrent
2020-05-15 19:42 - 2009-07-14 06:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2020-05-08 20:39 - 2019-06-14 19:34 - 000000000 ____D C:\Users\syslao\Documents\My Games
2020-05-08 18:11 - 2019-02-26 18:24 - 000000000 ____D C:\Users\syslao\AppData\Local\AMD
2020-05-08 17:50 - 2019-02-26 18:05 - 000003146 _____ C:\Windows\system32\Tasks\StartCN
2020-05-08 17:50 - 2019-02-26 18:05 - 000003066 _____ C:\Windows\system32\Tasks\StartDVR
2020-05-08 17:50 - 2017-11-18 20:10 - 000000000 ____D C:\Program Files\AMD
2020-05-08 17:48 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-05-08 17:39 - 2019-02-25 22:28 - 000000000 ____D C:\AMD
2020-05-08 11:50 - 2017-11-18 15:14 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-07 22:38 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2020-04-29 12:18 - 2020-04-04 14:16 - 000000000 ____D C:\Program Files (x86)\Batman Arkham Knight
2020-04-27 15:43 - 2017-08-27 12:07 - 000113336 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2020-04-27 15:43 - 2017-08-10 17:49 - 000189232 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2020-04-27 15:43 - 2017-08-10 17:49 - 000149144 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2020-04-27 14:22 - 2019-12-22 22:01 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2020-04-21 23:02 - 2019-02-20 22:35 - 026035128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2020-04-21 23:02 - 2019-02-20 22:35 - 001919600 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2020-04-21 22:52 - 2019-02-20 22:39 - 049841848 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2020-04-21 22:47 - 2019-02-21 01:53 - 000211464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2020-04-21 22:47 - 2019-02-21 01:52 - 000232632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2020-04-21 22:47 - 2019-02-21 01:52 - 000161464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2020-04-21 22:46 - 2019-02-21 01:52 - 001721528 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2020-04-17 20:32 - 2019-06-22 12:51 - 000000000 ____D C:\Users\syslao\AppData\Roaming\Ubisoft
2020-04-17 20:09 - 2019-12-25 12:03 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-04-16 15:47 - 2019-04-02 17:57 - 000000000 ____D C:\Users\syslao\AppData\Local\ElevatedDiagnostics
2020-04-16 14:36 - 2020-04-03 19:14 - 000000000 ____D C:\Program Files (x86)\Call of Duty 4 - Modern Warfare

==================== Files in the root of some directories ========

2019-12-05 22:15 - 2019-12-05 22:15 - 000000000 _____ () C:\Users\syslao\AppData\Local\oobelibMkey.log
2019-11-23 23:39 - 2019-12-08 15:21 - 000007607 _____ () C:\Users\syslao\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

ATTENTION: ==> Could not access BCD. -> 0

LastRegBack: 2020-05-07 20:57
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-05-2020 01
Ran by syslao (15-05-2020 22:59:47)
Running from C:\Users\syslao\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2017-11-18 13:10:09)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2223748271-3078650066-3298653764-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-2223748271-3078650066-3298653764-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2223748271-3078650066-3298653764-1002 - Limited - Enabled)
syslao (S-1-5-21-2223748271-3078650066-3298653764-1001 - Administrator - Enabled) => C:\Users\syslao

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
ACP Application (HKLM\...\{6F0FE248-D39D-4150-918F-E76C9E9F5943}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{148D9D03-5D23-4D4F-B5D0-BA6030C45DCF}) (Version: 10.1.102.64 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\{9ECF7817-DB11-4FBA-9DF1-296A578D513A}) (Version: 11.5.7.609 - Adobe Systems, Inc)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.4.2 - Advanced Micro Devices, Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.71.1081 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 4.05 - Piriform)
Creative Audio Console (HKLM-x32\...\AudioCS) (Version: 1.33 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0112 - Disc Soft Ltd)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Security (HKLM\...\{179752EE-BE61-41C4-909A-D4AAC9CF23FD}) (Version: 12.2.31.0 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.138 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Java(TM) 6 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416021FF}) (Version: 6.0.210 - Oracle)
Java(TM) 6 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216021FF}) (Version: 6.0.210 - Oracle)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
MAGIX Content and Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: - Native Instruments)
Native Instruments Guitar Rig Mobile I/O (HKLM-x32\...\Native Instruments Guitar Rig Mobile I/O) (Version: - Native Instruments)
Native Instruments Guitar Rig Session I/O (HKLM-x32\...\Native Instruments Guitar Rig Session I/O) (Version: - Native Instruments)
Native Instruments Rig Kontrol 3 (HKLM-x32\...\Native Instruments Rig Kontrol 3) (Version: - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
OCCT 4.5.1 (HKLM-x32\...\OCCT) (Version: 4.5.1 - Ocbase.com)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Paint Shop Pro 7 Evaluation (HKLM-x32\...\{D6DE02C7-1F47-11D4-9515-00105AE4B89A}) (Version: 7.0.0.0000 - Jasc Software Inc)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6650 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Rocksmith 2014 (HKLM-x32\...\Rocksmith 20141.3) (Version: 1.3 - Ubisoft)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Sims 4 v.1.58.63.1010 (HKLM-x32\...\The Sims 4_is1) (Version: - )
Update for Skype for Business 2016 (KB3127939) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{0E31A60F-4066-4FD8-AB36-4119E0FED3D9}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3127939) 64-Bit Edition (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}_Office16.PROPLUS_{0E31A60F-4066-4FD8-AB36-4119E0FED3D9}) (Version: - Microsoft)
Vita 2 common (HKLM\...\{C7B5259E-11DC-4B21-BBDD-DDAAA88C1F36}) (Version: 2.4.0.96 - MAGIX Software GmbH) Hidden
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Zemana Antimalware v.3.1.395 CZ_SK (HKLM-x32\...\Zemana Antimalware v.3.1.395 CZ_SK) (Version: v.3.1.395 CZ_SK - Libbi)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-04-27] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-04-27] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-15] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-04-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-04-27] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-15] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\syslao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Hudba Google Play.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=fahmaaghhglfmonjliepjlchgpgfmobi
ShortcutWithArgument: C:\Users\syslao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl

==================== Loaded Modules (Whitelisted) =============

2020-03-02 18:11 - 2020-03-02 18:11 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-02-08 13:38 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000519168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 001431040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-04-21 16:43 - 2020-04-21 16:43 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 001083904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000287232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000329216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000312320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-04-21 16:43 - 2020-04-21 16:43 - 000085504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [478]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-11-22 23:19 - 000001094 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 genuine.adobe.com
127.0.0.1 prod.adobegenuine.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
HKU\S-1-5-21-2223748271-3078650066-3298653764-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\syslao\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2223748271-3078650066-3298653764-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05152020224329446\Control Panel\Desktop\\Wallpaper -> C:\Users\sysel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdvancedSystemCareService13 => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Disc Soft Pro Bus Service => 3
MSCONFIG\Services: EasyAntiCheat => 3
MSCONFIG\Services: FirebirdServerMAGIXInstance => 3
MSCONFIG\Services: HuaweiHiSuiteService64.exe => 2
MSCONFIG\startupreg: AdobeGCInvoker-1.0 => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
MSCONFIG\startupreg: CTHelper => CTHELPER.EXE
MSCONFIG\startupreg: GoogleChromeAutoLaunch_7F0F7518B55C87D0C1D924D7FA29EBC0 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
MSCONFIG\startupreg: MalTray => D:\Stahování\Glarysoft Malware Hunter PRO v.1.97.0.686_Portable cz sk\App\GlarysoftMalwareHunter\mhtray.exe /autorun
MSCONFIG\startupreg: mncxbiumpSrv => C:\Windows\inf\mncxbiump.vbe
MSCONFIG\startupreg: MSStp => C:\Windows\system32\msstp.vbe

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{22C61BCF-B1BD-48A2-A199-B61989592536}C:\users\syslao\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\syslao\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{CE4476D5-5202-45E1-89D8-C9446BA7EE0C}C:\users\syslao\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\syslao\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{87A62855-6AB6-42C0-97B2-305425A912FB}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{00D7EEC8-49FF-40A0-ABBA-06E2E8CA9450}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FF169246-6BE8-47D6-96BA-90117E88E6DE}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{149B3D29-0255-4AE6-9BE4-9DD0B3ED9CE4}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FE16CCC1-7084-4EA2-9E30-304355FC55AC}] => (Allow) C:\Users\syslao\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{37C80491-5AB1-4A75-A3B8-6CF017ABD43C}] => (Allow) C:\Users\syslao\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{E231FF84-A57E-4E39-8DBF-53871FF4EC79}C:\games\the sims 4\game\bin\ts4_x64.exe] => (Block) C:\games\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{C541991F-890E-46CF-824E-7C5EE04B0885}C:\games\the sims 4\game\bin\ts4_x64.exe] => (Block) C:\games\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{62B0A97E-C384-40A4-90E0-50CE74D4636C}] => (Allow) C:\Users\syslao\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{855F70E3-7185-46FD-B67D-E24C36F3C59E}] => (Allow) C:\Users\syslao\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{D3E1D566-8DEF-4E45-9782-8D5B6C6165B5}] => (Allow) C:\Users\syslao\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{07EE83C4-6112-4CBC-B247-B8149C56F742}] => (Allow) C:\Users\syslao\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [TCP Query User{0E80910A-6E7C-40AA-B68A-C13A2DB10FB4}C:\hry\far cry 4\bin\farcry4.exe] => (Block) C:\hry\far cry 4\bin\farcry4.exe => No File
FirewallRules: [UDP Query User{3CD674CC-DFB7-41A0-BD43-ADF113F8D88A}C:\hry\far cry 4\bin\farcry4.exe] => (Block) C:\hry\far cry 4\bin\farcry4.exe => No File
FirewallRules: [TCP Query User{2CB67BD9-BF4F-4197-8E91-FD736EE42FC1}C:\program files (x86)\the witcher 2 (cz)\bin\witcher2.exe] => (Block) C:\program files (x86)\the witcher 2 (cz)\bin\witcher2.exe => No File
FirewallRules: [UDP Query User{18E8F5B3-8156-4F34-9CA2-60FCFC06F301}C:\program files (x86)\the witcher 2 (cz)\bin\witcher2.exe] => (Block) C:\program files (x86)\the witcher 2 (cz)\bin\witcher2.exe => No File
FirewallRules: [TCP Query User{35FAC8C1-90A9-4704-A4BD-6935C3ACE253}C:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe] => (Block) C:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe => No File
FirewallRules: [UDP Query User{79E3267A-126A-4D72-BC11-05879D49407B}C:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe] => (Block) C:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe => No File
FirewallRules: [{D6AF88CF-3110-4F5D-B787-31B9FD338D69}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

Check "VSS" service

==================== Faulty Device Manager Devices ============

Name: AMD Log Utility Driver
Description: AMD Log Utility Driver
Class Guid:
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: ========================

Application errors:
==================
Error: (05/15/2020 09:55:50 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Users\syslao\AppData\Local\Temp\{916E96DD-B44C-4E1F-A314-0B4089733F2C}\setup.exe -runfromtemp -l0x0409 -removeonly -media_path:"C:\Program Files (x86)\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\" -tempdisk1folder:"C:\Users\syslao\AppData\Local\Temp\{916E96DD-B44C-4E1F-A314-0B4089733F2C}\"; Popis = Removed Ubisoft Game Launcher; Chyba = 0x8007043c).

Error: (05/15/2020 07:17:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program TS4_x64.exe verze 1.58.63.1010 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 108c

Čas spuštění: 01d62adc14b911ee

Čas ukončení: 15

Cesta k aplikaci: C:\games\The Sims 4\Game\Bin\TS4_x64.exe

ID hlášení:

Error: (05/15/2020 06:52:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SDFiles.exe, verze: 1.6.1.7, časové razítko: 0x2a425e19
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.23391, časové razítko: 0x56e9a73c
Kód výjimky: 0x0eedfade
Posun chyby: 0x0000c54f
ID chybujícího procesu: 0xaac
Čas spuštění chybující aplikace: 0x01d62ad927abe2e7
Cesta k chybující aplikaci: C:\Users\syslao\Desktop\SpyBot Search & Destroy 1.6.2.46 DC 13.01.2016 Portable\SDFiles.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll
ID zprávy: 65b65640-96cc-11ea-9239-001d7d9f8c74

Error: (05/15/2020 06:31:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SDFiles.exe, verze: 1.6.1.7, časové razítko: 0x2a425e19
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.23391, časové razítko: 0x56e9a73c
Kód výjimky: 0x0eedfade
Posun chyby: 0x0000c54f
ID chybujícího procesu: 0x12b4
Čas spuštění chybující aplikace: 0x01d62ad6421891c5
Cesta k chybující aplikaci: C:\Users\syslao\Desktop\SpyBot Search & Destroy 1.6.2.46 DC 13.01.2016 Portable\SDFiles.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll
ID zprávy: 801940fa-96c9-11ea-9239-001d7d9f8c74

Error: (05/15/2020 06:01:37 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/14/2020 05:37:32 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/13/2020 06:29:12 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/11/2020 06:45:44 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

System errors:
=============
Error: (05/15/2020 10:50:20 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (05/15/2020 10:50:20 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (05/15/2020 10:45:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Peer Name Resolution Protocol byla ukončena s následující chybou:
%%-2140993535

Error: (05/15/2020 10:45:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Peer Networking Grouping závisí na službě Peer Name Resolution Protocol, která neuspěla při spuštění v důsledku následující chyby:
%%-2140993535

Error: (05/15/2020 10:45:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Peer Name Resolution Protocol byla ukončena s následující chybou:
%%-2140993535

Error: (05/15/2020 10:45:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Peer Networking Grouping závisí na službě Peer Name Resolution Protocol, která neuspěla při spuštění v důsledku následující chyby:
%%-2140993535

Error: (05/15/2020 10:45:36 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: Protokol PNRP (Peer Name Resolution Protocol) nebylo možné spustit, protože se nezdařilo vytvoření nové identity. Kód chyby: 0x80630801.

Error: (05/15/2020 10:45:36 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: Protokol PNRP (Peer Name Resolution Protocol) nebylo možné spustit, protože se nezdařilo vytvoření nové identity. Kód chyby: 0x80630801.

==================== Memory info ===========================

BIOS: Award Software International, Inc. F14 06/18/2009
Motherboard: Gigabyte Technology Co., Ltd. P35-DS3
Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Percentage of memory in use: 54%
Total physical RAM: 7166.49 MB
Available physical RAM: 3246.75 MB
Total Virtual: 14331.17 MB
Available Virtual: 8942.7 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:105.24 GB) NTFS
Drive d: (Data) (Fixed) (Total:232.88 GB) (Free:91.1 GB) NTFS
Drive e: (SnowRunner) (CDROM) (Total:10.39 GB) (Free:0 GB) UDF

\\?\Volume{dc012002-cc5c-11e7-b570-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 8E71E94C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 081E081D)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Ahoj

Zobrazuje sa aj nejaka chybova hlaska pri pokuse o administratorsku akciu?

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

Uloz na plochu a ukonci vsetky programy
Spusti AdwCleaner ako spravca
Odsuhlas licencne podmienky
Klikni na Spustit skenovani a pockaj na dokoncenie
V pripade nalezov nechaj vsetky nalezy oznacene a klikni na Karantena (ak nie su ziadne nalezy, tak na Spustit zakladni opravu)
V pripade, ze sa detekuje aj "predinstalovany software", tieto programy mozes, ale nemusis zmazat (toto nie su skodlive programy, ale iba zbytocnosti)
Potvrd vyzvu, pockaj na dokoncenie a potvrd restartovanie PC
Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
Otvori sa log, jeho obsah skopiruj a vloz do dalsej odpovede

: Image1.jpg (21.36 KiB) Zobrazeno 1057 x

Chybové hlášky jsou. Někdy hláška a někdy se prostě nestane nic a system nereaguje . Třeba log nešel zobrazit a odkaz na AdwCleaner byl zablokován Nodem32.
Téměř vše musím dělat v safe mode.

díky moc

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-05-13.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-16-2020
# Duration: 00:00:03
# OS: Windows 7 Ultimate
# Cleaned: 22
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\ProgramData\Tencent
Deleted C:\Users\syslao\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\syslao\AppData\Local\Tencent
Deleted C:\Users\syslao\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Users\syslao\AppData\Roaming\Tencent
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{07EE83C4-6112-4CBC-B247-B8149C56F742}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{62B0A97E-C384-40A4-90E0-50CE74D4636C}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{855F70E3-7185-46FD-B67D-E24C36F3C59E}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{D3E1D566-8DEF-4E45-9782-8D5B6C6165B5}
Deleted HKLM\Software\Classes\METNSD
Deleted HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted AVG Secure Search
Deleted AVG Secure Search
Deleted Bing
Deleted Search the web (Babylon)
Deleted Search the web (Babylon)
Deleted Trovi search
Deleted Trovi search

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3166 octets] - [16/05/2020 09:36:32]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-05-13.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 05-16-2020
# Duration: 00:00:33
# OS: Windows 7 Ultimate
# Scanned: 31864
# Detected: 22

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.AdvancedSystemCare C:\ProgramData\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\syslao\AppData\LocalLow\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\syslao\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.Legacy C:\ProgramData\Tencent
PUP.Optional.Legacy C:\Users\syslao\AppData\Local\Tencent
PUP.Optional.Legacy C:\Users\syslao\AppData\Roaming\Tencent
PUP.Optional.Legacy C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IOBIT\ASC
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IObit\RealTimeProtector
PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{07EE83C4-6112-4CBC-B247-B8149C56F742}
PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{62B0A97E-C384-40A4-90E0-50CE74D4636C}
PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{855F70E3-7185-46FD-B67D-E24C36F3C59E}
PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{D3E1D566-8DEF-4E45-9782-8D5B6C6165B5}
PUP.Optional.Legacy HKLM\Software\Classes\METNSD

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

PUP.Optional.Babylon Search the web (Babylon)
PUP.Optional.Babylon Search the web (Babylon)
PUP.Optional.Legacy AVG Secure Search
PUP.Optional.Legacy Bing
PUP.Optional.Legacy Trovi search
PUP.Optional.MySearch AVG Secure Search
PUP.Optional.Trovi Trovi search

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt #####

Ještě nový log z FRST :

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2020 01
Ran by syslao (administrator) on SYSLAO-PC (Gigabyte Technology Co., Ltd. P35-DS3) (16-05-2020 11:10:33)
Running from C:\Users\syslao\Desktop
Loaded Profiles: syslao
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [180736 2020-04-27] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [AsioThk32Reg] => REGSVR32.EXE /S CTASIO.DLL
HKLM-x32\...\Run: [AsioReg] => REGSVR32 /S CTASIO.DLL
HKU\S-1-5-21-2223748271-3078650066-3298653764-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-2223748271-3078650066-3298653764-1001\...\MountPoints2: E - E:\setup.exe
HKU\S-1-5-21-2223748271-3078650066-3298653764-1001\...\MountPoints2: G - G:\autorun.exe
HKU\S-1-5-21-2223748271-3078650066-3298653764-1001\...\MountPoints2: H - H:\setup.exe
HKU\S-1-5-21-2223748271-3078650066-3298653764-1001\...\MountPoints2: {447dd081-cc82-11e7-bd25-001d7d9f8c74} - G:\OriginSetup.exe
HKU\S-1-5-21-2223748271-3078650066-3298653764-1001\...\MountPoints2: {7247e3d2-75b7-11ea-9f62-001d7d9f8c74} - F:\setup.exe
HKU\S-1-5-21-2223748271-3078650066-3298653764-1001\...\MountPoints2: {d664a879-f3aa-11e7-81c3-001d7d9f8c74} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2223748271-3078650066-3298653764-1001\...\MountPoints2: {d664a88d-f3aa-11e7-81c3-001d7d9f8c74} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2223748271-3078650066-3298653764-1001\...\MountPoints2: {e41aad0a-704c-11ea-af9b-001d7d9f8c74} - E:\setup.exe
HKU\S-1-5-21-2223748271-3078650066-3298653764-1001\...\MountPoints2: {e53bca8c-79ba-11ea-b7f4-001d7d9f8c74} - H:\setup.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2017-11-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-08] (Google LLC -> Google LLC)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06DE9996-3E32-4EDF-84DF-D3504F314AFC} - System32\Tasks\{6CC024F3-9951-4886-A119-C929E7569CB5} => C:\Windows\system32\pcalua.exe -a "D:\Stahování\Batman Arkham - Knight\Batman_AK_CZ_V2.0.exe" -d "D:\Stahování\Batman Arkham - Knight"
Task: {0FD24616-7A80-4BEB-B4D8-6C294C3CB3F7} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-04-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {162F5A67-5817-45D1-B3AE-B4B8ED90AF0A} - System32\Tasks\AdwCleaner_onReboot => C:\Users\syslao\Desktop\adwcleaner_8.0.4.exe [8196784 2020-05-16] (Malwarebytes Inc -> Malwarebytes)
Task: {265D1E1F-FE7C-49A3-9596-1F2C4C9F9938} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {328B88CB-12AF-453B-99A1-49FB085C828A} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-04-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {41E926CA-0BF6-49E6-87D4-DDBB7623DA16} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-18] (Google Inc -> Google Inc.)
Task: {694365A3-66C3-4569-BD45-5F78B57E4412} - System32\Tasks\{421B3903-7C97-482B-ACAE-47C6F02BD2A6} => C:\Windows\system32\pcalua.exe -a "c:\Program Files\Zemana Antimalware\Uninstall.exe"
Task: {6EFBB742-0EF8-41B2-9487-1CB43362BA39} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-04-21] (Advanced Micro Devices, Inc.) [File not signed]
Task: {CC493EA8-BAC2-41F2-BB58-C508A414DD2A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
Task: {CDDEC93A-A97A-4627-ABC3-A02E8C653515} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [3676952 2013-08-21] (Piriform Ltd -> Piriform Ltd)
Task: {E0CD75F5-56D6-455E-882D-AB4D9EF0ACFB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {E2318BF0-4628-4530-96ED-9E50363AAC09} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-18] (Google Inc -> Google Inc.)
Task: {ECE6194D-FB16-46EB-AEE5-A2D8982B78F5} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [1628160 2020-04-21] (Advanced Micro Devices, Inc.) [File not signed]
Task: {EF8A3534-D075-4102-A0FA-B3BA0821C549} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-04-21] (Advanced Micro Devices, Inc.) [File not signed]
Task: {FB8AA67A-0694-4A78-9753-4B136D3BFE08} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GMHSkipUAC.job => D:\Stahování\Glarysoft Malware Hunter PRO v.1.97.0.686_Portable cz sk\App\GlarysoftMalwareHunter\MalwareHunter.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{AC8D30A5-CE9A-4405-97C0-6C23A3529BB8}: [DhcpNameServer] 62.129.50.20 85.135.32.100

Internet Explorer:
==================
HKU\S-1-5-21-2223748271-3078650066-3298653764-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2017-11-18] (Sun Microsystems, Inc.) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2017-11-18] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: a8a2883w.default
FF ProfilePath: C:\Users\syslao\AppData\Roaming\Mozilla\Firefox\Profiles\a8a2883w.default [2019-11-22]
FF Homepage: Mozilla\Firefox\Profiles\a8a2883w.default -> google.cz
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2017-11-18] (Sun Microsystems, Inc.) [File not signed]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2017-11-18] (Sun Microsystems, Inc.) [File not signed]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default [2020-05-16]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.cz/"
CHR Extension: (Překladač Google) - C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-20]
CHR Extension: (Prezentace) - C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-18]
CHR Extension: (Dokumenty) - C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-18]
CHR Extension: (Disk Google) - C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-18]
CHR Extension: (YouTube) - C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-18]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2018-09-11]
CHR Extension: (Tampermonkey) - C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-01-12]
CHR Extension: (Hudba Google Play) - C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2020-04-22]
CHR Extension: (Tabulky) - C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-20]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-04-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Gmail) - C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-26]
CHR Extension: (Chrome Media Router) - C:\Users\syslao\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-22]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [515256 2020-04-21] (Advanced Micro Devices, Inc. -> AMD)
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [190464 2020-04-21] () [File not signed]
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7252656 2018-09-29] (BattlEye Innovations e.K. -> )
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2019-12-25] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369432 2015-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
S4 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2018-09-29] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2433232 2020-04-27] (ESET, spol. s r.o. -> ESET)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-05-15] (Malwarebytes Inc -> Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S2 AGMService; "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe" [X]
S2 AGSService; "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe" [X]
S4 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [28344 2020-04-21] (Advanced Micro Devices, Inc. -> )
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [65743544 2020-04-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [582840 2020-04-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 amsdk; C:\Windows\system32\drivers\amsdk.sys [232792 2020-05-15] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [105376 2019-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2020-03-27] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47160 2020-03-27] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtproscsibus; C:\Windows\System32\DRIVERS\dtproscsibus.sys [30352 2017-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149144 2020-04-27] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [189232 2020-04-27] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [113336 2020-04-27] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-05-15] (Malwarebytes Corporation -> Malwarebytes)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [254520 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [187392 2009-06-10] (Microsoft Windows -> Realtek Corporation )
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2017-11-18] (Disc Soft Ltd -> Duplex Secure Ltd.)
S3 tesrsdt; C:\Windows\system32\drivers\tesrsdt.sys [432840 2019-10-09] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [545568 2019-10-09] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 cpuz145; \??\C:\Windows\temp\cpuz145\cpuz145_x64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-16 10:57 - 2020-05-16 10:58 - 000000000 ____D C:\Users\syslao\AppData\LocalLow\IGDump
2020-05-16 10:23 - 2020-05-16 10:54 - 000003098 _____ C:\Windows\system32\Tasks\AdwCleaner_onReboot
2020-05-16 10:14 - 2020-05-16 11:11 - 000019598 _____ C:\Users\syslao\Desktop\FRST.txt
2020-05-16 09:46 - 2020-05-16 09:46 - 000248968 ____N (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-05-16 09:35 - 2020-05-16 09:36 - 000000000 ____D C:\AdwCleaner
2020-05-16 09:34 - 2020-05-16 09:34 - 008196784 _____ (Malwarebytes) C:\Users\syslao\Desktop\adwcleaner_8.0.4.exe
2020-05-15 22:57 - 2020-05-16 11:10 - 000000000 ____D C:\FRST
2020-05-15 22:55 - 2020-05-15 22:55 - 002286080 _____ (Farbar) C:\Users\syslao\Desktop\FRST64.exe
2020-05-15 22:36 - 2020-05-15 22:36 - 000000000 ____D C:\Users\syslao\AppData\Local\mbam
2020-05-15 22:35 - 2020-05-15 22:35 - 000001960 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-05-15 22:35 - 2020-05-15 22:35 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-05-15 22:35 - 2020-05-15 22:35 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-05-15 22:35 - 2020-05-15 22:35 - 000000000 ____D C:\Users\syslao\AppData\Local\mbamtray
2020-05-15 22:35 - 2020-05-15 22:34 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-05-15 22:34 - 2020-05-15 22:34 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-05-15 22:34 - 2020-05-15 22:34 - 000000000 ____D C:\Program Files\Malwarebytes
2020-05-15 22:31 - 2020-05-15 22:31 - 001980016 _____ (Malwarebytes) C:\Users\syslao\Desktop\MBSetup.exe
2020-05-15 22:05 - 2020-05-15 22:05 - 000003100 _____ C:\Windows\system32\Tasks\{421B3903-7C97-482B-ACAE-47C6F02BD2A6}
2020-05-15 22:00 - 2020-05-16 11:11 - 000059180 _____ C:\Windows\ZAM.krnl.trace
2020-05-15 21:41 - 2020-05-15 21:42 - 000001928 _____ C:\Users\syslao\Desktop\Zemana AntiMalware.lnk
2020-05-15 21:41 - 2020-05-15 21:41 - 000001795 _____ C:\Users\syslao\AppData\Roaming\Microsoft\Windows\Start Menu\Zemana AntiMalware.lnk
2020-05-15 21:41 - 2020-05-15 21:41 - 000001749 _____ C:\Users\syslao\Desktop\Zemana Registr.lnk
2020-05-15 21:41 - 2020-05-15 21:41 - 000000000 ____D C:\Program Files\Zemana Antimalware
2020-05-15 21:39 - 2020-05-15 21:39 - 000000000 ___HD C:\$GlaryQuarantine
2020-05-15 21:05 - 2020-05-15 21:05 - 000000368 _____ C:\Windows\Tasks\GMHSkipUAC.job
2020-05-15 21:04 - 2020-05-15 21:42 - 000232792 _____ (Copyright 2018.) C:\Windows\system32\Drivers\amsdk.sys
2020-05-15 21:04 - 2020-05-15 21:42 - 000000000 ____D C:\Users\syslao\AppData\Local\AMSDK
2020-05-15 21:03 - 2020-05-15 21:03 - 000000000 ____D C:\Users\syslao\AppData\Local\Zemana
2020-05-15 20:30 - 2020-05-16 09:48 - 000263608 _____ C:\Windows\ntbtlog.txt
2020-05-15 19:52 - 2020-05-15 19:52 - 000001294 _____ C:\Users\syslao\Desktop\Computer Management.download
2020-05-15 19:42 - 2020-05-15 19:42 - 000002255 _____ C:\Users\Administrator\Desktop\Google Chrome.lnk
2020-05-15 19:42 - 2020-05-15 19:42 - 000001413 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2020-05-15 19:42 - 2020-05-15 19:42 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2020-05-15 19:42 - 2020-05-15 19:42 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2020-05-15 19:40 - 2020-05-15 19:42 - 000000000 ____D C:\Users\Administrator
2020-05-15 19:40 - 2020-05-15 19:40 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2020-05-15 19:40 - 2009-07-14 09:45 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Media Center Programs
2020-05-15 18:37 - 2020-05-15 18:37 - 000069185 _____ C:\Users\syslao\Downloads\[CzT]Foundation_Alpha_v_1_5_11_0203_35879_2019_CZ_.torrent
2020-05-15 17:52 - 2020-05-16 10:26 - 000003106 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2020-05-14 21:04 - 2020-05-14 21:04 - 000000000 ____D C:\Users\syslao\Documents\Polymorph Games
2020-05-14 17:45 - 2020-05-14 17:45 - 000039009 _____ C:\Users\syslao\Downloads\[CzT]Foundation_v_1_5_9_2019_CZ_.torrent
2020-05-13 18:23 - 2020-05-13 18:23 - 000115610 _____ C:\Users\syslao\Downloads\[CzT]Native_Instrument_Guitar_Rig_Pro_v_5_1_1 (2).torrent
2020-05-10 16:13 - 2020-05-10 16:13 - 000000000 ____D C:\Users\syslao\AppData\Local\Ubisoft Game Launcher
2020-05-10 16:08 - 2020-05-10 16:08 - 000000000 ____D C:\Windows\SysWOW64\directx
2020-05-08 20:39 - 2020-05-08 20:39 - 000000000 ____D C:\Users\syslao\AppData\Local\Saber
2020-05-08 20:39 - 2020-05-08 20:39 - 000000000 ____D C:\Users\Public\Documents\Epic
2020-05-08 20:39 - 2020-05-08 20:39 - 000000000 ____D C:\ProgramData\Documents\Epic
2020-05-08 19:05 - 2020-05-08 19:06 - 000345566 _____ C:\Users\syslao\Downloads\Assassin's_Creed__Odyssey_–_Deluxe_Edition_v1.0.6_ _3_DLCs_(2018)(CZ)[FitGirl_Repack].torrent
2020-05-08 18:35 - 2020-05-08 18:35 - 000106769 _____ C:\Users\syslao\Downloads\[CzT]Snowrunner_2020_CZ_.torrent
2020-05-08 18:13 - 2020-05-08 18:13 - 000000000 ____D C:\Users\syslao\AppData\Local\ATI
2020-05-08 18:12 - 2020-05-08 18:12 - 000000000 ____D C:\Users\syslao\AppData\Local\cache
2020-05-08 17:59 - 2020-05-16 10:26 - 000003116 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2020-05-08 17:50 - 2020-05-08 17:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2020-05-08 17:42 - 2020-04-21 23:27 - 062858424 _____ C:\Windows\system32\amd_comgr.dll
2020-05-08 17:42 - 2020-04-21 23:27 - 052394168 _____ C:\Windows\SysWOW64\amd_comgr32.dll
2020-05-08 17:42 - 2020-04-21 23:11 - 000335544 _____ C:\Windows\system32\clinfo.exe
2020-05-08 17:42 - 2020-04-21 23:11 - 000126136 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2020-05-08 17:42 - 2020-04-21 23:11 - 000112312 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2020-05-08 17:42 - 2020-04-21 23:10 - 079081656 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2020-05-08 17:42 - 2020-04-21 23:10 - 065465016 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2020-05-08 17:42 - 2020-04-21 23:10 - 026733752 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2020-05-08 17:42 - 2020-04-21 23:10 - 021286072 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2020-05-08 17:42 - 2020-04-21 23:09 - 078642360 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdhip64.dll
2020-05-08 17:42 - 2020-04-21 23:02 - 001565744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 034385080 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 029762744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 021826024 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 013731296 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 013041184 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 001076712 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 001076712 _____ C:\Windows\system32\vulkan-1.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000935560 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000935560 _____ C:\Windows\SysWOW64\vulkan-1.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000932536 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000759992 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000565432 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000476344 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000350392 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2020-05-08 17:42 - 2020-04-21 23:01 - 000175288 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000162920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amduve64.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000153784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000144056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000139224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amduve32.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000129208 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000118264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000118264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000097616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000097616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000068792 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2020-05-08 17:42 - 2020-04-21 23:01 - 000038072 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2020-05-08 17:42 - 2020-04-21 23:01 - 000035000 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2020-05-08 17:42 - 2020-04-21 23:00 - 065743544 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2020-05-08 17:42 - 2020-04-21 23:00 - 041844408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxn64.dll
2020-05-08 17:42 - 2020-04-21 23:00 - 037141688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxn32.dll
2020-05-08 17:42 - 2020-04-21 23:00 - 001775288 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2020-05-08 17:42 - 2020-04-21 23:00 - 001775288 _____ C:\Windows\system32\vulkaninfo.exe
2020-05-08 17:42 - 2020-04-21 23:00 - 001365688 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-05-08 17:42 - 2020-04-21 23:00 - 001365688 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2020-05-08 17:42 - 2020-04-21 23:00 - 000150200 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2020-05-08 17:42 - 2020-04-21 23:00 - 000127160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2020-05-08 17:42 - 2020-04-21 23:00 - 000124432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2020-05-08 17:42 - 2020-04-21 23:00 - 000109488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2020-05-08 17:42 - 2020-04-21 23:00 - 000061624 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2020-05-08 17:42 - 2020-04-21 22:59 - 024173752 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk64.dll
2020-05-08 17:42 - 2020-04-21 22:59 - 020606648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk32.dll
2020-05-08 17:42 - 2020-04-21 22:59 - 000140472 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2020-05-08 17:42 - 2020-04-21 22:59 - 000118456 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2020-05-08 17:42 - 2020-04-21 22:58 - 001584824 _____ (AMD) C:\Windows\system32\coinst_19.50.dll
2020-05-08 17:42 - 2020-04-21 22:57 - 004576440 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2020-05-08 17:42 - 2020-04-21 22:57 - 004085944 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2020-05-08 17:42 - 2020-04-21 22:57 - 000544952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2020-05-08 17:42 - 2020-04-21 22:57 - 000374968 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2020-05-08 17:42 - 2020-04-21 22:52 - 041540280 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2020-05-08 17:42 - 2020-04-21 22:48 - 000188664 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
2020-05-08 17:42 - 2020-04-21 22:48 - 000158264 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll
2020-05-08 17:42 - 2020-04-21 22:48 - 000011136 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2020-05-08 17:42 - 2020-04-21 22:47 - 013037576 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2020-05-08 17:42 - 2020-04-21 22:47 - 010363144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2020-05-08 17:42 - 2020-04-21 22:47 - 000582840 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2020-05-08 17:42 - 2020-04-21 22:47 - 000515256 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2020-05-08 17:42 - 2020-04-21 22:47 - 000504504 _____ (AMD) C:\Windows\system32\atitmm64.dll
2020-05-08 17:42 - 2020-04-21 22:47 - 000484536 _____ C:\Windows\system32\dgtrayicon.exe
2020-05-08 17:42 - 2020-04-21 22:47 - 000482488 _____ C:\Windows\system32\GameManager64.dll
2020-05-08 17:42 - 2020-04-21 22:47 - 000365240 _____ C:\Windows\SysWOW64\GameManager32.dll
2020-05-08 17:42 - 2020-04-21 22:47 - 000199864 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2020-05-08 17:42 - 2020-04-21 22:47 - 000193936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2020-05-08 17:42 - 2020-04-21 22:47 - 000176432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2020-05-08 17:42 - 2020-04-21 22:47 - 000156880 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2020-05-08 17:42 - 2020-04-21 22:47 - 000136888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2020-05-08 17:42 - 2020-04-21 22:47 - 000136888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2020-05-08 17:42 - 2020-04-21 22:47 - 000127160 _____ (AMD) C:\Windows\system32\atimuixx.dll
2020-05-08 17:42 - 2020-04-21 22:47 - 000011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2020-05-08 17:42 - 2020-04-21 22:46 - 030992056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll
2020-05-08 17:42 - 2020-04-21 22:46 - 026967224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll
2020-05-08 17:42 - 2020-04-21 22:46 - 001234104 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2020-05-08 17:42 - 2020-04-21 22:46 - 001234104 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2020-05-08 17:42 - 2020-04-21 22:46 - 000751800 _____ (AMD) C:\Windows\system32\atieclxx.exe
2020-05-08 17:42 - 2020-04-21 22:46 - 000475320 _____ C:\Windows\system32\amdgfxinfo64.dll
2020-05-08 17:42 - 2020-04-21 22:46 - 000459960 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2020-05-08 17:42 - 2020-04-21 22:46 - 000457912 _____ C:\Windows\system32\amdlogum.exe
2020-05-08 17:42 - 2020-04-21 22:46 - 000442552 _____ C:\Windows\system32\atieah64.exe
2020-05-08 17:42 - 2020-04-21 22:46 - 000364728 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2020-05-08 17:42 - 2020-04-21 22:46 - 000336568 _____ C:\Windows\SysWOW64\atieah32.exe
2020-05-08 17:42 - 2020-04-21 22:46 - 000028344 _____ C:\Windows\system32\Drivers\amdacpksd.sys
2020-05-08 17:42 - 2020-04-21 22:42 - 003471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2020-05-08 17:42 - 2020-04-21 22:42 - 003437632 _____ C:\Windows\system32\atiumd6a.cap
2020-05-08 17:42 - 2020-04-21 22:32 - 000543168 _____ C:\Windows\SysWOW64\atiapfxx.blb
2020-05-08 17:42 - 2020-04-21 22:32 - 000543168 _____ C:\Windows\system32\atiapfxx.blb
2020-05-08 17:42 - 2020-03-06 21:57 - 000458368 _____ C:\Windows\system32\ativvaxy_nv.dat
2020-05-08 17:42 - 2020-02-26 08:40 - 001156061 _____ C:\Windows\system32\amdicdxx.dat
2020-05-08 17:42 - 2020-02-20 18:34 - 000000703 _____ C:\Windows\SysWOW64\amd-vulkan32.json
2020-05-08 17:42 - 2020-02-20 18:34 - 000000703 _____ C:\Windows\system32\amd-vulkan64.json
2020-05-08 17:42 - 2019-11-29 22:03 - 000356992 _____ C:\Windows\system32\ativvaxy_rv.dat
2020-05-08 17:42 - 2019-10-28 16:52 - 000281101 _____ C:\Windows\system32\amdefctb.dat
2020-05-08 17:42 - 2019-10-25 20:23 - 000375968 _____ C:\Windows\system32\ativvaxy_el_nd.dat
2020-05-08 17:42 - 2019-10-18 15:56 - 000278560 _____ C:\Windows\system32\ativvaxy_stn_nd.dat
2020-05-08 17:42 - 2019-10-18 15:56 - 000272928 _____ C:\Windows\system32\ativvaxy_cz_nd.dat
2020-05-08 17:42 - 2019-10-17 21:30 - 000383264 _____ C:\Windows\system32\ativvaxy_vg20_nd.dat
2020-05-08 17:42 - 2019-10-17 20:52 - 000380448 _____ C:\Windows\system32\ativvaxy_gl_nd.dat
2020-05-08 17:42 - 2019-08-19 20:06 - 000125488 _____ C:\Windows\system32\kapp_ci.sbin
2020-05-08 17:42 - 2019-07-24 07:53 - 000113288 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2020-05-08 17:42 - 2019-07-24 07:53 - 000105376 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys
2020-05-08 17:42 - 2019-07-16 21:58 - 000069770 _____ C:\Windows\system32\AMDKernelEvents.man
2020-05-08 17:42 - 2019-06-27 15:56 - 000173344 _____ C:\Windows\system32\amde40a.dat
2020-05-08 17:42 - 2019-06-21 20:44 - 000268244 _____ C:\Windows\system32\ativvaxy_FJ.dat
2020-05-08 17:42 - 2019-06-21 20:44 - 000267984 _____ C:\Windows\system32\ativvaxy_FJ_nd.dat
2020-05-08 17:42 - 2019-02-26 00:15 - 000166624 _____ C:\Windows\system32\amde34b.dat
2020-05-08 17:42 - 2019-02-26 00:14 - 000166624 _____ C:\Windows\system32\amde34a.dat
2020-05-08 17:42 - 2019-02-12 19:49 - 000324928 _____ C:\Windows\system32\ativvaxy_vi_nd.dat
2020-05-08 17:42 - 2019-02-12 19:48 - 000325188 _____ C:\Windows\system32\ativvaxy_vi.dat
2020-05-08 17:42 - 2019-02-12 19:47 - 000234676 _____ C:\Windows\system32\ativvaxy_cik.dat
2020-05-08 17:42 - 2019-02-12 19:47 - 000234416 _____ C:\Windows\system32\ativvaxy_cik_nd.dat
2020-05-08 17:39 - 2020-05-08 17:39 - 040550000 _____ (AMD Inc.) C:\Users\syslao\Downloads\radeon-software-adrenalin-2020-20.4.2-minimalsetup-200423_64bit.exe
2020-05-08 17:39 - 2020-05-08 17:39 - 000000000 ____D C:\ProgramData\AMD
2020-05-08 16:55 - 2020-05-08 19:07 - 000000000 ____D C:\Program Files (x86)\Assassin's Creed Origins
2020-05-08 11:57 - 2020-05-08 11:57 - 004510099 _____ C:\Users\syslao\Downloads\[CzT]Assassin_s_Creed_Origins_2017_CZ_.torrent
2020-04-29 12:34 - 2020-04-29 12:34 - 000160935 _____ C:\Users\syslao\Downloads\[SkT]Assassin's_Creed__Odyssey_(2018)(CZ) (1).torrent
2020-04-29 12:29 - 2020-04-29 12:29 - 000160935 _____ C:\Users\syslao\Downloads\[SkT]Assassin's_Creed__Odyssey_(2018)(CZ).torrent
2020-04-29 12:19 - 2020-04-29 12:19 - 005131140 _____ C:\Users\syslao\Downloads\[CzT]Assassin_s_Creed_Odyssey_v_1_0_6_2018_CZ_.torrent
2020-04-27 15:43 - 2020-04-27 15:43 - 000057449 _____ C:\Windows\system32\NOTICE_mod
2020-04-27 14:25 - 2020-04-27 14:25 - 000000000 ____D C:\Users\syslao\AppData\Local\Setup Integrity Check
2020-04-22 18:33 - 2020-04-22 18:33 - 000064727 _____ C:\Users\syslao\Downloads\[CzT]Assassin_s_Creed_IV_Black_Flag_Freedom_Cry_DLC_2013_CZ_EN_.torrent
2020-04-22 12:13 - 2020-04-22 12:13 - 000015516 _____ C:\Users\syslao\Downloads\[CzT]Dcera_carodejky_Hadi_dar_Skammerens_datter_II_Slangens_gave_2019_CZ_.torrent
2020-04-22 12:11 - 2020-04-22 12:11 - 000016074 _____ C:\Users\syslao\Downloads\[CzT]Snezny_kluk_Abominable_2019_CZ_.torrent
2020-04-22 12:10 - 2020-04-22 12:10 - 000016939 _____ C:\Users\syslao\Downloads\[CzT]Jezek_Sonic_Sonic_the_Hedgehog_2020_CZ_WebRip_.torrent
2020-04-22 09:50 - 2020-04-22 09:50 - 000012122 _____ C:\Users\syslao\Downloads\[SkT]Zrcadleni_tmy_(2020)(CZ)[WebRip][720p]_=_CSFD_70%.torrent
2020-04-17 20:32 - 2020-04-17 20:32 - 000000000 ____D C:\ProgramData\Ubisoft
2020-04-17 18:18 - 2020-04-17 18:18 - 000014108 _____ C:\Users\syslao\Downloads\[CzT]Assassin_s_Creed_II_Assassin_s_Creed_2_CZ_v1_01_.torrent
2020-04-16 16:42 - 2020-04-16 16:43 - 000000000 ____D C:\Users\syslao\Documents\Witcher 2
2020-04-16 16:42 - 2020-04-16 16:42 - 000000000 ____D C:\Users\syslao\AppData\Local\The Witcher 2
2020-04-16 16:09 - 2020-04-17 19:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 2 (CZ)
2020-04-16 14:35 - 2020-04-16 14:35 - 000039618 _____ C:\Users\syslao\Downloads\[CzT]Zaklinac_2_Vrahove_Kralu_Rozsirena_Edice_The_Witcher_2_Assassins_of_Kings_Enchanced_Edition_CZ_.torrent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-16 11:06 - 2017-11-18 14:58 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-05-16 10:33 - 2009-07-14 06:45 - 000020704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-05-16 10:33 - 2009-07-14 06:45 - 000020704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-05-16 10:26 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-05-16 10:25 - 2017-11-18 20:36 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2020-05-16 09:36 - 2019-11-22 20:42 - 000000000 ____D C:\Users\syslao\AppData\LocalLow\IObit
2020-05-16 09:36 - 2019-11-22 20:40 - 000000000 ____D C:\Users\syslao\AppData\Roaming\IObit
2020-05-15 21:55 - 2017-12-30 15:45 - 000000000 ____D C:\games
2020-05-15 21:39 - 2019-03-04 22:39 - 000000000 ____D C:\Users\syslao\Downloads\Paint Shop Pro 7.0
2020-05-15 20:29 - 2017-11-18 19:57 - 000000000 ____D C:\Users\syslao\AppData\Roaming\uTorrent
2020-05-15 19:42 - 2009-07-14 06:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2020-05-08 20:39 - 2019-06-14 19:34 - 000000000 ____D C:\Users\syslao\Documents\My Games
2020-05-08 18:11 - 2019-02-26 18:24 - 000000000 ____D C:\Users\syslao\AppData\Local\AMD
2020-05-08 17:50 - 2019-02-26 18:05 - 000003146 _____ C:\Windows\system32\Tasks\StartCN
2020-05-08 17:50 - 2019-02-26 18:05 - 000003066 _____ C:\Windows\system32\Tasks\StartDVR
2020-05-08 17:50 - 2017-11-18 20:10 - 000000000 ____D C:\Program Files\AMD
2020-05-08 17:48 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-05-08 17:39 - 2019-02-25 22:28 - 000000000 ____D C:\AMD
2020-05-08 11:50 - 2017-11-18 15:14 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-07 22:38 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2020-04-29 12:18 - 2020-04-04 14:16 - 000000000 ____D C:\Program Files (x86)\Batman Arkham Knight
2020-04-27 15:43 - 2017-08-27 12:07 - 000113336 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2020-04-27 15:43 - 2017-08-10 17:49 - 000189232 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2020-04-27 15:43 - 2017-08-10 17:49 - 000149144 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2020-04-27 14:22 - 2019-12-22 22:01 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2020-04-21 23:02 - 2019-02-20 22:35 - 026035128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2020-04-21 23:02 - 2019-02-20 22:35 - 001919600 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2020-04-21 22:52 - 2019-02-20 22:39 - 049841848 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2020-04-21 22:47 - 2019-02-21 01:53 - 000211464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2020-04-21 22:47 - 2019-02-21 01:52 - 000232632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2020-04-21 22:47 - 2019-02-21 01:52 - 000161464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2020-04-21 22:46 - 2019-02-21 01:52 - 001721528 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2020-04-17 20:32 - 2019-06-22 12:51 - 000000000 ____D C:\Users\syslao\AppData\Roaming\Ubisoft
2020-04-17 20:09 - 2019-12-25 12:03 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-04-16 15:47 - 2019-04-02 17:57 - 000000000 ____D C:\Users\syslao\AppData\Local\ElevatedDiagnostics
2020-04-16 14:36 - 2020-04-03 19:14 - 000000000 ____D C:\Program Files (x86)\Call of Duty 4 - Modern Warfare

==================== Files in the root of some directories ========

2019-12-05 22:15 - 2019-12-05 22:15 - 000000000 _____ () C:\Users\syslao\AppData\Local\oobelibMkey.log
2019-11-23 23:39 - 2019-12-08 15:21 - 000007607 _____ () C:\Users\syslao\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

ATTENTION: ==> Could not access BCD. -> 0

LastRegBack: 2020-05-07 20:57
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-05-2020 01
Ran by syslao (16-05-2020 11:12:26)
Running from C:\Users\syslao\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2017-11-18 13:10:09)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2223748271-3078650066-3298653764-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-2223748271-3078650066-3298653764-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2223748271-3078650066-3298653764-1002 - Limited - Enabled)
syslao (S-1-5-21-2223748271-3078650066-3298653764-1001 - Administrator - Enabled) => C:\Users\syslao

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
ACP Application (HKLM\...\{6F0FE248-D39D-4150-918F-E76C9E9F5943}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{148D9D03-5D23-4D4F-B5D0-BA6030C45DCF}) (Version: 10.1.102.64 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.4.2 - Advanced Micro Devices, Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.71.1081 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 4.05 - Piriform)
Creative Audio Console (HKLM-x32\...\AudioCS) (Version: 1.33 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0112 - Disc Soft Ltd)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Security (HKLM\...\{179752EE-BE61-41C4-909A-D4AAC9CF23FD}) (Version: 12.2.31.0 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.138 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Java(TM) 6 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416021FF}) (Version: 6.0.210 - Oracle)
Java(TM) 6 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216021FF}) (Version: 6.0.210 - Oracle)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
MAGIX Content and Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: - Native Instruments)
Native Instruments Guitar Rig Mobile I/O (HKLM-x32\...\Native Instruments Guitar Rig Mobile I/O) (Version: - Native Instruments)
Native Instruments Guitar Rig Session I/O (HKLM-x32\...\Native Instruments Guitar Rig Session I/O) (Version: - Native Instruments)
Native Instruments Rig Kontrol 3 (HKLM-x32\...\Native Instruments Rig Kontrol 3) (Version: - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
OCCT 4.5.1 (HKLM-x32\...\OCCT) (Version: 4.5.1 - Ocbase.com)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Paint Shop Pro 7 Evaluation (HKLM-x32\...\{D6DE02C7-1F47-11D4-9515-00105AE4B89A}) (Version: 7.0.0.0000 - Jasc Software Inc)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6650 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Rocksmith 2014 (HKLM-x32\...\Rocksmith 20141.3) (Version: 1.3 - Ubisoft)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Sims 4 v.1.58.63.1010 (HKLM-x32\...\The Sims 4_is1) (Version: - )
Update for Skype for Business 2016 (KB3127939) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{0E31A60F-4066-4FD8-AB36-4119E0FED3D9}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3127939) 64-Bit Edition (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}_Office16.PROPLUS_{0E31A60F-4066-4FD8-AB36-4119E0FED3D9}) (Version: - Microsoft)
Vita 2 common (HKLM\...\{C7B5259E-11DC-4B21-BBDD-DDAAA88C1F36}) (Version: 2.4.0.96 - MAGIX Software GmbH) Hidden
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Zemana Antimalware v.3.1.395 CZ_SK (HKLM-x32\...\Zemana Antimalware v.3.1.395 CZ_SK) (Version: v.3.1.395 CZ_SK - Libbi)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-04-27] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-04-27] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-15] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-04-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-04-27] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-15] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\syslao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Hudba Google Play.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=fahmaaghhglfmonjliepjlchgpgfmobi
ShortcutWithArgument: C:\Users\syslao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl

==================== Loaded Modules (Whitelisted) =============

2020-03-02 18:11 - 2020-03-02 18:11 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-02-08 13:38 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000519168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 001431040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-04-21 16:43 - 2020-04-21 16:43 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 001083904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000287232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000329216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000312320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-03-02 18:11 - 2020-03-02 18:11 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-04-21 16:43 - 2020-04-21 16:43 - 000085504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [478]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-11-22 23:19 - 000001094 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 genuine.adobe.com
127.0.0.1 prod.adobegenuine.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
HKU\S-1-5-21-2223748271-3078650066-3298653764-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\syslao\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdvancedSystemCareService13 => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Disc Soft Pro Bus Service => 3
MSCONFIG\Services: EasyAntiCheat => 3
MSCONFIG\Services: FirebirdServerMAGIXInstance => 3
MSCONFIG\Services: HuaweiHiSuiteService64.exe => 2
MSCONFIG\startupreg: AdobeGCInvoker-1.0 => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
MSCONFIG\startupreg: CTHelper => CTHELPER.EXE
MSCONFIG\startupreg: GoogleChromeAutoLaunch_7F0F7518B55C87D0C1D924D7FA29EBC0 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
MSCONFIG\startupreg: MalTray => D:\Stahování\Glarysoft Malware Hunter PRO v.1.97.0.686_Portable cz sk\App\GlarysoftMalwareHunter\mhtray.exe /autorun
MSCONFIG\startupreg: mncxbiumpSrv => C:\Windows\inf\mncxbiump.vbe
MSCONFIG\startupreg: MSStp => C:\Windows\system32\msstp.vbe

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{22C61BCF-B1BD-48A2-A199-B61989592536}C:\users\syslao\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\syslao\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{CE4476D5-5202-45E1-89D8-C9446BA7EE0C}C:\users\syslao\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\syslao\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{87A62855-6AB6-42C0-97B2-305425A912FB}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{00D7EEC8-49FF-40A0-ABBA-06E2E8CA9450}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FF169246-6BE8-47D6-96BA-90117E88E6DE}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{149B3D29-0255-4AE6-9BE4-9DD0B3ED9CE4}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FE16CCC1-7084-4EA2-9E30-304355FC55AC}] => (Allow) C:\Users\syslao\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{37C80491-5AB1-4A75-A3B8-6CF017ABD43C}] => (Allow) C:\Users\syslao\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{E231FF84-A57E-4E39-8DBF-53871FF4EC79}C:\games\the sims 4\game\bin\ts4_x64.exe] => (Block) C:\games\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{C541991F-890E-46CF-824E-7C5EE04B0885}C:\games\the sims 4\game\bin\ts4_x64.exe] => (Block) C:\games\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [TCP Query User{0E80910A-6E7C-40AA-B68A-C13A2DB10FB4}C:\hry\far cry 4\bin\farcry4.exe] => (Block) C:\hry\far cry 4\bin\farcry4.exe => No File
FirewallRules: [UDP Query User{3CD674CC-DFB7-41A0-BD43-ADF113F8D88A}C:\hry\far cry 4\bin\farcry4.exe] => (Block) C:\hry\far cry 4\bin\farcry4.exe => No File
FirewallRules: [TCP Query User{2CB67BD9-BF4F-4197-8E91-FD736EE42FC1}C:\program files (x86)\the witcher 2 (cz)\bin\witcher2.exe] => (Block) C:\program files (x86)\the witcher 2 (cz)\bin\witcher2.exe => No File
FirewallRules: [UDP Query User{18E8F5B3-8156-4F34-9CA2-60FCFC06F301}C:\program files (x86)\the witcher 2 (cz)\bin\witcher2.exe] => (Block) C:\program files (x86)\the witcher 2 (cz)\bin\witcher2.exe => No File
FirewallRules: [TCP Query User{35FAC8C1-90A9-4704-A4BD-6935C3ACE253}C:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe] => (Block) C:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe => No File
FirewallRules: [UDP Query User{79E3267A-126A-4D72-BC11-05879D49407B}C:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe] => (Block) C:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe => No File
FirewallRules: [{D6AF88CF-3110-4F5D-B787-31B9FD338D69}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

Check "VSS" service

==================== Faulty Device Manager Devices ============

Name: AMD Log Utility Driver
Description: AMD Log Utility Driver
Class Guid:
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: ========================

Application errors:
==================
Error: (05/16/2020 09:22:45 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/15/2020 09:55:50 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Users\syslao\AppData\Local\Temp\{916E96DD-B44C-4E1F-A314-0B4089733F2C}\setup.exe -runfromtemp -l0x0409 -removeonly -media_path:"C:\Program Files (x86)\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\" -tempdisk1folder:"C:\Users\syslao\AppData\Local\Temp\{916E96DD-B44C-4E1F-A314-0B4089733F2C}\"; Popis = Removed Ubisoft Game Launcher; Chyba = 0x8007043c).

Error: (05/15/2020 07:17:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program TS4_x64.exe verze 1.58.63.1010 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 108c

Čas spuštění: 01d62adc14b911ee

Čas ukončení: 15

Cesta k aplikaci: C:\games\The Sims 4\Game\Bin\TS4_x64.exe

ID hlášení:

Error: (05/15/2020 06:52:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SDFiles.exe, verze: 1.6.1.7, časové razítko: 0x2a425e19
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.23391, časové razítko: 0x56e9a73c
Kód výjimky: 0x0eedfade
Posun chyby: 0x0000c54f
ID chybujícího procesu: 0xaac
Čas spuštění chybující aplikace: 0x01d62ad927abe2e7
Cesta k chybující aplikaci: C:\Users\syslao\Desktop\SpyBot Search & Destroy 1.6.2.46 DC 13.01.2016 Portable\SDFiles.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll
ID zprávy: 65b65640-96cc-11ea-9239-001d7d9f8c74

Error: (05/15/2020 06:31:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SDFiles.exe, verze: 1.6.1.7, časové razítko: 0x2a425e19
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.23391, časové razítko: 0x56e9a73c
Kód výjimky: 0x0eedfade
Posun chyby: 0x0000c54f
ID chybujícího procesu: 0x12b4
Čas spuštění chybující aplikace: 0x01d62ad6421891c5
Cesta k chybující aplikaci: C:\Users\syslao\Desktop\SpyBot Search & Destroy 1.6.2.46 DC 13.01.2016 Portable\SDFiles.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll
ID zprávy: 801940fa-96c9-11ea-9239-001d7d9f8c74

Error: (05/15/2020 06:01:37 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/14/2020 05:37:32 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/13/2020 06:29:12 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

System errors:
=============
Error: (05/16/2020 10:34:08 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (05/16/2020 10:34:08 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (05/16/2020 10:27:35 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Peer Name Resolution Protocol byla ukončena s následující chybou:
%%-2140993535

Error: (05/16/2020 10:27:35 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Peer Networking Grouping závisí na službě Peer Name Resolution Protocol, která neuspěla při spuštění v důsledku následující chyby:
%%-2140993535

Error: (05/16/2020 10:27:35 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Peer Name Resolution Protocol byla ukončena s následující chybou:
%%-2140993535

Error: (05/16/2020 10:27:35 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Peer Networking Grouping závisí na službě Peer Name Resolution Protocol, která neuspěla při spuštění v důsledku následující chyby:
%%-2140993535

Error: (05/16/2020 10:27:35 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: Protokol PNRP (Peer Name Resolution Protocol) nebylo možné spustit, protože se nezdařilo vytvoření nové identity. Kód chyby: 0x80630801.

Error: (05/16/2020 10:27:35 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: Protokol PNRP (Peer Name Resolution Protocol) nebylo možné spustit, protože se nezdařilo vytvoření nové identity. Kód chyby: 0x80630801.

==================== Memory info ===========================

BIOS: Award Software International, Inc. F14 06/18/2009
Motherboard: Gigabyte Technology Co., Ltd. P35-DS3
Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Percentage of memory in use: 49%
Total physical RAM: 7166.49 MB
Available physical RAM: 3633.79 MB
Total Virtual: 14331.17 MB
Available Virtual: 9719.96 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:104.57 GB) NTFS
Drive d: (Data) (Fixed) (Total:232.88 GB) (Free:91.1 GB) NTFS
Drive e: (SnowRunner) (CDROM) (Total:10.39 GB) (Free:0 GB) UDF

\\?\Volume{dc012002-cc5c-11e7-b570-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 8E71E94C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 081E081D)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Urob v Malwarebytes uplny sken (v PC by uz mal byt nainstalovany):

Ovor Malwarebytes a klikni na "Vyhledavac"
Klikni na "Pokrocile kontroly" a potom na "Nastavit kontrolu"
Vpravo oznac vsetky disky v PC a vlavo oznac moznost "Skenovani na rootkity"
Klikni na "Sken" a pockaj na dokoncenie
Po dokonceni klikni na "Zobrazit zpravu" -> "Export" -> "Kopirovat do schranky"
Skopirovany log vloz do dalsej odpovede

Takže už vyřešeno jiným způsobem.Ale děkuju moc za pomoc

OK, nie je zaco

Kazdopadne ak by si chcel dokoncit aspon precistenie od zbytocnosti, tak mozes poslat nove logy.

VIRY.CZ

Kontrola logu

Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu