VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

častá CAPTCHA na Google

https://forum.viry.cz:443/viewtopic.php?t=157987

Stránka 1 z 1

častá CAPTCHA na Google

Napsal: 24 bře 2021 16:50
od dokturek11
Dobrý den,

prosím o kontrolu, na google mám poměrně často capthu. Dělá to od doby, co jsem změnil poskytovatele. Pokud bude log čistý, je možné, že je chyba u poskytovatele?

Předem mockrát děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-03-2021
Ran by Dokto (administrator) on DESKTOP-8VEH03A (Micro-Star International Co., Ltd. MS-7A34) (24-03-2021 16:36:18)
Running from C:\Users\Dokto\Desktop
Loaded Profiles: Dokto
Platform: Windows 10 Pro Version 20H2 19042.867 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361132.inf_amd64_4863ccf4c1b997c9\B361196\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361132.inf_amd64_4863ccf4c1b997c9\B361196\atiesrxx.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2102.8653.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Windows -> Microsoft Corporation) C:\Users\Dokto\AppData\Local\Temp\D1E3D964-C264-4066-9221-C7B22C4A7D1D\DismHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SystemSettingsAdminFlows.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.860_none_e73d0c67262f5c28\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269328 2019-01-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3137728 2021-01-09] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\Run: [Spotify] => C:\Users\Dokto\AppData\Roaming\Spotify\Spotify.exe [23854664 2021-03-07] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4087528 2021-03-22] (Valve -> Valve Corporation)
HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14858824 2020-12-23] (GOG Sp. z o.o. -> GOG.com)
HKLM\...\Windows x64\Print Processors\ssm4mPC: C:\Windows\System32\spool\prtprocs\x64\ssm4mpc.dll [52088 2019-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\ssm4m Langmon: C:\WINDOWS\system32\ssm4mlm.dll [22528 2015-06-11] (Microsoft Windows Hardware Compatibility Publisher -> )
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {276429B0-1ACA-4062-BD2D-AA301FC4F27D} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {293D9119-8039-47AB-B87F-F0539FAC3ECA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2D583726-A3C5-4232-985D-4AEB9CC33237} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694256 2021-03-11] (Mozilla Corporation -> Mozilla Foundation)
Task: {406BC582-F784-4C06-9EA7-0AFB0AA635CF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {5025CC05-6455-431B-BA3E-73D936AB7E12} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5AC41905-847E-455E-9140-C90565B06033} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Dokto\Downloads\esetonlinescanner.exe
Task: {71ECD561-04C8-4897-857E-BA2CDB715F5C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080824 2021-03-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {8ED35008-25AC-4F4F-AADB-C14E749C5EBE} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {91A94C7F-8D88-43B3-A0E6-7E4A549E80C5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {952BEB20-C16B-4B0A-A918-2CDA830A127B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4004296 2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {9D627187-86A3-41EA-9DF7-BDA772EA48CE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080824 2021-03-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {A301B49F-8655-40B1-A33A-3ABEC8FC1134} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2491736 2021-02-26] (Overwolf Ltd -> Overwolf LTD)
Task: {A5C55EC2-2B22-4BF9-9E70-3931E37C0FCA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B3992E27-7B71-4868-8666-EF5752153BCD} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B3A35E74-8176-4B9C-B57A-DF287B448D70} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B5B0C1D0-7389-44E1-A6C1-C26BFA6C6C74} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114024 2021-03-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {B76CDDA3-4834-4E0E-8CA2-53BFFCEBEF3E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114024 2021-03-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {CF2AD1DF-3232-47F4-BE5A-1B6DE120D50F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4004296 2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {E9209616-26C5-4B37-99F6-116C17F275B6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FAA768A5-B72D-4D24-BA93-95B13B01030D} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Dokto\Downloads\esetonlinescanner.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{934935fc-0540-40c2-98ae-a7d8324a94ed}: [DhcpNameServer] 192.168.1.1

Edge:
=======
DownloadDir: C:\Users\Dokto\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-2588642571-1065584595-175318307-1001 -> hxxp://seznam.cz/
Edge DefaultProfile: Default
Edge Profile: C:\Users\Dokto\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-24]
Edge DownloadDir: C:\Users\Dokto\Downloads
Edge HomePage: Default -> hxxp://seznam.cz/
Edge StartupUrls: Default -> "hxxp://seznam.cz/"

FireFox:
========
FF DefaultProfile: 6l5q1hez.default
FF ProfilePath: C:\Users\Dokto\AppData\Roaming\Mozilla\Firefox\Profiles\6l5q1hez.default [2020-01-25]
FF ProfilePath: C:\Users\Dokto\AppData\Roaming\Mozilla\Firefox\Profiles\pgoa3yck.default-release [2021-03-24]
FF Homepage: Mozilla\Firefox\Profiles\pgoa3yck.default-release -> hxxps://www.seznam.cz/
FF Extension: (I don't care about cookies) - C:\Users\Dokto\AppData\Roaming\Mozilla\Firefox\Profiles\pgoa3yck.default-release\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2021-03-08]
FF Extension: (uBlock Origin) - C:\Users\Dokto\AppData\Roaming\Mozilla\Firefox\Profiles\pgoa3yck.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-03-11]
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8615864 2020-05-30] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8990072 2021-03-11] (Microsoft Corporation -> Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1741384 2020-12-23] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-03-18] (GOG Sp. z o.o. -> GOG.com)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2522424 2020-11-25] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3476800 2020-11-25] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2491736 2021-02-26] (Overwolf Ltd -> Overwolf LTD)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5352528 2021-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-24 16:36 - 2021-03-24 16:36 - 000016159 _____ C:\Users\Dokto\Desktop\FRST.txt
2021-03-24 16:35 - 2021-03-24 16:36 - 000000000 ____D C:\FRST
2021-03-24 16:34 - 2021-03-24 16:34 - 002300928 _____ (Farbar) C:\Users\Dokto\Desktop\FRST64.exe
2021-03-20 20:54 - 2021-03-20 20:54 - 002669441 _____ C:\Users\Dokto\Downloads\67b8619b-b04a-4dbd-9ffe-600e82d880ef.pdf
2021-03-19 20:33 - 2021-03-19 20:33 - 000082444 _____ C:\Users\Dokto\Downloads\receipt.pdf
2021-03-12 08:21 - 2021-03-12 08:21 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-12 08:21 - 2021-03-12 08:21 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-12 08:21 - 2021-03-12 08:21 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-12 08:21 - 2021-03-12 08:21 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-12 08:21 - 2021-03-12 08:21 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-12 08:21 - 2021-03-12 08:21 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-03-12 08:21 - 2021-03-12 08:21 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-12 08:20 - 2021-03-12 08:20 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-12 08:20 - 2021-03-12 08:20 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-12 08:20 - 2021-03-12 08:20 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-12 08:20 - 2021-03-12 08:20 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-12 08:20 - 2021-03-12 08:20 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-12 08:14 - 2021-03-12 08:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-03-11 21:52 - 2021-03-12 08:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-03-07 13:31 - 2021-03-07 13:31 - 000000027 _____ C:\Users\Dokto\Documents\Telefon prace.txt
2021-02-23 17:35 - 2021-02-23 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfenstein - The Old Blood [GOG.com]
2021-02-22 19:25 - 2021-02-22 19:25 - 000000000 ____D C:\Users\Dokto\AppData\Roaming\A Plague Tale Innocence

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-24 16:36 - 2020-01-25 23:40 - 000000000 ____D C:\Users\Dokto\AppData\LocalLow\Mozilla
2021-03-24 16:36 - 2020-01-25 23:40 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-24 16:33 - 2020-01-25 22:52 - 000000000 ____D C:\Users\Dokto\AppData\Local\D3DSCache
2021-03-24 16:30 - 2020-01-25 23:43 - 000000000 ____D C:\Users\Dokto\AppData\Local\Battle.net
2021-03-24 16:28 - 2020-12-20 15:10 - 000000000 ____D C:\Users\Dokto\AppData\Local\AMD_Common
2021-03-24 16:04 - 2020-11-11 16:40 - 000002172 _____ C:\Users\Dokto\Desktop\CurseForge.lnk
2021-03-24 16:04 - 2020-11-11 16:37 - 000000000 ____D C:\Users\Dokto\AppData\Local\Overwolf
2021-03-24 16:03 - 2020-07-18 11:39 - 000003126 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2021-03-24 16:03 - 2020-07-18 11:39 - 000003110 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2021-03-24 16:03 - 2020-07-18 11:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-24 16:02 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-24 15:06 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-24 15:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-24 04:51 - 2020-12-20 18:05 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-03-23 16:59 - 2020-01-25 23:34 - 000000000 ____D C:\Program Files (x86)\Steam
2021-03-23 16:56 - 2020-01-25 23:29 - 000000000 ____D C:\Users\Dokto\AppData\Local\Spotify
2021-03-23 16:40 - 2020-01-25 23:28 - 000000000 ____D C:\Users\Dokto\AppData\Roaming\Spotify
2021-03-21 15:06 - 2020-01-25 23:32 - 000000000 ____D C:\Users\Dokto\AppData\Roaming\Discord
2021-03-20 17:04 - 2020-06-08 03:57 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-19 17:11 - 2020-01-25 23:52 - 000000000 ____D C:\Users\Dokto\AppData\Roaming\vlc
2021-03-19 15:15 - 2020-01-26 07:47 - 000000000 ____D C:\World of Warcraft
2021-03-19 15:14 - 2020-01-25 23:41 - 000000000 ____D C:\Program Files (x86)\Battle.net
2021-03-17 17:42 - 2020-01-25 23:24 - 000000000 ____D C:\Users\Dokto\AppData\Roaming\KeePass
2021-03-16 09:32 - 2020-01-25 21:39 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-15 23:26 - 2020-07-18 11:39 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2588642571-1065584595-175318307-1001
2021-03-15 23:26 - 2020-07-18 11:21 - 000002361 _____ C:\Users\Dokto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-15 23:26 - 2020-01-25 22:46 - 000000000 ___RD C:\Users\Dokto\OneDrive
2021-03-12 15:28 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-12 12:25 - 2020-01-25 23:33 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-03-12 08:48 - 2020-07-18 11:43 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-12 08:48 - 2019-12-07 15:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-12 08:48 - 2019-12-07 15:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-12 08:40 - 2020-07-18 11:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-12 08:40 - 2020-07-18 11:36 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-12 08:40 - 2020-01-25 22:52 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-03-12 08:40 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-12 08:39 - 2020-07-18 11:21 - 000000000 ____D C:\Users\Dokto
2021-03-12 08:39 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-12 08:26 - 2020-07-18 11:36 - 000643456 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-12 08:26 - 2020-01-25 23:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-12 08:25 - 2019-12-07 15:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-03-12 08:25 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-03-12 08:25 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-12 08:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-12 08:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-12 08:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-12 08:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-12 08:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-12 08:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-12 08:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-12 08:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-12 08:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-12 08:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-12 08:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-12 08:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-12 08:15 - 2020-01-25 22:58 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-12 08:14 - 2020-01-25 23:40 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-12 08:13 - 2020-01-25 22:58 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-07 13:35 - 2020-01-25 22:52 - 000000000 ____D C:\Program Files\AMD
2021-03-07 10:06 - 2020-11-11 16:40 - 000000000 ____D C:\Program Files (x86)\Overwolf
2021-03-07 01:14 - 2020-01-25 22:44 - 000000000 ____D C:\Users\Dokto\AppData\Local\Packages
2021-03-06 14:48 - 2020-01-25 22:47 - 000000000 ____D C:\Users\Dokto\AppData\Local\PlaceholderTileLogoFolder
2021-03-06 12:19 - 2020-01-25 23:49 - 000002346 _____ C:\ProgramData\Desktop\Samsung Printer Diagnostics.lnk
2021-03-06 12:19 - 2020-01-25 23:49 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2021-03-06 12:19 - 2020-01-25 23:49 - 000000000 ____D C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller
2021-03-05 09:00 - 2020-07-18 11:39 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-05 09:00 - 2020-07-18 11:39 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-02 18:07 - 2020-07-04 07:59 - 000000000 ____D C:\Users\Dokto\AppData\Local\Ubisoft Game Launcher
2021-03-01 17:18 - 2020-01-25 23:23 - 000013070 _____ C:\Users\Dokto\Documents\Doktor.kdbx
2021-02-22 20:06 - 2020-01-26 09:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A Plague Tale - Innocence [GOG.com]
2021-02-22 17:32 - 2020-09-07 15:28 - 000001116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2021-02-22 17:32 - 2020-09-07 15:28 - 000001104 _____ C:\ProgramData\Desktop\paint.net.lnk
2021-02-22 17:32 - 2020-09-07 15:28 - 000000000 ____D C:\Program Files\paint.net

==================== Files in the root of some directories ========

2020-07-04 20:07 - 2020-07-04 20:08 - 000007608 _____ () C:\Users\Dokto\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================





Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-03-2021
Ran by Dokto (24-03-2021 16:37:17)
Running from C:\Users\Dokto\Desktop
Windows 10 Pro Version 20H2 19042.867 (X64) (2020-07-18 10:39:54)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2588642571-1065584595-175318307-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2588642571-1065584595-175318307-503 - Limited - Disabled)
Dokto (S-1-5-21-2588642571-1065584595-175318307-1001 - Administrator - Enabled) => C:\Users\Dokto
Guest (S-1-5-21-2588642571-1065584595-175318307-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2588642571-1065584595-175318307-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
A Plague Tale: Innocence - Coats of Arms (HKLM-x32\...\1223727318_is1) (Version: 1.07 - GOG.com)
A Plague Tale: Innocence (HKLM-x32\...\1901367087_is1) (Version: 1.07 - GOG.com)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20145 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.11.2 - Advanced Micro Devices, Inc.)
Autodesk Fusion 360 (HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.7438 - Autodesk, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blasphemous (HKLM-x32\...\2068474256_is1) (Version: 3.0.32a - GOG.com)
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
CurseForge (HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.170.1.2 - Overwolf app)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Discord (HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Firewatch (HKLM-x32\...\1459256379_is1) (Version: 1.09 - GOG.com)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Hollow Knight (HKLM-x32\...\1308320804_is1) (Version: 1.4.3.2 - GOG.com)
KeePass Password Safe 2.47 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.47 - Dominik Reichl)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.57 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.13801.20360 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\OneDriveSetup.exe) (Version: 21.030.0211.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28720 (HKLM-x32\...\{7d607fb4-7e28-4c7a-a92f-3fcdaf555faf}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mozilla Firefox 86.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 86.0.1 (x64 cs)) (Version: 86.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.2 - Mozilla)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.9.1 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20360 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.88.45577 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.166.1.16 - Overwolf Ltd.)
paint.net (HKLM\...\{6FED3D93-C0FA-4BD7-A36F-7FC53698244F}) (Version: 4.2.15 - dotPDN LLC)
Paradox Launcher v2 (HKLM\...\{986898D9-7C26-4E7F-814C-9B5472FA3209}) (Version: 2.0.0.0 - Paradox Interactive)
Python 3.8.1 (64-bit) (HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\{edfa99b7-1514-493a-aeaf-a37eeec724d2}) (Version: 3.8.1150.0 - Python Software Foundation)
Python 3.8.1 Add to Path (64-bit) (HKLM\...\{63F5D8C4-D931-4B71-8B2D-FAAC7A862CC7}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Core Interpreter (64-bit) (HKLM\...\{F94E2016-28A6-4FCC-B5A1-D2D9757AF26A}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Development Libraries (64-bit) (HKLM\...\{913F572C-BF38-4E44-9065-7E1B024D43FB}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Documentation (64-bit) (HKLM\...\{3FE61A1E-16AE-4702-81A6-C9F6CE3586EB}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Executables (64-bit) (HKLM\...\{D6160A7A-D48F-48A6-8E5D-FECBE5901D82}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 pip Bootstrap (64-bit) (HKLM\...\{912206BD-EA52-4586-8A89-BD7716E5BD50}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Standard Library (64-bit) (HKLM\...\{7E83F4DD-B376-4158-90C3-4E9AE54D0AB3}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Tcl/Tk Support (64-bit) (HKLM\...\{96BBA29C-F949-4DF7-9221-EEE7F7D66377}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Test Suite (64-bit) (HKLM\...\{64A5FC80-95DB-4CA0-AA8A-C4D652BBC96E}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Utility Scripts (64-bit) (HKLM\...\{F0D5C7E7-4ECE-425F-BD33-8091DB57A31F}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{41A9BB87-60B8-47C3-BB79-6EC186827EC7}) (Version: 3.8.6925.0 - Python Software Foundation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.38.1118.2019 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8619 - Realtek Semiconductor Corp.)
RSI Launcher 1.4.6 (HKLM\...\81bfc699-f883-50c7-b674-2483b6baae23) (Version: 1.4.6 - Cloud Imperium Games)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 2.02.53 (30.05.2018) - HP Printing Korea Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.06.00.08(07.09.2016) - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.27.02 (14.06.2019) - Samsung Electronics Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.1.6.02 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.18 - Samsung Electronics Co., Ltd.) Hidden
Skype verze 8.68 (HKLM-x32\...\Skype_is1) (Version: 8.68 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\Spotify) (Version: 1.1.54.592.gc0b20638 - Spotify AB)
STAR WARS Jedi - Fallen Order™ (HKLM-x32\...\{D00A89F1-2D8C-4589-B1D1-73A6544E3B1F}) (Version: 1.0.8.0 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 111.0 - Ubisoft)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{8BA11E80-4FB0-11E7-9B6D-A9EF5249FCEF}) (Version: 14.0.270 - VEGAS)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Wolfenstein: The Old Blood (HKLM-x32\...\1961572821_is1) (Version: 1.0 - GOG.com)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-01] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-01-28] (Microsoft Studios) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2020-01-25] (Samsung Electronics Co. Ltd.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2588642571-1065584595-175318307-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\Dokto\AppData\Local\Autodesk\webdeploy\production\f22942efe2b06fa9ddd3dbfac8de50bab0281b28\NPreview10.dll (Autodesk, Inc. -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2020-01-12] (Notepad++ -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2020-11-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-07-27 14:14 - 2020-07-27 14:14 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2014-09-08 13:38 - 2014-09-08 13:38 - 000051200 _____ () [File not signed] C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2020-11-13 14:48 - 2020-11-13 14:48 - 001470976 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2020-01-25 23:35 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2016-07-26 11:57 - 2016-07-26 11:57 - 000123904 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Easy Printer Manager\SmartScreenPrint\CDAKEYMonitor64.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 001441792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 001189888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000134656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000058880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt\labs\folderlistmodel\qmlfolderlistmodelplugin.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 006184448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 006867456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000735232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000120832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 001104896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 003668480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000517120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000051712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 004228608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 001085440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000205824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000390656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 095598080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000127488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 005587968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000462848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 000188928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2020-07-27 14:14 - 2020-07-27 14:14 - 002878464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000055808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000262144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000284160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000136704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-07-27 14:15 - 2020-07-27 14:15 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-11-13 15:00 - 2020-11-13 15:00 - 000091648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2588642571-1065584595-175318307-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
SearchScopes: HKU\S-1-5-21-2588642571-1065584595-175318307-1001 -> DefaultScope {98CED06F-8CC2-4DC8-882D-F26BB97DC66B} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-2588642571-1065584595-175318307-1001 -> {98CED06F-8CC2-4DC8-882D-F26BB97DC66B} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2020-03-07 19:33 - 2020-06-29 17:39 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2588642571-1065584595-175318307-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dokto\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\9pczjoa.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\StartupApproved\Run: => "launchOnStartup"
HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-2588642571-1065584595-175318307-1001\...\StartupApproved\Run: => "Overwolf"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E5B67D0B-69A1-46C7-BBB9-BB07475EFF27}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{171A6A34-7E52-44EF-AA6D-EBA2B42C3AA7}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{2CE0865F-A8D7-40BE-AD3E-812ABB21F577}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E6331482-D5D8-44F1-BDC4-91A53D92E5A9}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{70EF78DE-6860-4259-AE71-DC4F44BAF507}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{51F758A4-B39D-4082-BA3E-85E2DAE59667}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C37A9E93-9A5D-4D8A-B2EA-D4FC6A15C46C}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{9DCAC822-4164-4FA5-BE47-90AC423C28E5}] => (Allow) D:\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{F6D90F0B-30E0-4206-863F-BA596B3F6D53}] => (Allow) D:\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [UDP Query User{EFDD18B5-277A-437A-8512-CC7451CFACA9}D:\gog.com\dying light\dyinglightgame.exe] => (Allow) D:\gog.com\dying light\dyinglightgame.exe => No File
FirewallRules: [TCP Query User{1E8FD99B-C911-48D5-B5CD-F4D7AAA1B6FD}D:\gog.com\dying light\dyinglightgame.exe] => (Allow) D:\gog.com\dying light\dyinglightgame.exe => No File
FirewallRules: [{D21254DE-0371-4D91-9910-152AE11F3B33}] => (Allow) D:\SteamLibrary\steamapps\common\Jedi Fallen Order\SwGame\Binaries\Win64\starwarsjedifallenorder.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [{32B66BCA-6E87-4363-A6E5-DA04B05FF025}] => (Allow) D:\SteamLibrary\steamapps\common\Jedi Fallen Order\SwGame\Binaries\Win64\starwarsjedifallenorder.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [UDP Query User{E9681249-7BC7-4AC2-9DED-1AA4B5848B44}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [TCP Query User{332F78C1-1178-493D-A62E-1F7952E7BB18}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [UDP Query User{DF22C68E-C94D-4444-BD46-1B01265EAA19}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{435804AC-1C02-4147-9C7B-1149203C0563}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DCA70FAB-0C84-4FD5-ABC3-775C7E59DB29}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{299283BC-B693-4210-8E39-8D675FD2BE40}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{DBFB00E5-2136-4E82-8C4E-14D0F6240570}C:\users\dokto\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dokto\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{4113266B-0622-46B4-978B-92889CDB72F7}C:\users\dokto\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dokto\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6B051295-08E8-4174-A0CB-0108B37CE736}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{04E16DDC-6CB5-4498-8267-40BB48B40CF8}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{5E856E0C-F571-4E77-A263-2BED286C148B}] => (Allow) D:\SteamLibrary\steamapps\common\Life is Strange 2\LIS2\Binaries\Win64\LIS2-Win64-Shipping.exe (Square Enix) [File not signed]
FirewallRules: [{5705E3FF-6D58-4713-91CB-296F879767E2}] => (Allow) D:\SteamLibrary\steamapps\common\Life is Strange 2\LIS2\Binaries\Win64\LIS2-Win64-Shipping.exe (Square Enix) [File not signed]
FirewallRules: [{338722F4-7199-44FF-9EDE-35DE641AD155}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{25736A64-8B2C-4F2B-BEC1-18A91ACD052A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{3EBE27F2-1CA2-4351-95DA-9F35C512B53F}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (HP Inc. -> )
FirewallRules: [{FD0EA03F-023B-4B51-8F59-CB5B124CE6FD}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (HP Inc. -> )
FirewallRules: [{B2BC0F57-C670-4AAC-AF60-65441FF4FE21}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{54A3ADDC-5748-4092-BE10-529CEC97C62A}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{D1AAD17A-A135-4BB5-AEB1-E3EB163B5423}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe (Scan2PCNotify) [File not signed]
FirewallRules: [{DAA984E2-DDFF-4807-81D1-83551D852E0E}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe (ScanProcess) [File not signed]
FirewallRules: [{E04911B9-D1CE-417D-B88F-78248AA06DAD}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{5760B679-74CE-4374-A826-92F9429D3188}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{A056181F-CCA6-4A31-81AB-4BEC8DD077A3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{B94719B8-B661-4689-93EF-70B18826A77D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{C3036939-7F2A-4EAF-AE67-AFB9106FF58C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{89B9F6A2-04A4-46CC-A2BF-54E9F25C310C}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{D6A98E96-097A-4509-B976-C14F829EB046}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{E63415E9-ABA3-4B88-8B64-05468F5DCBB4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F84F9612-2AB1-4DD0-96BD-784F566D747B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B6327687-319D-4D78-99A1-F7D7BE973610}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{38BBDAD6-2515-4582-8E1E-33ECE31D60A1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C8A1D30D-9D48-4139-B6C7-FDB04D26FD8C}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry New Dawn\bin\FarCryNewDawn.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{9354614D-4F78-4554-B4FA-249B4265850C}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry New Dawn\bin\FarCryNewDawn.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{18FD11A4-9C64-4634-B351-39CC60238CBC}] => (Allow) D:\SteamLibrary\steamapps\common\Factorio Demo\bin\x64\factorio.exe => No File
FirewallRules: [{8491FE69-A559-4F5A-9093-CEEB9AA9717B}] => (Allow) D:\SteamLibrary\steamapps\common\Factorio Demo\bin\x64\factorio.exe => No File
FirewallRules: [TCP Query User{46270CCF-5CF9-4945-9110-696CBD9A33B3}D:\gog.com\spongebob squarepants battle for bikini bottom - rehydrated\pineapple\binaries\win64\pineapple-win64-shipping.exe] => (Allow) D:\gog.com\spongebob squarepants battle for bikini bottom - rehydrated\pineapple\binaries\win64\pineapple-win64-shipping.exe => No File
FirewallRules: [UDP Query User{AA49E627-9E03-4E33-991F-55DD704CCFDE}D:\gog.com\spongebob squarepants battle for bikini bottom - rehydrated\pineapple\binaries\win64\pineapple-win64-shipping.exe] => (Allow) D:\gog.com\spongebob squarepants battle for bikini bottom - rehydrated\pineapple\binaries\win64\pineapple-win64-shipping.exe => No File
FirewallRules: [TCP Query User{70F63B6A-6410-4022-8A36-F6A696B8B1A7}E:\starcitizen\live\bin64\starcitizen.exe] => (Allow) E:\starcitizen\live\bin64\starcitizen.exe (Cloud Imperium Games Corp.) [File not signed]
FirewallRules: [UDP Query User{F0EE40E5-CB46-4A2F-86F8-B434C2AD270D}E:\starcitizen\live\bin64\starcitizen.exe] => (Allow) E:\starcitizen\live\bin64\starcitizen.exe (Cloud Imperium Games Corp.) [File not signed]
FirewallRules: [TCP Query User{DFD2FDEA-07E5-4C5F-8B8B-3CE9B2F1B38A}C:\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{61950A7A-BFC5-43F2-BC0D-EC1E71443220}C:\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{D2D04A53-821C-43ED-B8EA-6E6B3E66F358}D:\steamlibrary\steamapps\common\awayout\haze1\binaries\win64\awayout.exe] => (Allow) D:\steamlibrary\steamapps\common\awayout\haze1\binaries\win64\awayout.exe (Hazelight Studios AB -> Hazelight Studios AB)
FirewallRules: [UDP Query User{2A7B37C8-8D50-46D1-BE0F-A531EF83D732}D:\steamlibrary\steamapps\common\awayout\haze1\binaries\win64\awayout.exe] => (Allow) D:\steamlibrary\steamapps\common\awayout\haze1\binaries\win64\awayout.exe (Hazelight Studios AB -> Hazelight Studios AB)
FirewallRules: [TCP Query User{18CCA197-2E47-4E04-B872-C032DF350D25}C:\program files (x86)\patriot viper gaming mouse\patriot viper mouse.exe] => (Block) C:\program files (x86)\patriot viper gaming mouse\patriot viper mouse.exe => No File
FirewallRules: [UDP Query User{1E222D36-FAE0-4DB2-9129-35B0028A07A3}C:\program files (x86)\patriot viper gaming mouse\patriot viper mouse.exe] => (Block) C:\program files (x86)\patriot viper gaming mouse\patriot viper mouse.exe => No File
FirewallRules: [{1738B9A2-C13B-44F3-A918-2C88B6431B7B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{973944B1-92FE-4E11-B35E-E3EBDDBC0E94}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E8C643A8-BFD3-495D-A536-5CD3268AD587}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D0465CCD-2713-433D-86B1-D060D45D8F97}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C9C78C41-4EC6-4FE1-AAD4-B41A9AF8B790}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3288B210-A473-416A-BE18-2EECB09AA8C6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{632498E1-453E-44AE-9588-DE95EB7A81BF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{D68067CB-4184-46F6-99A7-2E6D244B0309}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{8DE695CB-E563-41FD-8EF8-558D5811F06E}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{30EA4FBD-9D85-4A3D-9B32-98C8D8B3DCCC}D:\steamlibrary\steamapps\common\marie's room\mariesroom\binaries\win64\mariesroom-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\marie's room\mariesroom\binaries\win64\mariesroom-win64-shipping.exe => No File
FirewallRules: [UDP Query User{30BDE183-AFED-4C5A-B311-D5ABBC2472C7}D:\steamlibrary\steamapps\common\marie's room\mariesroom\binaries\win64\mariesroom-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\marie's room\mariesroom\binaries\win64\mariesroom-win64-shipping.exe => No File
FirewallRules: [{DF9005BD-C873-4CDD-A247-8153F4E0A739}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDCApp.exe (HP Inc. -> )
FirewallRules: [{5DDD9605-B7FE-44F4-8C36-7CC01B439C1B}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDCApp.exe (HP Inc. -> )
FirewallRules: [{83A72F87-8681-4F85-9961-E3D5DB95B3B6}] => (Allow) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{34BCA1A2-9FDD-4F3E-9177-FD2DD1AB8967}] => (Allow) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{430856FC-A91D-4137-9C14-FABAF6CB776D}] => (Block) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{FB7A3731-BED0-4DCF-82B3-609BD4F77A59}] => (Block) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

==================== Restore Points =========================

12-03-2021 08:15:33 Instalační služba modulů systému Windows
20-03-2021 18:15:35 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/21/2021 05:04:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Místní disk (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/20/2021 06:26:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program RadeonSoftware.exe verze 10.1.2.1829 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1f24

Čas spuštění: 01d71d855a1e6c96

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe

ID hlášení: c5d25971-4b24-46cd-9675-0d036202b719

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Top level window is idle

Error: (03/14/2021 05:25:30 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Místní disk (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/12/2021 08:40:02 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (03/12/2021 08:40:02 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (03/08/2021 11:17:42 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (03/07/2021 03:51:28 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Místní disk (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/07/2021 01:47:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LIS2-Win64-Shipping.exe, verze: 4.16.3.0, časové razítko: 0x5e453216
Název chybujícího modulu: LIS2-Win64-Shipping.exe, verze: 4.16.3.0, časové razítko: 0x5e453216
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000be454c0
ID chybujícího procesu: 0x1488
Čas spuštění chybující aplikace: 0x01d713501562fa53
Cesta k chybující aplikaci: D:\SteamLibrary\steamapps\common\Life is Strange 2\LIS2\Binaries\Win64\LIS2-Win64-Shipping.exe
Cesta k chybujícímu modulu: D:\SteamLibrary\steamapps\common\Life is Strange 2\LIS2\Binaries\Win64\LIS2-Win64-Shipping.exe
ID zprávy: 08850a96-d5cd-4240-8933-dcb3755f8f0a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (03/24/2021 05:01:40 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8VEH03A)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/23/2021 04:59:12 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8VEH03A)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/23/2021 03:21:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/23/2021 03:21:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (03/23/2021 05:02:24 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8VEH03A)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/19/2021 09:55:11 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8VEH03A)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/19/2021 05:23:14 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8VEH03A)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/12/2021 08:37:24 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (8:26:31, ‎12.‎03.‎2021) bylo neočekávané.


Windows Defender:
================
Date: 2021-03-24 16:30:51
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {EDCFF4CB-3FBB-468A-8D52-422CE13A0728}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-8VEH03A\Dokto

Date: 2021-03-24 15:05:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {AE89AB44-85A0-4A72-A6FB-9260AC948AD5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-22 15:05:24
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DF53F7FE-0581-4FA0-AE25-61A43E49710E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-21 11:13:39
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {86050F16-3C50-4DE2-AFFC-BDECEAB3CB31}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-20 18:12:33
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1A6404E1-69DA-4809-B7ED-4F3796029770}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2021-03-24 16:04:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.166.1.16\win32\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2021-03-21 13:52:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Users\Dokto\AppData\Local\Discord\app-0.0.309\Discord.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.166.1.16\win32\OWExplorer.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.OQ 11/15/2019
Motherboard: Micro-Star International Co., Ltd. B350 TOMAHAWK (MS-7A34)
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 28%
Total physical RAM: 16338.08 MB
Available physical RAM: 11702.98 MB
Total Virtual: 19410.08 MB
Available Virtual: 10764.05 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.25 GB) (Free:81.49 GB) NTFS
Drive d: (Místní disk) (Fixed) (Total:1863.01 GB) (Free:910.04 GB) NTFS
Drive e: () (Fixed) (Total:111.79 GB) (Free:46.84 GB) NTFS

\\?\Volume{2b4692ee-1c57-4af2-87b1-db38ad4a04a5}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.1 GB) NTFS
\\?\Volume{28f7ecb2-cc09-4274-a305-e93506145468}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 762551BC)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 0FC0AF67)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: E0611246)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Re: častá CAPTCHA na Google

Napsal: 24 bře 2021 17:53
od Rudy
Zdravím!
Problm může být na kterékolv pracovní stanici v síti poskytovatele. Google vidí jen IP vašeho poskytovatele, nikoliv tu vaší v síti. Problém obvykle během několika dní zmizí sám. Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: častá CAPTCHA na Google

Napsal: 25 bře 2021 15:18
od dokturek11
Aha, dobré vědět. Díky

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-03-22.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-25-2021
# Duration: 00:00:00
# OS: Windows 10 Pro
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.SamsungEasyDocumentCreator Folder C:\Program Files (x86)\SAMSUNG\EASY DOCUMENT CREATOR
Deleted Preinstalled.SamsungEasyDocumentCreator Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Samsung Easy Document Creator


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1633 octets] - [25/03/2021 15:15:13]
AdwCleaner[S01].txt - [1694 octets] - [25/03/2021 15:16:24]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Re: častá CAPTCHA na Google

Napsal: 25 bře 2021 16:02
od Rudy
Toto je OK. Smazány byly jen nějaké neškodné utility od Samsung. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
FirewallRules: [UDP Query User{EFDD18B5-277A-437A-8512-CC7451CFACA9}D:\gog.com\dying light\dyinglightgame.exe] => (Allow) D:\gog.com\dying light\dyinglightgame.exe => No File
FirewallRules: [TCP Query User{1E8FD99B-C911-48D5-B5CD-F4D7AAA1B6FD}D:\gog.com\dying light\dyinglightgame.exe] => (Allow) D:\gog.com\dying light\dyinglightgame.exe => No File
FirewallRules: [UDP Query User{E9681249-7BC7-4AC2-9DED-1AA4B5848B44}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [TCP Query User{332F78C1-1178-493D-A62E-1F7952E7BB18}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [{338722F4-7199-44FF-9EDE-35DE641AD155}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{25736A64-8B2C-4F2B-BEC1-18A91ACD052A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{18FD11A4-9C64-4634-B351-39CC60238CBC}] => (Allow) D:\SteamLibrary\steamapps\common\Factorio Demo\bin\x64\factorio.exe => No File
FirewallRules: [{8491FE69-A559-4F5A-9093-CEEB9AA9717B}] => (Allow) D:\SteamLibrary\steamapps\common\Factorio Demo\bin\x64\factorio.exe => No File
FirewallRules: [TCP Query User{46270CCF-5CF9-4945-9110-696CBD9A33B3}D:\gog.com\spongebob squarepants battle for bikini bottom - rehydrated\pineapple\binaries\win64\pineapple-win64-shipping.exe] => (Allow) D:\gog.com\spongebob squarepants battle for bikini bottom - rehydrated\pineapple\binaries\win64\pineapple-win64-shipping.exe => No File
FirewallRules: [UDP Query User{AA49E627-9E03-4E33-991F-55DD704CCFDE}D:\gog.com\spongebob squarepants battle for bikini bottom - rehydrated\pineapple\binaries\win64\pineapple-win64-shipping.exe] => (Allow) D:\gog.com\spongebob squarepants battle for bikini bottom - rehydrated\pineapple\binaries\win64\pineapple-win64-shipping.exe => No File
FirewallRules: [TCP Query User{18CCA197-2E47-4E04-B872-C032DF350D25}C:\program files (x86)\patriot viper gaming mouse\patriot viper mouse.exe] => (Block) C:\program files (x86)\patriot viper gaming mouse\patriot viper mouse.exe => No File
FirewallRules: [UDP Query User{1E222D36-FAE0-4DB2-9129-35B0028A07A3}C:\program files (x86)\patriot viper gaming mouse\patriot viper mouse.exe] => (Block) C:\program files (x86)\patriot viper gaming mouse\patriot viper mouse.exe => No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: častá CAPTCHA na Google

Napsal: 25 bře 2021 18:34
od dokturek11
Fix result of Farbar Recovery Scan Tool (x64) Version: 21-03-2021
Ran by Dokto (25-03-2021 18:30:44) Run:1
Running from C:\Users\Dokto\Desktop
Loaded Profiles: Dokto
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
FirewallRules: [UDP Query User{EFDD18B5-277A-437A-8512-CC7451CFACA9}D:\gog.com\dying light\dyinglightgame.exe] => (Allow) D:\gog.com\dying light\dyinglightgame.exe => No File
FirewallRules: [TCP Query User{1E8FD99B-C911-48D5-B5CD-F4D7AAA1B6FD}D:\gog.com\dying light\dyinglightgame.exe] => (Allow) D:\gog.com\dying light\dyinglightgame.exe => No File
FirewallRules: [UDP Query User{E9681249-7BC7-4AC2-9DED-1AA4B5848B44}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [TCP Query User{332F78C1-1178-493D-A62E-1F7952E7BB18}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe => No File
FirewallRules: [{338722F4-7199-44FF-9EDE-35DE641AD155}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{25736A64-8B2C-4F2B-BEC1-18A91ACD052A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{18FD11A4-9C64-4634-B351-39CC60238CBC}] => (Allow) D:\SteamLibrary\steamapps\common\Factorio Demo\bin\x64\factorio.exe => No File
FirewallRules: [{8491FE69-A559-4F5A-9093-CEEB9AA9717B}] => (Allow) D:\SteamLibrary\steamapps\common\Factorio Demo\bin\x64\factorio.exe => No File
FirewallRules: [TCP Query User{46270CCF-5CF9-4945-9110-696CBD9A33B3}D:\gog.com\spongebob squarepants battle for bikini bottom - rehydrated\pineapple\binaries\win64\pineapple-win64-shipping.exe] => (Allow) D:\gog.com\spongebob squarepants battle for bikini bottom - rehydrated\pineapple\binaries\win64\pineapple-win64-shipping.exe => No File
FirewallRules: [UDP Query User{AA49E627-9E03-4E33-991F-55DD704CCFDE}D:\gog.com\spongebob squarepants battle for bikini bottom - rehydrated\pineapple\binaries\win64\pineapple-win64-shipping.exe] => (Allow) D:\gog.com\spongebob squarepants battle for bikini bottom - rehydrated\pineapple\binaries\win64\pineapple-win64-shipping.exe => No File
FirewallRules: [TCP Query User{18CCA197-2E47-4E04-B872-C032DF350D25}C:\program files (x86)\patriot viper gaming mouse\patriot viper mouse.exe] => (Block) C:\program files (x86)\patriot viper gaming mouse\patriot viper mouse.exe => No File
FirewallRules: [UDP Query User{1E222D36-FAE0-4DB2-9129-35B0028A07A3}C:\program files (x86)\patriot viper gaming mouse\patriot viper mouse.exe] => (Block) C:\program files (x86)\patriot viper gaming mouse\patriot viper mouse.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EFDD18B5-277A-437A-8512-CC7451CFACA9}D:\gog.com\dying light\dyinglightgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1E8FD99B-C911-48D5-B5CD-F4D7AAA1B6FD}D:\gog.com\dying light\dyinglightgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E9681249-7BC7-4AC2-9DED-1AA4B5848B44}C:\program files (x86)\fahclient\fahclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{332F78C1-1178-493D-A62E-1F7952E7BB18}C:\program files (x86)\fahclient\fahclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{338722F4-7199-44FF-9EDE-35DE641AD155}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{25736A64-8B2C-4F2B-BEC1-18A91ACD052A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{18FD11A4-9C64-4634-B351-39CC60238CBC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8491FE69-A559-4F5A-9093-CEEB9AA9717B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{46270CCF-5CF9-4945-9110-696CBD9A33B3}D:\gog.com\spongebob squarepants battle for bikini bottom - rehydrated\pineapple\binaries\win64\pineapple-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AA49E627-9E03-4E33-991F-55DD704CCFDE}D:\gog.com\spongebob squarepants battle for bikini bottom - rehydrated\pineapple\binaries\win64\pineapple-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{18CCA197-2E47-4E04-B872-C032DF350D25}C:\program files (x86)\patriot viper gaming mouse\patriot viper mouse.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1E222D36-FAE0-4DB2-9129-35B0028A07A3}C:\program files (x86)\patriot viper gaming mouse\patriot viper mouse.exe" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19131325 B
Java, Flash, Steam htmlcache => 637675341 B
Windows/system/drivers => 20357340 B
Edge => 1125244 B
Firefox => 1462951322 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 523036 B
Dokto => 88935696 B

RecycleBin => 0 B
EmptyTemp: => 2.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:31:20 ====

Re: častá CAPTCHA na Google

Napsal: 25 bře 2021 18:50
od Rudy
Smazáno, log je již OK.

Re: častá CAPTCHA na Google

Napsal: 26 bře 2021 15:44
od dokturek11
Tak jsem se ptal sousedů, co mají stejného poskytovatele a problém s captchou mají všichni. Nakonec bude doopravdy chyba někde v síti poskytovatele.
Přesto ještě jednou děkuji za kontrolu logů. :thumbsup: :closed:

Re: častá CAPTCHA na Google

Napsal: 26 bře 2021 15:56
od Rudy
Tušil ksem to, když jsem u vás nic podstatného neobjevil. Nemáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz