samovolné restartování

[rendy]

Doobrý den,

poslední dobou se mi občas stává, že se počítač samovolně z ničeho nic restartuje a to v jakémkoliv intervalu. Pravidelně ho zevnitř čistím vzduchem, takže nějakým prachovým zanesením by to podle nemělo být. Má už sice dost let, ale jinak s ním žádný problém neni. Prosím tedy o kontrolu, jestli tam neni nějaký jiný případný problém. děkuji a přikládám logy z FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-08-2021
Ran by radys (administrator) on DESKTOP-RVOERAG (LENOVO 10117) (10-08-2021 10:42:57)
Running from C:\Users\radys\Downloads
Loaded Profiles: radys
Platform: Windows 10 Home Version 20H2 19042.1110 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0365057.inf_amd64_a0f5f3f63c5dcefa\B364966\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0365057.inf_amd64_a0f5f3f63c5dcefa\B364966\atiesrxx.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12105.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21061.10121.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <6>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-05-20] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-4181642279-3814822525-3030808112-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35062912 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4181642279-3814822525-3030808112-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365760 2020-10-31] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKLM\...\Windows x64\Print Processors\Canon MG2500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBX.DLL [30208 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2500 series: C:\WINDOWS\system32\CNMLMBX.DLL [391168 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A15330A-DB2B-44DB-93E8-1E5DE135D921} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68176 2021-03-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {12B72277-177B-445A-B5D6-6A63EE8FF47D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3DF5398E-666B-45B9-BC4C-B415B5C53FDD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3EEE26B8-9E21-48D1-84D1-392FFF12B945} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709344 2021-03-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {4DCEF7F1-F762-4616-9E5D-7ED5F115F258} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [681400 2021-07-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {5FF36AF1-3DC1-4FA5-BA4F-78FFC25BD096} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709344 2021-03-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {68189CE8-AB12-4E55-9891-A1A4AAE8A51A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6E97CA55-A051-4349-8A38-F4B8D38D82EC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {744A27B9-B8D0-4AB5-97C2-5A2D0CCE74EC} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-04-12] () [File not signed]
Task: {A485E428-4412-4E96-B25E-237CE2355CAF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {D527316F-D102-462D-88E8-E23E529C28C2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29136000 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EC5AC897-0804-4285-B833-DB2F8AC38666} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60496 2021-03-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {EC64DBC3-E47E-4B9F-BDF5-3913F0FC2D79} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-07-16] (Piriform Software Ltd -> Piriform)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.88.1
Tcpip\..\Interfaces\{2d857031-0804-4295-b1f5-6b4641d0beb5}: [DhcpNameServer] 192.168.88.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\radys\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-31]

FireFox:
========
FF DefaultProfile: ggjua1os.default
FF ProfilePath: C:\Users\radys\AppData\Roaming\Mozilla\Firefox\Profiles\ggjua1os.default [2020-11-07]
FF NewTab: Mozilla\Firefox\Profiles\ggjua1os.default -> hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2020-11-07 01:59:05&bName=
FF ProfilePath: C:\Users\radys\AppData\Roaming\Mozilla\Firefox\Profiles\bk877611.default-release [2021-08-10]
FF Homepage: Mozilla\Firefox\Profiles\bk877611.default-release -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\bk877611.default-release -> hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2020-11-07 01:59:05&bName=
FF Notifications: Mozilla\Firefox\Profiles\bk877611.default-release -> hxxps://www.yves-rocher.cz
FF Extension: (uBlock Origin) - C:\Users\radys\AppData\Roaming\Mozilla\Firefox\Profiles\bk877611.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-07-30]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4581568 2020-10-31] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] (Canon Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [314016 2020-12-13] (Tages SA -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-10-02] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-10-02] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 GeneStor; C:\WINDOWS\system32\DRIVERS\GeneStor.sys [115704 2015-07-15] (GENESYS LOGIC, INC. -> GenesysLogic)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [43680 2020-12-13] (Tages SA -> )
S3 MpKslcd5ab13e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{10EE9DC7-84F3-4E80-85F0-1D1EBA90D182}\MpKslDrv.sys [123112 2021-08-10] (Microsoft Windows -> Microsoft Corporation)
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [11973 2021-04-03] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-10] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-10 10:42 - 2021-08-10 10:44 - 000012540 _____ C:\Users\radys\Downloads\FRST.txt
2021-08-10 10:42 - 2021-08-10 10:43 - 000000000 ____D C:\FRST
2021-08-10 10:42 - 2021-08-10 10:42 - 002300416 _____ (Farbar) C:\Users\radys\Downloads\FRST64.exe
2021-08-09 13:10 - 2021-08-09 13:31 - 386348173 _____ C:\Users\radys\Downloads\Trockij E03 (2017) XviD WEB-DL CZ titulky.mkv
2021-08-09 09:39 - 2021-08-09 10:00 - 386456315 _____ C:\Users\radys\Downloads\Trockij E02 (2017) XviD WEB-DL CZ titulky.mkv
2021-08-08 09:07 - 2021-08-08 09:28 - 386165566 _____ C:\Users\radys\Downloads\Trockij E01 (2017) XviD WEB-DL CZ titulky.mkv
2021-07-29 14:33 - 2021-07-29 15:02 - 000000000 ____D C:\Users\radys\OneDrive\Dokumenty\GF
2021-07-29 14:26 - 2021-07-29 14:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Godfather The Game
2021-07-26 12:27 - 2021-07-26 12:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-07-26 09:00 - 2021-08-06 14:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-07-26 08:45 - 2021-07-26 08:45 - 000000000 ____D C:\Users\radys\OneDrive\Dokumenty\THE SETTLERS - Rise of an Empire
2021-07-26 08:45 - 2021-07-26 08:45 - 000000000 ____D C:\Users\radys\OneDrive\Dokumenty\My Games
2021-07-26 08:44 - 2021-07-26 08:45 - 000000000 ____D C:\Users\radys\OneDrive\Dokumenty\Gothic3
2021-07-26 08:44 - 2021-07-26 08:45 - 000000000 ____D C:\Users\radys\OneDrive\Dokumenty\BioshockHD
2021-07-26 08:44 - 2021-04-16 15:09 - 001582030 _____ C:\Users\radys\OneDrive\Dokumenty\IMG_20210416_0004.pdf
2021-07-26 08:44 - 2021-04-16 15:08 - 000935395 _____ C:\Users\radys\OneDrive\Dokumenty\IMG_20210416_0003.pdf
2021-07-26 08:44 - 2021-04-16 15:07 - 001138227 _____ C:\Users\radys\OneDrive\Dokumenty\IMG_20210416_0002.pdf
2021-07-26 08:44 - 2021-04-16 15:06 - 000904946 _____ C:\Users\radys\OneDrive\Dokumenty\IMG_20210416_0001.pdf
2021-07-26 08:39 - 2021-07-26 09:03 - 000000000 ____D C:\WINDOWS\Minidump
2021-07-26 08:39 - 2021-07-26 09:02 - 001480756 _____ C:\WINDOWS\Minidump\072621-33531-01.dmp
2021-07-26 08:39 - 2021-07-26 08:39 - 835198360 _____ C:\WINDOWS\MEMORY.DMP
2021-07-26 08:29 - 2021-07-26 08:29 - 000000112 ___SH C:\bootTel.dat
2021-07-26 08:29 - 2021-07-26 08:29 - 000000000 __SHD C:\found.000
2021-07-14 13:01 - 2021-07-14 13:01 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-14 13:01 - 2021-07-14 13:01 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-14 13:01 - 2021-07-14 13:01 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-14 13:01 - 2021-07-14 13:01 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-14 13:00 - 2021-07-14 13:00 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-14 13:00 - 2021-07-14 13:00 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-12 12:50 - 2021-07-29 14:26 - 000000000 ____D C:\WINDOWS\SysWOW64\directx

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-10 10:40 - 2020-10-30 22:32 - 000000000 ____D C:\Program Files\CCleaner
2021-08-10 10:38 - 2021-03-23 11:40 - 000003126 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2021-08-10 10:38 - 2020-10-30 22:26 - 000000000 ____D C:\Users\radys\AppData\LocalLow\Mozilla
2021-08-10 10:38 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-10 10:37 - 2021-03-23 11:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-10 10:37 - 2021-03-23 11:25 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-10 10:37 - 2021-03-23 11:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-10 10:31 - 2021-03-23 10:39 - 000000000 ____D C:\Users\radys
2021-08-10 09:06 - 2020-10-30 21:07 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-08-09 10:15 - 2021-03-23 11:40 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4181642279-3814822525-3030808112-1001
2021-08-09 10:15 - 2021-03-23 10:39 - 000002383 _____ C:\Users\radys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-09 10:15 - 2020-10-30 22:23 - 000000000 ___RD C:\Users\radys\OneDrive
2021-08-09 09:10 - 2021-03-23 08:43 - 000000000 ____D C:\Users\radys\AppData\Local\AMD_Common
2021-08-07 18:35 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-07 18:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-07 18:34 - 2020-10-30 21:14 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-06 14:26 - 2020-10-30 22:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-07-30 07:43 - 2021-04-13 09:13 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d71fc7e96197ad
2021-07-30 07:43 - 2021-03-23 11:40 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-29 11:09 - 2020-10-31 09:52 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-07-27 08:37 - 2021-03-23 11:40 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-07-26 12:27 - 2020-10-30 22:26 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-07-26 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\registration
2021-07-26 09:03 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-07-16 17:39 - 2021-03-23 11:38 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-16 17:39 - 2019-12-07 16:41 - 000716602 _____ C:\WINDOWS\system32\perfh005.dat
2021-07-16 17:39 - 2019-12-07 16:41 - 000144780 _____ C:\WINDOWS\system32\perfc005.dat
2021-07-16 17:34 - 2021-03-23 11:25 - 000458488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-16 17:33 - 2020-10-30 21:09 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-07-16 17:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-16 17:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-16 17:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-16 17:33 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-16 17:33 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-07-14 18:52 - 2021-03-15 18:16 - 000000000 ____D C:\ProgramData\CanonIJPLM
2021-07-14 13:04 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-14 08:12 - 2020-11-07 09:49 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-14 08:06 - 2020-11-07 09:49 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-07-11 08:28 - 2021-04-14 20:25 - 000000000 ____D C:\Users\radys\AppData\Roaming\MPC-HC

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[rendy]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-08-2021
Ran by radys (10-08-2021 10:45:57)
Running from C:\Users\radys\Downloads
Windows 10 Home Version 20H2 19042.1110 (X64) (2021-03-23 09:41:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4181642279-3814822525-3030808112-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4181642279-3814822525-3030808112-503 - Limited - Disabled)
Guest (S-1-5-21-4181642279-3814822525-3030808112-501 - Limited - Disabled)
radys (S-1-5-21-4181642279-3814822525-3030808112-1001 - Administrator - Enabled) => C:\Users\radys
WDAGUtilityAccount (S-1-5-21-4181642279-3814822525-3030808112-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4181642279-3814822525-3030808112-1001\...\uTorrent) (Version: 3.5.5.45966 - BitTorrent Inc.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.005.20060 - Adobe Systems Incorporated)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.13.27.501 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.3.1 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{40c19864-e557-4855-95ee-075689dfcf8e}) (Version: 2.13.27.501 - Advanced Micro Devices, Inc.) Hidden
Ashampoo Burning Studio FREE (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.21.5 - Ashampoo GmbH & Co. KG)
BioShock 2 Remastered (HKLM-x32\...\1482265668_is1) (Version: 1.0.122864 - GOG.com)
BioShock Remastered (HKLM-x32\...\1439656515_is1) (Version: 1.0.122872 - GOG.com)
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.00 - Canon Inc.)
Canon MG2500 series On-screen Manual (HKLM-x32\...\Canon MG2500 series On-screen Manual) (Version: 7.8.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.83 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.13.0.1456 - Disc Soft Ltd)
Gothic III (HKLM-x32\...\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}) (Version: 1.0.0 - JoWooD Productions Software AG)
K-Lite Codec Pack 16.3.5 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 16.3.5 - KLCP)
LibreOffice 7.1.3.2 (HKLM\...\{76B2DBF3-5773-4463-9EEB-D4A099EB6265}) (Version: 7.1.3.2 - The Document Foundation)
Men of War (HKLM-x32\...\{7471B8D9-9023-4C48-A254-48E48C1A66D4}) (Version: 1.0 - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.67 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4181642279-3814822525-3030808112-1001\...\OneDriveSetup.exe) (Version: 21.139.0711.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 90.0.2 (x64 cs)) (Version: 90.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 82.0.2 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
Plane Arcade (HKLM-x32\...\Plane Arcade) (Version: - 3D Games Development)
Prince of Persia - The Two Thrones (HKLM-x32\...\1207659091_is1) (Version: 1.1 v2 - GOG.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
Registrace uživatele zařízení Canon MG2500 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG2500 series) (Version: - ‭Canon Inc.)
The Godfather The Game (HKLM-x32\...\The Godfather The Game_is1) (Version: - )
THE SETTLERS - Vzestup říše (HKLM-x32\...\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}) (Version: 1.00.0000 - Ubisoft)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-07-26] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-06] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0 [2021-08-06] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-10-31] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-10-31] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-03-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-01-05 12:56 - 2021-01-05 12:56 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2021-01-05 12:56 - 2021-01-05 12:56 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2021-04-14 20:19 - 2021-05-20 11:42 - 000759296 _____ (Tabibito Technology) [File not signed] C:\Program Files (x86)\K-Lite Codec Pack\Icaros\64-bit\IcarosPropertyHandler.dll
2021-01-05 12:57 - 2021-01-05 12:57 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2021-01-05 12:57 - 2021-01-05 12:57 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2021-01-05 12:57 - 2021-01-05 12:57 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2021-01-05 12:57 - 2021-01-05 12:57 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2021-01-05 12:57 - 2021-01-05 12:57 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2021-01-05 12:57 - 2021-01-05 12:57 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2021-01-05 12:57 - 2021-01-05 12:57 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2021-01-05 12:57 - 2021-01-05 12:57 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2021-01-05 12:57 - 2021-01-05 12:57 - 001441792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2021-01-05 12:57 - 2021-01-05 12:57 - 001189888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2021-01-05 12:57 - 2021-01-05 12:57 - 000134656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2021-01-05 12:56 - 2021-01-05 12:56 - 006184448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2021-01-05 12:56 - 2021-01-05 12:56 - 006867456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2021-01-05 12:56 - 2021-01-05 12:56 - 001104896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2021-01-05 12:56 - 2021-01-05 12:56 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2021-01-05 12:56 - 2021-01-05 12:56 - 003668480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2021-01-05 12:56 - 2021-01-05 12:56 - 000517120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2021-01-05 12:56 - 2021-01-05 12:56 - 000051712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2021-01-05 12:56 - 2021-01-05 12:56 - 004228608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2021-01-05 12:56 - 2021-01-05 12:56 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2021-01-05 12:56 - 2021-01-05 12:56 - 001085440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2021-01-05 12:56 - 2021-01-05 12:56 - 000205824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2021-01-05 12:56 - 2021-01-05 12:56 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2021-01-05 12:56 - 2021-01-05 12:56 - 000390656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2021-01-05 12:56 - 2021-01-05 12:56 - 095598080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2021-01-05 12:56 - 2021-01-05 12:56 - 000127488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2021-01-05 12:56 - 2021-01-05 12:56 - 005587968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2021-01-05 12:56 - 2021-01-05 12:56 - 000462848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2021-01-05 12:56 - 2021-01-05 12:56 - 000188928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2021-01-05 12:56 - 2021-01-05 12:56 - 002878464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2021-01-05 12:57 - 2021-01-05 12:57 - 000055808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2021-01-05 12:57 - 2021-01-05 12:57 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2021-01-05 12:57 - 2021-01-05 12:57 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2021-01-05 12:57 - 2021-01-05 12:57 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2021-01-05 12:57 - 2021-01-05 12:57 - 000284160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2021-01-05 12:57 - 2021-01-05 12:57 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2021-01-05 12:57 - 2021-01-05 12:57 - 000136704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2021-01-05 12:57 - 2021-01-05 12:57 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2021-01-05 12:57 - 2021-01-05 12:57 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2021-01-05 12:57 - 2021-01-05 12:57 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2021-03-10 15:32 - 2021-03-10 15:32 - 000091648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-4181642279-3814822525-3030808112-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2020-11-07 01:59:05&bName=
SearchScopes: HKU\S-1-5-21-4181642279-3814822525-3030808112-1001 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4181642279-3814822525-3030808112-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-4181642279-3814822525-3030808112-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-10-30 20:54 - 2020-10-30 20:51 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4181642279-3814822525-3030808112-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\radys\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img1.jpg
DNS Servers: 192.168.88.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{E62C7EFD-435E-468F-9DE0-A87866F95349}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{EA4EF4F7-663B-4235-A473-9A66A1D922E0}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F42CAD05-CCE3-4F44-A3E8-1D4E6DD3D089}] => (Allow) C:\Users\radys\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{24ABBE9F-0827-4341-B97A-BE3265CEC110}] => (Allow) C:\Users\radys\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{56FB8349-112F-4435-B23A-3DB1FDDEB6DA}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{5BF6E4DB-150F-40E2-9818-44D2395B77EA}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{231768CF-54AC-44F5-91B2-4331FC083C35}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{80AAC951-8342-46CF-B711-18FE23DD95AA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{330C288C-CB4B-4B17-A9BB-1F5FB2936FDA}D:\1c company\men of war\mow.exe] => (Allow) D:\1c company\men of war\mow.exe ("Best Way" Corp) [File not signed]
FirewallRules: [UDP Query User{B6B6A8C3-D416-4070-B075-EA2EEAB17E9D}D:\1c company\men of war\mow.exe] => (Allow) D:\1c company\men of war\mow.exe ("Best Way" Corp) [File not signed]
FirewallRules: [TCP Query User{2891E4AF-2B96-47AA-9E8B-41522B290B27}D:\total war - rome 2\rome2.exe] => (Allow) D:\total war - rome 2\rome2.exe => No File
FirewallRules: [UDP Query User{C23928B4-5FA6-4619-9041-47B1CED26310}D:\total war - rome 2\rome2.exe] => (Allow) D:\total war - rome 2\rome2.exe => No File
FirewallRules: [{7C953134-7742-4DEB-A066-BBA16ACA7E5A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{72CE0ED9-FC5D-48EE-B5FB-C3932F9F6490}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2042A903-C520-48CA-9752-5D81D91CE6E1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2EAAA027-1FA5-4BDA-B03C-8EA0915251A2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{93F63C12-57CF-4E26-96D4-2B6A5EA340E2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DBFEAA39-3B8B-4754-A75E-DF9CF9577021}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A7FEB0E0-1892-42C9-9254-672A31FE1757}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{900258B2-05A1-4BCE-9811-C0B50A6B36C5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5B8E9579-03A5-484E-A6B9-94AB9FF0A27D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4C2F2C84-5A41-4704-AAA7-0FADFF582454}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B9B152FB-3B52-48D7-A5A3-BC1371D53EC9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{52F65A31-618E-41BB-8FE5-701F8BB3DF28}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.165.643.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

21-07-2021 13:35:39 Naplánovaný kontrolní bod
30-07-2021 12:40:07 Naplánovaný kontrolní bod
06-08-2021 15:45:33 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/08/2021 08:53:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: CCleaner64.exe, verze: 5.83.0.9050, časové razítko: 0x60f18f49
Název chybujícího modulu: CCleaner64.exe, verze: 5.83.0.9050, časové razítko: 0x60f18f49
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000c4b085
ID chybujícího procesu: 0x13f0
Čas spuštění chybující aplikace: 0x01d78c220145d0fb
Cesta k chybující aplikaci: C:\Program Files\CCleaner\CCleaner64.exe
Cesta k chybujícímu modulu: C:\Program Files\CCleaner\CCleaner64.exe
ID zprávy: 53876086-a921-4705-b649-fa3c04a47edb
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/06/2021 03:42:17 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (08/06/2021 10:24:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: CCleaner64.exe, verze: 5.83.0.9050, časové razítko: 0x60f18f49
Název chybujícího modulu: CCleaner64.exe, verze: 5.83.0.9050, časové razítko: 0x60f18f49
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000c4b085
ID chybujícího procesu: 0x3b4
Čas spuštění chybující aplikace: 0x01d78a9c74790572
Cesta k chybující aplikaci: C:\Program Files\CCleaner\CCleaner64.exe
Cesta k chybujícímu modulu: C:\Program Files\CCleaner\CCleaner64.exe
ID zprávy: 6235d5dc-3583-4683-8e36-8a218b0b42a0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/31/2021 02:58:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program GameBar.exe verze 5.721.6282.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2818

Čas spuštění: 01d7860a547ce3cb

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.6282.0_x64__8wekyb3d8bbwe\GameBar.exe

ID hlášení: e2746614-8201-408f-bc92-be7c39bf51ff

Úplný název balíčku s chybou: Microsoft.XboxGamingOverlay_5.721.6282.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Navigation

Error: (07/29/2021 12:12:09 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (07/29/2021 12:12:07 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na OS (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (07/26/2021 10:31:17 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (07/26/2021 10:31:14 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na OS (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (08/10/2021 10:37:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SecDrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (08/10/2021 10:37:36 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\WINDOWS\SysWow64\drivers\SECDRV.SYS

Error: (08/10/2021 10:37:34 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (10:30:46, ‎10.‎08.‎2021) bylo neočekávané.

Error: (08/10/2021 10:30:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SecDrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (08/10/2021 10:30:48 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\WINDOWS\SysWow64\drivers\SECDRV.SYS

Error: (08/10/2021 10:30:46 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (10:22:55, ‎10.‎08.‎2021) bylo neočekávané.

Error: (08/10/2021 09:03:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SecDrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (08/10/2021 09:03:02 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\WINDOWS\SysWow64\drivers\SECDRV.SYS


Windows Defender:
================
Date: 2021-08-09 09:47:21
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {97067EDE-BB27-456E-B4F1-3D249BAE557D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-08 10:26:01
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {49C16EAA-CB3A-41E8-A7C8-C0D49ECD7E4D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-07 09:21:03
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C23C915F-1C96-4B0D-9735-056E2229631B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-01 16:09:21
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5A22EA54-1219-4E39-A847-CD95318B4FF9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-01 12:28:08
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {224CF24B-969E-4330-B772-73BE0E09FA33}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-07-26 09:04:09
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.343.1684.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18300.4
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.

Date: 2021-07-26 09:04:09
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.343.1684.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18300.4
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.

Date: 2021-07-26 09:04:09
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.343.1684.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18300.4
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.

Date: 2021-07-26 08:39:28
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o načtení bezpečnostních informací a pokusí se o obnovení poslední známé funkční verze.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0

==================== Memory info ===========================

BIOS: LENOVO I7KT31AUS 11/05/2013
Motherboard: LENOVO
Processor: AMD A10-6700 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 42%
Total physical RAM: 7358.64 MB
Available physical RAM: 4255.64 MB
Total Virtual: 8510.64 MB
Available Virtual: 3997.11 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:196.1 GB) (Free:141.61 GB) NTFS
Drive d: (Data) (Fixed) (Total:709.94 GB) (Free:459.27 GB) NTFS

\\?\Volume{637bd438-d993-438c-9cb3-1786764832c4}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{4d7c2d86-1470-4d46-9d3d-ee26f98b09f8}\ () (Fixed) (Total:0.5 GB) (Free:0.07 GB) NTFS
\\?\Volume{c4cc57ff-7531-40d8-8557-cbc862774ce5}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 889BB36B)

Partition: GPT.

==================== End of Addition.txt =======================

[JaRon]

ahoj,
1. drobne smeti vycisti ADWCleanerom
2. s prikazoveho riadku ako spravca spust sfc/scannow
3. ak problem pretrva otestuj RAM programom memtest

[rendy]

ok vyzkoušel jsem, uvidím co to bude dělat a když to bude to samé tak to otestuju tím memstem..Je to myšleno tak, že by mohli být vadné ramky a museli by se vyměnit za nové ?

[JaRon]

ano, vadne RAM tiez zvyknu sposobovat restarty - memtest to odhali