Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.02.2024 02
Ran by dvacl (administrator) on RUDOLF (MSI MS-7758) (23-02-2024 03:11:08)
Running from C:\Users\dvacl\Desktop\FRST64.exe
Loaded Profiles: dvacl
Platform: Microsoft Windows 10 Pro Version 22H2 19045.4046 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(0) [File not signed] C:\Program Files\SPC_Gear\GK550.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe ->) (remotemouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe ->) (RemoteMouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\LGHUB\lghub.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(cmd.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(DriverStore\FileRepository\u0399660.inf_amd64_d7fa3539ce499e50\B399655\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0399660.inf_amd64_d7fa3539ce499e50\B399655\atieclxx.exe
(explorer.exe ->) (Hanvon Ugee Technology Co., Ltd. -> XPPEN TECHNOLOGY CO.) C:\Program Files\Pentablet\PenTablet.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <16>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\MSBuild.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0399660.inf_amd64_d7fa3539ce499e50\B399655\atiesrxx.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation -> MSPCManagerService) C:\Program Files\Microsoft PC Manager\MSPCManagerService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) [File not signed] [File is in use] C:\Users\dvacl\AppData\Roaming\EventWaitHandleRights\ApproximateSize.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2311.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [PenTablet] => C:\Program Files\Pentablet\PenTablet.exe [870136 2021-10-28] (Hanvon Ugee Technology Co., Ltd. -> XPPEN TECHNOLOGY CO.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech -> Logitech Inc.)
HKLM\...\Run: [WindowsMasterUI] => C:\Program Files\Microsoft PC Manager\MSPCManager.exe [964016 2023-08-16] (Microsoft Corporation -> MSPCManager)
HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Launch 0 FwCustom] => C:\Program Files\SPC_Gear\GK550.exe [3572224 2018-11-30] (0) [File not signed]
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-15] (Google LLC -> Google, Inc.)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2598328 2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-15] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2598328 2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [152025856 2023-12-02] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\Run: [MicrosoftEdgeAutoLaunch_DD7281EFDCD22F0502B4473C5E1909BC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788240 2024-02-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-15] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [4388200 2024-01-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-15] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\stkMonitor: C:\WINDOWS\system32\stkMonitor.dll [65680 2022-11-29] (Amazon.com Services LLC -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\121.0.6167.185\Installer\chrmstp.exe [2024-02-16] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {D604E7EA-6DBE-40C1-B122-9C5FB2925955} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2024-01-04] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {18DE3458-F2E3-40B6-B903-19ABCE87D181} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2024-01-04] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {063ABE6C-0383-4275-8E1A-126DE78893D8} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem123.0.6288.0{3A2EC0C5-8E9D-4828-8783-63A74B7FB7BA} => C:\Program Files (x86)\Google\GoogleUpdater\123.0.6288.0\updater.exe [4682528 2024-02-08] (Google LLC -> Google LLC) <==== ATTENTION
Task: {18CA05DE-CEC9-43BF-A198-100CB3714D63} - System32\Tasks\Microsoft\Windows\EventWaitHandleRights\ApproximateSize => C:\Users\dvacl\AppData\Roaming\EventWaitHandleRights\ApproximateSize.exe [1786288 2024-02-22] (Microsoft Corporation -> Microsoft Corporation) [File not signed] [File is in use]
Task: {2F02B5ED-D7E0-4725-97CD-3B74BFBD6D22} - System32\Tasks\Microsoft\Windows\Hash\Level => C:\Users\dvacl\AppData\Local\Hash\aomknbfmm\Level.exe [362464 2023-08-29] (Exodus Movement Inc -> GitHub) [File not signed]
Task: {56B813DD-55C0-464E-A9AF-3EBEBE887CF2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DCFCEBA6-AD37-4BD2-92AC-5C4940C6B70C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2C2D80C4-0E24-44CC-A48C-23E1D12FE595} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {84D80FCA-CD6B-462F-96C4-A60C07566C08} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B00ADA5F-DD87-464C-B62E-B548CB286AA0} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2024-01-04] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {39F0AA4A-1FF4-434E-BFB7-CE469C9D2F2C} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804312 2023-04-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {828FE27C-AA41-4F28-96CE-27AF5304D0B2} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {9EB1120D-61DE-4B67-8C59-8EFBAC2E1FFD} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-87297680-2717088268-3221549041-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {22B8EBDB-ED10-4B01-BA17-94EF44AAA3C1} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-87297680-2717088268-3221549041-1005 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {8D13381C-BEAE-4933-8DFE-54291D5DF9D0} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60344 2024-01-04] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {829AFE59-504C-458B-B5F4-42AAFFF6A9CB} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [324024 2024-01-04] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{e4dcd0db-6ed9-443a-a7d8-afc24777b16d}: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{e4dcd0db-6ed9-443a-a7d8-afc24777b16d}: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-23]
Edge DownloadDir: Default -> H:\Download
Edge Notifications: Default -> hxxps://www.facebook.com
Edge HomePage: Default -> hxxp://www.centrum.cz/#utm_source=icq&utm_medium=centrum
Edge StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.google.cz/ ... oogle.com/"
Edge Extension: (Authenticator) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2024-02-21]
Edge Extension: (Video Player) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bobjnignhcpkfnjcgegmdjijonimcmke [2022-08-25]
Edge Extension: (Send to Kindle pro Google Chrome™) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cgdjpilhipecahhcilnafpblkieebhea [2024-01-11]
Edge Extension: (Ruffle - Flash Emulator) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\donbcfbmhbcapadipfkeojnmajbakjdc [2024-02-23]
Edge Extension: (Dokumenty Google offline) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-11]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2024-02-21]
Edge Extension: (GAuth Authenticator) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ilgcnhelpchnceeipipijaljkblbcobl [2022-06-17]
Edge Extension: (Edge relevant text changes) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (Rozšíření Google Keep pro Chrome) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2024-02-22]
Edge Extension: (uBlock Origin) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2024-02-18]
Edge Profile: C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2024-02-23]
Edge Extension: (Dokumenty Google offline) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-29]
Edge Extension: (Edge relevant text changes) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\dvacl\AppData\Local\Google\Chrome\User Data\Default [2024-02-23]
CHR HomePage: Default -> hxxp://www.centrum.cz/#utm_source=icq&utm_medium=centrum
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.google.cz/ ... google.com"
CHR Extension: (Send to Kindle pro Google Chrome™) - C:\Users\dvacl\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdjpilhipecahhcilnafpblkieebhea [2024-01-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\dvacl\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-25]
CHR Extension: (Chrome Remote Desktop) - C:\Users\dvacl\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2022-12-09]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\dvacl\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\dvacl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-20]
CHR Profile: C:\Users\dvacl\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-06-08]
CHR Profile: C:\Users\dvacl\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-02-23]
CHR DownloadDir: H:\Download
CHR Extension: (Dokumenty Google offline) - C:\Users\dvacl\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-07]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\dvacl\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\dvacl\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-26]
CHR Profile: C:\Users\dvacl\AppData\Local\Google\Chrome\User Data\Profile 3 [2024-02-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\dvacl\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-20]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\dvacl\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-02-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\dvacl\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-02-20]
CHR Profile: C:\Users\dvacl\AppData\Local\Google\Chrome\User Data\System Profile [2024-02-23]
CHR HKU\S-1-5-21-87297680-2717088268-3221549041-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
Opera:
=======
OPR Profile: C:\Users\dvacl\AppData\Roaming\Opera Software\Opera Stable [2024-02-23]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\dvacl\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-11-17]
OPR Extension: (Opera Wallet) - C:\Users\dvacl\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-11-17]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\dvacl\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-08-27]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2023-03-17] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [375248 2024-02-18] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncHelper.exe [3515936 2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
S2 GoogleUpdaterInternalService123.0.6288.0; C:\Program Files (x86)\Google\GoogleUpdater\123.0.6288.0\updater.exe [4682528 2024-02-08] (Google LLC -> Google LLC) <==== ATTENTION
S2 GoogleUpdaterService123.0.6288.0; C:\Program Files (x86)\Google\GoogleUpdater\123.0.6288.0\updater.exe [4682528 2024-02-08] (Google LLC -> Google LLC) <==== ATTENTION
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10589952 2023-06-28] (Logitech Inc -> Logitech, Inc.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.020.0128.0003\OneDriveUpdaterService.exe [3853856 2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
R2 PCManager Service; C:\Program Files\Microsoft PC Manager\MSPCManagerService.exe [141752 2023-08-16] (Microsoft Corporation -> MSPCManagerService)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2023-12-31] (Even Balance, Inc. -> )
R2 RapiMgr; C:\WINDOWS\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [11264 2023-03-21] () [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WcesComm; C:\WINDOWS\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 Ahflt; C:\WINDOWS\System32\drivers\ahflt.sys [49592 2023-08-16] (Microsoft Corporation -> Microsoft Corporation)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [25584 2023-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_54807f69fe156f14\amdsafd.sys [113088 2023-04-13] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
S3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [63392 2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0399660.inf_amd64_d7fa3539ce499e50\B399655\amdkmdag.sys [106387984 2024-01-18] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [61888 2023-05-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R2 CLFCL5.20; C:\WINDOWS\System32\drivers\CLFCL5.20\000.fcl [46952 2021-03-24] (CyberLink Corp. -> CyberLink Corp.)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 hanvonugeemfilter; C:\WINDOWS\System32\drivers\hanvonugeemfilter.sys [9728 2021-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [226560 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\System32\drivers\hw_cdcacm.sys [127360 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [79624 2022-02-25] (Intel Corporation -> Intel Corporation)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2022-09-24] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-24] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2022-09-24] (Logitech Inc -> Logitech)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [13368 2012-11-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [65144 2021-10-08] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [50688 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-06] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-06] (Microsoft Windows -> Microsoft Corporation)
R3 XPPenTablet; C:\WINDOWS\System32\drivers\XPPenTablet.sys [10752 2021-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-02-23 03:11 - 2024-02-23 03:11 - 000026293 _____ C:\Users\dvacl\Desktop\FRST.txt
2024-02-23 03:10 - 2024-02-23 03:11 - 000000000 ____D C:\FRST
2024-02-23 03:09 - 2024-02-23 03:09 - 002386944 _____ (Farbar) C:\Users\dvacl\Desktop\FRST64.exe
2024-02-23 02:41 - 2024-02-01 19:16 - 231028552 _____ ( ) C:\Users\dvacl\Desktop\setup cracked.exe
2024-02-22 22:09 - 2024-02-22 22:11 - 000000000 ___HD C:\$WinREAgent
2024-02-22 21:56 - 2024-02-22 21:56 - 000000000 ___HD C:\Users\dvacl\AppData\Roaming\EventWaitHandleRights
2024-02-22 21:54 - 2024-02-22 21:54 - 000000000 ____D C:\Users\dvacl\AppData\Local\Hash
2024-02-22 21:54 - 2024-02-22 21:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Professional Plus
2024-02-22 21:54 - 2024-02-22 21:54 - 000000000 ____D C:\Program Files (x86)\CCleaner Professional Plus
2024-02-22 21:48 - 2024-02-22 21:48 - 000000000 ____D C:\Users\dvacl\AppData\Roaming\Zoner
2024-02-22 19:47 - 2024-02-22 19:47 - 000001900 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Upscayl.lnk
2024-02-22 19:47 - 2024-02-22 19:47 - 000000000 ____D C:\Users\dvacl\AppData\Roaming\Upscayl
2024-02-22 19:47 - 2024-02-22 19:47 - 000000000 ____D C:\Users\dvacl\AppData\Local\upscayl-updater
2024-02-22 19:47 - 2024-02-22 19:47 - 000000000 ____D C:\Program Files\Upscayl
2024-02-20 20:08 - 2024-02-20 20:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2024-02-18 20:07 - 2024-02-22 19:55 - 000000000 ____D C:\Users\dvacl\Desktop\Nová složka
2024-02-18 13:25 - 2024-02-18 13:39 - 000000000 ___HD C:\Users\dvacl\AppData\Roaming\Cache
2024-02-18 13:25 - 2024-02-18 13:25 - 000000000 ____D C:\Users\dvacl\AppData\Local\Dakar2Game
2024-02-18 13:23 - 2024-02-18 13:23 - 000000000 ____D C:\Users\dvacl\AppData\Local\EpicOnlineServicesUIHelper
2024-02-18 12:12 - 2024-02-18 12:12 - 000001942 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO ViewPoint 4.lnk
2024-02-18 12:11 - 2024-02-18 12:11 - 000000000 ____D C:\Program Files\DxO Labs
2024-02-18 12:09 - 2024-02-18 12:09 - 000002058 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO PureRAW 3.lnk
2024-02-18 12:03 - 2024-02-18 12:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Photo AI
2024-02-10 22:10 - 2024-02-10 22:10 - 000000000 ____D C:\Users\dvacl\AppData\Local\PenDriverProIntro
2024-02-06 02:48 - 2024-02-06 02:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerShell
2024-02-06 02:48 - 2024-02-06 02:48 - 000000000 ____D C:\Program Files\PowerShell
2024-02-05 17:31 - 2024-02-05 17:31 - 000000000 ____D C:\WINDOWS\Panther
2024-01-25 15:37 - 2024-01-25 15:37 - 000000000 ____D C:\Users\dvacl\AppData\Local\KP_TheTournament
2024-01-25 15:33 - 2024-01-25 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2024-01-25 15:33 - 2024-01-25 15:33 - 000000000 ____D C:\Users\dvacl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2024-01-25 15:33 - 2024-01-25 15:33 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2024-01-25 15:32 - 2024-01-25 15:32 - 000000000 ____D C:\Users\dvacl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2024-01-25 15:29 - 2024-01-25 15:29 - 000000000 ____D C:\Users\dvacl\AppData\LocalLow\AMD
2024-01-25 15:28 - 2024-02-23 02:04 - 000003100 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2024-01-25 15:25 - 2024-01-25 15:25 - 000003484 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2024-01-25 15:25 - 2024-01-25 15:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition
2024-01-25 15:25 - 2024-01-25 15:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2024-01-25 15:22 - 2024-01-18 19:13 - 000856704 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-01-25 15:22 - 2024-01-18 19:13 - 000856704 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-01-25 15:22 - 2024-01-18 19:13 - 000737296 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-01-25 15:22 - 2024-01-18 19:13 - 000737296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-01-25 15:22 - 2024-01-18 19:13 - 000682016 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-01-25 15:22 - 2024-01-18 19:13 - 000682016 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-01-25 15:22 - 2024-01-18 19:13 - 000667720 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-01-25 15:22 - 2024-01-18 19:13 - 000667720 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-01-25 15:22 - 2024-01-18 19:13 - 000607656 _____ C:\WINDOWS\system32\GameManager64.dll
2024-01-25 15:22 - 2024-01-18 19:13 - 000548888 _____ C:\WINDOWS\system32\libsmi_guest.dll
2024-01-25 15:22 - 2024-01-18 19:13 - 000524312 _____ C:\WINDOWS\system32\libsmi_host.dll
2024-01-25 15:22 - 2024-01-18 19:13 - 000207376 _____ C:\WINDOWS\system32\mantle64.dll
2024-01-25 15:22 - 2024-01-18 19:13 - 000186384 _____ C:\WINDOWS\system32\mantleaxl64.dll
2024-01-25 15:22 - 2024-01-18 19:13 - 000165288 _____ C:\WINDOWS\SysWOW64\mantle32.dll
2024-01-25 15:22 - 2024-01-18 19:13 - 000149008 _____ C:\WINDOWS\SysWOW64\mantleaxl32.dll
2024-01-25 15:22 - 2024-01-18 19:12 - 000975488 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2024-01-25 15:22 - 2024-01-18 19:12 - 000537208 _____ C:\WINDOWS\system32\atieah64.exe
2024-01-25 15:22 - 2024-01-18 19:12 - 000503720 _____ C:\WINDOWS\system32\EEURestart.exe
2024-01-25 15:22 - 2024-01-18 19:12 - 000473104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2024-01-25 15:22 - 2024-01-18 19:12 - 000462352 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2024-01-25 15:22 - 2024-01-18 19:12 - 000406144 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2024-01-25 15:22 - 2024-01-18 19:12 - 000266880 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2024-01-25 15:22 - 2024-01-18 19:12 - 000228992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2024-01-25 15:22 - 2024-01-18 19:12 - 000210760 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2024-01-25 15:22 - 2024-01-18 19:12 - 000196008 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2024-01-25 15:22 - 2024-01-18 19:12 - 000184232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2024-01-25 15:22 - 2024-01-18 19:12 - 000174680 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2024-01-25 15:22 - 2024-01-18 19:12 - 000148392 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2024-01-25 15:22 - 2024-01-18 19:11 - 011756928 _____ C:\WINDOWS\system32\amdsmi.exe
2024-01-25 15:22 - 2024-01-18 19:11 - 002245136 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsasrv64.dll
2024-01-25 15:22 - 2024-01-18 19:11 - 001617432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2024-01-25 15:22 - 2024-01-18 19:11 - 001617432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2024-01-25 15:22 - 2024-01-18 19:11 - 001338280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsacli64.dll
2024-01-25 15:22 - 2024-01-18 19:11 - 001059456 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdsacli32.dll
2024-01-25 15:22 - 2024-01-18 19:11 - 000138776 _____ C:\WINDOWS\system32\amdxc64.dll
2024-01-25 15:22 - 2024-01-18 19:11 - 000114712 _____ C:\WINDOWS\SysWOW64\amdxc32.dll
2024-01-25 15:22 - 2024-01-18 19:11 - 000074880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2024-01-25 15:22 - 2024-01-18 19:10 - 004384680 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdadlx64.dll
2024-01-25 15:22 - 2024-01-18 19:10 - 004189712 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdadlx32.dll
2024-01-25 15:22 - 2024-01-18 19:10 - 000943632 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2024-01-25 15:22 - 2024-01-18 19:10 - 000801192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2024-01-25 15:22 - 2024-01-18 19:10 - 000771096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2024-01-25 15:22 - 2024-01-18 19:10 - 000678416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2024-01-25 15:22 - 2024-01-18 19:10 - 000569768 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2024-01-25 15:22 - 2024-01-18 19:10 - 000542736 _____ C:\WINDOWS\system32\dgtrayicon.exe
2024-01-25 15:22 - 2024-01-18 19:10 - 000433688 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2024-01-25 15:22 - 2024-01-18 19:10 - 000051112 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2024-01-25 15:22 - 2024-01-18 19:10 - 000048144 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2024-01-25 15:22 - 2024-01-18 19:09 - 105410064 _____ C:\WINDOWS\system32\amd_comgr.dll
2024-01-25 15:22 - 2024-01-18 19:09 - 088606232 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2024-01-25 15:22 - 2024-01-18 19:09 - 001725672 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2024-01-25 15:22 - 2024-01-18 19:09 - 001400128 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2024-01-25 15:22 - 2024-01-18 19:09 - 000524928 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-01-25 15:22 - 2024-01-18 19:09 - 000471056 _____ C:\WINDOWS\system32\amdlogum.exe
2024-01-25 15:22 - 2024-01-18 19:09 - 000390560 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-01-25 15:22 - 2024-01-18 19:09 - 000337856 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdfendr.stz
2024-01-25 15:22 - 2024-01-18 19:09 - 000176664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2024-01-25 15:22 - 2024-01-18 19:09 - 000167168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2024-01-25 15:22 - 2024-01-18 19:09 - 000157152 _____ C:\WINDOWS\system32\atidxx64.dll
2024-01-25 15:22 - 2024-01-18 19:09 - 000145432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl.dll
2024-01-25 15:22 - 2024-01-18 19:09 - 000138128 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2024-01-25 15:22 - 2024-01-18 19:09 - 000130672 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2024-01-25 15:22 - 2024-01-18 19:09 - 000102824 _____ C:\WINDOWS\system32\clinfo.exe
2024-01-25 15:22 - 2024-01-18 19:09 - 000056256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdfendrmgr.stz
2024-01-25 15:22 - 2024-01-18 19:08 - 019434000 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2024-01-25 15:22 - 2024-01-18 19:08 - 000572064 _____ C:\WINDOWS\system32\amdmiracast.dll
2024-01-25 15:22 - 2024-01-18 19:08 - 000177600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2024-01-25 15:22 - 2024-01-18 19:08 - 000167168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2024-01-25 15:22 - 2024-01-18 19:08 - 000152256 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2024-01-25 15:22 - 2024-01-18 19:08 - 000138240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2024-01-25 15:22 - 2024-01-18 18:31 - 109628240 _____ C:\WINDOWS\system32\amdxc64.so
2024-01-24 13:08 - 2024-01-24 13:08 - 000019697 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-01-24 13:07 - 2024-01-24 13:07 - 000019697 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-02-23 03:10 - 2022-07-18 00:04 - 000000000 ___HD C:\Users\dvacl\AppData\Local\CrashDumps
2024-02-23 03:01 - 2022-06-15 19:52 - 000000000 ____D C:\ProgramData\Piriform
2024-02-23 02:23 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-23 02:08 - 2023-03-29 15:48 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-02-23 02:08 - 2019-12-07 15:43 - 000716726 _____ C:\WINDOWS\system32\perfh005.dat
2024-02-23 02:08 - 2019-12-07 15:43 - 000144904 _____ C:\WINDOWS\system32\perfc005.dat
2024-02-23 02:08 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-02-23 02:05 - 2022-06-17 23:56 - 000000000 ___HD C:\Users\dvacl\AppData\Roaming\LGHUB
2024-02-23 02:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2024-02-23 02:04 - 2023-11-05 20:56 - 000003092 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2024-02-23 02:04 - 2023-03-29 15:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-02-23 02:04 - 2022-06-15 11:25 - 000000000 ___HD C:\Users\dvacl\AppData\Local\LGHUB
2024-02-23 02:04 - 2022-06-15 10:51 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2024-02-23 02:04 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-02-23 02:04 - 2019-12-07 09:32 - 000008192 ___SH C:\DumpStack.log.tmp
2024-02-23 02:03 - 2023-08-27 06:50 - 000003124 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2024-02-23 00:54 - 2023-11-08 22:44 - 000000000 ____D C:\Program Files (x86)\Zoner Photo Studio X
2024-02-23 00:44 - 2023-03-29 15:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-02-22 22:13 - 2022-06-15 15:44 - 000000000 ____D C:\Program Files\WinRAR
2024-02-22 22:12 - 2022-07-15 01:35 - 000000000 ____D C:\ProgramData\Package Cache
2024-02-22 22:07 - 2022-06-15 15:44 - 000000000 ___HD C:\Users\dvacl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-02-22 22:07 - 2022-06-15 15:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-02-22 22:05 - 2022-07-13 00:04 - 000000000 ____D C:\Program Files\Calibre2
2024-02-22 21:59 - 2023-06-28 04:48 - 000000000 ____D C:\Program Files\Steam
2024-02-22 19:49 - 2022-06-15 11:15 - 000000000 ___HD C:\Users\dvacl\AppData\Local\D3DSCache
2024-02-22 15:28 - 2022-06-15 11:48 - 000000000 ___HD C:\Users\dvacl\AppData\Local\AMD_Common
2024-02-22 11:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-02-20 23:17 - 2023-01-04 03:04 - 000000000 ____D C:\Users\dvacl\AppData\Roaming\AIMP
2024-02-20 21:19 - 2022-09-08 04:11 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-02-20 20:08 - 2022-06-15 16:54 - 000000000 ____D C:\Program Files (x86)\Google
2024-02-18 22:47 - 2023-07-20 16:21 - 000000000 ____D C:\Users\dvacl\AppData\Roaming\vlc
2024-02-18 13:09 - 2022-06-18 00:04 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-02-18 12:08 - 2023-10-10 22:04 - 000000000 ____D C:\Program Files\DxO
2024-02-18 03:45 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-18 02:00 - 2020-08-27 23:24 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-02-16 19:37 - 2023-03-29 15:46 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-87297680-2717088268-3221549041-1001
2024-02-16 19:37 - 2023-03-29 15:46 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-02-16 19:37 - 2022-06-15 17:43 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-02-16 07:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-02-16 07:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-02-16 06:39 - 2022-12-09 00:27 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-02-15 16:55 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-02-15 16:53 - 2023-03-29 15:43 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-02-15 16:49 - 2023-01-29 04:24 - 000000000 ____D C:\Program Files\dotnet
2024-02-15 16:49 - 2022-06-16 20:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-02-15 16:46 - 2022-06-16 20:11 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-02-15 16:46 - 2022-06-15 16:54 - 000002172 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2024-02-15 16:46 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-02-10 18:40 - 2022-08-18 01:04 - 000000000 ___HD C:\Users\dvacl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-02-10 04:13 - 2023-03-29 15:03 - 000000000 ____D C:\Users\dvacl
2024-02-10 01:32 - 2023-08-24 22:32 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2024-02-07 00:32 - 2022-06-15 11:17 - 000000000 ___HD C:\Users\dvacl\AppData\Local\PlaceholderTileLogoFolder
2024-02-07 00:32 - 2022-06-15 11:15 - 000000000 ___HD C:\Users\dvacl\AppData\Local\Packages
2024-02-06 02:39 - 2023-03-29 15:46 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-02-06 02:39 - 2023-03-29 15:46 - 000003546 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d8809d8963615e
2024-02-06 01:04 - 2020-08-17 23:56 - 000000000 __SHD C:\Users\dvacl\IntelGraphicsProfiles
2024-02-05 16:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-01-26 20:48 - 2022-06-15 11:15 - 000000000 ___HD C:\Users\dvacl\AppData\Local\AMD
2024-01-26 17:32 - 2023-03-22 11:34 - 000000000 ____D C:\Users\dvacl\AppData\Roaming\AMD
2024-01-25 15:37 - 2022-10-29 21:09 - 000000000 ___HD C:\Users\dvacl\AppData\Local\UnrealEngine
2024-01-25 15:34 - 2023-03-29 15:13 - 000259848 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-01-25 15:30 - 2022-07-24 14:21 - 000000000 ___HD C:\Users\dvacl\AppData\Roaming\Pentablet V3
2024-01-25 15:29 - 2022-06-15 10:51 - 000000000 ____D C:\Program Files\AMD
2024-01-25 15:29 - 2020-06-05 16:40 - 000000000 ____D C:\AMD
2024-01-25 15:25 - 2023-09-18 12:43 - 000003152 _____ C:\WINDOWS\system32\Tasks\StartCN
2024-01-25 15:25 - 2023-09-18 12:43 - 000003072 _____ C:\WINDOWS\system32\Tasks\StartDVR
2024-01-24 14:56 - 2019-12-07 15:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2024-01-24 14:56 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-01-24 14:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-01-24 14:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-01-24 14:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-01-24 14:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-01-24 14:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-01-24 14:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-01-24 14:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-01-24 14:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-01-24 14:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
==================== Files in the root of some directories ========
2023-07-17 02:52 - 2023-07-17 02:52 - 000000273 _____ () C:\ProgramData\fontcacheev1.dat
2023-03-29 20:25 - 2023-03-29 20:25 - 000000058 _____ () C:\Users\dvacl\AppData\Roaming\epm_user.ini
2022-06-24 01:13 - 2023-06-28 10:31 - 000007599 ____H () C:\Users\dvacl\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19.02.2024 02
Ran by dvacl (23-02-2024 03:12:43)
Running from C:\Users\dvacl\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.4046 (X64) (2023-03-29 14:46:15)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-87297680-2717088268-3221549041-500 - Administrator - Disabled)
adolf (S-1-5-21-87297680-2717088268-3221549041-1005 - Administrator - Enabled)
DefaultAccount (S-1-5-21-87297680-2717088268-3221549041-503 - Limited - Disabled)
dvacl (S-1-5-21-87297680-2717088268-3221549041-1001 - Administrator - Enabled) => C:\Users\dvacl
Guest (S-1-5-21-87297680-2717088268-3221549041-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-87297680-2717088268-3221549041-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_12_5) (Version: 12.5 - Adobe Inc.)
Adobe Photoshop 2024 (HKLM-x32\...\PHSP_25_1) (Version: 25.1.0.120 - Adobe Inc.)
AIMP (HKLM\...\AIMP) (Version: 5.11.2436 - Artem Izmaylov)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 24.1.1 - Advanced Micro Devices, Inc.)
Branding64 (HKLM\...\{492AEFBE-1B81-4C20-A111-E6974BB98EC5}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden
calibre 64bit (HKLM\...\{889C12E8-C41B-4B69-A422-996F3CFA580C}) (Version: 7.5.1 - Kovid Goyal)
Centrum zařízení Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
DxO FilmPack 7 (HKLM\...\DxO FilmPack 7) (Version: 7.0.0 - DxO Labs)
DxO PhotoLab 7 (HKLM\...\{C8B58436-FCEC-4348-B976-39125AE31DDB}) (Version: 7.1.0 - DxO)
DxO PhotoLab 7 plug-in for Adobe Lightroom (HKLM-x32\...\{F222C53C-2900-4DC7-A3BF-926BCA1075CC}) (Version: 1.7.0 - DxO Labs)
DxO PureRAW 3 (HKLM\...\{F65833A8-28A8-473E-8101-6ED380A0F662}) (Version: 3.10.0 - DxO)
DxO ViewPoint 4 (HKLM\...\DxO ViewPoint 4) (Version: 4.14.0 - DxO Labs)
Easy Audio Extractor v. 1.0 (HKLM-x32\...\Easy Audio Extractor_is1) (Version: - Video-Easy.com)
Epic Games Launcher (HKLM-x32\...\{AEB35C6C-B6D4-4AA0-8452-DE699737B5F6}) (Version: 1.3.82.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{35905844-0610-427D-86A0-2103FABE3D4D}) (Version: 2.0.42.0 - Epic Games, Inc.)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 86.0.9.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 121.0.6167.185 - Google LLC)
Helicon Focus 8.1.0.0 (HKLM\...\Helicon Focus 8_is1) (Version: - Helicon Soft Ltd.)
IntelliJ IDEA Community Edition 2023.3.2 (HKLM-x32\...\IntelliJ IDEA Community Edition 2023.3.2) (Version: 233.13135.103 - JetBrains s.r.o.)
Java(TM) SE Development Kit 21.0.2 (64-bit) (HKLM\...\{4279F87C-3082-5077-A915-E01597628FDF}) (Version: 21.0.2.0 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Microsoft .NET Host - 6.0.27 (x64) (HKLM\...\{3A96B93E-763F-41E7-85C7-1F3CCC37EF27}) (Version: 48.108.8828 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.27 (x64) (HKLM\...\{7447A794-FA2E-42BE-BA9A-5FCBD54C5DF3}) (Version: 48.108.8828 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.27 (x64) (HKLM\...\{79043ED0-7ED1-4227-A5E5-04C5594D21F7}) (Version: 48.108.8828 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 121.0.2277.128 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 121.0.2277.128 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.020.0128.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.27 (x64) (HKLM\...\{E634F316-BEB6-4FB3-A612-F7102F576165}) (Version: 48.108.8836 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.27 (x64) (HKLM-x32\...\{d87ae0f4-64a6-4b94-859a-530b9c313c27}) (Version: 6.0.27.33320 - Microsoft Corporation)
MSI Afterburner 4.6.5 (HKLM-x32\...\Afterburner) (Version: 4.6.5 - MSI Co., LTD)
Nik Collection 6 (HKLM-x32\...\{bc9afc28-aaca-4dd1-9915-61b3f788ba50}) (Version: 6.3.0 - DxO)
NikCollection (HKLM\...\{BE7C2617-9F37-47E1-9E92-0C17F05F7F9E}) (Version: 6.3.0.6 - DxO) Hidden
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
PC Manager(Beta) (HKLM-x32\...\MSPCManager) (Version: 3.4.7.0 - Microsoft Corporation)
Pentablet verze 3.2.2.211028 (HKLM\...\{5DAB8C1A-6D8E-467D-BE62-AC13087AA950}_is1) (Version: 3.2.2.211028 - XP-PEN Technology)
PowerShell 7-x64 (HKLM\...\{B06D1894-3827-4E0C-A092-7DC50BE8B210}) (Version: 7.4.1.0 - Microsoft Corporation)
Remote Mouse version 4.601 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 4.601 - Remote Mouse)
RivaTuner Statistics Server 7.3.4 (HKLM-x32\...\RTSS) (Version: 7.3.4 - Unwinder)
SPC Gear GK550 Omnis Kailh RGB (HKLM-x32\...\{12F382E1-63D4-4B94-BD32-5F845E74FC79}) (Version: 1.00 - COOLING.PL Zdziech Spolka Jawna)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Topaz Photo AI (HKLM\...\{058B044A-5D2E-4436-B244-64DF27D6FFB9}) (Version: 2.3.2 - Topaz Labs LLC)
Topaz Video AI (HKLM\...\{3969E068-F008-4E88-892B-7215F9FD756D}) (Version: 3.3.3 - Topaz Labs LLC)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
Upscayl 2.9.9 (HKLM\...\2e801529-9c6a-5917-960e-278558728760) (Version: 2.9.9 - Nayam Amarshe)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\Wargaming.net Game Center) (Version: 23.7.0.4683 - Wargaming.net)
Webshare klient (HKLM-x32\...\Webshare klient) (Version: - )
WinRAR 6.24 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH)
Wondershare Filmora 11(Build 11.6.3.639) (HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\Wondershare Filmora 11_is1) (Version: - Wondershare Software)
World of Tanks EU (HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\2314027414) (Version: - Wargaming.net)
Youtube Downloader HD v. 5.4.2 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
Packages:
=========
AMD Link -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDLink_10.23.30003.0_x64__0a9344xs7nr4m [2024-01-26] (Advanced Micro Devices Inc.)
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.61781.0_x64__8wekyb3d8bbwe [2023-07-15] (Microsoft Corporation)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-03-29] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2023-03-29] (Microsoft Corporation)
Ink Draft -> C:\Program Files\WindowsApps\Microsoft.InkDraft_1.0.1.0_neutral__8wekyb3d8bbwe [2023-03-29] (Microsoft Corporation)
Mapy Google -> C:\Program Files\WindowsApps\www.google.cz-8E3BC5BE_1.0.0.0_neutral__fe2n8kjbpfetm [2024-01-20] (www.google.cz)
Real HEIC to JPG Converter -> C:\Program Files\WindowsApps\36059XiaoyaStudio.RealHEICConverter_2.2.23.0_x86__ngh7ertwt50re [2023-12-04] (Xiaoya Lab)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-24] (Microsoft Corporation)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.5.0_x64__cv1g1gvanyjgm [2024-01-30] (WhatsApp Inc.) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-87297680-2717088268-3221549041-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\86.0.9.0\drivefsext.dll [2024-02-15] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\86.0.9.0\drivefsext.dll [2024-02-15] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\86.0.9.0\drivefsext.dll [2024-02-15] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\86.0.9.0\drivefsext.dll [2024-02-15] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-09] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-09] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-09] (Adobe Inc. -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-09] (Adobe Inc. -> )
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> No File
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\86.0.9.0\drivefsext.dll [2024-02-15] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> No File
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\86.0.9.0\drivefsext.dll [2024-02-15] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2024-01-04] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\86.0.9.0\drivefsext.dll [2024-02-15] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2020-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-09] (Adobe Inc. -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__ebaakkhnommmgmlbagjehhjfhkkmhhaa\Mapy Google.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=ebaakkhnommmgmlbagjehhjfhkkmhhaa --app-url=hxxps://www.google.cz/maps?force=tt&source=ttpwa --app-launch-source=4
ShortcutWithArgument: C:\Users\dvacl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mapy Google.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=ebaakkhnommmgmlbagjehhjfhkkmhhaa --app-url=hxxps://www.google.cz/maps?force=tt&source=ttpwa --app-launch-source=4
==================== Loaded Modules (Whitelisted) =============
2023-04-02 23:48 - 2023-04-02 23:48 - 000232960 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2023-04-02 23:48 - 2023-04-02 23:48 - 000059392 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2023-04-02 23:49 - 2023-04-02 23:49 - 000699904 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2023-04-02 23:48 - 2023-04-02 23:48 - 000074240 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2023-04-02 23:48 - 2023-04-02 23:48 - 000371712 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2022-07-11 01:36 - 2023-02-04 18:56 - 000073728 _____ () [File not signed] C:\Program Files (x86)\Remote Mouse\windows_api.dll
2023-06-28 02:05 - 2023-06-28 01:25 - 000164864 _____ () [File not signed] C:\Program Files\LGHUB\resources\app.asar.unpacked\keytar.node
2022-11-20 13:37 - 2013-12-01 11:38 - 000036352 _____ (0) [File not signed] C:\Program Files\SPC_Gear\HidServ.dll
2022-07-24 14:21 - 2019-12-30 21:01 - 000036352 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\imageformats\qdds.dll
2022-07-24 14:21 - 2019-12-30 21:00 - 000022016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\imageformats\qgif.dll
2022-07-24 14:21 - 2019-12-30 21:01 - 000029184 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\imageformats\qicns.dll
2022-07-24 14:21 - 2019-12-30 21:00 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\imageformats\qico.dll
2022-07-24 14:21 - 2019-12-30 21:00 - 000206848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\imageformats\qjpeg.dll
2022-07-24 14:21 - 2019-12-30 21:12 - 000016896 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\imageformats\qsvg.dll
2022-07-24 14:21 - 2019-12-30 21:01 - 000016384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\imageformats\qtga.dll
2022-07-24 14:21 - 2019-12-30 21:02 - 000310272 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\imageformats\qtiff.dll
2022-07-24 14:21 - 2019-12-30 21:02 - 000015360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\imageformats\qwbmp.dll
2022-07-24 14:21 - 2019-12-30 21:03 - 000287232 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\imageformats\qwebp.dll
2022-07-24 14:21 - 2019-12-30 21:00 - 000966144 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\platforms\qwindows.dll
2022-07-24 14:21 - 2019-12-31 12:35 - 004686848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\Qt5Core.dll
2022-07-24 14:21 - 2019-12-30 20:33 - 005035008 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\Qt5Gui.dll
2022-07-24 14:21 - 2019-12-30 20:24 - 000674816 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\Qt5Network.dll
2022-07-24 14:21 - 2019-12-30 21:12 - 000251392 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\Qt5Svg.dll
2022-07-24 14:21 - 2019-12-30 20:49 - 004518912 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\Qt5Widgets.dll
2022-07-24 14:21 - 2019-12-30 20:24 - 000151040 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-12-16 05:52 - 2024-02-22 21:51 - 000000628 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 easeus.com
127.0.0.1 www.easeus.com
127.0.0.1 activation.easeus.com
127.0.0.1 easeus.com.cn
127.0.0.1 www.easeus.com.cn
127.0.0.1 track.easeus.com
127.0.0.1 track.easeus.com.cn
127.0.0.1 api.easeus.com
127.0.0.1 update.easeus.com
127.0.0.1 map2.hwcdn.net
127.0.0.1 easeusinfo.us-east-1.log.aliyuncs.com
127.0.0.1 aaa100cd68bbe03f3.awsglobalaccelerator.com
127.0.0.1 uompro.easeus.com
127.0.0.1 order.easeus.com
127.0.0.1 curl.haxx.se
127.0.0.1 buy.easeus.com
127.0.0.1 v2api-uoss.easeus.com
127.0.0.1 ic.adobe.io
127.0.0.1 1hzopx6nz7.adobe.io
0.0.0.0 account.zoner.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\dvacl\AppData\Local\Microsoft\WindowsApps;C:\adb;C:\Program Files\dotnet\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\ProgramData\chocolatey\bin;C:\Program Files\PowerShell\7\
HKCU\Environment\\Path -> %USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dvacl\Desktop\IMGP0869vb.jpeg
DNS Servers: 10.0.1.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "PowerDVD22Agent"
HKLM\...\StartupApproved\Run: => "AdobePSE21AutoAnalyzer"
HKLM\...\StartupApproved\Run: => "WindowsMasterUI"
HKLM\...\StartupApproved\Run32: => "ccleaner_update_helper"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\StartupApproved\Run: => "CyberlinkPowerPlayerMediaServer_PowerDVD22"
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{9E2FF481-7DDB-4B4D-A0D3-98D6B02C6CF6}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [File not signed]
FirewallRules: [{ECE019F3-3FE1-4BEB-893A-E234795AEEF4}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [File not signed]
FirewallRules: [{8D621E16-E833-4755-99A5-BB786E753835}] => (Allow) C:\program files (x86)\remote mouse\remotemouse.exe (remotemouse.net) [File not signed]
FirewallRules: [{FEEA67DA-B594-4102-95E1-F053FA61415E}] => (Allow) C:\program files (x86)\remote mouse\remotemouse.exe (remotemouse.net) [File not signed]
FirewallRules: [UDP Query User{8A656EA6-3E64-4ED4-A02E-F7AC67AC7350}C:\users\dvacl\appdata\local\warthunder\win64\aces.exe] => (Allow) C:\users\dvacl\appdata\local\warthunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{7DE5E24F-2F46-43E4-84CB-D05B392360A1}C:\users\dvacl\appdata\local\warthunder\win64\aces.exe] => (Allow) C:\users\dvacl\appdata\local\warthunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{73F40275-8F63-4011-93CD-DDD2B00F9BBD}C:\users\dvacl\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\dvacl\appdata\local\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [TCP Query User{62D5740B-AA9E-4284-A96F-F0B425696495}C:\users\dvacl\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\dvacl\appdata\local\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [{A2D71F58-6B64-421B-85FC-5310CA44B3F6}] => (Block) %ProgramFiles%\CCleaner\CCleaner64.exe => No File
FirewallRules: [{ADA8C4FF-681A-4CBF-BCE7-A9C97DA4628A}] => (Block) %ProgramFiles%\CCleaner\CCleaner.exe => No File
FirewallRules: [{53BA0509-8FD4-4A15-92D1-BE570B7B9C88}] => (Block) %ProgramFiles%\CCleaner\CCUpdate.exe => No File
FirewallRules: [{E52E1085-3270-483C-BBBB-BDCB2EA98314}] => (Allow) LPort=32682
FirewallRules: [{1D8C30F3-78EB-42A4-BF60-6C2853C26199}] => (Allow) LPort=26822
FirewallRules: [UDP Query User{48CBDE99-2422-47E4-B172-5A879CC15355}C:\program files (x86)\remote mouse\remotemouse.exe] => (Allow) C:\program files (x86)\remote mouse\remotemouse.exe (remotemouse.net) [File not signed]
FirewallRules: [TCP Query User{2AEB318E-7B64-4189-A6D1-D35F29E53AB7}C:\program files (x86)\remote mouse\remotemouse.exe] => (Allow) C:\program files (x86)\remote mouse\remotemouse.exe (remotemouse.net) [File not signed]
FirewallRules: [UDP Query User{0B7F1EF0-CAB0-4E7E-AF7C-FCA7924E3196}C:\program files (x86)\microsoft\edge\application\msedge.exe] => (Block) C:\program files (x86)\microsoft\edge\application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{F0213B8D-881A-4E5B-A2A3-5644B758C148}C:\program files (x86)\microsoft\edge\application\msedge.exe] => (Block) C:\program files (x86)\microsoft\edge\application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{18F78D5F-7B1E-4DEA-920E-104329AC65C6}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{1FFED861-7EE8-417E-91EF-B844246D70C5}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{BBA33140-D84C-41BB-B375-F11E954DE56A}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{3B9BEFB4-5301-4914-9FF1-84FC5337CC2E}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{9B6CFA8A-A8E3-4A16-B460-161E1B55D2E6}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{09939950-51DB-475E-A108-A414F5AE7EC9}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{6C1D8B01-5D57-4A43-9FD0-2B787D4EA612}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E6F99A53-F8B2-417C-AE8A-3608B62A22F6}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{87DEB0F4-ED0E-4DF6-B41E-09D0FB871BBD}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B7BA164B-90AF-4E7F-8021-21744A73B43F}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{675EB42B-F2B9-4701-B9DD-95CA2457266B}] => (Allow) C:\Program Files\Steam\steamapps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{D9A7EDBB-4F7A-42B5-9363-87EB1E3786DE}] => (Allow) C:\Program Files\Steam\steamapps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [TCP Query User{98878826-0885-4F82-8E6B-0AE96E41CF62}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{3432BC66-FDC6-42BA-8176-1EC5D04BE971}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{0AA3D57D-865C-4A48-BCBB-1F78958F8F9D}] => (Block) C:\Program Files\Adobe\Adobe Lightroom Classic\Lightroom.exe (Adobe Inc. -> Adobe Inc.) [File not signed]
FirewallRules: [{DC91C8C4-D0CA-48CF-9637-CA464DCC3ED8}] => (Block) C:\Program Files\DxO\DxO PureRAW 3\PureRawv3.exe (DxO Labs S.A.S. -> DxO) [File not signed]
FirewallRules: [{13259172-040D-40F1-9496-2D6F1E4F82E0}] => (Block) C:\Program Files\DxO\DxO PureRAW 3\CrashSender.exe (DxO Labs S.A.S. -> DxO)
FirewallRules: [{85D2FB88-38FD-4549-8EDC-BCCA8C199637}] => (Block) C:\Program Files\DxO\DxO PureRAW 3\QtWebEngineProcess.exe (DxO Labs S.A.S. -> The Qt Company Ltd.)
FirewallRules: [{D91675FE-2897-484B-845C-C1756F671BF3}] => (Block) C:\Program Files\DxO\DxO PureRAW 3\PureRawv3_saver.exe (DxO Labs S.A.S. -> DxO)
FirewallRules: [{71D15D95-B739-4A0E-8AF7-7DF364879033}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{D16B1569-23D0-44AA-8BB2-53D4BAE7BFE2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{08932DEF-4D13-4D0C-A113-30E2DAF6C919}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{DAA88087-68B7-4829-933B-6C64B064C2A0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{F25AA9DD-A5DD-42E7-A7CD-121BEBB93A0D}] => (Allow) D:\SteamLibrary\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{00D67CD5-8029-4491-945E-F75284D3C074}] => (Allow) D:\SteamLibrary\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{FD00CCD8-E6AA-46D8-A481-1B198914AB14}] => (Allow) D:\SteamLibrary\steamapps\common\Pacific Drive Demo\PenDriverProIntro.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{A5BE0B06-6535-4983-942C-29A2F5D4C217}] => (Allow) D:\SteamLibrary\steamapps\common\Pacific Drive Demo\PenDriverProIntro.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{45A5DE08-F567-49D1-B661-C185FECCBAA0}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{464B806D-88BB-47F9-B6C6-78EFDB9980F6}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.128\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
15-02-2024 16:49:39 Instalační služba modulů systému Windows
18-02-2024 12:02:14 Installed Topaz Photo AI
18-02-2024 12:07:52 Installed DxO PureRAW 3
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/23/2024 03:12:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchApp.exe, verze: 10.0.19041.3996, časové razítko: 0x517a9e5f
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3996, časové razítko: 0xb756c9ff
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000012d952
ID chybujícího procesu: 0x3294
Čas spuštění chybující aplikace: 0x01da65fd8630b0d0
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: d6babd34-c2ab-4279-89a5-d75b94a501f7
Úplný název chybujícího balíčku: Microsoft.Windows.Search_1.14.12.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI
Error: (02/23/2024 03:10:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchApp.exe, verze: 10.0.19041.3996, časové razítko: 0x517a9e5f
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3996, časové razítko: 0xb756c9ff
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000012d952
ID chybujícího procesu: 0x26dc
Čas spuštění chybující aplikace: 0x01da65fd3e6d57cb
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 8c19fead-9521-4f89-8143-0d1b2aa79811
Úplný název chybujícího balíčku: Microsoft.Windows.Search_1.14.12.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI
Error: (02/23/2024 03:08:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchApp.exe, verze: 10.0.19041.3996, časové razítko: 0x517a9e5f
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3996, časové razítko: 0xb756c9ff
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000012d952
ID chybujícího procesu: 0x3b4
Čas spuštění chybující aplikace: 0x01da65fcf71e6270
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: b71a9b8b-1990-4739-9e28-4f0688a1925b
Úplný název chybujícího balíčku: Microsoft.Windows.Search_1.14.12.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI
Error: (02/23/2024 03:06:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchApp.exe, verze: 10.0.19041.3996, časové razítko: 0x517a9e5f
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3996, časové razítko: 0xb756c9ff
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000012d952
ID chybujícího procesu: 0x9a0
Čas spuštění chybující aplikace: 0x01da65fcafabd6cb
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 9500b50d-ce49-41ec-a091-c1035e22cc1c
Úplný název chybujícího balíčku: Microsoft.Windows.Search_1.14.12.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI
Error: (02/23/2024 03:04:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchApp.exe, verze: 10.0.19041.3996, časové razítko: 0x517a9e5f
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3996, časové razítko: 0xb756c9ff
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000012d952
ID chybujícího procesu: 0x16d8
Čas spuštění chybující aplikace: 0x01da65fc687be02b
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 23f04ed6-04aa-4cea-afc5-a45f2524056c
Úplný název chybujícího balíčku: Microsoft.Windows.Search_1.14.12.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI
Error: (02/23/2024 03:02:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchApp.exe, verze: 10.0.19041.3996, časové razítko: 0x517a9e5f
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3996, časové razítko: 0xb756c9ff
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000012d952
ID chybujícího procesu: 0x25f4
Čas spuštění chybující aplikace: 0x01da65f8e8e25b59
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 9768c789-621d-414e-b796-d05d169f6a11
Úplný název chybujícího balíčku: Microsoft.Windows.Search_1.14.12.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI
Error: (02/23/2024 02:44:26 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Users\Administrator\AppData\Local\Programs\Zoner\ZPS X\Zoner Photo Studio X\Zps.exe se nezdařilo.
Závislé sestavení ZpsCOMLib,processorArchitecture="msil",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (02/23/2024 02:44:26 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Users\Administrator\AppData\Local\Programs\Zoner\ZPS X\Zoner Photo Studio X\Zps.exe se nezdařilo.
Závislé sestavení ZpsCOMLib,processorArchitecture="msil",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
System errors:
=============
Error: (02/23/2024 03:01:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba CCleaner Performance Optimizer Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (02/23/2024 02:06:52 AM) (Source: DCOM) (EventID: 10010) (User: RUDOLF)
Description: Server {373E19B5-76AA-46D5-93A9-2E39A99B39B2} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/23/2024 02:06:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/23/2024 02:06:35 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (120000 ms).
Error: (02/23/2024 02:06:35 AM) (Source: WcesComm) (EventID: 2) (User: )
Description: Spuštění služby pro připojení zařízení se systémem Windows Mobile 2003 se nepodařilo z důvodu chyby CreateSemaphore(0x80070005) (viz data pro kód chyby).
Error: (02/23/2024 02:04:52 AM) (Source: WcesComm) (EventID: 2) (User: )
Description: Spuštění služby pro připojení zařízení se systémem Windows Mobile 2003 se nepodařilo z důvodu chyby CreateSemaphore(0x80070005) (viz data pro kód chyby).
Error: (02/23/2024 12:44:14 AM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk4\DR4 má chybný blok.
Error: (02/23/2024 12:44:10 AM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk4\DR4 má chybný blok.
Windows Defender:
================
Date: 2024-02-23 03:09:49
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_H:\Download\Nepotvrzeno 969159.crdownload; file:_H:\Download\Nepotvrzeno 970361.crdownload
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: RUDOLF\dvacl
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.405.447.0, AS: 1.405.447.0, NIS: 1.405.447.0
Verze modulu: AM: 1.1.24010.10, NIS: 1.1.24010.10
Date: 2024-02-23 03:09:47
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_H:\Download\Nepotvrzeno 969159.crdownload
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: RUDOLF\dvacl
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.405.447.0, AS: 1.405.447.0, NIS: 1.405.447.0
Verze modulu: AM: 1.1.24010.10, NIS: 1.1.24010.10
Date: 2024-02-23 02:40:26
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_H:\Download\Nepotvrzeno 663714.crdownload
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: RUDOLF\dvacl
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.405.447.0, AS: 1.405.447.0, NIS: 1.405.447.0
Verze modulu: AM: 1.1.24010.10, NIS: 1.1.24010.10
Date: 2024-02-23 02:04:43
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Bancteian!pz
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Program Files\CCleaner\CCleaner_Patch22.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel:
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.405.445.0, AS: 1.405.445.0, NIS: 1.405.445.0
Verze modulu: AM: 1.1.24010.10, NIS: 1.1.24010.10
Date: 2024-02-22 22:13:35
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Bancteian!pz
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Program Files\CCleaner\CCleaner_Patch22.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel:
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.405.445.0, AS: 1.405.445.0, NIS: 1.405.445.0
Verze modulu: AM: 1.1.24010.10, NIS: 1.1.24010.10
Event[0]:
Date: 2023-09-06 17:27:52
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.397.486.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23080.2005
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.
Date: 2023-08-24 22:20:28
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.395.1217.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23070.1005
Kód chyby: 0x80070643
Popis chyby: Při instalaci došlo k závažné chybě.
Date: 2023-08-24 22:20:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.395.1239.0
Předchozí verze bezpečnostních informací: 1.395.1217.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.23070.1005
Předchozí verze modulu: 1.1.23070.1005
Kód chyby: 0x80070241
Popis chyby: V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
Date: 2023-08-24 22:20:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.395.1239.0
Předchozí verze bezpečnostních informací: 1.395.1217.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.23070.1005
Předchozí verze modulu: 1.1.23070.1005
Kód chyby: 0x80070241
Popis chyby: V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
Date: 2023-08-24 21:59:53
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0
CodeIntegrity:
===============
Date: 2023-08-26 18:13:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume3\Program Files\Google\Drive File Stream\79.0.2.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.
Date: 2023-08-24 22:20:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Definition Updates\{9E1FEF6E-48DE-4830-A06F-4438ABFFDE77}\mpengine.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-07-18 12:00:12
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume3\Program Files\Google\Drive File Stream\77.0.3.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.
Date: 2023-06-28 05:23:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume3\Program Files\Google\Drive File Stream\76.0.3.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.
Date: 2023-04-14 02:25:46
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume3\Program Files\Google\Drive File Stream\73.0.4.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. V2.13 03/07/2014
Motherboard: MSI Z77A-G43 (MS-7758)
Processor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Percentage of memory in use: 20%
Total physical RAM: 24523.53 MB
Available physical RAM: 19488.7 MB
Total Virtual: 28107.53 MB
Available Virtual: 20194.7 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:446.44 GB) (Free:112.74 GB) (Model: Patriot Burst) NTFS
Drive d: (SSD) (Fixed) (Total:447.14 GB) (Free:150.39 GB) (Model: Patriot Burst) NTFS
Drive h: (HDD) (Fixed) (Total:763.72 GB) (Free:401.47 GB) (Model: Hitachi HTS543232L9A300) NTFS
\\?\Volume{b65e040e-a494-4b6d-93d6-0bc9300a99a3}\ () (Fixed) (Total:0.57 GB) (Free:0.07 GB) NTFS
\\?\Volume{d765b008-6d47-4712-b3df-090dbd5ce3c7}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 447.1 GB) (Disk ID: 0610802F)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 56DA8679)
Partition 1: (Not Active) - (Size=223.6 GB) - (Type=42)
==========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 098B4315)
Partition: GPT.
==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: C87DD721)
Partition 1: (Not Active) - (Size=223.6 GB) - (Type=42)
==========================================================
Disk: 4 (Size: 298.1 GB) (Disk ID: 97646C29)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=42)
==================== End of Addition.txt =======================
Přispějete na provoz fóra?