Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-07-2021
Ran by Tommy (01-08-2021 08:00:37)
Running from C:\Users\Tommy\Desktop
Windows 10 Home Version 21H1 19043.1151 (X64) (2021-07-26 01:47:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1033715435-2987295261-2775021943-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1033715435-2987295261-2775021943-503 - Limited - Disabled)
Guest (S-1-5-21-1033715435-2987295261-2775021943-501 - Limited - Disabled)
Tommy (S-1-5-21-1033715435-2987295261-2775021943-1001 - Administrator - Enabled) => C:\Users\Tommy
WDAGUtilityAccount (S-1-5-21-1033715435-2987295261-2775021943-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Discord (HKU\S-1-5-21-1033715435-2987295261-2775021943-1001\...\Discord) (Version: 1.0.9002 - Discord Inc.)
FiveM (HKU\S-1-5-21-1033715435-2987295261-2775021943-1001\...\CitizenFX_FiveM) (Version:  - Cfx.re)
Cheat Engine 7.2 (HKLM\...\Cheat Engine_is1) (Version:  - Cheat Engine)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.62 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1033715435-2987295261-2775021943-1001\...\OneDriveSetup.exe) (Version: 21.139.0711.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-1033715435-2987295261-2775021943-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.58.2 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 90.0.2 (x64 cs)) (Version: 90.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 90.0.2 - Mozilla)
NVIDIA Ovladače grafiky 466.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 466.81 - NVIDIA Corporation)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)

Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m [2021-07-25] (Advanced Micro Devices Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-07-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-07-27] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-07-28] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-07-25] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.22.240.0_x64__dt26b99r8h8gj [2021-07-26] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1033715435-2987295261-2775021943-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\Tommy\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2021-04-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_05446f0fad2a10a4\nvshext.dll [2021-07-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-07-25 22:08 - 2021-07-25 22:08 - 000017920 _____ () [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\libEGL.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 003567616 _____ () [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\libGLESv2.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000258048 _____ () [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\WirelessVR-windesktop64.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qgif.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qicns.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qico.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qjpeg.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qsvg.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qtga.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qwbmp.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qwebp.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 001441792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\platforms\qwindows.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 001189888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\sqldrivers\qsqlite.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000134656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\styles\qwindowsvistastyle.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 006184448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Core.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 006867456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Gui.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 001104896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Network.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Positioning.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 003668480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Qml.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000517120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QmlModels.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000051712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QmlWorkerScript.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 004228608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Quick.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QuickControls2.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 001085440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QuickTemplates2.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000205824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Sql.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Svg.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000390656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebEngine.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 095598080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebEngineCore.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000127488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebChannel.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 005587968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Widgets.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000462848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WinExtras.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000188928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Xml.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 002878464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5XmlPatterns.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000055808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQml\qmlplugin.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick.2\qtquick2plugin.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000284160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Controls\qtquickcontrolsplugin.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000136704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Dialogs\dialogplugin.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Layouts\qquicklayoutsplugin.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Window.2\windowplugin.dll
2021-07-25 22:08 - 2021-07-25 22:08 - 000091648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1033715435-2987295261-2775021943-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.1.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{15094847-C29B-4FB9-9B21-17E6726D4CF6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D1528639-5E5F-4C3C-B632-B12001B86652}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{151A441D-0C59-4558-AA83-520EBDBF25DA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{55EB2B13-C6B8-4419-9A2E-3CD32CC662DD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{8C42DEF6-C16E-4A4D-8305-D57C0E9F4A72}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{4CDB056E-7875-4774-8592-6F08C5315DC9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{C355A052-BEF3-4D73-AE93-38D237156CF7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{86D740B2-8F5F-41EA-96E3-F5EE16F0C9C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{02F64448-1975-4765-BA84-45111A465744}C:\users\tommy\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\tommy\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{2406F60F-F39B-46E9-9D73-EFD44E96CFF4}C:\users\tommy\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\tommy\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{584F5ABC-B40E-4634-9319-8CB52CF6F8CA}C:\users\tommy\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\tommy\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{F7D43982-7D75-4B49-B4CD-9E7044DCAB25}C:\users\tommy\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\tommy\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{E83EBFC0-F825-4860-8D21-C6CF205EF6FD}C:\users\tommy\appdata\local\fivem\fivem.exe] => (Allow) C:\users\tommy\appdata\local\fivem\fivem.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{A3857AD8-B292-42CB-926C-AF682F7A5825}C:\users\tommy\appdata\local\fivem\fivem.exe] => (Allow) C:\users\tommy\appdata\local\fivem\fivem.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{C79620BC-8B9E-4A41-AD15-84C6D3CAEB85}C:\users\tommy\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_fxdk_b2189_gameruntime.exe] => (Allow) C:\users\tommy\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_fxdk_b2189_gameruntime.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{C18D61DA-6F9C-432D-B239-8B6DB69A3251}C:\users\tommy\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_fxdk_b2189_gameruntime.exe] => (Allow) C:\users\tommy\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_fxdk_b2189_gameruntime.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [{03B7AA85-0A39-4A86-A358-EA5CBF90D19E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7704CFED-8199-4A93-9A85-064941CB8D54}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{185178F3-4A74-4033-8D4A-96A9FEE57CD2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A160ACD1-8194-40B4-8E9E-CBD10648D864}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

29-07-2021 20:31:09 Naplánovaný kontrolní bod
01-08-2021 07:34:37 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/01/2021 07:58:38 AM) (Source: Client.exe) (EventID: 0) (User: )
Description: Event-ID 0

Error: (08/01/2021 07:58:31 AM) (Source: Client.exe) (EventID: 0) (User: )
Description: Event-ID 0

Error: (08/01/2021 07:58:03 AM) (Source: Client.exe) (EventID: 0) (User: )
Description: Event-ID 0

Error: (08/01/2021 07:57:39 AM) (Source: Client.exe) (EventID: 0) (User: )
Description: Event-ID 0

Error: (08/01/2021 07:57:32 AM) (Source: Client.exe) (EventID: 0) (User: )
Description: Event-ID 0

Error: (08/01/2021 07:57:25 AM) (Source: Client.exe) (EventID: 0) (User: )
Description: Event-ID 0

Error: (08/01/2021 07:57:18 AM) (Source: Client.exe) (EventID: 0) (User: )
Description: Event-ID 0

Error: (08/01/2021 07:57:11 AM) (Source: Client.exe) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (08/01/2021 07:30:38 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby SecurityHealthService s argumenty Není k dispozici za účelem spuštění serveru: 
{8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0}

Error: (07/25/2021 10:18:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby: 
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (07/25/2021 10:18:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (07/26/2021 03:49:00 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba Rozšíření a oznámení tiskárny je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (07/26/2021 03:45:40 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba netprofm byla ukončena s následující chybou: 
Zařízení není připraveno.


Windows Defender:
================
Date: 2021-07-31 21:09:04
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/SpyNoon.RTU!MTB&threatid=2147777853&enterprise=0
Název: Trojan:MSIL/SpyNoon.RTU!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Winruntimedhcp\WinruntimedhcpNetcommon.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AIAQR78\Tommy
Název procesu: C:\Windows\SysWOW64\cmd.exe
Verze bezpečnostních informací: AV: 1.343.1999.0, AS: 1.343.1999.0, NIS: 1.343.1999.0
Verze modulu: AM: 1.1.18300.4, NIS: 1.1.18300.4

Date: 2021-07-31 21:09:00
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/SpyNoon.RTU!MTB&threatid=2147777853&enterprise=0
Název: Trojan:MSIL/SpyNoon.RTU!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Winruntimedhcp\WinruntimedhcpNetcommon.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AIAQR78\Tommy
Název procesu: C:\Windows\SysWOW64\cmd.exe
Verze bezpečnostních informací: AV: 1.343.1999.0, AS: 1.343.1999.0, NIS: 1.343.1999.0
Verze modulu: AM: 1.1.18300.4, NIS: 1.1.18300.4

Date: 2021-07-31 21:08:56
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/SpyNoon.RTU!MTB&threatid=2147777853&enterprise=0
Název: Trojan:MSIL/SpyNoon.RTU!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Winruntimedhcp\WinruntimedhcpNetcommon.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: 
Název procesu: C:\Windows\SysWOW64\cmd.exe
Verze bezpečnostních informací: AV: 1.343.1999.0, AS: 1.343.1999.0, NIS: 1.343.1999.0
Verze modulu: AM: 1.1.18300.4, NIS: 1.1.18300.4

Date: 2021-07-31 21:08:52
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/SpyNoon.RTU!MTB&threatid=2147777853&enterprise=0
Název: Trojan:MSIL/SpyNoon.RTU!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Winruntimedhcp\WinruntimedhcpNetcommon.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: 
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.343.1999.0, AS: 1.343.1999.0, NIS: 1.343.1999.0
Verze modulu: AM: 1.1.18300.4, NIS: 1.1.18300.4

Date: 2021-07-31 21:00:23
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/SpyNoon.RTU!MTB&threatid=2147777853&enterprise=0
Název: Trojan:MSIL/SpyNoon.RTU!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Winruntimedhcp\WinruntimedhcpNetcommon.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: 
Název procesu: C:\Windows\SysWOW64\cmd.exe
Verze bezpečnostních informací: AV: 1.343.1999.0, AS: 1.343.1999.0, NIS: 1.343.1999.0
Verze modulu: AM: 1.1.18300.4, NIS: 1.1.18300.4
﻿
==================== Memory info =========================== 

BIOS: LENOVO GKCN36WW 04/21/2021
Motherboard: LENOVO LNVNB161216
Processor: AMD Ryzen 5 5600H with Radeon Graphics 
Percentage of memory in use: 92%
Total physical RAM: 14204.31 MB
Available physical RAM: 1106.64 MB
Total Virtual: 33257.44 MB
Available Virtual: 3912.96 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:476.33 GB) (Free:248.69 GB) NTFS

\\?\Volume{c90557e2-65a1-4ae5-a628-7618fc0a5d86}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{1951b6f8-1c42-4965-b9c4-ea5859bf3408}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================