Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-03-2023
Ran by yddur (administrator) on DESKTOP-J7SSGF1 (Micro-Star International Co., Ltd. MS-7C67) (20-03-2023 18:31:26)
Running from D:\stahované soubory Šimon
Loaded Profiles: hvojn & yddur
Platform: Microsoft Windows 10 Home Version 22H2 19045.2728 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCopyAccelerator.exe
(DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\atieclxx.exe
(explorer.exe ->) (Open Source Developer, Phillip Gibbons -> Highresolution Enterprises) C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <17>
(Microsoft Corporation -> Microsoft Corporation) C:\Users\hvojn\AppData\Local\Microsoft\Teams\current\Teams.exe <8>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WpcMon.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\atiesrxx.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe
(services.exe ->) 0 C:\Program Files\WindowsApps\Microsoft.GamingServices_9.74.15001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) 0 C:\Program Files\WindowsApps\Microsoft.GamingServices_9.74.15001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(sihost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MSPaint_6.2203.1037.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2664_none_7dfa24947c9c0a36\TiWorker.exe
(svchost.exe ->) 0 C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2308.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) 0 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23012.167.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3089288 2022-11-10] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1684216 2020-05-13] (Open Source Developer, Phillip Gibbons -> Highresolution Enterprises)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [138214768 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (No File)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKLM-x32\...\RunOnce: [ccleaner_update_helper] => C:\Program Files\CCleaner\ccleaner_update_helper.exe [747320 2023-03-20] (PIRIFORM SOFTWARE LIMITED -> Piriform)
HKU\S-1-5-21-1059078134-1858205780-1447121356-1003\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2630536 2023-03-20] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1059078134-1858205780-1447121356-1003\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4361576 2023-03-17] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1059078134-1858205780-1447121356-1003\...\Run: [Discord] => C:\Users\hvojn\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1059078134-1858205780-1447121356-1003\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [136443968 2022-01-12] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-1059078134-1858205780-1447121356-1003\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1090168 2022-10-01] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-1059078134-1858205780-1447121356-1003\...\Run: [Voicemod] => C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe [7442264 2022-10-05] (Voicemod Sociedad Limitada -> Voicemod)
HKU\S-1-5-21-1059078134-1858205780-1447121356-1003\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32823248 2023-03-10] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1059078134-1858205780-1447121356-1003\...\Run: [Medal] => C:\Users\hvojn\AppData\Local\Medal\update.exe [1901144 2022-04-24] (Ferox Games B.V. -> )
HKU\S-1-5-21-1059078134-1858205780-1447121356-1003\...\Run: [MicrosoftEdgeAutoLaunch_C98D14036235441FE42921FFF069C3E9] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4056016 2023-03-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1059078134-1858205780-1447121356-1003\...\Run: [com.squirrel.Teams.Teams] => C:\Users\hvojn\AppData\Local\Microsoft\Teams\Update.exe [2587432 2023-03-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1059078134-1858205780-1447121356-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38935376 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1059078134-1858205780-1447121356-1004\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2630536 2023-03-20] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1059078134-1858205780-1447121356-1004\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38935376 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1059078134-1858205780-1447121356-1004\...\Run: [MicrosoftEdgeAutoLaunch_4790AA239DB75B58FC42BADD3F5B98C3] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4056016 2023-03-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1059078134-1858205780-1447121356-1004\...\Run: [com.squirrel.Teams.Teams] => C:\Users\yddur\AppData\Local\Microsoft\Teams\Update.exe [2585832 2023-02-16] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {013B87D7-D041-484B-B81F-63AEDA52DB12} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1147440 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {09316063-8592-443A-9492-3D5B34752F86} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144232 2023-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {0B9D1AE0-C66A-4365-B370-49B64F4DF067} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-01-11] (Piriform Software Ltd -> Piriform)
Task: {0D7C5E94-AF29-4615-BA2B-5184250BF181} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1147440 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {0FAC9A3D-6732-43D4-A841-DFDB3BBB6217} - System32\Tasks\Opera scheduled Autoupdate 1668340568 => C:\Users\yddur\AppData\Local\Programs\Opera\launcher.exe [2635208 2023-02-08] (Opera Norway AS -> Opera Software)
Task: {1A9E351A-BB05-4A70-91FF-59957445958F} - System32\Tasks\CCleanerSkipUAC - yddur => C:\Program Files\CCleaner\CCleaner.exe [32617808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {1E1CEFEB-0B69-403F-BAB1-0B99CEEB67A0} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168840 2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {2D7245A6-99D0-460C-BF33-42A2C54E6820} - System32\Tasks\AMDInstallUEP => C:\Program Files\AMD\InstallUEP\AMDInstallUEP.exe [2356736 2022-02-16] () [File not signed]
Task: {38D943C2-DB1A-4939-86EF-82903C3F781D} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1147440 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {3FE1C689-1D35-4595-BF40-236B3DCAEE69} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4D801711-CD5C-49BB-B8C4-5BCDE9D99F70} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4713808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "d7e96554-a763-447b-9423-fea16b287031" --version "6.08.10255" --silent
Task: {522094D6-DE3C-449D-A8E7-06109451A175} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [56368 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {59590088-EC3B-45CC-B43C-4CE070E2BF23} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {60A3A427-96AB-42C9-89F5-3E5B18A19AF5} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1059078134-1858205780-1447121356-1004 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4205448 2023-03-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {675189F8-F48A-4308-B709-80B3E1EB6BCA} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {824A3A03-9661-453B-AD07-890B661A0417} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [261680 2022-04-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {83D72C0C-BCDD-46E5-B20B-74AE4FB6AC25} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144232 2023-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9A082987-5A93-4AFD-8F32-3B0C875D9D65} - System32\Tasks\Opera scheduled Autoupdate 1643828851 => C:\Users\hvojn\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {AFFFEB2A-684B-4C72-9B5E-0728C02346C2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26296808 2023-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9E53760-FD84-4DA0-A57B-BDACA25400E1} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1059078134-1858205780-1447121356-1003 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4205448 2023-03-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {C62BE68D-28D5-456F-86F2-EB9B83B065F8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CD903D08-0A60-4AF7-9515-772E18C984C5} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4205448 2023-03-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {DE121844-929A-44FD-A594-FCF63DEC4FFF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E5CAFBEB-9DE3-4E11-BD9F-A320640051E9} - System32\Tasks\Opera scheduled assistant Autoupdate 1643828858 => C:\Users\hvojn\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\hvojn\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {EA217695-E180-48A4-BAC1-3102CE2378FA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26296808 2023-03-19] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\Intel PTT EK Recertification.job => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{14257b2d-75a2-4e9e-87f6-ae09ebceea8d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1d39ba97-b4fe-4232-aa96-b7507cb38eed}: [DhcpNameServer] 192.168.50.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\yddur\AppData\Local\Microsoft\Edge\User Data\Default [2023-02-16]
Edge StartupUrls: Default -> "hxxps://www.google.com/"
Edge Extension: (Amazon Assistant) - C:\Users\yddur\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hkmnokmdbkkafgmpfhhiniclfnfpmogj [2023-02-10]
Edge Extension: (FormApps Extension) - C:\Users\yddur\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2023-02-10]
Edge Extension: (Edge relevant text changes) - C:\Users\yddur\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-02-16]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-02-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-02-10] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR Profile: C:\Users\yddur\AppData\Local\Google\Chrome\User Data\Default [2023-02-10]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\yddur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-03-31]
CHR Extension: (Dokumenty) - C:\Users\yddur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2022-03-31]
CHR Extension: (Disk Google) - C:\Users\yddur\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-03-31]
CHR Extension: (YouTube) - C:\Users\yddur\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-03-31]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\yddur\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2022-03-31]
CHR Extension: (Diagnostika připojení Chrome) - C:\Users\yddur\AppData\Local\Google\Chrome\User Data\Default\Extensions\eemlkeanncmjljgehlbplemhmdmalhdc [2022-03-31]
CHR Extension: (Tabulky) - C:\Users\yddur\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-03-31]
CHR Extension: (Dokumenty Google offline) - C:\Users\yddur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-31]
CHR Extension: (FormApps Extension) - C:\Users\yddur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2022-03-31]
CHR Extension: (Nástroj na obnovení Chromebooku) - C:\Users\yddur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jndclpdbaamdhonoechobihbbiimdgai [2022-03-31]
CHR Extension: (Google Play) - C:\Users\yddur\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2022-03-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\yddur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-31]
CHR Extension: (Amazon Assistant for Chrome) - C:\Users\yddur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2022-03-31]
CHR Extension: (Gmail) - C:\Users\yddur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-03-31]

Opera: 
=======
OPR Profile: C:\Users\yddur\AppData\Roaming\Opera Software\Opera Stable [2023-02-16]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [1189784 2021-12-13] (ASUSTeK Computer Inc. -> )
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9712432 2022-09-24] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12512768 2023-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-08-22] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.043.0226.0001\FileSyncHelper.exe [3412400 2023-03-20] (Microsoft Corporation -> Microsoft Corporation)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11174464 2022-01-12] (Logitech Inc -> Logitech, Inc.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.043.0226.0001\OneDriveUpdaterService.exe [3795336 2023-03-20] (Microsoft Corporation -> Microsoft Corporation)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2667864 2023-02-17] (Rockstar Games, Inc. -> Rockstar Games)
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\UNCHEATER\ucldr_battlegrounds_gl.exe [7152880 2022-01-14] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10430256 2022-11-10] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-03-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-03-20] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [8631496 2022-01-14] (PUBG CORPORATION -> PUBG Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [54720 2022-10-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_edd3335a4253bf6d\amdsafd.sys [109520 2021-11-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\amdkmdag.sys [94459216 2022-10-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 atvi-brynhildr; C:\ProgramData\Battle.net_components\brynhildr_odin\brynhildr.sys [2355952 2022-01-06] (Activision Publishing Inc -> Activision Blizzard, Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2021-10-06] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [154112 2021-10-06] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [37200 2022-01-05] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [25928 2022-01-05] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [66896 2022-01-05] (Logitech Inc -> Logitech)
R3 MpKsl18acee3c; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{47595D6B-677D-4A3E-A6B0-5A3623E4436D}\MpKslDrv.sys [211208 2023-03-20] (Microsoft Windows -> Microsoft Corporation)
R3 rtwlane_13; C:\Windows\System32\drivers\rtwlane_13.sys [3717120 2019-12-07] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\Windows\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\Windows\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [22216888 2022-11-10] (Riot Games, Inc. -> Riot Games, Inc.)
R3 VOICEMOD_Driver; C:\Windows\system32\drivers\mvvad.sys [48144 2022-07-26] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49576 2023-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [473336 2023-03-20] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99576 2023-03-20] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [2522256 2022-01-14] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 AIDA64Driver; \??\C:\Users\Administrator\Desktop\aida64extreme\kerneld.x64 [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-20 18:30 - 2023-03-20 18:31 - 000000000 ____D C:\FRST
2023-03-20 18:25 - 2023-03-20 18:32 - 000000000 ____D C:\Program Files\trend micro
2023-03-20 18:25 - 2023-03-20 18:25 - 000000000 ____D C:\rsit
2023-03-19 16:43 - 2023-03-19 16:43 - 000738263 _____ C:\Users\hvojn\OneDrive\Dokumenty\Prezentace 20.pptx
2023-03-17 08:17 - 2023-03-17 08:17 - 000000000 ___HD C:\$WinREAgent
2023-03-02 18:20 - 2023-03-02 18:20 - 000000000 ____D C:\Users\yddur\AppData\Roaming\EasyAntiCheat
2023-03-02 17:45 - 2023-03-10 13:21 - 000000000 ____D C:\Users\hvojn\AppData\Local\FiveM
2023-03-02 17:45 - 2023-03-02 17:45 - 000002136 _____ C:\Users\hvojn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM.lnk
2023-03-02 17:45 - 2023-03-02 17:45 - 000002128 _____ C:\Users\hvojn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM - Cfx.re Development Kit (FxDK).lnk
2023-03-02 17:09 - 2023-03-02 17:09 - 003407040 _____ C:\Users\hvojn\OneDrive\Dokumenty\Prezentace 17.pptx
2023-02-26 18:28 - 2023-02-26 18:28 - 086298567 _____ C:\Users\hvojn\OneDrive\Dokumenty\zemepis auta hotovo.pptx
2023-02-25 09:28 - 2023-02-25 09:28 - 000000000 ____D C:\Users\hvojn\AppData\Local\DeathlyStillnessGame

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-20 18:25 - 2021-12-13 20:30 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-03-20 18:20 - 2022-02-03 18:06 - 000000000 ____D C:\Users\hvojn\AppData\Local\CrashDumps
2023-03-20 18:20 - 2022-01-05 19:10 - 000000000 ____D C:\Program Files (x86)\Steam
2023-03-20 18:19 - 2021-12-13 20:35 - 001693136 _____ C:\Windows\system32\PerfStringBackup.INI
2023-03-20 18:19 - 2019-12-07 15:41 - 000716764 _____ C:\Windows\system32\perfh005.dat
2023-03-20 18:19 - 2019-12-07 15:41 - 000144942 _____ C:\Windows\system32\perfc005.dat
2023-03-20 18:19 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-03-20 18:17 - 2022-01-15 20:19 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2023-03-20 18:16 - 2022-11-13 12:55 - 000000000 ____D C:\Program Files\CCleaner
2023-03-20 18:15 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-03-20 18:14 - 2023-02-10 16:43 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-03-20 18:14 - 2023-02-10 10:04 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-03-20 18:14 - 2022-02-02 20:06 - 000000000 ____D C:\ProgramData\Avast Software
2023-03-20 18:14 - 2021-12-13 20:30 - 000008192 ___SH C:\DumpStack.log.tmp
2023-03-20 18:14 - 2021-12-13 20:30 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-03-20 18:14 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-20 18:13 - 2022-01-03 14:09 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2023-03-20 18:13 - 2019-12-07 10:03 - 001048576 _____ C:\Windows\system32\config\BBI
2023-03-20 18:10 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-20 18:03 - 2023-02-10 10:22 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-03-20 18:03 - 2023-02-10 10:22 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-03-20 18:03 - 2022-03-26 07:51 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1059078134-1858205780-1447121356-1004
2023-03-20 18:03 - 2022-01-05 18:48 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1059078134-1858205780-1447121356-1003
2023-03-19 16:45 - 2022-01-05 19:10 - 000000000 ____D C:\Users\hvojn\AppData\Roaming\discord
2023-03-19 16:43 - 2023-02-10 10:04 - 000003048 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-03-19 16:43 - 2022-11-13 12:56 - 000003604 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1668340568
2023-03-19 16:43 - 2022-11-13 12:55 - 000002988 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-03-19 16:43 - 2022-11-13 12:55 - 000002254 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - yddur
2023-03-19 16:43 - 2021-12-13 20:30 - 000003568 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-19 16:43 - 2021-12-13 20:30 - 000003344 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-19 16:34 - 2022-01-05 19:10 - 000000000 ____D C:\Users\hvojn\AppData\Local\Discord
2023-03-19 16:06 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2023-03-19 16:04 - 2021-12-13 20:30 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-03-19 16:02 - 2022-01-05 18:46 - 000000000 ____D C:\Users\hvojn\AppData\Local\D3DSCache
2023-03-19 15:20 - 2021-12-13 20:30 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-19 13:49 - 2022-03-18 18:36 - 000000000 ____D C:\Users\hvojn\AppData\Roaming\CrosshairX
2023-03-19 09:25 - 2023-02-10 10:11 - 000000000 ____D C:\Program Files\Microsoft Office
2023-03-17 20:29 - 2022-05-05 16:28 - 000000000 ____D C:\Users\hvojn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2023-03-17 11:18 - 2021-12-13 20:30 - 000439744 _____ C:\Windows\system32\FNTCACHE.DAT
2023-03-17 11:17 - 2021-12-13 21:06 - 000000000 ____D C:\Windows\system32\Drivers\en-GB
2023-03-17 11:17 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-03-17 11:17 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2023-03-17 11:17 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2023-03-17 11:17 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2023-03-17 08:23 - 2021-12-13 20:33 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-03-17 08:11 - 2022-01-03 13:57 - 000000000 ____D C:\Windows\system32\MRT
2023-03-17 08:09 - 2022-01-03 13:57 - 153620824 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-03-17 08:03 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-03-10 09:08 - 2023-02-11 08:39 - 000002368 _____ C:\Users\hvojn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2023-03-03 12:33 - 2022-01-05 18:48 - 000000000 ____D C:\Users\hvojn\AppData\Local\PlaceholderTileLogoFolder
2023-03-03 12:33 - 2022-01-05 18:46 - 000000000 ____D C:\Users\hvojn\AppData\Local\Packages
2023-03-02 18:21 - 2022-01-05 19:15 - 000000000 ____D C:\Users\hvojn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-02-26 10:09 - 2022-10-21 07:59 - 000079328 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2023-02-26 10:09 - 2022-10-21 07:59 - 000062944 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2023-02-26 10:09 - 2022-01-08 12:36 - 002807248 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2023-02-26 10:09 - 2022-01-08 12:36 - 000476624 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2023-02-26 10:09 - 2022-01-08 12:36 - 000243152 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll
2023-02-26 10:09 - 2022-01-08 12:36 - 000198096 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2023-02-26 10:09 - 2022-01-08 12:36 - 000165344 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2023-02-26 10:09 - 2022-01-08 12:36 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2023-02-25 09:28 - 2022-01-05 22:53 - 000000000 ____D C:\Users\hvojn\AppData\Local\UnrealEngine
2023-02-25 09:28 - 2022-01-05 19:07 - 000000000 ____D C:\ProgramData\Package Cache
2023-02-19 10:01 - 2022-01-06 22:34 - 000000000 ____D C:\Users\hvojn\AppData\Local\DigitalEntitlements
2023-02-18 17:24 - 2023-02-10 10:04 - 000000000 ____D C:\Users\yddur\AppData\Local\CrashDumps
2023-02-18 16:58 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================