Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2024
Ran by Rudolf (administrator) on RUDOLF (MSI MS-7758) (14-12-2024 04:08:27)
Running from C:\Users\Rudolf\Desktop\FRST64.exe
Loaded Profiles: Rudolf
Platform: Microsoft Windows 11 Pro Version 24H2 26100.2605 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Users\Rudolf\Desktop\FRST64.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2410.21.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe <3>
(cmd.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\atiesrxx.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\atieclxx.exe
(explorer.exe ->) (Hanvon Ugee Technology Co., Ltd. -> XPPEN TECHNOLOGY CO.) C:\Program Files\Pentablet\PenTablet.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(services.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\atiesrxx.exe
(services.exe ->) (Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_3786a31d1dad269d\logi_lamparray_service.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.30502.30.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [PenTablet] => C:\Program Files\Pentablet\PenTablet.exe [1185688 2023-11-30] (Hanvon Ugee Technology Co., Ltd. -> XPPEN TECHNOLOGY CO.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102816 2021-09-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [HDD Regenerator] => C:\Program Files (x86)\HDD Regenerator\Shell.exe [3082136 2023-04-24] (Primochenko Dmitriy Valeryevich -> )
HKU\S-1-5-21-1083086168-213267606-627677339-1000\...\Run: [MicrosoftEdgeAutoLaunch_5F787EB8F6C2739B29BBA49ECA2958CD] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [3911208 2024-12-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1083086168-213267606-627677339-1000\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [22373784 2024-12-05] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-1083086168-213267606-627677339-1000\...\Run: [Zoner Photo Studio Autoupdate] => [X]
HKU\S-1-5-21-1083086168-213267606-627677339-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45381424 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-1083086168-213267606-627677339-1000\...\MountPoints2: {1ccff8e9-ae62-11ef-a535-001fcf506634} - "F:\HonorSuiteOnlineInstaller.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.140\Installer\chrmstp.exe [2024-12-12] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {F051581B-5C06-4D33-86D8-0B16CC88B747} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030872 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {8953CC15-8792-4F3D-9363-9A14E93BD4B3} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030872 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {81370D7C-21E6-4381-A9E5-A028EABF34EE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-12-04] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {3ADF9F30-31EA-4A2C-A932-A20F92D2D149} - System32\Tasks\CCleanerClean => C:\Program Files\CCleaner\CCleaner.exe [39151920 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {8A922ED8-66A7-4FED-8D3C-6384EF872303} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-12-04] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "90887f97-dc95-428a-96ca-68171943d7cc" --version "6.31.11415" --silent
Task: {88F1E062-DCF4-40AD-BA77-9A47346632DE} - System32\Tasks\CCleanerSkipUAC - Rudolf => C:\Program Files\CCleaner\CCleaner.exe [39151920 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {69F21AC0-61ED-4D02-A5D3-8959ABE6DE5E} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Rudolf\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15204208 2024-12-01] (ESET, spol. s r.o. -> ESET)
Task: {AF203361-19BA-4E1B-9B9A-6B879CB9E01D} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Rudolf\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15204208 2024-12-01] (ESET, spol. s r.o. -> ESET)
Task: {66CBDAFE-6797-4D1D-901F-9F4E95BB7039} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{1BCB92B1-ED1D-42F2-B114-D4A1E67E7211} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {703C4C0D-5033-4924-AE44-2572EED2C5BD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {696C9E25-F067-4B07-881D-B73183190F1D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7C93EC5E-A054-46D8-A03F-1525B4AE830F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {14390FDF-FE9A-42E6-8C82-30411811B535} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {77EB04F8-C418-408F-8805-0C88E9DE2A51} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030872 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {978D8979-5B34-4823-9C91-B690B140F6DE} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60632 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {A87DAD75-2D9C-4D9C-B894-5A62958F832D} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [324312 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {7661D4FF-F14A-4296-97D4-FB84C62FCFD4} - System32\Tasks\WindowsUpdateService => C:\Windows\Download\Rdis.vbs [154 2024-01-07] () [File not signed]
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerClean.job => C:\Program Files\CCleaner\CCleaner.exe
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{f0827c24-e497-478e-be66-239a15170472}: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{f0827c24-e497-478e-be66-239a15170472}: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default [2024-12-13]
Edge HomePage: Default -> hxxp://www.centrum.cz/#utm_source=icq&utm_medium=centrum
Edge StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.google.cz/ ... oogle.com/"
Edge Extension: (Blokátor reklam AdGuard (MV3 Beta)) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\apjcbfpjihpedihablmalmbbhjpklbdf [2024-12-11]
Edge Extension: (Video Player) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bobjnignhcpkfnjcgegmdjijonimcmke [2024-11-29]
Edge Extension: (Send to Kindle pro Google Chrome™) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cgdjpilhipecahhcilnafpblkieebhea [2024-11-29]
Edge Extension: (Ruffle - Flash Emulator) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\donbcfbmhbcapadipfkeojnmajbakjdc [2024-12-11]
Edge Extension: (Záložky na iCloudu) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2024-12-01]
Edge Extension: (Dokumenty Google offline) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-29]
Edge Extension: (No Name) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hokifickgkhplphjiodbggjmoafhignh [2024-11-29]
Edge Extension: (Dark Reader) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ifoakfbpdcdoeenechcleahebpibofpc [2024-11-29]
Edge Extension: (Edge relevant text changes) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-11-29]
Edge Extension: (Rozšíření Google Keep pro Chrome) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2024-12-06]
Edge Extension: (Hesla na iCloudu) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mfbcdcnpokpoajjciilocoachedjkima [2024-11-30]
Edge Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2024-12-11]
Edge Extension: (Blokátor reklam AdGuard) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pdffkfellgipmhklpdmokmckkkfcopbh [2024-11-29]
Edge Extension: (Hesla na iCloudu) - C:\Users\Rudolf\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pejdijmoenmkgeppbflobdenhhabjlaj [2024-12-01]
Chrome:
=======
CHR Profile: C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default [2024-12-14]
CHR DownloadDir: E:\Download
CHR HomePage: Default -> hxxp://www.centrum.cz/#utm_source=icq&utm_medium=centrum
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.google.cz/ ... google.com"
CHR Extension: (Blokátor reklam AdGuard (MV3 Beta)) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apjcbfpjihpedihablmalmbbhjpklbdf [2024-12-13]
CHR Extension: (Send to Kindle pro Google Chrome™) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdjpilhipecahhcilnafpblkieebhea [2024-11-29]
CHR Extension: (Dark Reader) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2024-11-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-29]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-12-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-11-29]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd)
S4 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-08-02] (Epic Games Inc. -> Epic Games, Inc.)
S4 hrsrv; C:\Program Files (x86)\HDD Regenerator\hdsrv.exe [3610520 2023-04-24] (Primochenko Dmitriy Valeryevich -> )
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11744152 2024-12-05] (Logitech Inc -> Logitech, Inc.)
R2 logi_lamparray_service; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_3786a31d1dad269d\logi_lamparray_service.exe [11177064 2024-11-30] (Logitech Inc -> Logitech, Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-11-29] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559304 2024-11-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-11-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-11-29] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrmgr.sys [25672 2024-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_d4de13a10f2586d0\amdsafd.sys [112952 2024-06-15] (AMD Test Build -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\amdkmdag.sys [106596128 2024-09-04] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [61888 2023-05-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 hanvonugeemfilter; C:\WINDOWS\System32\drivers\hanvonugeemfilter.sys [9728 2023-07-28] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2024-11-30] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2024-11-30] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2024-11-30] (Logitech Inc -> Logitech)
R3 logi_lamparray; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_3786a31d1dad269d\logi_lamparray.sys [89192 2024-11-30] (Logitech Inc -> Logitech, Inc.)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22104 2024-11-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606624 2024-11-29] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-11-29] (Microsoft Windows -> Microsoft Corporation)
R3 XPPenTablet; C:\WINDOWS\System32\drivers\XPPenTablet.sys [10752 2023-09-27] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-12-14 04:07 - 2024-12-14 04:08 - 000031166 _____ C:\Users\Rudolf\Desktop\Addition.txt
2024-12-14 04:04 - 2024-12-14 04:08 - 000019132 _____ C:\Users\Rudolf\Desktop\FRST.txt
2024-12-14 04:04 - 2024-12-14 04:08 - 000000000 ____D C:\FRST
2024-12-14 03:54 - 2024-12-14 03:55 - 002402304 _____ (Farbar) C:\Users\Rudolf\Desktop\FRST64.exe
2024-12-14 03:51 - 2024-12-14 03:51 - 000711764 _____ C:\WINDOWS\system32\perfh005.dat
2024-12-14 03:51 - 2024-12-14 03:51 - 000152978 _____ C:\WINDOWS\system32\perfc005.dat
2024-12-13 19:14 - 2024-12-13 19:14 - 000002324 _____ C:\Users\Rudolf\Documents\cc_20241213_191432.reg
2024-12-11 01:09 - 2024-12-11 01:09 - 000001836 _____ C:\Users\Rudolf\Documents\cc_20241211_010916.reg
2024-12-11 00:06 - 2024-12-14 03:34 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-12-10 20:55 - 2024-12-14 03:45 - 000000280 _____ C:\WINDOWS\Tasks\CCleanerClean.job
2024-12-10 20:55 - 2024-12-14 03:43 - 000003282 _____ C:\WINDOWS\system32\Tasks\CCleanerClean
2024-12-10 19:42 - 2024-12-10 19:42 - 000020270 _____ C:\Users\Rudolf\Documents\cc_20241210_194235.reg
2024-12-10 19:29 - 2024-12-14 03:45 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-12-10 19:29 - 2024-12-14 03:43 - 000003010 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-12-10 19:29 - 2024-12-14 03:43 - 000002312 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Rudolf
2024-12-10 19:29 - 2024-12-10 19:29 - 000000000 ____D C:\ProgramData\Piriform
2024-12-10 19:29 - 2024-12-10 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2024-12-10 19:28 - 2024-12-14 03:43 - 000000000 ____D C:\Program Files\CCleaner
2024-12-10 19:24 - 2024-12-10 19:24 - 000023968 _____ C:\Users\Rudolf\Documents\keygen.reg
2024-12-10 13:16 - 2024-12-10 13:23 - 000000000 ____D C:\ProgramData\TEMP
2024-12-10 13:16 - 2024-12-10 13:21 - 000000000 ____D C:\Program Files (x86)\HDD Regenerator
2024-12-10 13:16 - 2024-12-10 13:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Regenerator
2024-12-10 13:15 - 2024-12-14 03:44 - 000002574 _____ C:\WINDOWS\system32\Tasks\WindowsUpdateService
2024-12-10 13:15 - 2024-12-10 13:54 - 000000000 ____D C:\WINDOWS\Download
2024-12-09 15:44 - 2024-12-09 15:44 - 000000000 ____D C:\Users\Rudolf\AppData\Local\bunkus.org
2024-12-09 15:43 - 2024-12-09 15:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
2024-12-09 15:43 - 2024-12-09 15:43 - 000000000 ____D C:\Program Files\MKVToolNix
2024-12-09 15:37 - 2024-12-09 15:37 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\kmp64
2024-12-09 15:37 - 2024-12-09 15:37 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\KMP
2024-12-09 15:36 - 2024-12-09 15:36 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KMPlayer 64X
2024-12-09 15:36 - 2024-12-09 15:36 - 000000000 ____D C:\Program Files\KMPlayer 64X
2024-12-09 10:16 - 2024-12-09 10:16 - 000000017 _____ C:\Users\Rudolf\AppData\Local\resmon.resmoncfg
2024-12-06 10:21 - 2024-12-06 10:21 - 000000112 ___SH C:\bootTel.dat
2024-12-06 01:56 - 2024-12-06 01:56 - 000005174 _____ C:\Users\Rudolf\Documents\cc_20241206_015653.reg
2024-12-05 23:56 - 2024-12-05 23:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2024-12-05 23:56 - 2024-12-05 23:56 - 000000000 ____D C:\Program Files\LGHUB
2024-12-05 21:01 - 2024-12-05 21:01 - 000001110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe DNG Converter.lnk
2024-12-05 21:00 - 2024-12-05 21:00 - 000000000 ____D C:\Program Files\Adobe
2024-12-05 20:53 - 2024-12-10 18:53 - 000000000 ____D C:\Users\Rudolf\AppData\Local\HeliconFocus
2024-12-05 20:53 - 2024-12-05 20:53 - 000000000 ____D C:\Users\Rudolf\AppData\Local\CaptureOne
2024-12-05 20:53 - 2024-12-05 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Helicon Software
2024-12-05 20:53 - 2024-12-05 20:53 - 000000000 ____D C:\Program Files\Helicon Software
2024-12-05 20:50 - 2024-12-05 20:51 - 000000000 ____D C:\Program Files (x86)\Sequator162r2
2024-12-05 20:17 - 2024-12-05 20:17 - 000000000 ____D C:\Program Files\Common Files\Logitech
2024-12-05 20:16 - 2024-12-05 20:16 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Logitech
2024-12-05 20:16 - 2024-12-05 20:16 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Logishrd
2024-12-05 14:58 - 2024-12-05 15:00 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-12-05 14:58 - 2024-12-05 15:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-12-05 14:39 - 2024-12-05 14:39 - 000002136 _____ C:\Users\Rudolf\Documents\cc_20241205_143945.reg
2024-12-05 13:05 - 2024-12-05 13:11 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2024-12-05 13:05 - 2024-12-05 13:05 - 000000045 _____ C:\WINDOWS\SysWOW64\initdebug.nfo
2024-12-05 13:05 - 2024-12-05 13:05 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2024-12-05 12:54 - 2024-12-05 12:54 - 000005396 _____ C:\Users\Rudolf\Documents\cc_20241205_125420.reg
2024-12-05 12:48 - 2024-12-05 12:48 - 000013746 _____ C:\Users\Rudolf\Documents\cc_20241205_124828.reg
2024-12-05 11:26 - 2024-12-05 11:26 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Goldberg SocialClub Emu Saves
2024-12-05 11:25 - 2024-12-05 11:25 - 000000000 ____D C:\Users\Rudolf\Documents\Rockstar Games
2024-12-05 11:25 - 2024-12-05 11:25 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Rockstar Games
2024-12-05 10:32 - 2024-12-05 14:31 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2024-12-05 10:32 - 2024-12-05 10:32 - 000000000 ___HD C:\Program Files (x86)\Temp
2024-12-05 10:32 - 2024-12-05 10:32 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2024-12-05 10:32 - 2024-12-05 10:32 - 000000000 ____D C:\Program Files\Realtek
2024-12-05 10:32 - 2024-12-05 10:32 - 000000000 ____D C:\Program Files (x86)\Realtek
2024-12-05 10:32 - 2021-09-26 20:12 - 000192880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2024-12-05 10:32 - 2021-09-26 20:11 - 003843944 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2024-12-05 10:32 - 2021-09-26 20:10 - 006532712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2024-12-05 10:32 - 2021-09-26 20:10 - 000023600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2024-12-05 10:32 - 2019-04-15 13:13 - 002856624 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2024-12-05 08:41 - 2024-12-05 08:41 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\RapidCRC
2024-12-05 03:31 - 2024-12-05 03:31 - 000001072 _____ C:\Users\Rudolf\Documents\cc_20241205_033149.reg
2024-12-05 03:28 - 2024-12-05 03:28 - 000005524 _____ C:\Users\Rudolf\Documents\cc_20241205_032840.reg
2024-12-05 03:14 - 2024-12-05 03:14 - 000012376 _____ C:\Users\Rudolf\Documents\cc_20241205_031423.reg
2024-12-05 03:07 - 2024-12-05 03:07 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Intel
2024-12-05 03:07 - 2024-12-05 03:07 - 000000000 ____D C:\ProgramData\Intel
2024-12-05 02:56 - 2024-12-07 02:31 - 000000000 ____D C:\WINDOWS\pss
2024-12-05 01:38 - 2024-12-05 01:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
2024-12-05 01:38 - 2024-12-05 01:38 - 000000000 ____D C:\Program Files (x86)\FinalWire
2024-12-05 00:06 - 2024-12-05 00:06 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\16HD
2024-12-05 00:04 - 2024-12-05 00:04 - 000002058 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO PureRAW 3.lnk
2024-12-04 23:48 - 2024-12-05 03:18 - 000000000 ____D C:\ProgramData\DxO Labs
2024-12-04 23:48 - 2024-12-05 03:18 - 000000000 ____D C:\Program Files\DxO
2024-12-01 02:39 - 2024-12-01 02:39 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-11-30 19:11 - 2024-11-30 19:45 - 000000000 ____D C:\Users\Rudolf\AppData\Local\GameAnalytics
2024-11-30 19:10 - 2024-11-30 19:10 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Unreal Engine
2024-11-30 19:10 - 2024-11-30 19:10 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Stalker2
2024-11-30 19:10 - 2024-11-30 19:10 - 000000000 ____D C:\Users\Public\Documents\Steam
2024-11-30 17:49 - 2024-12-05 20:05 - 000000000 ____D C:\Users\Rudolf\Documents\My Games
2024-11-30 17:27 - 2024-11-30 17:27 - 000000914 _____ C:\Users\Rudolf\Documents\cc_20241130_172732.reg
2024-11-30 17:15 - 2024-12-01 19:04 - 000003844 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2024-11-30 17:15 - 2024-12-01 19:04 - 000003402 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2024-11-30 14:21 - 2024-12-06 05:22 - 000000000 ____D C:\Users\Rudolf\AppData\Local\CrashDumps
2024-11-30 14:21 - 2024-11-30 14:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoner Photo Studio X
2024-11-30 14:20 - 2024-11-30 14:21 - 000000000 ____D C:\Program Files (x86)\Zoner Photo Studio X
2024-11-30 13:27 - 2024-12-05 11:51 - 000001162 _____ C:\WINDOWS\system32\config\VSMIDK
2024-11-30 13:21 - 2024-11-30 13:21 - 000131818 _____ C:\Users\Rudolf\Documents\cc_20241130_132119.reg
2024-11-30 13:14 - 2024-11-30 13:14 - 000000000 ____D C:\ProgramData\Zoner
2024-11-30 12:57 - 2024-11-30 12:57 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Red Dead Redemption
2024-11-30 12:57 - 2024-11-30 12:57 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\.1911
2024-11-30 12:50 - 2024-12-11 02:13 - 000001382 _____ C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2024-11-30 12:50 - 2024-12-01 16:45 - 000000000 ____D C:\Users\Rudolf\AppData\Local\ESET
2024-11-30 12:47 - 2024-11-30 12:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia - Definitive Edition [GOG.com]
2024-11-30 12:47 - 2024-11-30 12:47 - 000000000 ____D C:\ProgramData\GOG.com
2024-11-30 12:20 - 2024-11-30 12:20 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Topaz Labs LLC
2024-11-30 11:33 - 2024-12-14 03:39 - 000000000 ____D C:\Users\Rudolf\AppData\Local\LGHUB
2024-11-30 11:33 - 2024-12-06 00:04 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\lghub
2024-11-30 11:33 - 2024-12-06 00:04 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\G HUB
2024-11-30 11:33 - 2024-12-05 20:17 - 000000000 ____D C:\Program Files\Logitech
2024-11-30 11:33 - 2024-11-30 11:33 - 000073040 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_xlcore.sys
2024-11-30 11:33 - 2024-11-30 11:33 - 000044880 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_bus_enum.sys
2024-11-30 11:33 - 2024-11-30 11:33 - 000032080 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_vir_hid.sys
2024-11-30 11:33 - 2024-11-30 11:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Photo AI
2024-11-30 11:33 - 2024-11-30 11:33 - 000000000 ____D C:\ProgramData\Logishrd
2024-11-30 11:33 - 2024-11-30 11:33 - 000000000 ____D C:\Program Files\Logi
2024-11-30 11:32 - 2024-11-30 11:33 - 000000000 ____D C:\ProgramData\LGHUB
2024-11-30 11:32 - 2024-11-30 11:32 - 000000000 ____D C:\ProgramData\Topaz Labs LLC
2024-11-30 11:32 - 2024-11-30 11:32 - 000000000 ____D C:\Program Files\Topaz Labs LLC
2024-11-30 11:31 - 2024-11-30 13:29 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Sentry
2024-11-30 11:29 - 2024-11-30 13:29 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Luminar Neo
2024-11-30 11:29 - 2024-11-30 11:29 - 000001026 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Luminar Neo.lnk
2024-11-30 11:25 - 2024-11-30 11:25 - 000000000 ____D C:\ProgramData\CyberMania
2024-11-30 11:25 - 2024-11-30 11:25 - 000000000 ____D C:\Program Files\Skylum
2024-11-30 08:35 - 2024-11-30 08:35 - 000000000 ____D C:\Users\Rudolf\AppData\Local\cache
2024-11-30 08:34 - 2024-11-30 08:34 - 000000000 ____D C:\ProgramData\Reprise
2024-11-30 08:31 - 2024-12-04 23:46 - 000000000 ____D C:\Users\Rudolf\AppData\Local\DxO_Labs
2024-11-30 03:54 - 2024-12-14 04:00 - 000000000 ___RD C:\Users\Rudolf\Desktop\卐
2024-11-30 03:19 - 2024-11-30 03:19 - 000000000 ____D C:\ProgramData\Apple Computer
2024-11-30 03:16 - 2024-11-30 03:16 - 000000000 ____D C:\ProgramData\Apple Inc
2024-11-30 03:16 - 2024-11-30 03:16 - 000000000 ____D C:\ProgramData\Apple
2024-11-30 03:04 - 2024-12-10 17:51 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\AIMP
2024-11-30 03:04 - 2024-11-30 14:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP
2024-11-30 03:04 - 2024-11-30 14:43 - 000000000 ____D C:\Program Files\AIMP
2024-11-30 02:59 - 2024-11-30 02:59 - 000000000 ____D C:\Users\Rudolf\Documents\Adobe
2024-11-30 02:58 - 2024-11-30 02:58 - 000000000 ____D C:\Users\Rudolf\AppData\LocalLow\Adobe
2024-11-30 02:43 - 2024-11-30 12:51 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Adobe
2024-11-30 02:43 - 2024-11-30 02:58 - 000000000 ____D C:\ProgramData\Adobe
2024-11-30 02:40 - 2024-11-30 02:40 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2024-11-29 23:00 - 2024-12-05 03:45 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Wargaming.net
2024-11-29 22:59 - 2024-11-29 23:00 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2024-11-29 22:59 - 2024-11-29 22:59 - 000000000 ____D C:\ProgramData\Wargaming.net
2024-11-29 22:58 - 2024-11-29 22:58 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pentablet
2024-11-29 22:58 - 2023-09-19 17:03 - 000146944 _____ (TODO: <公司名>) C:\WINDOWS\system32\WinTab32.dll
2024-11-29 22:58 - 2023-09-19 17:03 - 000126464 _____ (TODO: <公司名>) C:\WINDOWS\SysWOW64\WinTab32.dll
2024-11-29 22:57 - 2024-11-30 08:57 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Pentablet V3
2024-11-29 22:57 - 2024-11-29 22:58 - 000000000 ____D C:\Program Files\Pentablet
2024-11-29 19:40 - 2024-12-14 03:58 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Zoner
2024-11-29 19:40 - 2024-11-30 14:23 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Zoner
2024-11-29 19:38 - 2024-11-29 19:38 - 000000000 ____D C:\Users\Administrator
2024-11-29 19:31 - 2024-12-09 03:12 - 000000000 ____D C:\Users\Rudolf\AppData\Local\NVIDIA Corporation
2024-11-29 19:28 - 2024-11-30 19:10 - 000000000 ____D C:\Users\Rudolf\AppData\Local\UnrealEngine
2024-11-29 19:28 - 2024-11-29 19:28 - 000000000 ____D C:\Users\Rudolf\AppData\Local\UnrealEngineLauncher
2024-11-29 19:28 - 2024-11-29 19:28 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Steam
2024-11-29 19:28 - 2024-11-29 19:28 - 000000000 ____D C:\Users\Rudolf\AppData\Local\EpicGamesLauncher
2024-11-29 19:28 - 2024-11-29 19:28 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Epic Games
2024-11-29 19:28 - 2024-11-29 19:28 - 000000000 ____D C:\Users\Rudolf\AppData\Local\CEF
2024-11-29 19:27 - 2024-11-29 19:31 - 000000000 ____D C:\ProgramData\Epic
2024-11-29 19:27 - 2024-11-29 19:28 - 000000000 ____D C:\Program Files (x86)\Epic Games
2024-11-29 19:27 - 2024-11-29 19:27 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2024-11-29 19:24 - 2024-12-14 03:48 - 000000000 ____D C:\Program Files (x86)\Steam
2024-11-29 19:24 - 2024-11-29 19:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2024-11-29 16:23 - 2024-12-13 23:19 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Webshare
2024-11-29 16:23 - 2024-11-29 16:23 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webshare klient
2024-11-29 16:23 - 2024-11-29 16:23 - 000000000 ____D C:\Program Files\Webshare klient
2024-11-29 15:42 - 2024-11-29 15:42 - 000052288 _____ C:\Users\Rudolf\Documents\cc_20241129_154248.reg
2024-11-29 15:36 - 2024-11-29 15:36 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Backup
2024-11-29 14:26 - 2024-11-29 14:26 - 000000000 ____D C:\Intel
2024-11-29 14:19 - 2024-11-29 14:19 - 000000000 ____D C:\ProgramData\Intel Package Cache {1CEAC85D-2590-4760-800F-8DE5E91F3700}
2024-11-29 14:13 - 2024-12-12 22:31 - 000002250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-11-29 14:13 - 2024-11-29 14:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2024-11-29 14:13 - 2024-11-29 14:13 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Google
2024-11-29 14:13 - 2024-11-29 14:13 - 000000000 ____D C:\Program Files\Google
2024-11-29 14:13 - 2024-11-29 14:13 - 000000000 ____D C:\Program Files (x86)\Google
2024-11-29 13:44 - 2024-11-29 13:44 - 000027132 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-11-29 13:44 - 2024-11-29 13:44 - 000027132 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-11-29 13:44 - 2024-11-29 13:44 - 000000998 _____ C:\WINDOWS\system32\DeviceFeatureDDF.json
2024-11-29 12:59 - 2024-11-29 12:59 - 000000000 ____D C:\Users\Rudolf\AppData\Local\ToastNotificationManagerCompat
2024-11-29 12:46 - 2024-12-13 19:46 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-11-29 12:25 - 2024-11-29 12:25 - 000000000 ___HD C:\OneDriveTemp
2024-11-29 12:25 - 2024-11-29 12:25 - 000000000 ____D C:\Users\Rudolf\AppData\Local\OneDrive
2024-11-29 12:24 - 2024-09-04 08:43 - 000116944 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2024-11-29 12:20 - 2024-11-30 15:04 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\windows
2024-11-29 12:18 - 2024-12-14 03:45 - 000003102 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2024-11-29 12:18 - 2024-12-14 03:45 - 000003094 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2024-11-29 12:18 - 2024-12-11 14:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-11-29 12:18 - 2024-11-29 12:18 - 000003484 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2024-11-29 12:18 - 2024-11-29 12:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2024-11-29 12:18 - 2024-11-29 12:18 - 000000000 ____D C:\ProgramData\AMD
2024-11-29 12:17 - 2024-12-05 16:44 - 000002194 _____ C:\WINDOWS\system32\Tasks\StartCN
2024-11-29 12:17 - 2024-12-05 16:44 - 000002114 _____ C:\WINDOWS\system32\Tasks\StartDVR
2024-11-29 12:17 - 2024-12-05 14:39 - 000000000 ____D C:\ProgramData\Package Cache
2024-11-29 12:17 - 2024-11-29 12:17 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2024-11-29 12:17 - 2024-11-29 12:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition
2024-11-29 12:17 - 2024-11-29 12:17 - 000000000 ____D C:\Program Files\Reference Assemblies
2024-11-29 12:17 - 2024-11-29 12:17 - 000000000 ____D C:\Program Files\MSBuild
2024-11-29 12:17 - 2024-11-29 12:17 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2024-11-29 12:17 - 2024-11-29 12:17 - 000000000 ____D C:\Program Files (x86)\MSBuild
2024-11-29 12:16 - 2024-09-04 08:44 - 002100128 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2024-11-29 12:16 - 2024-09-04 08:44 - 001617824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2024-11-29 12:16 - 2024-09-04 08:44 - 001617824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2024-11-29 12:16 - 2024-09-04 08:44 - 000978336 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2024-11-29 12:16 - 2024-09-04 08:44 - 000856864 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-11-29 12:16 - 2024-09-04 08:44 - 000856864 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-11-29 12:16 - 2024-09-04 08:44 - 000737696 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-11-29 12:16 - 2024-09-04 08:44 - 000737696 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-11-29 12:16 - 2024-09-04 08:44 - 000682400 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-11-29 12:16 - 2024-09-04 08:44 - 000668008 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-11-29 12:16 - 2024-09-04 08:44 - 000610720 _____ C:\WINDOWS\system32\GameManager64.dll
2024-11-29 12:16 - 2024-09-04 08:44 - 000537504 _____ C:\WINDOWS\system32\atieah64.exe
2024-11-29 12:16 - 2024-09-04 08:44 - 000504088 _____ C:\WINDOWS\system32\EEURestart.exe
2024-11-29 12:16 - 2024-09-04 08:44 - 000473480 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2024-11-29 12:16 - 2024-09-04 08:44 - 000464288 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2024-11-29 12:16 - 2024-09-04 08:44 - 000406408 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2024-11-29 12:16 - 2024-09-04 08:44 - 000267168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2024-11-29 12:16 - 2024-09-04 08:44 - 000229280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2024-11-29 12:16 - 2024-09-04 08:44 - 000211128 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2024-11-29 12:16 - 2024-09-04 08:44 - 000207776 _____ C:\WINDOWS\system32\mantle64.dll
2024-11-29 12:16 - 2024-09-04 08:44 - 000196512 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2024-11-29 12:16 - 2024-09-04 08:44 - 000186656 _____ C:\WINDOWS\system32\mantleaxl64.dll
2024-11-29 12:16 - 2024-09-04 08:44 - 000184608 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2024-11-29 12:16 - 2024-09-04 08:44 - 000174944 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2024-11-29 12:16 - 2024-09-04 08:44 - 000165792 _____ C:\WINDOWS\SysWOW64\mantle32.dll
2024-11-29 12:16 - 2024-09-04 08:44 - 000149280 _____ C:\WINDOWS\SysWOW64\mantleaxl32.dll
2024-11-29 12:16 - 2024-09-04 08:44 - 000148896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2024-11-29 12:16 - 2024-09-04 08:44 - 000142624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2024-11-29 12:16 - 2024-09-04 08:44 - 000075176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2024-11-29 12:16 - 2024-09-04 08:43 - 105410432 _____ C:\WINDOWS\system32\amd_comgr.dll
2024-11-29 12:16 - 2024-09-04 08:43 - 088606496 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2024-11-29 12:16 - 2024-09-04 08:43 - 004374408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdadlx64.dll
2024-11-29 12:16 - 2024-09-04 08:43 - 004179848 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdadlx32.dll
2024-11-29 12:16 - 2024-09-04 08:43 - 002245408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsasrv64.dll
2024-11-29 12:16 - 2024-09-04 08:43 - 001355520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsacli64.dll
2024-11-29 12:16 - 2024-09-04 08:43 - 001074664 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdsacli32.dll
2024-11-29 12:16 - 2024-09-04 08:43 - 000944008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2024-11-29 12:16 - 2024-09-04 08:43 - 000801672 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2024-11-29 12:16 - 2024-09-04 08:43 - 000771488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2024-11-29 12:16 - 2024-09-04 08:43 - 000678816 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2024-11-29 12:16 - 2024-09-04 08:43 - 000570248 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2024-11-29 12:16 - 2024-09-04 08:43 - 000545568 _____ C:\WINDOWS\system32\dgtrayicon.exe
2024-11-29 12:16 - 2024-09-04 08:43 - 000471456 _____ C:\WINDOWS\system32\amdlogum.exe
2024-11-29 12:16 - 2024-09-04 08:43 - 000434056 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2024-11-29 12:16 - 2024-09-04 08:43 - 000232672 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2024-11-29 12:16 - 2024-09-04 08:43 - 000187968 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2024-11-29 12:16 - 2024-09-04 08:43 - 000139168 _____ C:\WINDOWS\system32\amdxc64.dll
2024-11-29 12:16 - 2024-09-04 08:43 - 000118560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2024-11-29 12:16 - 2024-09-04 08:43 - 000115104 _____ C:\WINDOWS\SysWOW64\amdxc32.dll
2024-11-29 12:16 - 2024-09-04 08:43 - 000103304 _____ C:\WINDOWS\system32\clinfo.exe
2024-11-29 12:16 - 2024-09-04 08:43 - 000051616 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2024-11-29 12:16 - 2024-09-04 08:43 - 000048520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2024-11-29 12:16 - 2024-09-04 08:42 - 019434400 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2024-11-29 12:16 - 2024-09-04 08:42 - 001736464 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2024-11-29 12:16 - 2024-09-04 08:42 - 001412064 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2024-11-29 12:16 - 2024-09-04 08:42 - 000572312 _____ C:\WINDOWS\system32\amdmiracast.dll
2024-11-29 12:16 - 2024-09-04 08:42 - 000177984 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2024-11-29 12:16 - 2024-09-04 08:42 - 000177056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2024-11-29 12:16 - 2024-09-04 08:42 - 000167552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2024-11-29 12:16 - 2024-09-04 08:42 - 000167528 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2024-11-29 12:16 - 2024-09-04 08:42 - 000157536 _____ C:\WINDOWS\system32\atidxx64.dll
2024-11-29 12:16 - 2024-09-04 08:42 - 000152504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2024-11-29 12:16 - 2024-09-04 08:42 - 000145800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl.dll
2024-11-29 12:16 - 2024-09-04 08:42 - 000138624 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2024-11-29 12:16 - 2024-09-04 08:42 - 000138616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2024-11-29 12:16 - 2024-09-04 08:42 - 000131136 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2024-11-29 12:16 - 2024-09-04 07:56 - 109624080 _____ C:\WINDOWS\system32\amdxc64.so
2024-11-29 12:16 - 2024-08-19 23:13 - 002976160 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\AMDBugReportTool.exe
2024-11-29 12:16 - 2023-05-24 12:42 - 000061888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdxe.sys
2024-11-29 12:14 - 2024-12-13 19:46 - 000000000 ____D C:\Users\Rudolf\AppData\Local\AMD_Common
2024-11-29 12:14 - 2024-11-29 12:14 - 000000000 ____D C:\AMD
2024-11-29 12:12 - 2024-11-30 15:05 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\system32
2024-11-29 12:09 - 2024-12-05 16:41 - 000000000 ____D C:\Program Files\WinRAR
2024-11-29 12:09 - 2024-11-29 12:09 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\WinRAR
2024-11-29 12:02 - 2024-11-29 12:02 - 000000000 ____D C:\Users\Rudolf\AppData\Local\PeerDistRepub
2024-11-29 11:42 - 2024-12-14 03:51 - 001692388 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-11-29 11:42 - 2024-12-10 19:27 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\MMC
2024-11-29 11:42 - 2024-11-29 11:42 - 000000000 ____D C:\Users\Rudolf\AppData\LocalLow\AMD
2024-11-29 11:41 - 2024-12-14 03:44 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2024-11-29 11:41 - 2024-12-05 01:30 - 000000000 ____D C:\Users\Rudolf\AppData\Local\AMD
2024-11-29 11:41 - 2024-11-29 12:24 - 000000000 ____D C:\Program Files\AMD
2024-11-29 11:41 - 2024-11-29 11:41 - 000000000 ____D C:\WINDOWS\system32\AMD
2024-11-29 11:39 - 2024-11-30 05:21 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1083086168-213267606-627677339-1000
2024-11-29 11:39 - 2024-11-30 05:21 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1083086168-213267606-627677339-1000
2024-11-29 11:39 - 2024-11-30 05:21 - 000002386 _____ C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-11-29 11:39 - 2024-11-30 05:21 - 000000000 ___RD C:\Users\Rudolf\OneDrive
2024-11-29 11:39 - 2024-11-29 17:56 - 000000000 ____D C:\Users\Rudolf\AppData\Local\PlaceholderTileLogoFolder
2024-11-29 11:39 - 2024-11-29 11:39 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Publishers
2024-11-29 11:39 - 2024-11-29 11:39 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Comms
2024-11-29 11:39 - 2024-11-29 11:39 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2024-11-29 11:38 - 2024-12-13 19:46 - 000000000 ____D C:\Users\Rudolf\AppData\Local\D3DSCache
2024-11-29 11:38 - 2024-12-10 19:41 - 000000000 ____D C:\Users\Rudolf\AppData\Local\Packages
2024-11-29 11:38 - 2024-12-10 04:17 - 000000000 ____D C:\Users\Rudolf
2024-11-29 11:38 - 2024-11-30 11:33 - 000000000 ___SD C:\Users\Rudolf\AppData\Roaming\Microsoft\Credentials
2024-11-29 11:38 - 2024-11-30 02:59 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Adobe
2024-11-29 11:38 - 2024-11-29 15:03 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows
2024-11-29 11:38 - 2024-11-29 12:24 - 000000000 ___SD C:\Users\Rudolf\AppData\Roaming\Microsoft\Protect
2024-11-29 11:38 - 2024-11-29 12:24 - 000000000 ____D C:\Users\Rudolf\AppData\Local\ConnectedDevicesPlatform
2024-11-29 11:38 - 2024-11-29 11:55 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-11-29 11:38 - 2024-11-29 11:54 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Spelling
2024-11-29 11:38 - 2024-11-29 11:38 - 000000020 ___SH C:\Users\Rudolf\ntuser.ini
2024-11-29 11:38 - 2024-11-29 11:38 - 000000000 _SHDL C:\Users\Rudolf\Šablony
2024-11-29 11:38 - 2024-11-29 11:38 - 000000000 _SHDL C:\Users\Rudolf\Soubory cookie
2024-11-29 11:38 - 2024-11-29 11:38 - 000000000 _SHDL C:\Users\Rudolf\Poslední
2024-11-29 11:38 - 2024-11-29 11:38 - 000000000 _SHDL C:\Users\Rudolf\Okolní tiskárny
2024-11-29 11:38 - 2024-11-29 11:38 - 000000000 _SHDL C:\Users\Rudolf\Okolní síť
2024-11-29 11:38 - 2024-11-29 11:38 - 000000000 _SHDL C:\Users\Rudolf\Nabídka Start
2024-11-29 11:38 - 2024-11-29 11:38 - 000000000 _SHDL C:\Users\Rudolf\Dokumenty
2024-11-29 11:38 - 2024-11-29 11:38 - 000000000 _SHDL C:\Users\Rudolf\Documents\Obrázky
2024-11-29 11:38 - 2024-11-29 11:38 - 000000000 _SHDL C:\Users\Rudolf\Documents\Hudba
2024-11-29 11:38 - 2024-11-29 11:38 - 000000000 _SHDL C:\Users\Rudolf\Documents\Filmy
2024-11-29 11:38 - 2024-11-29 11:38 - 000000000 _SHDL C:\Users\Rudolf\Data aplikací
2024-11-29 11:38 - 2024-11-29 11:38 - 000000000 _SHDL C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2024-11-29 11:38 - 2024-11-29 11:38 - 000000000 _SHDL C:\Users\Rudolf\AppData\Local\Data aplikací
2024-11-29 11:38 - 2024-11-29 11:38 - 000000000 ___SD C:\Users\Rudolf\AppData\Roaming\Microsoft\SystemCertificates
2024-11-29 11:38 - 2024-11-29 11:38 - 000000000 ___SD C:\Users\Rudolf\AppData\Roaming\Microsoft\Crypto
2024-11-29 11:38 - 2024-11-29 11:38 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Vault
2024-11-29 11:38 - 2024-11-29 11:38 - 000000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Network
2024-11-29 11:38 - 2024-11-29 11:38 - 000000000 ____D C:\Users\Rudolf\AppData\Local\VirtualStore
2024-11-29 11:36 - 2024-12-10 19:41 - 000000000 ____D C:\ProgramData\Packages
2024-11-29 11:36 - 2024-11-29 11:36 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2024-11-29 11:36 - 2024-11-29 11:36 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2024-11-29 11:36 - 2024-11-29 11:36 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2024-11-29 11:36 - 2024-11-29 11:36 - 000000000 _SHDL C:\Users\Default\Šablony
2024-11-29 11:36 - 2024-11-29 11:36 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2024-11-29 11:36 - 2024-11-29 11:36 - 000000000 _SHDL C:\Users\Default\Poslední
2024-11-29 11:36 - 2024-11-29 11:36 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2024-11-29 11:36 - 2024-11-29 11:36 - 000000000 _SHDL C:\Users\Default\Okolní síť
2024-11-29 11:36 - 2024-11-29 11:36 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2024-11-29 11:36 - 2024-11-29 11:36 - 000000000 _SHDL C:\Users\Default\Dokumenty
2024-11-29 11:36 - 2024-11-29 11:36 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2024-11-29 11:36 - 2024-11-29 11:36 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2024-11-29 11:36 - 2024-11-29 11:36 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2024-11-29 11:36 - 2024-11-29 11:36 - 000000000 _SHDL C:\Users\Default\Data aplikací
2024-11-29 11:36 - 2024-11-29 11:36 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2024-11-29 11:36 - 2024-11-29 11:36 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2024-11-29 11:36 - 2024-11-29 11:36 - 000000000 _SHDL C:\ProgramData\Šablony
2024-11-29 11:36 - 2024-11-29 11:36 - 000000000 _SHDL C:\ProgramData\Plocha
2024-11-29 11:36 - 2024-11-29 11:36 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2024-11-29 11:36 - 2024-11-29 11:36 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2024-11-29 11:36 - 2024-11-29 11:36 - 000000000 _SHDL C:\ProgramData\Dokumenty
2024-11-29 11:36 - 2024-11-29 11:36 - 000000000 _SHDL C:\ProgramData\Data aplikací
2024-11-29 11:36 - 2024-11-29 11:36 - 000000000 _SHDL C:\Documents and Settings
2024-11-29 11:36 - 2024-11-29 11:36 - 000000000 ____D C:\WINDOWS\CSC
2024-11-29 11:34 - 2024-12-14 03:45 - 000007738 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2024-11-29 11:33 - 2024-12-14 03:45 - 000012288 ___SH C:\DumpStack.log.tmp
2024-11-29 11:33 - 2024-12-14 03:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-11-29 11:33 - 2024-12-13 17:40 - 000002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-11-29 11:33 - 2024-12-13 00:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-11-29 11:33 - 2024-12-11 01:11 - 000305816 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-11-29 11:33 - 2024-11-29 13:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-11-29 11:33 - 2024-11-29 11:36 - 000003716 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{667B5F33-CB74-42E4-9D9C-9AB3DE262F6E}
2024-11-29 11:33 - 2024-11-29 11:36 - 000003592 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{D89B0B3F-2875-4351-8D39-0D34B6CD0B1C}
2024-11-29 11:33 - 2024-11-29 11:33 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2024-11-29 11:33 - 2024-11-29 11:33 - 000000000 ____D C:\WINDOWS\system32\config\BFS
2024-11-29 11:33 - 2024-11-29 11:33 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2024-11-29 11:32 - 2024-11-29 14:11 - 000000000 ___DC C:\WINDOWS\Panther
2024-11-29 11:32 - 2024-11-29 11:32 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-12-14 03:55 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2024-12-14 03:55 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-12-14 03:55 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-12-14 03:54 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-12-14 03:51 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF
2024-12-14 03:44 - 2024-04-01 08:21 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2024-12-11 01:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-12-11 01:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources
2024-12-11 01:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-12-11 01:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\setup
2024-12-11 01:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-12-05 20:05 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-12-05 12:47 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-11-29 14:14 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\USOPrivate
2024-11-29 13:58 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-11-29 13:58 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-11-29 13:58 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS
2024-11-29 13:58 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-11-29 13:58 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-11-29 13:58 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-11-29 13:58 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-11-29 13:58 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-11-29 13:58 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-11-29 13:58 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-11-29 13:58 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-11-29 13:58 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-11-29 13:58 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-11-29 13:58 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-11-29 13:58 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-11-29 13:58 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-11-29 13:58 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-11-29 13:58 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\System
2024-11-29 13:57 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\appcompat
2024-11-29 13:48 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files\Windows Defender
2024-11-29 13:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\spool
2024-11-29 13:15 - 2024-04-01 17:31 - 000000000 ___SD C:\WINDOWS\system32\AppV
2024-11-29 13:15 - 2024-04-01 17:31 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-11-29 13:15 - 2024-04-01 17:31 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-11-29 13:15 - 2024-04-01 17:31 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-11-29 13:15 - 2024-04-01 17:30 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2024-11-29 13:15 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-11-29 13:15 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-11-29 13:15 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-11-29 13:15 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemApps
2024-11-29 13:15 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2024-11-29 13:15 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-11-29 13:15 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\Provisioning
2024-11-29 13:15 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\IME
2024-11-29 13:15 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-11-29 13:15 - 2024-04-01 08:21 - 000000000 ____D C:\WINDOWS\servicing
2024-11-29 12:42 - 2024-04-01 08:26 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2024-11-29 12:42 - 2024-04-01 08:26 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2024-11-29 12:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2024-11-29 12:20 - 2024-04-01 08:21 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-11-29 12:17 - 2024-09-06 04:59 - 001175072 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2024-11-29 12:17 - 2024-09-06 04:59 - 000780720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2024-11-29 12:17 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2024-11-29 12:17 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\MUI
2024-11-29 11:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2024-11-29 11:36 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2024-11-29 11:36 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ServiceState
2024-11-29 11:36 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Windows NT
2024-11-29 11:32 - 2024-04-01 08:26 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
==================== Files in the root of some directories ========
2024-12-09 10:16 - 2024-12-09 10:16 - 000000017 _____ () C:\Users\Rudolf\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2024
Ran by Rudolf (14-12-2024 04:10:08)
Running from C:\Users\Rudolf\Desktop
Microsoft Windows 11 Pro Version 24H2 26100.2605 (X64) (2024-11-29 10:36:23)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1083086168-213267606-627677339-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1083086168-213267606-627677339-503 - Limited - Disabled)
Guest (S-1-5-21-1083086168-213267606-627677339-501 - Limited - Disabled)
Rudolf (S-1-5-21-1083086168-213267606-627677339-1000 - Administrator - Enabled) => C:\Users\Rudolf
WDAGUtilityAccount (S-1-5-21-1083086168-213267606-627677339-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AIDA64 Extreme v7.00 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 7.00 - FinalWire Ltd.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 24.9.1 - Advanced Micro Devices, Inc.)
Branding64 (HKLM\...\{492AEFBE-1B81-4C20-A111-E6974BB98EC5}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.31 - Piriform)
DxO PureRAW 3 (HKLM\...\{2FEAD6AE-13AD-495B-BC50-C4A75475386E}) (Version: 3.9.0 - DxO)
Epic Games Launcher (HKLM-x32\...\{B85FAA6E-A9AA-4655-9029-E1A4EDC05E1A}) (Version: 1.3.93.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{57A956AB-4BCC-45C6-9B40-957E4E125568}) (Version: 2.0.44.0 - Epic Games, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 131.0.6778.140 - Google LLC)
HDD Regenerator (HKLM-x32\...\{8B070D64-6C50-42B0-BCEB-485868C9945E}) (Version: 20.24.0000 - Abstradrome)
Helicon Focus 8.1.0.0 (HKLM\...\Helicon Focus 8_is1) (Version: - Helicon Soft Ltd.)
KMPlayer 64X (remove only) (HKLM\...\KMPlayer 64X) (Version: 2024.11.18.12 - PandoraTV)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2024.9.649333 - Logitech)
Mafia: Definitive Edition (HKLM-x32\...\1993581340_is1) (Version: 1.0.3 - GOG.com)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.99 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.86 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1083086168-213267606-627677339-1000\...\OneDriveSetup.exe) (Version: 24.221.1103.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34433 (HKLM-x32\...\{804e7d66-ccc2-4c12-84ba-476da31d103d}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34433 (HKLM-x32\...\{e7802eac-3305-4da0-9378-e55d1ed05518}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34433 (HKLM\...\{E1902FC6-C423-4719-AB8A-AC7B2694B367}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34433 (HKLM\...\{382F1166-A409-4C5B-9B1E-85ED538B8291}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34433 (HKLM-x32\...\{84E3E712-6343-484B-8B6C-9F145F019A70}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34433 (HKLM-x32\...\{C2BB95AA-90F3-4891-81C1-A7E565BB836C}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
MKVToolNix 88.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 88.0.0 - Moritz Bunkus)
Pentablet (HKLM\...\{5DAB8C1A-6D8E-467D-BE62-AC13087AA950}_is1) (Version: 3.4.13.231129 - XPPen Technology)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9239.1 - Realtek Semiconductor Corp.)
Skylum Luminar Neo (HKLM\...\{32BF618C-C29A-485C-956B-A3C5691C9CB2}_is1) (Version: 1.22.14095 - CyberMania)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Topaz Photo AI (HKLM\...\{89B77DBC-CCC2-4738-845E-1B8034BB7E85}) (Version: 3.3.2 - Topaz Labs LLC)
Wargaming.net Game Center (HKU\S-1-5-21-1083086168-213267606-627677339-1000\...\Wargaming.net Game Center) (Version: 24.7.1.7647 - Wargaming.net)
Webshare klient (HKLM-x32\...\Webshare klient) (Version: - )
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-1083086168-213267606-627677339-1000\...\198735504) (Version: - Wargaming.net)
Zoner Photo Studio X 19.2409.2.584 (HKLM-x32\...\Zoner Photo Studio X_is1) (Version: 19.2409.2.584 - LR)
Packages:
=========
AMD Radeon Software -> C:\Program Files\AMD\CNext\CNext [2024-11-29] (Advanced Micro Devices Inc.)
WinRAR -> C:\Program Files\WinRAR [2024-12-05] (win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1083086168-213267606-627677339-1000_Classes\CLSID\{DF1F7848-595D-4570-8E7C-35F77861C552}\InprocServer32 -> C:\Program Files (x86)\Zoner Photo Studio X\Program64\ZpsThumbnailHandler.dll (ZONER a.s. -> )
CustomCLSID: HKU\S-1-5-21-1083086168-213267606-627677339-1000_Classes\CLSID\{fa5312d1-0b58-428a-bd93-3b87ef89945d}\localserver32 -> C:\Program Files\Skylum\Luminar Neo\Luminar Neo.exe (Skylum Software USA, Inc. -> Skylum)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll [2024-11-30] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll [2024-11-30] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2024-11-29 22:57 - 2023-09-27 18:19 - 001224704 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Pentablet\LIBEAY32.dll
2024-11-29 22:57 - 2023-09-27 18:19 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Pentablet\SSLEAY32.dll
2024-11-29 22:57 - 2023-07-28 15:48 - 000036352 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\imageformats\qdds.dll
2024-11-29 22:57 - 2023-09-27 18:19 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qgif.dll
2024-11-29 22:57 - 2023-09-27 18:19 - 000033280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qicns.dll
2024-11-29 22:57 - 2023-09-27 18:19 - 000027648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qico.dll
2024-11-29 22:57 - 2023-09-27 18:19 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qjpeg.dll
2024-11-29 22:58 - 2023-09-27 18:19 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qsvg.dll
2024-11-29 22:58 - 2023-09-27 18:19 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qtga.dll
2024-11-29 22:58 - 2023-09-27 18:19 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qtiff.dll
2024-11-29 22:58 - 2023-09-27 18:19 - 000019968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qwbmp.dll
2024-11-29 22:58 - 2023-09-27 18:19 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qwebp.dll
2024-11-29 22:58 - 2023-09-27 18:19 - 001064960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\platforms\qwindows.dll
2024-11-29 22:57 - 2023-09-27 18:19 - 004814336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Core.dll
2024-11-29 22:57 - 2023-09-27 18:19 - 004965376 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Gui.dll
2024-11-29 22:57 - 2023-09-27 18:19 - 000930304 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Network.dll
2024-11-29 22:57 - 2023-09-27 18:19 - 000264704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Svg.dll
2024-11-29 22:57 - 2023-09-27 18:19 - 004464640 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Widgets.dll
2024-11-29 22:57 - 2023-09-27 18:19 - 000149504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:4FB9487F [184]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2024-11-29 19:35 - 2024-11-30 12:21 - 000000952 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 account.zoner.com
127.0.0.1 topazlabs.com
127.0.0.1 et.topazlabs.com
127.0.0.1 104.22.33.115
127.0.0.1 172.67.37.186
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1083086168-213267606-627677339-1000\Control Panel\Desktop\\Wallpaper -> E:\Fotky\2024\8\lebkaAI2.jpg
DNS Servers: 10.0.1.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Killer E2200 Gigabit Ethernet Controller -> e2xw10x64.sys
Síťové připojení Bluetooth 2: Bluetooth Device (Personal Area Network) #2 -> bthpan.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run32: => "HDD Regenerator"
HKU\S-1-5-21-1083086168-213267606-627677339-1000\...\StartupApproved\StartupFolder: => "EvidenceObject.vbs"
HKU\S-1-5-21-1083086168-213267606-627677339-1000\...\StartupApproved\Run: => "AMDNoiseSuppression"
HKU\S-1-5-21-1083086168-213267606-627677339-1000\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_5F787EB8F6C2739B29BBA49ECA2958CD"
HKU\S-1-5-21-1083086168-213267606-627677339-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1083086168-213267606-627677339-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1083086168-213267606-627677339-1000\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{7A3E43E2-08FB-4F1B-A037-E9651D0B9A85}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24295.605.3225.8804_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D454B172-BF32-445A-99AA-E6D5FBAE7E6F}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24295.605.3225.8804_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{90EF0CD9-0E31-4699-910E-241E86F6FDBC}] => (Block) C:\Program Files\CCleaner\CCleaner.exe (Gen Digital Inc. -> Piriform Software Ltd)
FirewallRules: [{22E5B462-3E15-46D1-A523-3CD2312E72A6}] => (Block) C:\Program Files\CCleaner\CCleaner64.exe (Gen Digital Inc. -> Piriform Software Ltd)
FirewallRules: [{271DA6F9-3C2A-4CC3-9DEA-30470346D569}] => (Block) C:\Program Files\CCleaner\CCUpdate.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{857F3D4D-84B2-4588-85ED-58464AA93ECF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4C59E07B-D41F-4B79-8A67-38A7E6C744F4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1141C98B-9CBD-476B-B3C1-F6A36E00043B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DF4A5048-143F-4438-B528-B38D86FC1ED6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{6982CE2E-6EAE-4FE1-BA4B-85360B7CF564}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{8F847BC7-3001-4752-A64C-42443EF7EBB8}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{7AB6F297-06B9-4E5D-A52D-3306D1B5EF60}D:\games\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\games\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{B8710F75-A832-47F0-A8DD-D52EE0062711}D:\games\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\games\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{D041BF35-EBAB-4432-AEE7-158CC3ACE169}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{A7487B5D-AA60-4E75-B2F9-F586EAA71477}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{CA5C923A-0C9C-4F5E-9200-404464E91646}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{CC49F036-A9E4-4A91-B1A8-8E7CED5421D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [TCP Query User{709329E2-4A37-4656-ACDF-97B8C47E762A}D:\games\wotanksu\win64\worldoftanks.exe] => (Allow) D:\games\wotanksu\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{F0D85200-CFAB-4922-B4F2-289413C68532}D:\games\wotanksu\win64\worldoftanks.exe] => (Allow) D:\games\wotanksu\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{91A48450-A94E-4397-A788-0499DB22F5FE}] => (Allow) D:\Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games) [File not signed]
FirewallRules: [{61AC04C3-CA3E-47CA-B3C8-CC0C2111B281}] => (Allow) D:\Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games) [File not signed]
FirewallRules: [{C2275F0B-5ADC-4955-950C-35A96E557C78}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.86\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{35AD9C53-4EE3-42E2-AF2E-B4934D8C0F99}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
06-12-2024 05:24:26 6.12.
10-12-2024 01:51:02 Windows Update
10-12-2024 01:51:05 Windows Update
10-12-2024 13:15:59 Installed HDD Regenerator.
10-12-2024 23:57:59 Instalační služba modulů systému Windows
14-12-2024 03:54:49 Windows Update
14-12-2024 03:54:49 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/13/2024 07:33:04 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: CCleanerPerformanceOptimizerService.exe, verze: 6.30.0.11385, časové razítko: 0x672b8af8
Název chybujícího modulu: CCleanerPerformanceOptimizerService.exe, verze: 6.30.0.11385, časové razítko: 0x672b8af8
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000001b561
ID chybujícího procesu: 0x1078
Čas spuštění chybující aplikace: 0x1db4d8d715876e0
Cesta k chybující aplikaci: C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
Cesta k chybujícímu modulu: C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
ID sestavy: feacd812-4a8a-401d-9ed3-edf70d272af2
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
Error: (12/10/2024 01:17:57 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 10.0.26100.1 programu SecHealthUI.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.
Error: (12/10/2024 04:07:29 AM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 10.0.26100.2454 programu explorer.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.
Error: (12/10/2024 04:04:52 AM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 10.0.26100.2454 programu explorer.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.
Error: (12/09/2024 06:39:32 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 10.0.26100.1150 programu dllhost.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.
Error: (12/09/2024 08:49:12 AM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 8.6.2.4 programu Webshare klient.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.
Error: (12/09/2024 03:11:15 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač..
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (12/06/2024 10:22:31 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: CCleanerPerformanceOptimizerService.exe, verze: 6.28.0.11297, časové razítko: 0x66ead2d2
Název chybujícího modulu: CCleanerPerformanceOptimizerService.exe, verze: 6.28.0.11297, časové razítko: 0x66ead2d2
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000001b561
ID chybujícího procesu: 0x1080
Čas spuštění chybující aplikace: 0x1db47c05fd79fd2
Cesta k chybující aplikaci: C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
Cesta k chybujícímu modulu: C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
ID sestavy: 71e87e76-98ae-4ab5-a630-90c9d059cdbc
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
System errors:
=============
Error: (12/14/2024 03:47:18 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (12/14/2024 03:44:39 AM) (Source: Microsoft-Windows-DeviceAssociationService) (EventID: 3503) (User: NT AUTHORITY)
Description: Služba přidružení zařízení zjistila chybu zjišťování koncového bodu.
Error: (12/14/2024 03:40:51 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (12/14/2024 03:38:08 AM) (Source: Microsoft-Windows-DeviceAssociationService) (EventID: 3503) (User: NT AUTHORITY)
Description: Služba přidružení zařízení zjistila chybu zjišťování koncového bodu.
Error: (12/13/2024 07:51:22 PM) (Source: DCOM) (EventID: 10010) (User: RUDOLF)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/13/2024 07:35:03 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (12/13/2024 07:33:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba CCleaner Performance Optimizer Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/13/2024 07:11:34 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Windows Defender:
================
Date: 2024-12-13 19:38:17
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Wacatac.H!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_E:\Ostatní\Software\TopazPhotoAI3.3.2x64.7z
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: RUDOLF\Rudolf
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.421.779.0, AS: 1.421.779.0, NIS: 1.421.779.0
Verze modulu: AM: 1.1.24090.11, NIS: 1.1.24090.11
Date: 2024-12-13 17:52:13
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7EED070D-C31A-4D4F-ABD8-D4A15D8FBCC4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-12-11 14:41:45
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3AE15909-62C3-4827-AA0B-EBD881D8927B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-12-11 08:14:24
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/Puwaders.C!ml
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_F:\Ostatní\Software\TopazPhotoAI3.3.2x64.7z
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Uživatel
Uživatel: RUDOLF\Rudolf
Název procesu: C:\Users\Rudolf\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Verze bezpečnostních informací: AV: 1.421.725.0, AS: 1.421.725.0, NIS: 1.421.725.0
Verze modulu: AM: 1.1.24090.11, NIS: 1.1.24090.11
Date: 2024-12-11 06:57:09
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/crack
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_F:\$RECYCLE.BIN\S-1-5-21-87297680-2717088268-3221549041-1001\$RMH12BA.rar; file:_F:\$RECYCLE.BIN\S-1-5-21-87297680-2717088268-3221549041-1001\$RMH12BA.rar->Adobe.Photoshop.2024.v25.7.0.504.exe->(RarSfx)->Photoshop2024\install\Helper.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Uživatel
Uživatel: RUDOLF\Rudolf
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.421.725.0, AS: 1.421.725.0, NIS: 1.421.725.0
Verze modulu: AM: 1.1.24090.11, NIS: 1.1.24090.11
Event[0]
Date: 2024-12-11 01:21:18
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.421.725.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.24090.11
Kód chyby: 0x8024001e
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===============
Date: 2024-12-05 20:30:48
Description:
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume3\Windows\System32\drivers\WmFilter.sys that is not compatible with hypervisor enforcement. Failure bitmap 0x2. Status 0xC0000220.
Date: 2024-12-05 20:17:26
Description:
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume3\Windows\System32\drivers\WmBEnum.sys that is not compatible with hypervisor enforcement. Failure bitmap 0x2. Status 0xC0000220.
==================== Memory info ===========================
BIOS: American Megatrends Inc. V2.13 03/07/2014
Motherboard: MSI Z77A-G43 (MS-7758)
Processor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Percentage of memory in use: 23%
Total physical RAM: 24526.93 MB
Available physical RAM: 18756.61 MB
Total Virtual: 26062.93 MB
Available Virtual: 18378.7 MB
==================== Drives ================================
Drive c: (WIN) (Fixed) (Total:446.39 GB) (Free:166.53 GB) (Model: Patriot Burst) NTFS
Drive d: (SSD) (Fixed) (Total:447.11 GB) (Free:15.21 GB) (Model: Patriot Burst) NTFS
Drive e: (HDD) (Fixed) (Total:763.82 GB) (Free:312.55 GB) (Model: Hitachi HTS543232L9A300) NTFS
\\?\Volume{787ac8e9-015b-488f-bb01-8d9404a9f4f9}\ () (Fixed) (Total:0.63 GB) (Free:0.11 GB) NTFS
\\?\Volume{2a78a1e9-e179-42de-83a3-cd22a833399c}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 447.1 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 2 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 3 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 4 (Protective MBR) (Size: 298.1 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kotrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kotrolu logu
Ahoj,
pouzi fixlist:
Start
S3 semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [X]
HKU\S-1-5-21-1083086168-213267606-627677339-1000\...\Run: [Zoner Photo Studio Autoupdate] => [X]
HKU\S-1-5-21-1083086168-213267606-627677339-1000\...\MountPoints2: {1ccff8e9-ae62-11ef-a535-001fcf506634} - "F:\HonorSuiteOnlineInstaller.exe"
System32\Tasks\WindowsUpdateService => C:\Windows\Download\Rdis.vbs [154 2024-01-07] () [File not signed]
EmptyTemp:
End
pouzi fixlist:
Start
S3 semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [X]
HKU\S-1-5-21-1083086168-213267606-627677339-1000\...\Run: [Zoner Photo Studio Autoupdate] => [X]
HKU\S-1-5-21-1083086168-213267606-627677339-1000\...\MountPoints2: {1ccff8e9-ae62-11ef-a535-001fcf506634} - "F:\HonorSuiteOnlineInstaller.exe"
System32\Tasks\WindowsUpdateService => C:\Windows\Download\Rdis.vbs [154 2024-01-07] () [File not signed]
EmptyTemp:
End
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kotrolu logu
Fix result of Farbar Recovery Scan Tool (x64) Version: 06-12-2024
Ran by Rudolf (14-12-2024 11:05:26) Run:1
Running from C:\Users\Rudolf\Desktop
Loaded Profiles: Rudolf
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
S3 semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [X]
HKU\S-1-5-21-1083086168-213267606-627677339-1000\...\Run: [Zoner Photo Studio Autoupdate] => [X]
HKU\S-1-5-21-1083086168-213267606-627677339-1000\...\MountPoints2: {1ccff8e9-ae62-11ef-a535-001fcf506634} - "F:\HonorSuiteOnlineInstaller.exe"
System32\Tasks\WindowsUpdateService => C:\Windows\Download\Rdis.vbs [154 2024-01-07] () [File not signed]
EmptyTemp:
End
*****************
HKLM\System\CurrentControlSet\Services\semav6msr64 => removed successfully
semav6msr64 => service removed successfully
"HKU\S-1-5-21-1083086168-213267606-627677339-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate" => removed successfully
HKU\S-1-5-21-1083086168-213267606-627677339-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1ccff8e9-ae62-11ef-a535-001fcf506634} => removed successfully
System32\Tasks\WindowsUpdateService => C:\Windows\Download\Rdis.vbs [154 2024-01-07] () [File not signed] => Error: No automatic fix found for this entry.
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9514245 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 266654327 B
Windows/system/drivers => 1189157 B
Edge => 0 B
Chrome => 1161597107 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 36708859 B
systemprofile32 => 36708859 B
LocalService => 36708859 B
NetworkService => 36708859 B
Rudolf => 75975926 B
RecycleBin => 0 B
EmptyTemp: => 1.5 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 11:05:45 ====
Ran by Rudolf (14-12-2024 11:05:26) Run:1
Running from C:\Users\Rudolf\Desktop
Loaded Profiles: Rudolf
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
S3 semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [X]
HKU\S-1-5-21-1083086168-213267606-627677339-1000\...\Run: [Zoner Photo Studio Autoupdate] => [X]
HKU\S-1-5-21-1083086168-213267606-627677339-1000\...\MountPoints2: {1ccff8e9-ae62-11ef-a535-001fcf506634} - "F:\HonorSuiteOnlineInstaller.exe"
System32\Tasks\WindowsUpdateService => C:\Windows\Download\Rdis.vbs [154 2024-01-07] () [File not signed]
EmptyTemp:
End
*****************
HKLM\System\CurrentControlSet\Services\semav6msr64 => removed successfully
semav6msr64 => service removed successfully
"HKU\S-1-5-21-1083086168-213267606-627677339-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate" => removed successfully
HKU\S-1-5-21-1083086168-213267606-627677339-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1ccff8e9-ae62-11ef-a535-001fcf506634} => removed successfully
System32\Tasks\WindowsUpdateService => C:\Windows\Download\Rdis.vbs [154 2024-01-07] () [File not signed] => Error: No automatic fix found for this entry.
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9514245 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 266654327 B
Windows/system/drivers => 1189157 B
Edge => 0 B
Chrome => 1161597107 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 36708859 B
systemprofile32 => 36708859 B
LocalService => 36708859 B
NetworkService => 36708859 B
Rudolf => 75975926 B
RecycleBin => 0 B
EmptyTemp: => 1.5 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 11:05:45 ====
Re: Prosím o kotrolu logu
=> C:\Windows\Download\Rdis.vbs ak existuje, otestuj na www.virustotal.com
ak nie, je to len zbytocny zapis
ak nie, je to len zbytocny zapis
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kotrolu logu
No security vendors flagged this file as malicious
Re: Prosím o kotrolu logu
Takze by to malo byt OK 
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kotrolu logu
Díky moc, jste skvělí.
Re: Prosím o kotrolu logu
Za malo - pekny den
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?