Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.04.2024
Ran by dvacl (administrator) on RUDOLF (MSI MS-7758) (13-04-2024 07:08:05)
Running from C:\Users\dvacl\Desktop\FRST64.exe
Loaded Profiles: dvacl
Platform: Microsoft Windows 10 Pro Version 22H2 19045.4291 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\JMRAIDManager\HWRaidManager.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe ->) (Shenzhen EMote Inc. -> remotemouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe ->) (Shenzhen EMote Inc. -> RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(cmd.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(cmd.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\timeout.exe
(DriverStore\FileRepository\u0400376.inf_amd64_fdce69582fa3a6b8\B400781\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0400376.inf_amd64_fdce69582fa3a6b8\B400781\atieclxx.exe
(explorer.exe ->) (Hanvon Ugee Technology Co., Ltd. -> XPPEN TECHNOLOGY CO.) C:\Program Files\Pentablet\PenTablet.exe
(explorer.exe ->) (Logitech -> Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Users\dvacl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0400376.inf_amd64_fdce69582fa3a6b8\B400781\atiesrxx.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Shenzhen EMote Inc. -> ) C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2401.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SpaceAgent.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\spaceman.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.4289_none_7e26f6bc7c7a4793\TiWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [PenTablet] => C:\Program Files\Pentablet\PenTablet.exe [1185688 2023-11-30] (Hanvon Ugee Technology Co., Ltd. -> XPPEN TECHNOLOGY CO.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech -> Logitech Inc.)
HKLM-x32\...\Run: [Launch 0 FwCustom] => C:\Program Files\SPC_Gear\GK550.exe [3572224 2018-11-30] (0) [File not signed]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2024-02-29] (Adobe Inc. -> )
HKLM-x32\...\Run: [Yottamaster RAID Manager] => C:\Program Files (x86)\JMRAIDManager\HWRaidManager.exe [14874624 2020-06-09] () [File not signed]
HKLM-x32\...\Run: [HDD Regenerator] => C:\Program Files (x86)\HDD Regenerator\Shell.exe [3082136 2023-04-24] (Primochenko Dmitriy Valeryevich -> )
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\Run: [MicrosoftEdgeAutoLaunch_DD7281EFDCD22F0502B4473C5E1909BC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4063784 2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4384104 2024-03-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37448168 2024-04-13] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [46056704 2024-03-08] (Logitech Inc -> Logitech, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\123.0.6312.122\Installer\chrmstp.exe [2024-04-12] (Google LLC -> Google LLC)
Startup: C:\Users\dvacl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.exe [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\Users\dvacl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech G HUB.lnk [2024-02-28]
ShortcutTarget: Logitech G HUB.lnk -> C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe (Logitech Inc -> Logitech, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DxO PureRAW 4.lnk [2024-04-13]
ShortcutTarget: DxO PureRAW 4.lnk -> C:\Program Files\DxO\DxO PureRAW 4\PureRawv4.exe (DxO Labs S.A.S. -> DxO)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {FE193012-DA99-4D00-AFEB-92DF7DEA7401} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2024-02-20] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {35E88466-B8E3-42C6-A849-77C1F65FE06B} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2024-02-20] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {24EE0651-0855-49E0-AEE6-747862DE4F2E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {2B8A93C4-B1A0-4454-961F-5DBD1F06156C} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "0629c3db-4193-420a-8d16-09814d8224a9" --version "6.22.10977" --silent
Task: {D51F4F04-DCDA-4241-9027-4AA3FDC914A1} - System32\Tasks\CCleanerSkipUAC - dvacl => C:\Program Files\CCleaner\CCleaner.exe [39024544 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {D4267E85-F5B1-4BFE-A905-B4A5A3FF51CA} - System32\Tasks\GoogleUpdateTaskMachineCore{A333F69B-9112-4CD5-927E-249218C938D5} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-03-01] (Google LLC -> Google LLC)
Task: {6AA89F9F-AB5A-489C-900E-6ADFDF2EC3E4} - System32\Tasks\GoogleUpdateTaskMachineUA{42424F13-CDFC-4856-8A33-92A252BF6164} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-03-01] (Google LLC -> Google LLC)
Task: {869FEA96-B9AF-400A-9B7C-870BFF5A569E} - System32\Tasks\Launch Adobe CCXProcess => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [194056 2024-03-09] (Adobe Inc. -> Adobe Inc.)
Task: {C6DCB9AB-0115-4F6A-A1B7-0BB93D3F0035} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F2DE8265-087C-47A7-9778-4EFA298DEAE4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CBFC95D8-2430-45C3-A65F-C01B62B9365B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4CDFB574-ABDB-4DE8-9837-86D0BBFCF216} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2024-02-20] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {870F81E1-ECC5-437A-9A14-F3376A1EC39B} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60344 2024-02-20] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {874FDF6A-992D-4FF0-BEBC-76D717D39BC4} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [324024 2024-02-20] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {272F487B-E48F-4846-9C49-D50EE58AADB7} - System32\Tasks\WindowsUpdateService => C:\Windows\Download\Rdis.vbs [154 2024-01-07] () [File not signed]
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{11f9f179-a7a1-4227-aa8b-487fb26c6b2b}: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{11f9f179-a7a1-4227-aa8b-487fb26c6b2b}: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default [2024-04-13]
Edge DownloadDir: Default -> E:\Download
Edge HomePage: Default -> hxxp://www.centrum.cz/#utm_source=icq&utm_medium=centrum
Edge StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.google.cz/ ... oogle.com/"
Edge Extension: (Authenticator) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2024-02-28]
Edge Extension: (Video Player) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bobjnignhcpkfnjcgegmdjijonimcmke [2024-02-28]
Edge Extension: (Send to Kindle pro Google Chrome™) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cgdjpilhipecahhcilnafpblkieebhea [2024-02-28]
Edge Extension: (Ruffle - Flash Emulator) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\donbcfbmhbcapadipfkeojnmajbakjdc [2024-04-13]
Edge Extension: (Dokumenty Google offline) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-26]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2024-04-02]
Edge Extension: (GAuth Authenticator) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ilgcnhelpchnceeipipijaljkblbcobl [2024-02-28]
Edge Extension: (Edge relevant text changes) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-28]
Edge Extension: (Super Dark Mode for Edge) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lkmeakjjodlkhbikbpdoeicfodaklkna [2024-03-23]
Edge Extension: (Rozšíření Google Keep pro Chrome) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2024-04-09]
Edge Extension: (uBlock Origin) - C:\Users\dvacl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2024-04-09]
Chrome:
=======
CHR Profile: C:\Users\dvacl\AppData\Local\Google\Chrome\User Data\Default [2024-04-13]
CHR HomePage: Default -> hxxp://www.centrum.cz/#utm_source=icq&utm_medium=centrum
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.google.cz/ ... google.com"
CHR Extension: (Send to Kindle pro Google Chrome™) - C:\Users\dvacl\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdjpilhipecahhcilnafpblkieebhea [2024-03-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\dvacl\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-01]
CHR Extension: (Chrome Remote Desktop) - C:\Users\dvacl\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2024-03-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\dvacl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-03-01]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1081248 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S4 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-08-02] (Epic Games Inc. -> Epic Games, Inc.)
S4 hrsrv; C:\Program Files (x86)\HDD Regenerator\hdsrv.exe [3610520 2023-04-24] (Primochenko Dmitriy Valeryevich -> )
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10994432 2024-03-08] (Logitech Inc -> Logitech, Inc.)
S4 NativePushService; C:\Users\dvacl\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [595352 2023-08-22] (Wondershare Technology Group Co.,Ltd -> Wondershare)
R2 RemoteMouseService.exe; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [19304 2023-12-12] (Shenzhen EMote Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522184 2024-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe [3199648 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe [133576 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 Ahflt; C:\WINDOWS\System32\drivers\ahflt.sys [49592 2023-08-16] (Microsoft Corporation -> Microsoft Corporation)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [36800 2024-04-03] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_54807f69fe156f14\amdsafd.sys [113088 2023-04-13] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
S3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [63392 2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0400376.inf_amd64_fdce69582fa3a6b8\B400781\amdkmdag.sys [106387880 2024-03-14] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [61888 2023-05-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R2 CLFCL5.20; C:\WINDOWS\System32\drivers\CLFCL5.20\000.fcl [46952 2021-03-24] (CyberLink Corp. -> CyberLink Corp.)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 hanvonugeemfilter; C:\WINDOWS\System32\drivers\hanvonugeemfilter.sys [9728 2021-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [226560 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\System32\drivers\hw_cdcacm.sys [127360 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [79624 2022-02-25] (Intel Corporation -> Intel Corporation)
S3 logi_generic_hid_filter; C:\WINDOWS\system32\drivers\logi_generic_hid_filter.sys [62288 2022-09-24] (Logitech Inc -> Logitech)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2022-09-24] (Logitech Inc -> Logitech)
S3 logi_joy_hid_filter; C:\WINDOWS\system32\drivers\logi_joy_hid_filter.sys [63824 2022-09-24] (Logitech Inc -> Logitech)
S3 logi_joy_hid_lo; C:\WINDOWS\system32\drivers\logi_joy_hid_lo.sys [51536 2022-09-24] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-24] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2022-09-24] (Logitech Inc -> Logitech)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2021-03-26] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2021-03-26] (MiniTool Solution Ltd -> )
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [76832 2022-09-30] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20936 2024-04-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601376 2024-04-10] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105760 2024-04-10] (Microsoft Windows -> Microsoft Corporation)
R3 XPPenTablet; C:\WINDOWS\System32\drivers\XPPenTablet.sys [10752 2023-09-27] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 cpuz148; \??\C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-04-13 07:08 - 2024-04-13 07:08 - 000021919 _____ C:\Users\dvacl\Desktop\FRST.txt
2024-04-13 07:07 - 2024-04-13 07:08 - 000000000 ____D C:\FRST
2024-04-13 07:05 - 2024-04-13 07:05 - 000003398 _____ C:\Users\dvacl\OneDrive\Dokumenty\cc_20240413_070548.reg
2024-04-13 06:52 - 2024-04-13 06:52 - 000000000 ____D C:\WINDOWS\Panther
2024-04-13 06:51 - 2024-04-13 06:51 - 000005636 _____ C:\Users\dvacl\OneDrive\Dokumenty\cc_20240413_065115.reg
2024-04-13 06:24 - 2024-04-13 06:24 - 002394112 _____ (Farbar) C:\Users\dvacl\Desktop\FRST64.exe
2024-04-13 06:10 - 2024-04-13 06:10 - 000002222 _____ C:\Users\dvacl\OneDrive\Dokumenty\cc_20240413_061042.reg
2024-04-13 05:18 - 2024-04-13 05:18 - 000003934 _____ C:\Users\dvacl\OneDrive\Dokumenty\cc_20240413_051822.reg
2024-04-13 03:53 - 2024-04-13 03:53 - 000002058 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO PureRAW 4.lnk
2024-04-12 22:13 - 2024-04-12 22:13 - 000000000 ____D C:\Users\dvacl\AppData\Roaming\Microsoft\InputMethod
2024-04-10 12:27 - 2024-04-10 12:27 - 000000000 ___HD C:\$WinREAgent
2024-04-09 22:06 - 2024-04-09 22:06 - 000001546 _____ C:\Users\dvacl\OneDrive\Dokumenty\cc_20240409_220623.reg
2024-04-09 17:51 - 2024-04-09 17:51 - 000004932 _____ C:\Users\dvacl\OneDrive\Dokumenty\cc_20240409_175132.reg
2024-04-09 17:14 - 2024-04-09 17:14 - 000000000 ____D C:\Users\dvacl\AppData\Local\Sentry
2024-04-09 17:09 - 2024-04-09 17:09 - 000002058 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO PureRAW 3.lnk
2024-04-09 17:04 - 2024-04-13 03:53 - 000000000 ____D C:\Users\dvacl\AppData\Local\DxO
2024-04-09 17:04 - 2024-04-09 17:14 - 000000000 ____D C:\Users\dvacl\AppData\Roaming\DxO
2024-04-09 17:04 - 2024-04-09 17:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO Nik Collection 6
2024-04-09 17:04 - 2024-04-09 17:04 - 000000000 ____D C:\ProgramData\DxO
2024-04-09 16:58 - 2024-04-09 16:58 - 000001892 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO FilmPack 7.lnk
2024-04-09 16:53 - 2024-04-09 16:53 - 000001942 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO ViewPoint 4.lnk
2024-04-09 16:52 - 2024-04-13 03:50 - 000000000 ____D C:\Users\dvacl\AppData\Local\DxO_Labs
2024-04-09 16:52 - 2024-04-09 16:52 - 000000000 ____D C:\Program Files\DxO Labs
2024-04-09 16:50 - 2024-04-13 03:52 - 000000000 ____D C:\ProgramData\DxO Labs
2024-04-09 16:48 - 2024-04-13 03:52 - 000000000 ____D C:\Program Files\DxO
2024-04-09 16:48 - 2024-04-09 16:48 - 000001094 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO PhotoLab 7.lnk
2024-04-09 16:40 - 2024-04-09 16:40 - 000004578 _____ C:\Users\dvacl\OneDrive\Dokumenty\cc_20240409_164018.reg
2024-04-09 16:16 - 2024-04-09 16:16 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2024-04-09 15:59 - 2024-04-09 15:59 - 000000000 ___HD C:\$SysReset
2024-04-09 15:23 - 2024-04-09 15:23 - 000020861 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-04-09 15:22 - 2024-04-09 15:22 - 000020861 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-04-09 12:54 - 2024-04-09 12:54 - 000000000 ____D C:\Users\dvacl\AppData\Local\DBG
2024-04-09 12:54 - 2024-04-09 12:54 - 000000000 ____D C:\Users\dvacl\AppData\Local\CrashReportClient
2024-04-09 07:53 - 2024-04-09 08:10 - 000000000 ____D C:\Program Files (x86)\Setup
2024-04-09 07:45 - 2024-04-09 08:15 - 000000004 ____H C:\ProgramData\rc61.dat
2024-04-09 07:44 - 2024-04-09 07:44 - 000000128 ____H C:\ProgramData\resource-b.dat
2024-04-09 07:44 - 2024-04-09 07:44 - 000000128 ____H C:\ProgramData\resource-a.dat
2024-04-09 07:44 - 2024-04-09 07:44 - 000000008 ____H C:\ProgramData\ts61.dat
2024-04-09 07:43 - 2024-04-09 08:17 - 000000000 ____D C:\ProgramData\MediaDevicePicker 3.0.194.61
2024-04-09 07:43 - 2024-04-09 08:10 - 000000000 ____D C:\Users\dvacl\AppData\Local\Sun Vox
2024-04-09 07:43 - 2024-04-09 08:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2024-04-09 07:43 - 2024-04-09 08:10 - 000000000 ____D C:\Program Files\nodejs
2024-04-09 07:43 - 2024-04-09 07:43 - 000000000 ____D C:\Users\dvacl\AppData\Roaming\npm
2024-04-09 07:43 - 2024-04-09 07:43 - 000000000 ____D C:\ProgramData\NetTrace
2024-04-09 07:42 - 2024-04-09 07:42 - 000000000 ___HD C:\ProgramData\Intel
2024-04-09 07:42 - 2024-04-09 07:42 - 000000000 ____D C:\Users\dvacl\AppData\Roaming\Opera Software
2024-04-09 07:42 - 2024-04-09 07:42 - 000000000 ____D C:\Users\dvacl\AppData\Local\Opera Software
2024-04-06 14:05 - 2024-04-06 14:05 - 000000000 ____D C:\ProgramData\Codemasters
2024-04-06 13:42 - 2024-04-09 04:55 - 000000000 ____D C:\Users\dvacl\OneDrive\Dokumenty\FIFA 19
2024-04-06 13:40 - 2024-04-06 13:40 - 000000000 ____D C:\ProgramData\Origin
2024-04-06 11:17 - 2024-04-06 11:17 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2024-04-06 11:17 - 2024-04-06 11:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 19
2024-04-06 10:38 - 2024-04-06 10:38 - 000000000 ____D C:\Users\dvacl\OneDrive\Dokumenty\FIFAData.e_p4_fifa_19_patcha.Win32
2024-04-06 05:50 - 2024-04-06 05:50 - 000000000 ____D C:\Users\dvacl\AppData\Local\ElevatedDiagnostics
2024-04-06 04:28 - 2024-04-06 04:28 - 000001192 _____ C:\Users\dvacl\OneDrive\Dokumenty\cc_20240406_042834.reg
2024-04-04 14:35 - 2024-04-04 14:35 - 000003762 _____ C:\Users\dvacl\OneDrive\Dokumenty\cc_20240404_143538.reg
2024-04-03 04:18 - 2024-04-03 04:18 - 000012376 _____ C:\Users\dvacl\OneDrive\Dokumenty\cc_20240403_041810.reg
2024-04-03 03:05 - 2024-04-09 15:21 - 000000000 ____D C:\Users\dvacl\AppData\Roaming\Easeware
2024-04-03 02:57 - 2024-04-03 02:57 - 000000000 ____D C:\Users\dvacl\New Folder
2024-04-03 02:55 - 2024-04-03 02:55 - 000000000 ____D C:\Users\dvacl\AppData\Local\Adaware
2024-04-03 00:17 - 2024-04-03 00:17 - 000000000 ____D C:\Users\dvacl\AppData\Local\Downloaded Installations
2024-04-02 22:41 - 2024-04-02 22:41 - 000002088 _____ C:\Users\dvacl\OneDrive\Dokumenty\cc_20240402_224102.reg
2024-04-02 13:37 - 2024-04-03 18:40 - 000000000 ____D C:\Users\dvacl\AppData\Roaming\BSplayer PRO
2024-04-02 13:37 - 2024-04-02 13:37 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player PRO.lnk
2024-04-02 13:37 - 2024-04-02 13:37 - 000000000 ____D C:\Program Files (x86)\Webteh
2024-04-02 07:15 - 2024-04-02 07:15 - 000017622 _____ C:\Users\dvacl\OneDrive\Dokumenty\cc_20240402_071550.reg
2024-04-02 07:12 - 2024-04-02 07:12 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-87297680-2717088268-3221549041-1005
2024-04-02 07:11 - 2024-04-02 07:12 - 000003358 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-87297680-2717088268-3221549041-1005
2024-04-02 06:29 - 2024-04-02 06:29 - 000000000 ____D C:\Users\dvacl\AppData\Local\ZJMedia
2024-04-02 06:28 - 2024-04-03 04:17 - 000000000 ____D C:\Program Files (x86)\ZJMedia
2024-04-02 05:13 - 2024-04-02 05:13 - 000000000 ____D C:\Users\dvacl\AppData\Local\Topaz Labs LLC
2024-04-02 04:25 - 2024-04-02 04:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Photo AI
2024-04-02 02:53 - 2024-04-12 21:44 - 000000000 ____D C:\Users\dvacl\AppData\Local\D3DSCache
2024-03-28 19:55 - 2024-03-28 19:55 - 000000000 ____D C:\Users\dvacl\AppData\Local\Saber
2024-03-28 19:48 - 2024-03-28 19:48 - 000000000 ____D C:\Users\dvacl\AppData\Roaming\RapidCRC
2024-03-28 19:02 - 2024-03-28 19:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Expeditions A MudRunner Game
2024-03-27 12:07 - 2024-03-27 12:07 - 000002292 _____ C:\Users\dvacl\OneDrive\Dokumenty\cc_20240327_110742.reg
2024-03-27 04:38 - 2024-03-27 04:40 - 000000000 ____D C:\Program Files (x86)\HDD Regenerator
2024-03-27 04:38 - 2024-03-27 04:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Regenerator
2024-03-27 02:44 - 2024-03-27 02:44 - 000009734 _____ C:\Users\dvacl\OneDrive\Dokumenty\cc_20240327_014441.reg
2024-03-27 02:38 - 2024-03-27 02:38 - 000158102 _____ C:\Users\dvacl\OneDrive\Dokumenty\cc_20240327_013801.reg
2024-03-27 02:38 - 2024-03-27 02:38 - 000004710 _____ C:\Users\dvacl\OneDrive\Dokumenty\cc_20240327_013818.reg
2024-03-27 02:34 - 2024-03-27 02:34 - 000000000 ____D C:\ProgramData\Piriform
2024-03-27 01:59 - 2024-03-27 01:59 - 000000000 ____D C:\ProgramData\Norton
2024-03-27 01:56 - 2024-04-13 07:05 - 000000000 ____D C:\Program Files\CCleaner
2024-03-27 01:56 - 2024-03-27 02:50 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-03-27 01:56 - 2024-03-27 01:56 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-03-27 01:56 - 2024-03-27 01:56 - 000003378 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-03-27 01:56 - 2024-03-27 01:56 - 000002886 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - dvacl
2024-03-27 01:56 - 2024-03-27 01:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2024-03-26 19:07 - 2024-03-26 19:07 - 000000867 _____ C:\Users\dvacl\AppData\Local\recently-used.xbel
2024-03-26 19:07 - 2024-03-26 19:07 - 000000000 ____D C:\Users\dvacl\AppData\Local\gtk-2.0
2024-03-26 19:06 - 2024-03-26 19:07 - 000000000 ____D C:\Users\dvacl\AppData\Local\babl-0.1
2024-03-26 19:06 - 2024-03-26 19:06 - 000000000 ____D C:\Users\dvacl\AppData\Roaming\GIMP
2024-03-26 19:06 - 2024-03-26 19:06 - 000000000 ____D C:\Users\dvacl\AppData\Local\GIMP
2024-03-26 19:06 - 2024-03-26 19:06 - 000000000 ____D C:\Users\dvacl\AppData\Local\gegl-0.4
2024-03-23 00:45 - 2024-03-23 00:48 - 000001904 _____ C:\WINDOWS\system32\Drivers\etc\hosts.rollback
2024-03-23 00:45 - 2024-02-28 22:24 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts.backup
2024-03-22 23:40 - 2024-03-22 23:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
2024-03-22 23:40 - 2024-03-22 23:40 - 000000000 ____D C:\Program Files (x86)\FinalWire
2024-03-22 21:13 - 2024-04-07 12:06 - 000000000 ____D C:\ProgramData\TEMP
2024-03-22 21:13 - 2024-03-27 04:38 - 000002880 _____ C:\WINDOWS\system32\Tasks\WindowsUpdateService
2024-03-22 21:13 - 2024-03-27 04:38 - 000000000 ____D C:\WINDOWS\Download
2024-03-22 19:23 - 2024-04-13 07:07 - 000003100 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2024-03-22 19:23 - 2024-03-22 19:23 - 000000000 ____D C:\Users\dvacl\AppData\LocalLow\AMD
2024-03-22 19:22 - 2024-04-13 07:07 - 000003092 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2024-03-22 19:22 - 2024-03-22 19:22 - 000003484 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2024-03-22 19:22 - 2024-03-22 19:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition
2024-03-22 19:22 - 2024-03-22 19:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2024-03-22 19:20 - 2024-03-14 16:55 - 000856696 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-03-22 19:20 - 2024-03-14 16:55 - 000856696 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-03-22 19:20 - 2024-03-14 16:55 - 000737400 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-03-22 19:20 - 2024-03-14 16:55 - 000737400 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-03-22 19:20 - 2024-03-14 16:55 - 000681912 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-03-22 19:20 - 2024-03-14 16:55 - 000681912 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-03-22 19:20 - 2024-03-14 16:54 - 000667616 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-03-22 19:20 - 2024-03-14 16:54 - 000667616 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-03-22 19:20 - 2024-03-14 16:54 - 000207272 _____ C:\WINDOWS\system32\mantle64.dll
2024-03-22 19:20 - 2024-03-14 16:54 - 000186496 _____ C:\WINDOWS\system32\mantleaxl64.dll
2024-03-22 19:20 - 2024-03-14 16:54 - 000148904 _____ C:\WINDOWS\SysWOW64\mantleaxl32.dll
2024-03-22 19:20 - 2024-03-14 16:53 - 000607656 _____ C:\WINDOWS\system32\GameManager64.dll
2024-03-22 19:20 - 2024-03-14 16:53 - 000548880 _____ C:\WINDOWS\system32\libsmi_guest.dll
2024-03-22 19:20 - 2024-03-14 16:53 - 000524200 _____ C:\WINDOWS\system32\libsmi_host.dll
2024-03-22 19:20 - 2024-03-14 16:53 - 000503824 _____ C:\WINDOWS\system32\EEURestart.exe
2024-03-22 19:20 - 2024-03-14 16:53 - 000462352 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2024-03-22 19:20 - 2024-03-14 16:53 - 000184344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2024-03-22 19:20 - 2024-03-14 16:53 - 000165392 _____ C:\WINDOWS\SysWOW64\mantle32.dll
2024-03-22 19:20 - 2024-03-14 16:52 - 001617320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2024-03-22 19:20 - 2024-03-14 16:52 - 001617320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2024-03-22 19:20 - 2024-03-14 16:52 - 000975376 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2024-03-22 19:20 - 2024-03-14 16:52 - 000537104 _____ C:\WINDOWS\system32\atieah64.exe
2024-03-22 19:20 - 2024-03-14 16:52 - 000473104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2024-03-22 19:20 - 2024-03-14 16:52 - 000406032 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2024-03-22 19:20 - 2024-03-14 16:52 - 000266768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2024-03-22 19:20 - 2024-03-14 16:52 - 000228888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2024-03-22 19:20 - 2024-03-14 16:52 - 000210648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2024-03-22 19:20 - 2024-03-14 16:52 - 000196112 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2024-03-22 19:20 - 2024-03-14 16:52 - 000174568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2024-03-22 19:20 - 2024-03-14 16:52 - 000148496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2024-03-22 19:20 - 2024-03-14 16:52 - 000074768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2024-03-22 19:20 - 2024-03-14 16:51 - 011756928 _____ C:\WINDOWS\system32\amdsmi.exe
2024-03-22 19:20 - 2024-03-14 16:51 - 002245136 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsasrv64.dll
2024-03-22 19:20 - 2024-03-14 16:51 - 001338384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsacli64.dll
2024-03-22 19:20 - 2024-03-14 16:51 - 001059448 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdsacli32.dll
2024-03-22 19:20 - 2024-03-14 16:51 - 000943736 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2024-03-22 19:20 - 2024-03-14 16:51 - 000770984 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2024-03-22 19:20 - 2024-03-14 16:51 - 000138664 _____ C:\WINDOWS\system32\amdxc64.dll
2024-03-22 19:20 - 2024-03-14 16:51 - 000114704 _____ C:\WINDOWS\SysWOW64\amdxc32.dll
2024-03-22 19:20 - 2024-03-14 16:50 - 004384784 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdadlx64.dll
2024-03-22 19:20 - 2024-03-14 16:50 - 004189712 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdadlx32.dll
2024-03-22 19:20 - 2024-03-14 16:50 - 000801192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2024-03-22 19:20 - 2024-03-14 16:50 - 000678416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2024-03-22 19:20 - 2024-03-14 16:50 - 000569768 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2024-03-22 19:20 - 2024-03-14 16:50 - 000542736 _____ C:\WINDOWS\system32\dgtrayicon.exe
2024-03-22 19:20 - 2024-03-14 16:50 - 000471168 _____ C:\WINDOWS\system32\amdlogum.exe
2024-03-22 19:20 - 2024-03-14 16:50 - 000433576 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2024-03-22 19:20 - 2024-03-14 16:50 - 000187576 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2024-03-22 19:20 - 2024-03-14 16:50 - 000056368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdfendrmgr.stz
2024-03-22 19:20 - 2024-03-14 16:50 - 000051216 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2024-03-22 19:20 - 2024-03-14 16:50 - 000048144 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2024-03-22 19:20 - 2024-03-14 16:49 - 105410176 _____ C:\WINDOWS\system32\amd_comgr.dll
2024-03-22 19:20 - 2024-03-14 16:49 - 088606336 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2024-03-22 19:20 - 2024-03-14 16:49 - 019434000 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2024-03-22 19:20 - 2024-03-14 16:49 - 001725656 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2024-03-22 19:20 - 2024-03-14 16:49 - 001400112 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2024-03-22 19:20 - 2024-03-14 16:49 - 000524816 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-03-22 19:20 - 2024-03-14 16:49 - 000390776 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-03-22 19:20 - 2024-03-14 16:49 - 000337864 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdfendr.stz
2024-03-22 19:20 - 2024-03-14 16:49 - 000176664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2024-03-22 19:20 - 2024-03-14 16:49 - 000167152 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2024-03-22 19:20 - 2024-03-14 16:49 - 000157240 _____ C:\WINDOWS\system32\atidxx64.dll
2024-03-22 19:20 - 2024-03-14 16:49 - 000145424 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl.dll
2024-03-22 19:20 - 2024-03-14 16:49 - 000138224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2024-03-22 19:20 - 2024-03-14 16:49 - 000130872 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2024-03-22 19:20 - 2024-03-14 16:49 - 000103032 _____ C:\WINDOWS\system32\clinfo.exe
2024-03-22 19:20 - 2024-03-14 16:48 - 000572040 _____ C:\WINDOWS\system32\amdmiracast.dll
2024-03-22 19:20 - 2024-03-14 16:48 - 000177584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2024-03-22 19:20 - 2024-03-14 16:48 - 000167256 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2024-03-22 19:20 - 2024-03-14 16:48 - 000152240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2024-03-22 19:20 - 2024-03-14 16:48 - 000138224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2024-03-22 19:20 - 2024-03-14 16:13 - 109628240 _____ C:\WINDOWS\system32\amdxc64.so
2024-03-22 19:14 - 2024-03-22 19:14 - 000000000 ____D C:\Users\dvacl\AppData\Local\Wintoys
2024-03-16 16:03 - 2024-03-16 16:03 - 000000000 ____D C:\Users\dvacl\AppData\Local\Temp.scratch
2024-03-16 03:50 - 2024-03-16 03:59 - 000000000 ____D C:\Users\dvacl\AppData\Roaming\Youtube Downloader HD
2024-03-15 18:32 - 2024-03-15 18:32 - 000000000 ____D C:\Users\dvacl\OneDrive\Dokumenty\Deus Ex - Mankind Divided
2024-03-15 18:32 - 2024-03-15 18:32 - 000000000 ____D C:\Users\dvacl\AppData\Roaming\Eidos Montreal
2024-03-15 07:54 - 2024-03-15 07:54 - 000000000 ____D C:\Users\dvacl\AppData\Roaming\FiraxisLive
2024-03-15 07:46 - 2024-03-15 07:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sid Meiers Civilization VI Rise and Fall
2024-03-15 07:03 - 2024-03-15 07:03 - 000000000 ____D C:\Program Files (x86)\VulkanRT
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-04-13 07:09 - 2024-03-01 10:30 - 000000000 ____D C:\Program Files (x86)\Google
2024-04-13 07:09 - 2024-02-28 22:25 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-04-13 07:08 - 2024-02-28 22:25 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-04-13 07:07 - 2024-02-28 23:31 - 000000000 ____D C:\Users\dvacl\AppData\Roaming\G HUB
2024-04-13 07:07 - 2024-02-28 23:31 - 000000000 ____D C:\Users\dvacl\AppData\Local\LGHUB
2024-04-13 07:06 - 2024-02-28 22:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-04-13 07:06 - 2024-02-28 22:35 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2024-04-13 07:06 - 2024-02-28 22:20 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-04-13 07:06 - 2019-12-07 10:32 - 000008192 ___SH C:\DumpStack.log.tmp
2024-04-13 06:58 - 2024-02-28 22:47 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-04-13 06:58 - 2024-02-28 22:27 - 000716726 _____ C:\WINDOWS\system32\perfh005.dat
2024-04-13 06:58 - 2024-02-28 22:27 - 000144904 _____ C:\WINDOWS\system32\perfc005.dat
2024-04-13 06:58 - 2024-02-28 22:24 - 000000000 ____D C:\WINDOWS\INF
2024-04-13 06:11 - 2024-02-28 23:06 - 000000000 ____D C:\Users\dvacl\AppData\Local\AMD_Common
2024-04-13 05:09 - 2024-02-28 22:25 - 000000000 ___HD C:\Program Files\WindowsApps
2024-04-13 05:09 - 2024-02-28 22:25 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-04-13 05:08 - 2024-02-28 22:25 - 000000000 ____D C:\WINDOWS\system32\NDF
2024-04-13 05:07 - 2024-02-28 22:49 - 000000000 ____D C:\Users\dvacl\AppData\Local\Packages
2024-04-12 21:45 - 2024-02-28 23:16 - 000000000 ____D C:\Program Files (x86)\Steam
2024-04-12 21:43 - 2024-02-28 23:18 - 000000000 ____D C:\Users\dvacl\AppData\Local\Steam
2024-04-12 21:36 - 2024-03-01 10:31 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-04-11 21:24 - 2024-02-28 22:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-04-10 22:29 - 2024-02-28 22:34 - 000260632 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-04-10 22:28 - 2024-02-28 22:25 - 000000000 ____D C:\WINDOWS\SystemResources
2024-04-10 22:28 - 2024-02-28 22:25 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-04-10 22:28 - 2024-02-28 22:25 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-04-10 22:28 - 2024-02-28 22:25 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-04-10 12:35 - 2024-02-28 22:21 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-04-10 12:33 - 2024-02-28 22:37 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-04-10 12:26 - 2024-02-29 03:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-04-10 12:23 - 2024-02-29 03:56 - 192651728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-04-10 12:18 - 2024-02-28 22:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-04-10 12:14 - 2024-02-28 22:25 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-04-09 22:07 - 2024-02-28 22:38 - 000000000 ____D C:\Users\dvacl
2024-04-09 19:32 - 2024-02-28 23:14 - 000000000 ____D C:\ProgramData\Topaz Labs LLC
2024-04-09 17:14 - 2023-10-10 23:09 - 000000000 ____D C:\Users\dvacl\OneDrive\Dokumenty\DxO PhotoLab 7 logs
2024-04-09 17:04 - 2024-02-28 23:09 - 000000000 ____D C:\ProgramData\Package Cache
2024-04-09 15:28 - 2024-02-28 22:25 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-04-09 15:26 - 2024-02-28 22:25 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-04-09 15:26 - 2024-02-28 22:25 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-04-09 15:26 - 2024-02-28 22:25 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-04-09 15:26 - 2024-02-28 22:25 - 000000000 ____D C:\WINDOWS\system32\DDFs
2024-04-09 15:26 - 2024-02-28 22:25 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-04-09 15:26 - 2024-02-28 22:25 - 000000000 ____D C:\WINDOWS\Provisioning
2024-04-09 15:26 - 2024-02-28 22:25 - 000000000 ____D C:\WINDOWS\InboxApps
2024-04-09 15:26 - 2024-02-28 22:25 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-04-09 15:26 - 2024-02-28 22:20 - 000000000 ____D C:\WINDOWS\servicing
2024-04-09 15:25 - 2024-02-28 22:25 - 000000000 ___SD C:\WINDOWS\system32\AppV
2024-04-09 15:25 - 2024-02-28 22:25 - 000000000 ____D C:\WINDOWS\system32\icsxml
2024-04-09 15:25 - 2024-02-28 22:25 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-04-09 15:24 - 2024-02-28 22:25 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2024-04-09 15:21 - 2024-02-28 22:49 - 000000000 ____D C:\Users\dvacl\AppData\Local\ConnectedDevicesPlatform
2024-04-09 15:21 - 2024-02-28 22:35 - 000000000 ____D C:\Program Files\AMD
2024-04-09 15:21 - 2024-02-28 22:25 - 000000000 ____D C:\WINDOWS\appcompat
2024-04-09 15:18 - 2024-02-28 22:25 - 000000000 ____D C:\WINDOWS\registration
2024-04-09 15:07 - 2020-06-05 17:03 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-04-09 15:06 - 2024-03-01 00:41 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-87297680-2717088268-3221549041-1001
2024-04-09 15:06 - 2024-02-28 22:51 - 000003358 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-87297680-2717088268-3221549041-1001
2024-04-09 15:06 - 2024-02-28 22:38 - 000002383 _____ C:\Users\dvacl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-04-09 13:36 - 2020-06-05 17:00 - 000000000 ___SD C:\Users\dvacl\AppData\Roaming\Microsoft\Credentials
2024-04-09 06:48 - 2024-02-29 00:59 - 000000000 ____D C:\Users\dvacl\AppData\Local\CrashDumps
2024-04-06 14:05 - 2022-07-07 01:29 - 000000000 ____D C:\Users\dvacl\OneDrive\Dokumenty\My Games
2024-04-06 08:59 - 2024-03-09 17:08 - 000000000 ____D C:\Users\dvacl\AppData\Local\Webshare
2024-04-05 21:50 - 2020-08-28 00:24 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-04-05 21:44 - 2024-02-29 00:37 - 000003716 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{7EA3605F-04D3-4705-A9F1-B5075E66626F}
2024-04-05 21:44 - 2024-02-29 00:37 - 000003592 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{1A2DDF55-0C94-41A5-B20A-99F0A0A3D0C8}
2024-04-03 10:16 - 2024-03-10 00:50 - 000000000 ____D C:\Users\dvacl\AppData\Roaming\Microsoft\MMC
2024-04-03 03:30 - 2024-02-29 02:39 - 000000000 ____D C:\Users\dvacl\AppData\Roaming\AIMP
2024-04-03 03:25 - 2023-07-07 00:20 - 000601688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdfendrsr.exe
2024-04-03 03:25 - 2023-07-07 00:20 - 000352304 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdfendr.sys
2024-04-03 03:25 - 2023-07-07 00:20 - 000036800 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdfendrmgr.sys
2024-04-03 03:25 - 2021-09-16 14:22 - 000044168 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ICCWDT.sys
2024-04-02 06:23 - 2024-02-28 22:49 - 000000000 ____D C:\ProgramData\Packages
2024-04-02 05:12 - 2024-02-28 23:14 - 000000000 ____D C:\Program Files\Topaz Labs LLC
2024-03-27 02:36 - 2024-03-09 10:33 - 000002656 _____ C:\WINDOWS\system32\Tasks\Launch Adobe CCXProcess
2024-03-27 00:30 - 2024-02-28 23:28 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2024-03-23 04:36 - 2017-07-04 09:05 - 000000000 ____D C:\AMD
2024-03-22 21:46 - 2024-02-28 22:49 - 000000000 ____D C:\Users\dvacl\AppData\Local\AMD
2024-03-22 19:22 - 2024-02-28 23:10 - 000003152 _____ C:\WINDOWS\system32\Tasks\StartCN
2024-03-22 19:22 - 2024-02-28 23:10 - 000003072 _____ C:\WINDOWS\system32\Tasks\StartDVR
2024-03-22 19:14 - 2024-02-28 22:51 - 000000000 ____D C:\Users\dvacl\AppData\Local\PlaceholderTileLogoFolder
2024-03-16 23:45 - 2022-08-18 02:04 - 000000000 ___HD C:\Users\dvacl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-03-16 10:30 - 2024-02-28 23:31 - 000000000 ____D C:\Users\dvacl\AppData\Roaming\lghub
2024-03-14 16:52 - 2024-01-25 16:22 - 002099728 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2024-03-14 16:50 - 2024-01-25 16:22 - 000232296 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
==================== Files in the root of some directories ========
2024-04-09 07:45 - 2024-04-09 08:15 - 000000004 ____H () C:\ProgramData\rc61.dat
2024-04-09 07:44 - 2024-04-09 07:44 - 000000128 ____H () C:\ProgramData\resource-a.dat
2024-04-09 07:44 - 2024-04-09 07:44 - 000000128 ____H () C:\ProgramData\resource-b.dat
2024-04-09 07:44 - 2024-04-09 07:44 - 000000008 ____H () C:\ProgramData\ts61.dat
2024-03-26 19:07 - 2024-03-26 19:07 - 000000867 _____ () C:\Users\dvacl\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10.04.2024
Ran by dvacl (13-04-2024 07:09:34)
Running from C:\Users\dvacl\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.4291 (X64) (2024-02-28 20:48:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-87297680-2717088268-3221549041-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-87297680-2717088268-3221549041-503 - Limited - Disabled)
dvacl (S-1-5-21-87297680-2717088268-3221549041-1001 - Administrator - Enabled) => C:\Users\dvacl
Guest (S-1-5-21-87297680-2717088268-3221549041-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-87297680-2717088268-3221549041-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_13_1) (Version: 13.1 - Adobe Inc.)
Adobe Photoshop 2024 (HKLM-x32\...\PHSP_25_5_1) (Version: 25.5.1.408 - Adobe Inc.)
AIDA64 Extreme v7.00 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 7.00 - FinalWire Ltd.)
AIMP (HKLM\...\AIMP) (Version: 5.30.2533 - Artem Izmaylov)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 24.3.1 - Advanced Micro Devices, Inc.)
Branding64 (HKLM\...\{492AEFBE-1B81-4C20-A111-E6974BB98EC5}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.78.1094 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 6.22 - Piriform)
DxO FilmPack 7 (HKLM\...\DxO FilmPack 7) (Version: 7.5.0 - DxO Labs)
DxO PhotoLab 7 (HKLM\...\{43EEE222-DBA7-432B-81B7-C9FB5C5C7349}) (Version: 7.5.0 - DxO)
DxO PhotoLab 7 plug-in for Adobe Lightroom (HKLM-x32\...\{F222C53C-2900-4DC7-A3BF-926BCA1075CC}) (Version: 1.7.0 - DxO Labs)
DxO PureRAW 3 (HKLM\...\{EF33E862-1230-464E-9869-991EF5206138}) (Version: 3.11.0 - DxO)
DxO PureRAW 4 (HKLM\...\{AB369923-D5F0-4F94-881F-8D4C35C346AF}) (Version: 4.0.1 - DxO)
DxO ViewPoint 4 (HKLM\...\DxO ViewPoint 4) (Version: 4.15.0 - DxO Labs)
Epic Games Launcher (HKLM-x32\...\{B85FAA6E-A9AA-4655-9029-E1A4EDC05E1A}) (Version: 1.3.93.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{57A956AB-4BCC-45C6-9B40-957E4E125568}) (Version: 2.0.44.0 - Epic Games, Inc.)
Expeditions A MudRunner Game (HKLM-x32\...\Expeditions A MudRunner Game_is1) (Version: - )
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.58.64628 - Electronic Arts)
GIMP 2.10.36-1 (HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\GIMP-2_is1) (Version: 2.10.36 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 123.0.6312.122 - Google LLC)
HDD Regenerator (HKLM-x32\...\{8B070D64-6C50-42B0-BCEB-485868C9945E}) (Version: 20.24.0000 - Abstradrome)
Helicon Focus 8.0.2.0 (HKLM\...\Helicon Focus 8_is1) (Version: - Helicon Soft Ltd.)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2024.2.534136 - Logitech)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 123.0.2420.81 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 123.0.2420.81 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\OneDriveSetup.exe) (Version: 24.055.0317.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (HKLM\...\{764384C5-BCA9-307C-9AAC-FD443662686A}) (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (HKLM\...\{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}) (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (HKLM-x32\...\{3D6AD258-61EA-35F5-812C-B7A02152996E}) (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (HKLM-x32\...\{E7D4E834-93EB-351F-B8FB-82CDAE623003}) (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33135 (HKLM-x32\...\{46c3b171-c15c-4137-8e1d-67eeb2985b44}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33135 (HKLM-x32\...\{9C19C103-7DB1-44D1-A039-2C076A633A38}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33135 (HKLM-x32\...\{286DC39B-5FB7-4AFF-9DD4-22DB47664CD7}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
MSI Afterburner 4.6.6 Beta 3 (HKLM-x32\...\Afterburner) (Version: 4.6.6 Beta 3 - MSI Co., LTD)
Nik Collection 6 (HKLM-x32\...\{228de69f-b53e-43df-9f8c-03306b92babc}) (Version: 6.9.0 - DxO)
NikCollection (HKLM\...\{D80ED4A7-942A-4090-A5A0-BDE02060F3DA}) (Version: 6.9.0.1 - DxO) Hidden
Pentablet (HKLM\...\{5DAB8C1A-6D8E-467D-BE62-AC13087AA950}_is1) (Version: 3.4.13.231129 - XPPen Technology)
Remote Mouse (HKLM-x32\...\{B3D9946A-9FB8-4803-9A68-857D447D9A85}) (Version: 4.602 - Remoe Mouse)
Sid Meiers Civilization VI Rise and Fall (HKLM-x32\...\Sid Meiers Civilization VI Rise and Fall_is1) (Version: - )
SPC Gear GK550 Omnis Kailh RGB (HKLM-x32\...\{12F382E1-63D4-4B94-BD32-5F845E74FC79}) (Version: 1.00 - COOLING.PL Zdziech Spolka Jawna)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: 2.57.0 - TechPowerUp)
Topaz Photo AI (HKLM\...\{5AAF2AFD-8420-44A1-9D2F-F096F5CC0190}) (Version: 2.4.2 - Topaz Labs LLC)
Topaz Video AI (HKLM\...\{21EC2069-A728-4461-A25F-0C07B888A3B7}) (Version: 4.1.0 - Topaz Labs LLC)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)
Upscayl 2.9.9 (HKLM\...\2e801529-9c6a-5917-960e-278558728760) (Version: 2.9.9 - Nayam Amarshe)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
Wargaming.net Game Center (HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\Wargaming.net Game Center) (Version: 24.1.0.5433 - Wargaming.net)
Webshare klient (HKLM-x32\...\Webshare klient) (Version: - )
WinRAR 7.00 beta 4 64-bit (HKLM\...\WinRAR archiver) (Version: 7.00.4 - win.rar GmbH)
Wondershare Filmora 13(Build 13.0.60.5095) (HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\Wondershare Filmora 13_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Wondershare NativePush(Build 1.0.1.0) (HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\Wondershare NativePush_is1) (Version: - Wondershare Software)
World of Tanks EU (HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\2795244777) (Version: - Wargaming.net)
Yottamaster RAID Manager (HKLM-x32\...\JMRAIDManager) (Version: 0.00.02 - Jmicron Technologies Co.,Ltd)
Youtube Downloader HD v. 5.4.3 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
Zoner Photo Studio X 19.2209.2.437 (HKLM-x32\...\Zoner Photo Studio X_is1) (Version: 19.2209.2.437 - LR)
Packages:
=========
Aquile Reader -> C:\Program Files\WindowsApps\21676OptimiliaStudios.AquileReader_1.1.37.0_x64__k42naep6bwmrc [2024-04-09] (Optimilia Studios)
Microsoft Copilot -> C:\Program Files\WindowsApps\Microsoft.Windows.Ai.Copilot.Provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-04-09] (Microsoft Corporation)
Vyhledávání na webu z Microsoft Bingu -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-04-09] (Microsoft Corporation)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2414.8.0_x64__cv1g1gvanyjgm [2024-04-12] (WhatsApp Inc.) [Startup Task]
WinAppRuntime.Main.1.3 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.3_3000.934.1904.0_x64__8wekyb3d8bbwe [2024-04-09] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_5001.95.533.0_x64__8wekyb3d8bbwe [2024-04-10] (Microsoft Corp.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-87297680-2717088268-3221549041-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> C:\Users\dvacl\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-03-01] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-03-01] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-03-01] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-03-01] (Adobe Inc. -> )
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll [2024-02-29] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-01-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-01-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll [2024-02-29] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2024-02-20] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-03-01] (Adobe Inc. -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-01-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-01-24] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2024-03-10 00:55 - 2020-06-04 06:51 - 000015960 _____ () [File not signed] C:\Program Files (x86)\JMRAIDManager\mingwm10.dll
2024-02-29 03:56 - 2024-02-29 03:56 - 001654784 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL
2024-03-10 00:55 - 2020-06-04 06:51 - 001020416 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\JMRAIDManager\libeay32.dll
2024-03-10 00:55 - 2020-06-04 06:51 - 000216064 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\JMRAIDManager\ssleay32.dll
2024-02-28 22:56 - 2023-09-27 19:19 - 001224704 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Pentablet\LIBEAY32.dll
2024-02-28 22:56 - 2023-09-27 19:19 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Pentablet\SSLEAY32.dll
2024-02-28 22:56 - 2023-07-28 16:48 - 000036352 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\imageformats\qdds.dll
2024-02-28 22:56 - 2023-09-27 19:19 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qgif.dll
2024-02-28 22:56 - 2023-09-27 19:19 - 000033280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qicns.dll
2024-02-28 22:56 - 2023-09-27 19:19 - 000027648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qico.dll
2024-02-28 22:56 - 2023-09-27 19:19 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qjpeg.dll
2024-02-28 22:56 - 2023-09-27 19:19 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qsvg.dll
2024-02-28 22:56 - 2023-09-27 19:19 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qtga.dll
2024-02-28 22:56 - 2023-09-27 19:19 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qtiff.dll
2024-02-28 22:56 - 2023-09-27 19:19 - 000019968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qwbmp.dll
2024-02-28 22:56 - 2023-09-27 19:19 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qwebp.dll
2024-02-28 22:56 - 2023-09-27 19:19 - 001064960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\platforms\qwindows.dll
2024-02-28 22:56 - 2023-09-27 19:19 - 004814336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Core.dll
2024-02-28 22:56 - 2023-09-27 19:19 - 004965376 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Gui.dll
2024-02-28 22:56 - 2023-09-27 19:19 - 000930304 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Network.dll
2024-02-28 22:56 - 2023-09-27 19:19 - 000264704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Svg.dll
2024-02-28 22:56 - 2023-09-27 19:19 - 004464640 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Widgets.dll
2024-02-28 22:56 - 2023-09-27 19:19 - 000149504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Xml.dll
2024-02-28 22:56 - 2023-09-19 18:03 - 000146944 _____ (TODO: <公司名>) [File not signed] C:\WINDOWS\SYSTEM32\wintab32.DLL
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:4FB9487F [184]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2024-02-28 22:25 - 2024-04-13 06:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dvacl\Desktop\leden-23- (11)b.jpg
DNS Servers: 10.0.1.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "DxO PureRAW 4.lnk"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Launch 0 FwCustom"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "HDD Regenerator"
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_DD7281EFDCD22F0502B4473C5E1909BC"
HKU\S-1-5-21-87297680-2717088268-3221549041-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{ED0E3125-3783-4E58-937F-371408825302}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.112.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1F241185-5921-4BBB-AF38-02F6DBEBB8D8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.112.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{965E67B0-06DE-49F3-A60E-D808F2A87E22}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.112.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D403C6C6-E4AE-4AA8-A830-F6775C901585}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.112.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{754A7DF6-37D9-4194-A2EF-A1D2D20857AE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9645FD70-3283-4877-886F-D520FE1133EA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2D056D73-28DA-409C-A6F8-5BF194F986A1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E8846403-14EA-470A-8F2F-F46AD68684F0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{CC8B2DDF-480A-42F5-9808-44A2A11FBC9D}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{5FBD3AF4-AA81-4D25-B104-3164D303F2D2}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{757195F1-C208-407D-B379-4DF52345D39C}C:\program files (x86)\remote mouse\remotemouse.exe] => (Allow) C:\program files (x86)\remote mouse\remotemouse.exe (Shenzhen EMote Inc. -> remotemouse.net)
FirewallRules: [UDP Query User{32956EBA-DE5D-4DB4-9DC1-69B87017964D}C:\program files (x86)\remote mouse\remotemouse.exe] => (Allow) C:\program files (x86)\remote mouse\remotemouse.exe (Shenzhen EMote Inc. -> remotemouse.net)
FirewallRules: [{E8F33C70-AE1A-4242-B20B-FB81883AA4A6}] => (Allow) C:\Users\dvacl\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
FirewallRules: [TCP Query User{BBB8D10D-076B-4151-9622-B7272231824D}C:\games\world of tanks\win64\worldoftanks.exe] => (Allow) C:\games\world of tanks\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{6F992FD4-8222-436F-916A-CEC243AC1D33}C:\games\world of tanks\win64\worldoftanks.exe] => (Allow) C:\games\world of tanks\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{BBABCBEB-C396-4B35-B8AF-AE86FF63D03A}] => (Allow) D:\Games\Grand Theft Auto V\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{BDDAF6E4-D68B-47E6-B0B4-697400CAE199}] => (Allow) D:\Games\Grand Theft Auto V\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{5F269676-1439-4BAD-9979-6B8AF4EC5458}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{6AF1B63B-27EB-487B-AB88-33A28765BAA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{CE374F64-3C61-4E60-B6DA-1FB85B76D74F}] => (Block) C:\Program Files (x86)\FinalWire\AIDA64 Extreme\aida64.exe (FinalWire Kft. -> FinalWire Ltd.)
FirewallRules: [{4984285B-623C-453E-9A34-C7DAE5B772FA}] => (Block) C:\Program Files\CCleaner\CCleaner.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{B7B9F5A4-AA3F-4E89-9990-86BE3A2A0131}] => (Block) C:\Program Files\CCleaner\CCleaner64.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) [File not signed]
FirewallRules: [{1D485C73-34A1-47A3-AAD7-3559545C6035}] => (Allow) D:\Games\FIFA 19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{2C9DB008-4FBC-46A9-BB12-7404BAB2DA5B}] => (Allow) D:\Games\FIFA 19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{924C8E0A-4460-43C1-B066-7F8D83317F7F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.81\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{97A4892C-6589-42D1-A2E1-C54C99F19054}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
06-04-2024 11:16:29 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
06-04-2024 11:16:42 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
06-04-2024 15:36:37 Removed DxO PureRAW 3
06-04-2024 15:39:03 Installed DxO PureRAW 4
09-04-2024 06:43:02 Removed DxO PureRAW 4
09-04-2024 07:02:20 Installed DxO PureRAW 3
09-04-2024 07:58:50 Operace obnovení
09-04-2024 08:30:43 Instalační služba modulů systému Windows
09-04-2024 15:11:02 Instalační služba modulů systému Windows
09-04-2024 15:17:07 Instalační služba modulů systému Windows
09-04-2024 16:16:08 Removed DxO PhotoLab 7
09-04-2024 16:47:23 Installed DxO PhotoLab 7
09-04-2024 16:48:27 Installed DxO PhotoLab 7 plug-in for Adobe Lightroom
09-04-2024 17:09:08 Installed DxO PureRAW 3
10-04-2024 12:26:47 Instalační služba modulů systému Windows
10-04-2024 12:28:50 Instalační služba modulů systému Windows
13-04-2024 03:52:23 Installed DxO PureRAW 4
13-04-2024 06:32:13 JRT Pre-Junkware Removal
13-04-2024 06:48:06 JRT Pre-Junkware Removal
13-04-2024 07:03:27 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/13/2024 06:51:38 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: RemoteMouse.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ObjectDisposedException
na System.Windows.Forms.Control.MarshaledInvoke(System.Windows.Forms.Control, System.Delegate, System.Object[], Boolean)
na System.Windows.Forms.Control.Invoke(System.Delegate, System.Object[])
na RemoteMouse.Form_Main.h()
na System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Threading.ThreadHelper.ThreadStart()
Error: (04/13/2024 04:43:25 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Bad disk (G:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (04/13/2024 04:43:25 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na HDD (H:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (04/13/2024 04:01:02 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Bad disk (G:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (04/13/2024 04:01:01 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na HDD (H:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (04/13/2024 01:33:49 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Bad disk (G:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (04/13/2024 01:33:49 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na HDD (H:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (04/12/2024 10:09:04 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Bad disk (G:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
System errors:
=============
Error: (04/13/2024 07:06:56 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error -2147020471. For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (04/13/2024 06:52:17 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error -2147020471. For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (04/13/2024 06:45:47 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.
Error: (04/13/2024 06:11:14 AM) (Source: DCOM) (EventID: 10000) (User: RUDOLF)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (04/13/2024 05:24:56 AM) (Source: DCOM) (EventID: 10010) (User: RUDOLF)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/13/2024 01:48:16 AM) (Source: DCOM) (EventID: 10010) (User: RUDOLF)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/12/2024 10:16:56 PM) (Source: DCOM) (EventID: 10010) (User: RUDOLF)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/11/2024 03:51:17 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error -2147020471. For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Windows Defender:
================
Date: 2024-03-22 18:47:28
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {780126D3-947A-47D5-8A8C-BB58F2E13030}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-03-20 12:13:21
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {83237CA1-A284-4040-96CE-AC54C5FF00A6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-03-19 08:28:16
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0299B1D8-CF56-4387-B230-FB819EF0DBFD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-03-18 12:52:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6E5A8675-D87A-4765-9DD2-030F79B4F44E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-03-16 09:52:41
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {4F7F5EE1-2456-4566-94D3-A5B098F0E49C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2024-04-09 14:53:24
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0
Date: 2024-04-09 13:28:00
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0
Date: 2024-04-09 08:17:17
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0
==================== Memory info ===========================
BIOS: American Megatrends Inc. V2.13 03/07/2014
Motherboard: MSI Z77A-G43 (MS-7758)
Processor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Percentage of memory in use: 14%
Total physical RAM: 24523.45 MB
Available physical RAM: 21013.5 MB
Total Virtual: 28107.45 MB
Available Virtual: 21954.2 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:444.77 GB) (Free:113.48 GB) (Model: Patriot Burst) NTFS
Drive d: (SSD) (Fixed) (Total:447.14 GB) (Free:185.43 GB) (Model: Patriot Burst) NTFS
Drive e: (Yotta) (Fixed) (Total:2324.37 GB) (Free:131.39 GB) (Model: Microsoft Storage Space Device) NTFS
Drive g: (Bad disk) (Fixed) (Total:298.09 GB) (Free:297.99 GB) (Model: Hitachi HTS543232L9A300) NTFS
Drive h: (HDD) (Fixed) (Total:465.63 GB) (Free:73.73 GB) (Model: SAMSUNG HM500JI) NTFS
\\?\Volume{b65e040e-a494-4b6d-93d6-0bc9300a99a3}\ () (Fixed) (Total:2.24 GB) (Free:1.7 GB) NTFS
\\?\Volume{d765b008-6d47-4712-b3df-090dbd5ce3c7}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 447.1 GB) (Disk ID: 0610802F)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 56DA8679)
Partition 1: (Not Active) - (Size=223.6 GB) - (Type=42)
==========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 098B4315)
Partition: GPT.
==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: C87DD721)
Partition 1: (Not Active) - (Size=223.6 GB) - (Type=42)
==========================================================
Disk: 4 (Size: 298.1 GB) (Disk ID: 97646C29)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
==========================================================
Disk: 5 (Protective MBR) (Size: 2328.6 GB) (Disk ID: 00000000)
Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 6.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu
Ahoj,
preventivne prescanuj s Avptool - KVRT
preventivne prescanuj s Avptool - KVRT
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?