Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28.03.2024
Ran by tomas (30-03-2024 11:12:15)
Running from E:\Install
Microsoft Windows 10 Pro Version 22H2 19045.4170 (X64) (2020-12-27 12:15:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1194847968-3581813826-620916984-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1194847968-3581813826-620916984-503 - Limited - Disabled)
Guest (S-1-5-21-1194847968-3581813826-620916984-501 - Limited - Disabled)
tomas (S-1-5-21-1194847968-3581813826-620916984-1001 - Administrator - Enabled) => C:\Users\tomas
WDAGUtilityAccount (S-1-5-21-1194847968-3581813826-620916984-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1194847968-3581813826-620916984-1001\...\uTorrent) (Version: 3.6.0.46896 - BitTorrent Inc.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 24.001.20615 - Adobe)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.10.0.573 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.4.0.63 - Adobe Inc.)
Adobe InDesign 2021 (HKLM-x32\...\IDSN_16_0_1) (Version: 16.0.1 - Adobe Inc.)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_1) (Version: 22.1.0.94 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Age of Empires III Definitive Edition (HKLM-x32\...\Age of Empires III Definitive Edition_is1) (Version: 0.0.0 - DODI-Repacks)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
Basecamp 3 (HKU\S-1-5-21-1194847968-3581813826-620916984-1001\...\basecamp3) (Version: 2.3.14 - Basecamp, LLC)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
CCleaner (HKLM\...\CCleaner) (Version: 6.19 - Piriform)
CPUID CPU-Z 2.01 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.01 - CPUID, Inc.)
Discord (HKU\S-1-5-21-1194847968-3581813826-620916984-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.133.0.5646 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{adc70025-3ba0-4770-9ea5-55be37b163fb}) (Version: 13.133.0.5646 - Electronic Arts)
EDIUS (HKLM\...\{E7CCB338-2A54-4F44-947B-958BD847A5D3}) (Version: 7.53 - Grass Valley K.K.)
EDIUS Codec Option 7.53 (HKLM-x32\...\{7E4E5B65-9B8B-4ECE-9C1F-9C96DA0BC620}) (Version: 7.53 - Grass Valley K.K.)
ENE RGB HAL (HKLM\...\{87316426-A33E-41E9-942B-968E928A9A47}) (Version: 1.00.10 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{9f93601b-15ea-4e69-8d7c-dfa0f29ae04e}) (Version: 1.00.10 - Ene Tech.) Hidden
Epic Games Launcher (HKLM-x32\...\{FEF3A9BA-A962-4469-AD62-04839D4BB847}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{A1EB595F-651D-4A04-99B0-A7065538B33C}) (Version: 2.0.38.0 - Epic Games, Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Excel (HKU\S-1-5-21-1194847968-3581813826-620916984-1001\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
G-Ignition (HKLM-x32\...\{FDC4D293-2167-496B-945C-CE82E90C5E81}_is1) (Version: 3.0.2.0 - EIZO Corporation)
Google Ads Editor (HKLM-x32\...\{694DEE4C-E149-11EE-83C7-E04F43E69459}) (Version: 14.6.1.0 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 123.0.6312.86 - Google LLC)
Google Web Designer (HKLM\...\{811767F4-C586-4673-A41F-E9D767497222}) (Version: 14.0.1.0 - Google LLC.)
GV LicenseManager 2.53 (HKLM-x32\...\{EE256B6B-7F66-409B-9CF2-CE9B64947CBC}) (Version: 2.53 - Grass Valley K.K.)
HWiNFO64 Version 7.06 (HKLM\...\HWiNFO64_is1) (Version: 7.06 - Martin Malik - REALiX)
HyperSnap 8 (HKLM\...\HyperSnap 8) (Version: 8.16.17 - Hyperionics Technology LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4624 - Intel Corporation)
jamovi 2.4.11.0 (HKLM-x32\...\jamovi 2.4.11.0) (Version: 2.4.11.0 - The jamovi Project)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.5.10.200 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.10.200 - Malwarebytes)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.17328.20184 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 123.0.2420.65 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 123.0.2420.65 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1194847968-3581813826-620916984-1001\...\OneDriveSetup.exe) (Version: 24.050.0310.0001 - Microsoft Corporation)
Microsoft Teams classic (HKU\S-1-5-21-1194847968-3581813826-620916984-1001\...\Teams) (Version: 1.7.00.6058 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.23.35502 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Mp3tag v3.04a (HKLM-x32\...\Mp3tag) (Version: 3.04a - Florian Heidenreich)
MSI Afterburner 4.6.4 Beta 3 (HKLM-x32\...\Afterburner) (Version: 4.6.4 Beta 3 - MSI Co., LTD)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 6.2.0.98 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.76 - MSI)
MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.23 - MSI)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 551.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.76 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20142 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OpenIV (HKU\S-1-5-21-1194847968-3581813826-620916984-1001\...\OpenIV) (Version: 4.0.1.1452 - .black/OpenIV Team)
Outlook (HKU\S-1-5-21-1194847968-3581813826-620916984-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
Ozone Strike Pro Driver (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 1.0 - )
PowerPoint (HKU\S-1-5-21-1194847968-3581813826-620916984-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QIRX (HKLM\...\{EBE26675-B699-42E8-B37A-A52A78F9A053}) (Version: 2.1.10 - softsyst)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 3.34.3.01171425 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.24.41 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.9.0229.022700 - Razer Inc.)
Revo Uninstaller Pro 5.2.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 5.2.2 - VS Revo Group, Ltd.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
RivaTuner Statistics Server 7.3.2 Beta 2 (HKLM-x32\...\RTSS) (Version: 7.3.2 Beta 2 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.84.1856 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.2.7.0 - Rockstar Games)
Samsung DeX (HKLM-x32\...\{743e3ecf-e674-4aae-973b-0e784ca38803}) (Version: 2.0.0.15 - Samsung Electronics Co., Ltd.)
Samsung DeX (HKLM-x32\...\{E35C3F1D-91A9-4FED-A915-0F913BFD780D}) (Version: 2.0.0.15 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 7.1.1.820 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.43.0 - Samsung Electronics Co., Ltd.)
Shutter Encoder 16.1 (64bits) (HKLM-x32\...\{AC8B2037-70E7-46C7-92B9-DC797E4F4674}_is1) (Version: 16.1 - Paul Pacifico)
Slack (HKU\S-1-5-21-1194847968-3581813826-620916984-1001\...\slack) (Version: 4.37.98 - Slack Technologies Inc.)
Splinter Cell Blacklist (HKLM-x32\...\Uplay Install 91) (Version:  - Ubisoft)
Star Stable Online 2.29.1 (HKLM\...\8c663ade-0de5-52b6-812d-f5cd25f943ac) (Version: 2.29.1 - Star Stable Entertainment AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version:  - )
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.26064 - Microsoft Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.51.6 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: 2.41.0 - TechPowerUp)
The Saboteur (HKLM-x32\...\{53169C32-182D-4FF0-A78D-2E3E9763543A}) (Version: 1.0.0.4 - Electronic Arts)
TIDAL (HKU\S-1-5-21-1194847968-3581813826-620916984-1001\...\TIDAL) (Version: 2.35.0 - TIDAL Music AS)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 119.0.10382 - Ubisoft)
UE Prerequisites (x64) (HKLM\...\{E171B21A-DA58-432D-A74B-D13B204BA477}) (Version: 1.0.16.0 - Epic Games, Inc.) Hidden
UE Prerequisites (x64) (HKLM-x32\...\{aad8a4b2-74da-409d-abb6-79a299008692}) (Version: 1.0.16.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)
VALORANT (HKU\S-1-5-21-1194847968-3581813826-620916984-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Word (HKU\S-1-5-21-1194847968-3581813826-620916984-1001\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)

Packages:
=========

Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-03-16] ()
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2023-05-01] (Adobe Systems Incorporated)
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.61781.0_x64__8wekyb3d8bbwe [2023-07-22] (Microsoft Corporation)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-02-15] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-18] (Microsoft Corporation)
EarTrumpet -> C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.3.0.0_x86__1sdd7yawvg6ne [2024-02-13] (File-New-Project) [Startup Task]
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6 [2024-03-10] (HP Inc.)
Microsoft Copilot -> C:\Program Files\WindowsApps\Microsoft.Windows.Ai.Copilot.Provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-03-29] (Microsoft Corporation)
Microsoft Teams (work or school) -> C:\Program Files\WindowsApps\MSTeams_24033.813.2773.520_x64__8wekyb3d8bbwe [2024-03-26] (Microsoft) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2024-03-09] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-15] (Microsoft Studios) [MS Ad]
Vyhledávání na webu z Microsoft Bingu -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-03-10] (Microsoft Corporation)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2409.8.0_x64__cv1g1gvanyjgm [2024-03-10] (WhatsApp Inc.) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1194847968-3581813826-620916984-1001_Classes\CLSID\{04271989-C4D2-F316-355A-001436EF4599} -> [OneDrive - Insighters s.r.o] => D:\Dokumenty\Tomas\Insighters\OneDrive\OneDrive - Insighters s.r.o [2021-11-25 18:34]
CustomCLSID: HKU\S-1-5-21-1194847968-3581813826-620916984-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-DEE5C2542311} -> [Creative Cloud Files] => E:\Program Files (x86)\Adobe recovery\Creative Cloud Files [2021-03-21 15:42]
CustomCLSID: HKU\S-1-5-21-1194847968-3581813826-620916984-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1194847968-3581813826-620916984-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\tomas\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.24022.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1194847968-3581813826-620916984-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-1194847968-3581813826-620916984-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1194847968-3581813826-620916984-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\tomas\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1194847968-3581813826-620916984-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-05-01] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-05-01] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-05-01] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-05-01] (Adobe Inc. -> )
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => E:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-11-27] (Florian Heidenreich) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => E:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-11-27] (Florian Heidenreich) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => E:\Program Files (x86)\MalwareBytes\mbshlext.dll [2022-06-26] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => E:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-11-27] (Florian Heidenreich) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2017-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_618b150331c5f4ad\nvshext.dll [2024-03-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-05-01] (Adobe Inc. -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => E:\Program Files (x86)\MalwareBytes\mbshlext.dll [2022-06-26] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => E:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2022-04-04] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.CDV5] => C:\Windows\system32\cdv5codc.dll [59320 2017-02-07] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [vidc.CLLC] => C:\Windows\system32\cllccodc.dll [1411512 2017-02-07] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [vidc.CUVC] => C:\Windows\system32\cuvccodc.dll [75192 2017-02-07] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [vidc.CDVC] => C:\Windows\system32\cdvccodc.dll [66488 2017-02-07] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [vidc.CDVH] => C:\Windows\system32\cdvhcodc.dll [59320 2017-02-07] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [vidc.CMIC] => C:\Windows\system32\cmiccodc.dll [495032 2017-02-07] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [vidc.CHQX] => C:\Windows\system32\chqxcodc.dll [111544 2017-02-07] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [vidc.C210] => C:\Windows\system32\c210codc.dll [1418168 2017-02-07] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2019-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.CDV5] => C:\Windows\SysWOW64\cdv5codc.dll [59320 2017-02-07] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [vidc.CLLC] => C:\Windows\SysWOW64\cllccodc.dll [1828792 2017-02-07] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [vidc.CUVC] => C:\Windows\SysWOW64\cuvccodc.dll [69048 2017-02-07] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [vidc.CDVC] => C:\Windows\SysWOW64\cdvccodc.dll [65464 2017-02-07] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [vidc.CDVH] => C:\Windows\SysWOW64\cdvhcodc.dll [59320 2017-02-07] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [vidc.CMIC] => C:\Windows\SysWOW64\cmiccodc.dll [604600 2017-02-07] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [vidc.CHQX] => C:\Windows\SysWOW64\chqxcodc.dll [103864 2017-02-07] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [vidc.C210] => C:\Windows\SysWOW64\c210codc.dll [1865656 2017-02-07] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2019-08-30] (Beepa P/L) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm
ShortcutWithArgument: C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb
ShortcutWithArgument: C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf
ShortcutWithArgument: C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi
ShortcutWithArgument: C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\PDF FlipBook   Viewer   3D.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 4" --app-id=ohckmemlgcohcakakmnpjchckcajpmdi
ShortcutWithArgument: C:\Users\tomas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\tomas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\Tomáš - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 4"

==================== Loaded Modules (Whitelisted) =============

2024-03-11 23:55 - 2024-03-11 23:55 - 000060928 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files\Adobe\Acrobat DC\Acrobat\Locale\cs_cz\Adobe Send\SendAsLinkAddin.CZE
2020-11-27 19:25 - 2020-11-27 19:25 - 000398336 _____ (Florian Heidenreich) [File not signed] E:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll
2020-12-27 16:58 - 2020-12-27 16:58 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems64.dll
2020-12-27 16:58 - 2020-12-27 16:58 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-12-27 16:58 - 2020-12-27 16:58 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2020-12-27 16:58 - 2020-12-27 16:58 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\c2r64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\DisplaySessionContainer1.log:F107EE40EF [2594]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer2.log:CCB2353F35 [2594]
AlternateDataStreams: C:\ProgramData\NVDisplay.ContainerLocalSystem.log:5ACBC90093 [2594]
AlternateDataStreams: C:\ProgramData\NVDisplayContainerWatchdog.log:204739A7F2 [2594]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [2594]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [2594]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk:7661CCE9BF [2594]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign 2021.lnk:3212A1CBBC [2594]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2021.lnk:6E6E4AA64E [2594]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk:09A0A90EF3 [2594]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [2594]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [2594]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk:CF2917E869 [2594]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk:C5D586BE93 [2594]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [2594]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-1194847968-3581813826-620916984-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1194847968-3581813826-620916984-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1194847968-3581813826-620916984-1001\...\sharepoint.com -> hxxps://allmedia4u-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2021-11-20 02:20 - 000001904 _____ C:\Windows\system32\drivers\etc\hosts
109.94.209.70      fitgirlrepacks.co               # Fake FitGirl site
109.94.209.70      fitgirl-repacks.cc              # Fake FitGirl site
109.94.209.70      fitgirl-repack.com              # Fake FitGirl site
109.94.209.70      fitgirl-repacks.website         # Fake FitGirl site
109.94.209.70      www.fitgirlrepacks.co           # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.cc          # Fake FitGirl site
109.94.209.70      www.fitgirl-repack.com          # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.website     # Fake FitGirl site
109.94.209.70      ww9.fitgirl-repacks.xyz         # Fake FitGirl site
109.94.209.70      *.fitgirl-repacks.xyz           # Fake FitGirl site
109.94.209.70      fitgirl-repacks.xyz             # Fake FitGirl site
109.94.209.70      fitgirl-repack.net              # Fake FitGirl site
109.94.209.70      www.fitgirl-repack.net          # Fake FitGirl site
109.94.209.70      fitgirlpack.site                # Fake FitGirl site
109.94.209.70      www.fitgirlpack.site            # Fake FitGirl site

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Users\tomas\AppData\Local\Microsoft\WindowsApps;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;
HKU\S-1-5-21-1194847968-3581813826-620916984-1001\Control Panel\Desktop\\Wallpaper -> D:\Dokumenty\Tomas\FOTO\MUSIC, TRAP\wallpapery\glory.jpg
DNS Servers: 8.8.8.8 - 217.31.204.130
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1194847968-3581813826-620916984-1001\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk"
HKU\S-1-5-21-1194847968-3581813826-620916984-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1194847968-3581813826-620916984-1001\...\StartupApproved\Run: => "Adobe Reader Synchronizer"
HKU\S-1-5-21-1194847968-3581813826-620916984-1001\...\StartupApproved\Run: => "TIDAL"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5E7ED8A2-74B9-45C5-A8E6-9590DE4C88EE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{477AB406-AC86-4FFC-8516-E7230B4A02F9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F4B148EE-18B6-4BE2-8764-74720DC9A680}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C37BCBD0-18F1-43D2-80B0-6BAF9275A410}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{14C40424-3BFC-45DC-85EE-3736E0011BA8}] => (Allow) C:\Users\tomas\AppData\Roaming\uTorrent\uTorrent.exe (Rainberry Inc -> BitTorrent Inc.)
FirewallRules: [{E0492AD6-7DF6-4535-AA7E-AB309B900FFA}] => (Allow) C:\Users\tomas\AppData\Roaming\uTorrent\uTorrent.exe (Rainberry Inc -> BitTorrent Inc.)
FirewallRules: [{6DCFC9AD-86D8-4FBC-B59F-4F745C44EA3E}] => (Block) E:\Program Files\HyperSnap 8\HprSnap8.exe (Hyperionics Technology -> Hyperionics Technology LLC)
FirewallRules: [{B3236C89-A0D5-4985-A62B-9D1F6618F0D8}] => (Block) E:\Program Files\HyperSnap 8\HprSnap8.exe (Hyperionics Technology -> Hyperionics Technology LLC)
FirewallRules: [TCP Query User{CDB82790-C91B-4C07-93FB-D95C7A1241E8}D:\program files\epic games\gtav\gta5.exe] => (Allow) D:\program files\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{FF570766-2C1A-435C-A6D2-C339F5703FDA}D:\program files\epic games\gtav\gta5.exe] => (Allow) D:\program files\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{AA346C1F-3B97-4942-8576-966219F38E3E}] => (Allow) E:\Program Files (x86)\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{B0C205EE-4DC6-4E70-8DAA-395FF3D19356}] => (Allow) E:\Program Files (x86)\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [TCP Query User{B1BD6850-BE86-46FB-9BF2-92BFD114DBA3}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe (Synology Inc. -> ) [File not signed]
FirewallRules: [UDP Query User{D6AF2753-2086-4875-AE6D-7D624BAF5DDC}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe (Synology Inc. -> ) [File not signed]
FirewallRules: [{248B091A-BF68-4AF3-B5A5-1FF6D725A973}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{25192D79-9ACD-4011-A1CF-6396BC07D3D4}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{3439A4B7-07D3-451D-A0E9-D5AC3721757A}C:\users\tomas\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\tomas\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{7C1A0789-F334-4CA5-B8C6-017D044C5784}C:\users\tomas\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\tomas\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{B819FFA2-8CBB-4D00-B124-619D96AF896F}C:\program files\softsyst\qirx\qirx.exe] => (Allow) C:\program files\softsyst\qirx\qirx.exe (softsyst GmbH) [File not signed]
FirewallRules: [UDP Query User{2B552C56-17E7-4AF7-B59B-A7DF2D70E594}C:\program files\softsyst\qirx\qirx.exe] => (Allow) C:\program files\softsyst\qirx\qirx.exe (softsyst GmbH) [File not signed]
FirewallRules: [{334652E1-65A6-4F94-8CDB-F85392C3B36C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe () [File not signed]
FirewallRules: [{D6EEDE0D-DE46-403F-A4A9-8041EC6B8A4F}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe () [File not signed]
FirewallRules: [{840197BB-C9D3-4768-925B-303E4AB5F7B1}] => (Block) E:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe () [File not signed]
FirewallRules: [{CAF9FDF2-D464-4FB8-981C-396AD3BD5499}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Empire Total War\Empire.exe (The Creative Assembly Ltd) [File not signed]
FirewallRules: [{7CF5AF64-0022-4718-AD47-B244CBBFFA33}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Empire Total War\Empire.exe (The Creative Assembly Ltd) [File not signed]
FirewallRules: [{FB66FFFD-5C6C-49C9-967B-53E0BA775DFB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{81287337-41A2-4105-8EEF-B4ABAB75E9E9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{0FE92A8F-48C3-455A-80D4-86267C44AC38}E:\program files (x86)\age of empires 3\age of empires iii definitive edition\aoe3de_s.exe] => (Allow) E:\program files (x86)\age of empires 3\age of empires iii definitive edition\aoe3de_s.exe (Microsoft Corporation) [File not signed]
FirewallRules: [UDP Query User{9D3AFC96-E797-493C-B6B7-5746CBB866A7}E:\program files (x86)\age of empires 3\age of empires iii definitive edition\aoe3de_s.exe] => (Allow) E:\program files (x86)\age of empires 3\age of empires iii definitive edition\aoe3de_s.exe (Microsoft Corporation) [File not signed]
FirewallRules: [TCP Query User{77A6BE16-CDC9-4FCB-A86A-227E0DEF3133}E:\program files (x86)\age of empires 3\age of empires iii definitive edition\battleserver.exe] => (Block) E:\program files (x86)\age of empires 3\age of empires iii definitive edition\battleserver.exe (Microsoft Corporation -> )
FirewallRules: [UDP Query User{9FB9F041-61EF-4BE7-BAD7-49F6231F9BD5}E:\program files (x86)\age of empires 3\age of empires iii definitive edition\battleserver.exe] => (Block) E:\program files (x86)\age of empires 3\age of empires iii definitive edition\battleserver.exe (Microsoft Corporation -> )
FirewallRules: [TCP Query User{CC98FB2D-0162-4534-B259-135CCF1A1E2B}D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{6D3EA9D6-7F55-402C-BD09-062AE644EB4E}D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{611C3180-C5E9-48B2-9354-14B9365772CD}] => (Allow) G:\SteamLibrary\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{F877FB93-9EF0-443D-BEE2-89C5FE543BD9}] => (Allow) G:\SteamLibrary\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{4285C95F-C503-46FB-8192-C00E60C5A62B}G:\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) G:\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{D2391AD1-946C-4C62-9889-E17C6427B19D}G:\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) G:\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{97A903E3-B85D-4E8F-9D8C-8F9DC5470B4D}] => (Block) G:\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{57387936-3D62-4B66-9919-987F42EDC1E6}] => (Block) G:\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{A41F7524-AA08-488D-A392-8490EFB2AF2A}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{8DA14976-993C-483D-A037-9AE799E54927}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{A550C24C-EB6E-4E89-AE97-FB9AB7631A1A}] => (Allow) LPort=26789
FirewallRules: [{FD8A710A-9AD4-450B-A072-D196255A1490}] => (Allow) E:\Program Files (x86)\Origin Games\The Saboteur\SaboteurLauncher.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{470E82F5-1E0A-4365-9BDB-03ACEA0D938F}] => (Allow) E:\Program Files (x86)\Origin Games\The Saboteur\SaboteurLauncher.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{883B2866-74A5-477A-852C-82FF37AF2502}G:\program files\riot games\riot client\riotclientservices.exe] => (Allow) G:\program files\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{AB9383EB-B747-41D0-9159-D02CC5AF96FE}G:\program files\riot games\riot client\riotclientservices.exe] => (Allow) G:\program files\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{BBF6C47E-F0A7-48F3-BB52-1653BEFD2FAA}G:\program files\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) G:\program files\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games)
FirewallRules: [UDP Query User{50A8F2D7-D747-4BDA-A581-379E0AA65945}G:\program files\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) G:\program files\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games)
FirewallRules: [{2A083B1E-156A-4F80-AB8D-CA8F6C504597}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{29CBEBA1-BB68-49D4-9625-48A6FAD6CC6B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2AF08DE1-DD82-4A53-BE03-87D80E9B012D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BEEF56ED-AE2A-45B1-8735-87A84FEEC07D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{80155C76-C29D-41E8-B9DA-C5B34FED251E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7E5EB07E-7309-4DEF-9831-E15CEBAB8FAD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7BB47207-D7A9-4CDC-B2EC-0D70AECE8E50}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D6907195-D3B9-4FC5-BEBB-C245AF38C775}] => (Allow) E:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{F0A4231B-E9A3-4321-BFDE-71A39F5BEA83}] => (Allow) E:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{61C2BA9C-A561-4FAC-B6C7-F55E3DDDA357}] => (Allow) E:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{762E8C96-50D2-4C90-9039-79C9728190C2}] => (Allow) E:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{4DAFAA66-69B1-4B47-8A71-DC2F842437F2}] => (Allow) C:\Users\tomas\AppData\Roaming\uTorrent\uTorrent.exe (Rainberry Inc -> BitTorrent Inc.)
FirewallRules: [{0F7FE912-A65E-4CC4-AC87-0FDC01E6DC3F}] => (Allow) C:\Users\tomas\AppData\Roaming\uTorrent\uTorrent.exe (Rainberry Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{8C1F52E0-678A-4576-AD01-3C164EC29F82}C:\users\tomas\appdata\local\tidal\app-2.35.0\tidal.exe] => (Allow) C:\users\tomas\appdata\local\tidal\app-2.35.0\tidal.exe (TIDAL Music AS -> TIDAL Music AS)
FirewallRules: [UDP Query User{82E135E2-1521-4B80-B8CB-FA7D2A7F29FE}C:\users\tomas\appdata\local\tidal\app-2.35.0\tidal.exe] => (Allow) C:\users\tomas\appdata\local\tidal\app-2.35.0\tidal.exe (TIDAL Music AS -> TIDAL Music AS)
FirewallRules: [{ADC8E15F-1386-43BA-B610-2C0ADE28C3C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5E285AE9-1740-484F-BF36-8E1799A83C75}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1CAB49D4-BC4E-47B2-8378-58CFB5783FFF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{46AFA406-1254-411C-BBB6-779C950814B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5B80A9A3-4764-495E-8B6A-54ED2E2CE898}] => (Allow) E:\Program Files (x86)\Origin Games\The Saboteur\Saboteur.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{16341D98-BCB6-4759-B142-6E858AE3147C}] => (Allow) E:\Program Files (x86)\Origin Games\The Saboteur\Saboteur.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{A7BAB2C3-575A-4AC5-9B19-55B9E3F89170}E:\program files (x86)\ea games\battlefield 4\bf4.exe] => (Allow) E:\program files (x86)\ea games\battlefield 4\bf4.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [UDP Query User{F4DB659A-0416-436E-8DAC-E996AB3001A9}E:\program files (x86)\ea games\battlefield 4\bf4.exe] => (Allow) E:\program files (x86)\ea games\battlefield 4\bf4.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{22390F00-754C-42E4-A3BB-0505744BA170}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{4678E7EC-6A5A-4727-9067-58EF9005C55D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{17C1D7E3-B1F1-41E3-9BC5-C3E3250451E1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{95382D6A-DCE9-4A57-8F7D-5D4A496C4AA8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{B9AB95FA-68E2-4EBB-9CE7-223DD53AED40}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{A105F42B-53EF-4E30-9850-99BB16B0965A}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{37ECC36E-5611-408D-BBDA-E18B50E72F3B}] => (Allow) E:\Program Files (x86)\EA Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{B44E2D58-DB91-447B-BFE8-C54CEC4C8D47}] => (Allow) E:\Program Files (x86)\EA Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{B03782DA-1AF9-4EBD-91C6-FEE3F40CE66F}] => (Allow) E:\Program Files (x86)\EA Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{61654CAE-8D2C-4732-BC23-F09D860D79B1}] => (Allow) E:\Program Files (x86)\EA Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [TCP Query User{CF3EFCF9-85A8-49D2-8066-9903ABBF7B4D}C:\users\tomas\appdata\local\tidal\app-2.36.2\tidal.exe] => (Allow) C:\users\tomas\appdata\local\tidal\app-2.36.2\tidal.exe (TIDAL Music AS -> TIDAL Music AS)
FirewallRules: [UDP Query User{0AF56D8D-56B8-4713-A77E-2C74A1DF5FC1}C:\users\tomas\appdata\local\tidal\app-2.36.2\tidal.exe] => (Allow) C:\users\tomas\appdata\local\tidal\app-2.36.2\tidal.exe (TIDAL Music AS -> TIDAL Music AS)
FirewallRules: [{B8235252-D9AD-4A53-8399-051DE0E00F7B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D473E516-8389-41FD-9CF2-7B94F2543746}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{79C5F580-DE26-4AF6-8822-9B059792494F}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{679ADABC-7A2E-433E-A6BA-3429B64DB6E7}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{62EB2845-CD2F-49CF-9943-5469670D2E74}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{736F11B7-8C0E-42CE-BD3B-DF37A513C4AF}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{78C7DB2B-F114-41D5-B058-C521EE346463}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{25E494F6-9C6A-4EAE-A919-F8E69371E9FE}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{CCBF6D21-44A5-4A70-BA8F-9F6AE0A22B77}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{A6C23F18-BD90-422E-870E-2A138EF1AFD6}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{7AB97486-80DE-46AE-9F77-B0463302A68E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{A7A697E6-16E0-49EB-8882-2A04CCC9F5BC}] => (Allow) E:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4A982200-848A-4D97-A4F6-C2836372E5AE}] => (Allow) E:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0C9805BF-C6F2-4A13-A1E2-28D147FD7F6C}] => (Allow) E:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CFE8BB6A-FA75-4D85-A22D-80914D82B9E2}] => (Allow) E:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{44FAF06F-887F-46A1-A074-7DC8B4115B0F}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24033.813.2773.520_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B4804A40-EFF6-4358-BEA9-2033FA1DCAAA}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24033.813.2773.520_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{68F4299E-B388-4C1A-8BB2-063DB5016286}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.65\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E19C2B67-8870-4D1F-ACE3-E4219B14F038}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

14-03-2024 08:55:45 Instalační služba modulů systému Windows
17-03-2024 11:10:24 Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931
25-03-2024 16:06:12 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/28/2024 07:02:40 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: Razer Synapse Service Process.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ObjectDisposedException
   na System.Threading.SemaphoreSlim.CheckDispose()
   na System.Threading.SemaphoreSlim.Release(Int32)
   na Synapse3.UserInteractive.ForegroundWindowMonitor+<ProcessForegroundWindow>d__20.MoveNext()
   na System.Runtime.CompilerServices.AsyncMethodBuilderCore+<>c.<ThrowAsync>b__6_1(System.Object)
   na System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   na System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   na System.Threading.ThreadPoolWorkQueue.Dispatch()
   na System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (03/25/2024 06:21:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (03/25/2024 06:21:47 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (03/25/2024 06:21:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (03/25/2024 06:21:47 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (03/25/2024 04:05:11 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/25/2024 03:11:34 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/24/2024 10:25:49 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: Razer Synapse Service Process.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ObjectDisposedException
   na System.Threading.SemaphoreSlim.CheckDispose()
   na System.Threading.SemaphoreSlim.Release(Int32)
   na Synapse3.UserInteractive.ForegroundWindowMonitor+<ProcessForegroundWindow>d__20.MoveNext()
   na System.Runtime.CompilerServices.AsyncMethodBuilderCore+<>c.<ThrowAsync>b__6_1(System.Object)
   na System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   na System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   na System.Threading.ThreadPoolWorkQueue.Dispatch()
   na System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()


System errors:
=============
Error: (03/30/2024 11:07:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Razer Synapse Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Spustit nakonfigurovaný program pro obnovení.

Error: (03/30/2024 11:07:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (03/30/2024 11:07:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Razer Game Manager byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/30/2024 11:07:26 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (03/30/2024 11:07:26 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Razer Chroma SDK Server byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (03/30/2024 11:07:26 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba GamingApp_Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/30/2024 11:07:26 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Razer Chroma SDK Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (03/30/2024 11:07:26 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba SAMSUNG Mobile Connectivity Service V2 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 100 milisekund: Restartovat službu.


Windows Defender:
================
Date: 2024-03-30 09:19:34
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B6F41F1F-2E9E-4163-BF40-958B4A36401F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-03-28 10:37:01
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F961A356-A861-4D57-9E30-302C6EF3825F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-03-25 15:11:01
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {FABDCBD4-9008-4D58-87F4-49AF8E279BBF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-03-23 09:45:22
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {AC2481F3-AA18-4AE5-9779-28630C756CDA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-03-21 08:56:28
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {37B2FEBF-D3EC-4D53-9521-F57C2A38691F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
﻿Event[0]:

Date: 2024-03-13 19:46:08
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.407.336.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.24020.9
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře. 

Date: 2024-01-20 09:47:22
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.403.2334.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře. 

Date: 2023-08-10 17:14:35
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.395.47.0
Předchozí verze bezpečnostních informací: 1.393.2613.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.23060.1005
Předchozí verze modulu: 1.1.23060.1005
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy. 

Date: 2023-08-10 17:14:35
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.395.47.0
Předchozí verze bezpečnostních informací: 1.393.2613.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.23060.1005
Předchozí verze modulu: 1.1.23060.1005
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy. 

Date: 2023-08-10 08:18:08
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.395.47.0
Předchozí verze bezpečnostních informací: 1.393.2613.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.23060.1005
Předchozí verze modulu: 1.1.23060.1005
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy. 

CodeIntegrity:
===============
Date: 2023-12-03 09:06:03
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-11-06 08:57:14
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

BIOS: Intel Corp. KLZ8711D.86A.0459.2018.1101.1412 11/01/2018
Motherboard: Intel Corporation DZ87KLT75K
Processor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Percentage of memory in use: 36%
Total physical RAM: 16308.99 MB
Available physical RAM: 10360.25 MB
Total Virtual: 16828.08 MB
Available Virtual: 8715.26 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:0.6 GB) (Model: INTEL SSDSC2BW120A4) NTFS
Drive d: (Data) (Fixed) (Total:1863.01 GB) (Free:747.66 GB) (Model: ST2000DM008-2FR102) NTFS
Drive e: (Data) (Fixed) (Total:931.51 GB) (Free:726.21 GB) (Model: WDC WD1002FAEX-00Z3A0) NTFS
Drive g: (Data) (Fixed) (Total:931.51 GB) (Free:773.92 GB) (Model: Samsung SSD 980 1TB) NTFS

\\?\Volume{98db5a16-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 98DB5A16)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: D332BF7A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 8AEB7E8E)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 8CBEFDA3)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================