PREVENTIVNÍ

[votrok33]

Dobrý den poprosil bych o preventivku.
Ač to až tak preventivní není, přijde mi že se systémem něco není v pořádku.
Zaznamenal jsem jeden blue screen a občas se z ničeho nic strašně zasekne že ani zkratky nefunguji.

FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-03-2022
Ran by josef.tomek (administrator) on TOMEK-PC (Micro-Star International Co., Ltd. MS-7A34) (25-03-2022 21:13:54)
Running from C:\Users\josef.tomek\Desktop
Loaded Profiles: josef.tomek
Platform: Microsoft Windows 10 Pro Version 21H1 19043.1586 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplms.exe ->) (Thales DIS CPL USA, Inc. -> Thales Group) C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplmv.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCopyAccelerator.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <14>
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler64.exe
(services.exe ->) (LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(services.exe ->) (LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.22003.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.22003.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Thales DIS CPL USA, Inc. -> Thales Group) C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplms.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3183328 2022-03-11] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35888256 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Policies\Explorer: []
HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Policies\Explorer\DisallowRun: [1] 1.exe
HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Policies\Explorer\DisallowRun: [2] irsetup.exe
HKLM\...\Windows x64\Print Processors\LogMeIn Print Processor: C:\Windows\System32\spool\prtprocs\x64\LMIproc.dll [60416 2016-01-29] (LogMeIn, Inc. -> LogMeIn, Inc.)
HKLM\...\Print\Monitors\LogMeIn Printer Port Monitor: C:\Windows\system32\LMIport.dll [35328 2016-01-29] (LogMeIn, Inc. -> LogMeIn, Inc.)
HKLM\Software\...\AppCompatFlags\Custom\GXSetup.exe: [{0e82bf4c-b906-4635-a97e-6a9740686b33}.sdb] -> Rayman 2: The Great Escape GOG Edition
HKLM\Software\...\AppCompatFlags\Custom\Rayman2.exe: [{0e82bf4c-b906-4635-a97e-6a9740686b33}.sdb] -> Rayman 2: The Great Escape GOG Edition
HKLM\Software\...\AppCompatFlags\InstalledSDB\{0e82bf4c-b906-4635-a97e-6a9740686b33}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{0e82bf4c-b906-4635-a97e-6a9740686b33}.sdb [2011-03-17]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\99.0.15185.77\Installer\chrmstp.exe [2022-03-24] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\99.0.4844.82\Installer\chrmstp.exe [2022-03-23] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{65CD7F9B-E8F3-4bb0-82EB-6F6875B745DF}] -> C:\Windows\system32\LMIinit.dll [2020-05-07] (LogMeIn, Inc. -> LogMeIn, Inc.)
Startup: C:\Users\josef.tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE XTREME GAMING ENGINE.lnk [2018-10-02]
ShortcutTarget: GIGABYTE XTREME GAMING ENGINE.lnk -> D:\XTREME GAMING ENGINE\autorun.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04F931A7-53FB-480E-8961-6AFF4EB69C7E} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2744592 2022-03-16] (Piriform Software Ltd -> Piriform Software)
Task: {151F17B0-6C99-4935-BEB0-6EA4716B24CF} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-06-08] (Piriform Software Ltd -> Piriform Software)
Task: {1A5E1F78-801E-431E-8948-6548960F36FA} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773328 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {2AAC00DC-84AA-464C-BB8C-0B58E8DD302C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2D1F1153-FFC8-4B9E-8D01-418B04FB31C0} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-06-08] (Piriform Software Ltd -> Piriform Software)
Task: {311240D7-8463-42C1-A848-908D815AEEBF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-10-01] (Google Inc -> Google Inc.)
Task: {3ADF5DD3-BE24-440F-82A8-08A651A398CF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {590854D4-F497-4028-9BE0-BE4FFE14D60B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {5ECAB301-B478-490A-84C0-5A725E2BCBBE} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950480 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6B4D89AD-231A-4C9B-A4CE-63F18AB475C1} - System32\Tasks\Opera scheduled assistant Autoupdate 1582725469 => C:\Users\josef.tomek\AppData\Local\Programs\Opera\launcher.exe [2470608 2022-03-16] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\josef.tomek\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {6D1857B8-CCA0-46AA-A271-1A2A2AA72F81} - System32\Tasks\CCleanerSkipUAC - josef.tomek => C:\Program Files\CCleaner\CCleaner.exe [30053504 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {793EE2E1-AA87-4F46-8898-B752940727F7} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855760 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {79A9F6A7-F4C7-48B8-8119-B4555233FE42} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773328 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {8545BA69-5C5F-4ECB-8CB3-52B1A23BA83C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8C76EF1F-A2FA-408C-9DD1-77C9A8550496} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950480 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9847E2EE-DB9D-4678-910F-7EABF7667AAB} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2317344584-338335979-3697871285-500 => C:\Users\josef.tomek\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {985BE318-527E-46D1-A54B-8FD0ADA020D5} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2744592 2022-03-16] (Piriform Software Ltd -> Piriform Software)
Task: {9F53D1CE-9E07-4B9C-BC23-F8547478C204} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950480 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B7BD52D1-E311-467E-9776-CE376F1B23F8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-03-10] (Piriform Software Ltd -> Piriform)
Task: {BFB1198F-9947-4073-96DE-7F65EABF2982} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5F0127D-C04C-453E-AF78-C3F042BC5E3C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [696016 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CA1F09E6-3095-420A-8900-820FD1C907C4} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950480 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CBFA0632-9EDE-481C-AA11-5F47390E358C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [995024 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D5AD87BA-3706-4DB1-8250-0DF8DE809AF3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E42C4F47-FFD9-422E-A4C1-A195474304FE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-10-01] (Google Inc -> Google Inc.)
Task: {E689BBB4-5EC1-442E-9F0B-93D3C317916D} - System32\Tasks\Opera scheduled Autoupdate 1550496882 => C:\Users\josef.tomek\AppData\Local\Programs\Opera\launcher.exe [2470608 2022-03-16] (Opera Software AS -> Opera Software)
Task: {E895FF56-076B-4554-8B53-D52E5F5E4AF7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EFBE24DA-07BC-4B26-94A2-6BADE8CFBEB2} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3487440 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FA40F41F-9F62-4028-AA00-7B6613E23FF8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855760 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{39042313-b12b-4806-bdf6-42a082645fa1}: [DhcpNameServer] 10.107.4.100 10.107.4.129
Tcpip\..\Interfaces\{a70230ea-e87a-490a-8b91-42a924936116}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\josef.tomek\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-23]

FireFox:
========
FF DefaultProfile: 8kavqy3r.default
FF ProfilePath: C:\Users\josef.tomek\AppData\Roaming\Mozilla\Firefox\Profiles\8kavqy3r.default [2022-03-23]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-01-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-01-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-06-08] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-06-08] (Piriform Software Ltd -> Piriform Software)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default [2022-03-25]
CHR Notifications: Default -> hxxps://aternos.org; hxxps://cs66.divokekmeny.cz; hxxps://cs70.divokekmeny.cz; hxxps://cz.pinterest.com; hxxps://golive.im; hxxps://meet.google.com; hxxps://tabletopia.com; hxxps://teams.microsoft.com; hxxps://www.divokekmeny.cz; hxxps://www.netflix.com; hxxps://www.youtube.com
CHR Extension: (Prezentace) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-01]
CHR Extension: (Dokumenty) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-01]
CHR Extension: (Disk Google) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (YouTube) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-15]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-03-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Profile: C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-08-15]

Opera:
=======
OPR Profile: C:\Users\josef.tomek\AppData\Roaming\Opera Software\Opera Stable [2022-03-23]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\josef.tomek\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-02-27]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\josef.tomek\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-06]

Brave:
=======
BRA Profile: C:\Users\josef.tomek\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-03-23]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\josef.tomek\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2019-07-13]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\josef.tomek\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2019-07-21]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\josef.tomek\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2019-07-13]
BRA Extension: (PDF Viewer) - C:\Users\josef.tomek\AppData\Local\BraveSoftware\Brave-Browser\User Data\oemmndcbldboiebfnladdacbdfmadadm [2019-07-13]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\josef.tomek\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2019-07-13]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-06-08] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\99.0.15185.77\elevation_service.exe [1876832 2022-03-16] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-06-08] (Piriform Software Ltd -> Piriform Software)
S3 Disc Soft Lite Bus Service; D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3606120 2018-04-03] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2022-02-13] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 FACEITService; D:\FACEIT AC\faceitservice.exe [21758920 2022-02-28] (FACE IT LIMITED -> )
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2021-01-29] (Mixbyte Inc -> Freemake)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
R2 hasplms; C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplms.exe [6181600 2020-08-19] (Thales DIS CPL USA, Inc. -> Thales Group)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7477704 2021-08-13] (Malwarebytes Inc -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6228008 2022-03-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2019-11-07] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10401912 2022-03-11] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [269200 2020-04-02] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aksdf; C:\WINDOWS\system32\drivers\aksdf.sys [389560 2020-08-19] (Gemalto, Inc. -> SafeNet, Inc.)
R2 aksfridge; C:\WINDOWS\system32\drivers\aksfridge.sys [510800 2020-08-19] (Gemalto, Inc. -> SafeNet, Inc.)
S2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [303616 2021-10-22] () [File not signed]
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [284672 2021-04-17] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-10-01] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-10-01] (Disc Soft Ltd -> Disc Soft Ltd)
S3 esgiguard; D:\SpyHunter4\SpyHunter\App\SpyHunter\esgiguard.sys [15920 2016-05-19] (Enigma Software Group USA, LLC -> Enigma Software Group USA, LLC.)
S1 EspoDriver; C:\WINDOWS\system32\drivers\EspoDriver.sys [6104576 2021-10-13] (Esportal AB -> )
R0 FACEIT; C:\WINDOWS\System32\Drivers\FACEIT.sys [15650856 2022-02-28] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2018-11-23] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [1970104 2020-08-19] (Gemalto, Inc. -> SafeNet, Inc.)
S2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [35328 2021-10-22] () [File not signed]
R2 LMIInfo; C:\WINDOWS\system32\drivers\LMIInfo.sys [30432 2017-01-11] (LogMeIn, Inc. -> LogMeIn, Inc.)
S4 LMIRfsClientNP; no ImagePath
S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [66952 2018-07-29] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-08-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-08-13] (Malwarebytes Inc -> Malwarebytes)
S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8508504 2022-03-11] (Riot Games, Inc. -> Riot Games, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [439544 2022-03-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-15] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2020-05-06] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-25 21:13 - 2022-03-25 21:14 - 000027041 _____ C:\Users\josef.tomek\Desktop\FRST.txt
2022-03-25 21:03 - 2022-03-25 21:03 - 000000000 ____D C:\Users\josef.tomek\Desktop\FRST-OlderVersion
2022-03-21 17:44 - 2022-03-25 14:36 - 000000000 _____ C:\Users\Public\Documents\settings.ini
2022-03-21 13:32 - 2022-03-25 14:39 - 000000000 _____ C:\ProgramData\settings.ini
2022-03-21 13:08 - 2022-03-21 13:27 - 000001621 _____ C:\Users\Public\Desktop\VALORANT.lnk
2022-03-21 13:08 - 2022-03-21 13:08 - 000000000 ____D C:\Program Files\Riot Vanguard
2022-03-21 11:03 - 2022-03-21 11:03 - 000000000 ____D C:\Users\josef.tomek\Desktop\Nová složka
2022-03-19 12:12 - 2022-03-19 12:12 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2022-03-10 10:55 - 2022-03-10 10:55 - 000195584 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2022-03-10 10:55 - 2022-03-10 10:55 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-03-10 10:54 - 2022-03-10 10:54 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-03-10 10:54 - 2022-03-10 10:54 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-03-10 10:54 - 2022-03-10 10:54 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-03-10 10:54 - 2022-03-10 10:54 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-03-10 10:45 - 2022-03-10 10:45 - 000000000 ___HD C:\$WinREAgent
2022-03-09 23:04 - 2022-03-23 11:48 - 000000000 ____D C:\Users\josef.tomek\AppData\Roaming\CZC
2022-03-05 16:22 - 2022-03-07 17:51 - 000000957 _____ C:\Users\josef.tomek\Desktop\Wow – zástupce (2).lnk
2022-03-03 16:37 - 2022-03-03 16:37 - 000766523 _____ C:\Users\josef.tomek\Desktop\TOMEK.pptx

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-25 21:14 - 2021-08-12 21:28 - 000000000 ____D C:\FRST
2022-03-25 21:05 - 2020-10-31 00:47 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-03-25 21:05 - 2019-12-07 15:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2022-03-25 21:05 - 2019-12-07 15:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2022-03-25 21:05 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-03-25 21:05 - 2018-10-01 15:40 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-25 21:03 - 2021-08-15 18:00 - 002365440 _____ (Farbar) C:\Users\josef.tomek\Desktop\FRST64.exe
2022-03-25 21:01 - 2020-06-19 18:21 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2022-03-25 21:00 - 2019-04-10 15:09 - 000000000 ____D C:\Program Files\CCleaner
2022-03-25 20:59 - 2022-01-18 23:17 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\LogMeIn Hamachi
2022-03-25 20:59 - 2020-10-31 00:39 - 000000000 ____D C:\Users\josef.tomek
2022-03-25 20:59 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-25 20:59 - 2018-10-23 13:08 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-03-25 20:59 - 2018-10-01 15:12 - 000000000 ____D C:\ProgramData\NVIDIA
2022-03-25 20:58 - 2020-10-31 00:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-25 20:58 - 2020-10-31 00:37 - 000008192 ___SH C:\DumpStack.log.tmp
2022-03-25 20:58 - 2020-10-31 00:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-25 14:39 - 2022-02-13 18:15 - 000000016 _____ C:\ProgramData\mntemp
2022-03-25 14:39 - 2021-08-13 10:09 - 000002047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-03-25 14:39 - 2021-01-30 11:47 - 000000013 _____ C:\ProgramData\krosqm.txt
2022-03-25 14:39 - 2019-02-26 19:24 - 000000000 ____D C:\ProgramData\Riot Games
2022-03-25 14:39 - 2018-12-13 17:37 - 000002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2022-03-25 14:36 - 2021-10-12 18:55 - 000000605 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FACEIT AC.lnk
2022-03-25 14:36 - 2020-06-06 18:50 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-25 14:36 - 2018-12-13 17:37 - 000002729 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2022-03-25 14:36 - 2018-12-13 17:37 - 000002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2022-03-25 14:36 - 2018-10-01 15:46 - 000002315 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-03-25 14:05 - 2018-12-13 17:37 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2022-03-25 11:46 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-25 11:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-25 11:22 - 2021-11-20 11:01 - 000120296 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-03-25 11:22 - 2021-11-11 17:57 - 002258408 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-03-25 11:22 - 2021-11-11 17:57 - 000337384 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-03-25 11:22 - 2021-11-11 17:57 - 000218600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-03-25 11:22 - 2021-11-11 17:57 - 000198120 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-03-25 11:22 - 2021-11-11 17:57 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-03-25 11:22 - 2021-11-11 17:57 - 000062952 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-03-25 11:21 - 2020-06-06 18:50 - 000002288 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-03-24 20:38 - 2021-06-08 18:58 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2022-03-24 20:12 - 2021-06-08 18:58 - 000002366 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2022-03-24 20:12 - 2021-06-08 18:58 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2022-03-23 17:02 - 2018-10-01 15:36 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\D3DSCache
2022-03-23 12:02 - 2018-10-01 17:01 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\CrashDumps
2022-03-23 11:58 - 2020-11-23 16:44 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\Deployment
2022-03-23 11:58 - 2018-10-01 15:24 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\Packages
2022-03-23 11:57 - 2021-12-09 17:13 - 000000000 ____D C:\ProgramData\Epic
2022-03-23 11:56 - 2021-12-09 17:14 - 000000000 ____D C:\Program Files (x86)\Epic Games
2022-03-23 11:43 - 2018-10-01 15:46 - 000002274 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-03-21 13:39 - 2022-02-16 22:17 - 000001507 _____ C:\Users\josef.tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2022-03-21 13:39 - 2020-10-31 00:50 - 000004212 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1550496882
2022-03-21 13:29 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-03-21 13:08 - 2020-06-19 17:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2022-03-21 13:08 - 2020-04-14 21:56 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\Riot Games
2022-03-17 13:06 - 2020-10-31 00:50 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-03-17 03:09 - 2020-09-13 15:42 - 000000000 ____D C:\Users\josef.tomek\AppData\Roaming\Spotify
2022-03-16 23:54 - 2020-09-13 15:43 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\Spotify
2022-03-15 11:30 - 2018-10-01 14:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-03-11 12:20 - 2020-10-04 16:36 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-03-10 17:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-03-10 17:14 - 2020-10-31 00:37 - 000435904 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-10 17:12 - 2019-12-07 15:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-03-10 17:12 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-03-10 17:12 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-03-10 17:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-10 17:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-03-10 17:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-10 17:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-03-10 17:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-10 17:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-10 17:12 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-03-10 10:57 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-10 10:54 - 2020-10-31 00:39 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-03-10 10:45 - 2018-10-01 15:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-10 10:43 - 2018-10-01 15:36 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-03-09 12:24 - 2020-10-31 00:58 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6af166b8e5672
2022-03-09 12:24 - 2020-10-31 00:50 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-05 22:13 - 2021-05-06 11:12 - 000000000 ____D C:\Users\josef.tomek\AppData\Roaming\.minecraft
2022-03-05 09:38 - 2019-11-20 14:55 - 000000000 ____D C:\Users\josef.tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2022-02-28 15:08 - 2021-10-14 10:01 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\FACEIT
2022-02-28 15:05 - 2021-10-12 18:55 - 015650856 _____ C:\WINDOWS\system32\Drivers\FACEIT.sys
2022-02-28 15:04 - 2021-10-12 18:55 - 000000605 _____ C:\Users\Public\Desktop\FACEIT AC.lnk

==================== Files in the root of some directories ========

2021-06-03 21:44 - 2021-08-12 11:00 - 000000032 _____ () C:\Users\josef.tomek\AppData\Roaming\.machineId
2021-02-07 18:53 - 2021-02-07 18:53 - 000000064 _____ () C:\Users\josef.tomek\AppData\Roaming\changzhi_leidian.data
2020-10-17 21:41 - 2020-10-28 18:35 - 000004665 _____ () C:\Users\josef.tomek\AppData\Roaming\VoiceMeeterDefault.xml
2021-02-03 11:26 - 2021-02-03 11:26 - 000002004 _____ () C:\Users\josef.tomek\AppData\Local\recently-used.xbel
2020-02-13 19:05 - 2020-02-13 19:05 - 000000017 _____ () C:\Users\josef.tomek\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


















Add:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-03-2022
Ran by josef.tomek (25-03-2022 21:15:09)
Running from C:\Users\josef.tomek\Desktop
Microsoft Windows 10 Pro Version 21H1 19043.1586 (X64) (2020-10-30 23:50:58)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Admin (S-1-5-21-2317344584-338335979-3697871285-1001 - Administrator - Disabled) => C:\Users\Admin
Administrator (S-1-5-21-2317344584-338335979-3697871285-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2317344584-338335979-3697871285-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2317344584-338335979-3697871285-1000 - Limited - Disabled)
Guest (S-1-5-21-2317344584-338335979-3697871285-501 - Limited - Disabled)
josef.tomek (S-1-5-21-2317344584-338335979-3697871285-1002 - Administrator - Enabled) => C:\Users\josef.tomek
WDAGUtilityAccount (S-1-5-21-2317344584-338335979-3697871285-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

CCleaner (HKLM\...\CCleaner) (Version: 5.91 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 99.0.15185.77 - Autoři prohlížeče CCleaner Browser)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
Ekura (HKLM-x32\...\Sindicate Ekura) (Version: 12.159.10674 - Sindicate)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FACEIT Anti-Cheat (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 2.0 - FACEIT LTD)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 99.0.4844.82 - Google LLC)
IIS 10.0 Express (HKLM\...\{2B8326B6-4202-4239-B9A9-F3EC8812E82D}) (Version: 10.0.03917 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) Hidden
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Hidden
Java 8 Update 321 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180321F0}) (Version: 8.0.3210.7 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Malwarebytes version 4.4.4.126 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.4.126 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 99.0.1150.52 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 99.0.1150.52 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2317344584-338335979-3697871285-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2317344584-338335979-3697871285-500\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{9097BF1A-13A0-4A4A-A1F8-473E2A669863}) (Version: 13.1.4001.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{5016990D-7F61-4A20-9451-A915D6616DD9}) (Version: 3.66.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NVIDIA GeForce Experience 3.15.0.164 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.164 - NVIDIA Corporation)
NVIDIA GeForce NOW 2.0.33.123 (HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.33.123 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 457.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.30 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Opera Stable 84.0.4316.42 (HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Opera 84.0.4316.42) (Version: 84.0.4316.42 - Opera Software)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Spotify (HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Spotify) (Version: 1.1.80.699.gc3dac750 - Spotify AB)
Stronghold Crusader (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: - )
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
Uložit do služby Autodesk Web and Mobile (HKLM\...\{A9005AC0-4AD8-4E84-B1F7-EE38BB6BCC2D}) (Version: 3.0.26 - Autodesk)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
VALORANT (HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
WinRAR 5.11 beta 1 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.1 - win.rar GmbH)
XTREME GAMING ENGINE (HKLM-x32\...\GIGABYTE XTREME GAMING ENGINE_is1) (Version: 1.2.5.1 - GIGABYTE Technology Co.,Inc.)

Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.12.419.0_x64__rz1tebttyb220 [2022-03-01] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-03-10] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.0.159.0_x64__8wekyb3d8bbwe [2022-03-09] (Microsoft Studios)
Rozšíření pro video HEVC -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_1.0.50362.0_x64__8wekyb3d8bbwe [2022-03-12] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2014-08-06] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2014-08-06] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-08-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-08-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2014-08-06] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2014-08-06] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2019-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2019-08-30] (Beepa P/L) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\tracing:? [16]
AlternateDataStreams: C:\ProgramData\kaosdma.png:15F9289DE6 [10]
AlternateDataStreams: C:\ProgramData\krosqm.txt:4DFCEB3E95 [10]
AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [10]
AlternateDataStreams: C:\ProgramData\settings.ini:27EB0451C1 [10]
AlternateDataStreams: C:\ProgramData\settings.ini:5B48B5BC13 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk:B76C4E1157 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk:A816ED3F18 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk:F9B57EE960 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FACEIT AC.lnk:550995E265 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk:8096E45125 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk:C5D586BE93 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk:E77773B271 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk:86E8B79B48 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk:21BFFA7D5A [10]
AlternateDataStreams: C:\Users\Public\Documents\settings.ini:ABCC4E1BB3 [10]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2317344584-338335979-3697871285-1002\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\ssv.dll [2022-01-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\jp2ssv.dll [2022-01-23] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 00:38 - 2018-04-12 00:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\
HKU\S-1-5-21-2317344584-338335979-3697871285-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2317344584-338335979-3697871285-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\josef.tomek\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\b22c96d8ee01f9e5bd7304cb2509393d.jpeg
HKU\S-1-5-21-2317344584-338335979-3697871285-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKU\S-1-5-21-2317344584-338335979-3697871285-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{62F9457B-9E9E-492D-9CFC-23D147C4AC85}] => (Allow) C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplms.exe (Thales DIS CPL USA, Inc. -> Thales Group)
FirewallRules: [{31BBB547-9B06-4452-8858-8844490BAE1B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FB3BEF0D-0A41-4188-B926-4956FC73AFF8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B89BFC93-6B40-4D9C-9D68-0B209DC15B9A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9A9E17D2-F27C-4F0E-B854-95C93BB77ACC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [UDP Query User{75C60632-3314-4CE7-B1F3-2492F48A285C}C:\users\josef.tomek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\josef.tomek\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{02CE7997-F4FC-4EB2-82DF-3DCE7A84BB1C}C:\users\josef.tomek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\josef.tomek\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A80FBBD3-43E0-4C4F-92D3-7BDAB4F49B72}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{839B9FCF-AD23-48A3-A23E-D9BC448980E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{14C54888-55E1-43DA-8477-5F22D0A62761}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A627E39A-7FE9-41CE-A14B-07B9F3612BE5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{31B101C3-7CE3-4377-9CE0-F28AED2EFBEF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9C3CE40A-1DBE-42BB-B09E-7EDC65355608}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8D8042BF-A9B1-4F61-AA9E-ACF4B0E76F35}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BFEC4D7F-064A-4058-896E-BD5C1AB848ED}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EC068911-C8D4-464F-BAD2-E71D6F82F4F2}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0F258053-7694-491F-ADFE-E650B3FB61F9}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{4A9EE9B7-1A2C-495C-AD61-C56E66E0FEC6}D:\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\steam\steamapps\common\counter-strike global offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [UDP Query User{80E3CE13-F48B-4353-925C-164A3949AA60}D:\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\steam\steamapps\common\counter-strike global offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{68D666F4-DEB0-4E16-9AAC-14738AB84BB4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F9A15747-C756-450C-A4B7-89DB14DFE638}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{94EC5158-D328-4FDC-9D28-374B2421ECF8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8416B311-D3EC-450E-B353-F2C6E79D20D1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{9E28572D-B632-4720-ACB4-0B6D6C5B2F48}D:\torrent\utorrent.exe] => (Allow) D:\torrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{33E2BE81-E6FE-4CC2-A255-C87F8A14ADB6}D:\torrent\utorrent.exe] => (Allow) D:\torrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{2A879778-F867-4BC0-871F-FFF1B951693A}D:\torrent\utorrent.exe] => (Allow) D:\torrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{F1158047-D30B-4031-96D5-DCF1A01DB88B}D:\torrent\utorrent.exe] => (Allow) D:\torrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{04CE87D9-B189-435A-9C19-375F9EE9C29D}] => (Allow) D:\Steam\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [{03B606CB-4CED-47B8-B53C-D2B7147EA6CA}] => (Allow) D:\Steam\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [TCP Query User{B777C044-E456-44FD-B20F-AA6FCE359A02}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{4CD5681C-C827-4DF1-BA63-5C24F8147CC3}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{581D09F5-6BD0-42C8-87B6-F3F2584C6ADE}D:\games\riot games\riot client\riotclientservices.exe] => (Allow) D:\games\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{81537650-1088-498B-9754-CE7B41A29476}D:\games\riot games\riot client\riotclientservices.exe] => (Allow) D:\games\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{D646CA52-E39C-473F-8982-27F10075373E}C:\users\josef.tomek\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\josef.tomek\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{B0F3CC40-F638-4592-9C2D-ECEB5B9A8EDD}C:\users\josef.tomek\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\josef.tomek\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{AF0396BE-9D18-4A39-960E-0DDD75B5476B}] => (Allow) D:\Steam\steamapps\common\Titan Quest Anniversary Edition\TQ.exe () [File not signed]
FirewallRules: [{E3FF650B-9D85-47C5-BA20-5C2ACC34BC30}] => (Allow) D:\Steam\steamapps\common\Titan Quest Anniversary Edition\TQ.exe () [File not signed]
FirewallRules: [TCP Query User{AB3DFC41-6BF2-401D-AD33-686CEBCAD2F7}C:\users\josef.tomek\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\josef.tomek\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{A84DBE59-CA33-4796-8867-088795EB0BE1}C:\users\josef.tomek\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\josef.tomek\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{AF176ED8-C298-42AA-81DB-0F45D919EC09}] => (Allow) D:\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{373CDD06-4782-4222-86D0-0B2CF082C23D}] => (Allow) D:\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{B65D8376-BFC0-49DD-9202-31D70B3A1699}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{98456AD2-69B4-4E7B-95C4-E3F78339E281}D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [{385C7368-CEC7-4122-BBD0-C523FDCF52A9}] => (Allow) D:\Steam\steamapps\common\CoJ Gunslinger\CoJGunslinger.exe (TECHLAND SP Z O O -> Techland)
FirewallRules: [{81E6D42F-BDCE-4EB6-B33C-3324E8F8189D}] => (Allow) D:\Steam\steamapps\common\CoJ Gunslinger\CoJGunslinger.exe (TECHLAND SP Z O O -> Techland)
FirewallRules: [TCP Query User{3CD3B5D6-29AE-4E9C-BB13-72D33705D91A}D:\games\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{1FCB5B5F-EC8F-4894-9CA9-17E040035126}D:\games\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{CBF74E15-8B3A-495B-9BCB-ED238CDDE682}D:\games\minecraft\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{384776AC-7EB0-42B3-B4E9-C76E4B5FD570}D:\games\minecraft\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [{0310F8CD-CA7D-4E6F-975E-CDD4D5DC998E}] => (Allow) D:\Steam\steamapps\common\WitchIt\WitchIt\Binaries\Win64\PropWitchHuntModule-Win64-Shipping.exe (G=Barrel Roll Games) [File not signed]
FirewallRules: [{C4CD7772-D4A0-4C7F-88A8-B8EF4B4F8FC5}] => (Allow) D:\Steam\steamapps\common\WitchIt\WitchIt\Binaries\Win64\PropWitchHuntModule-Win64-Shipping.exe (G=Barrel Roll Games) [File not signed]
FirewallRules: [{00F8C8F8-FF9D-41A7-990B-8D42EAE55C05}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{7E897D9C-E8DB-412F-8484-E33212F428DD}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)
FirewallRules: [{22B63A66-8F75-4050-8FF5-13EB6FA77B89}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\99.0.1150.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F6611A10-848F-464E-9D14-C29740D31FD3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{93166B4B-278E-4129-8008-A40BA98E2ADC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0663CB5B-CB4D-4E5A-B1B5-5745AADDC728}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4DCCDB46-D823-4B50-AF02-EAEF2FE15502}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.19 GB) (Free:44.25 GB) (40%)

==================== Faulty Device Manager Devices ============

Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (03/25/2022 08:59:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x6013e0fe
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1586, časové razítko: 0xe89e47cc
Kód výjimky: 0xe0434352
Posun chyby: 0x0012b922
ID chybujícího procesu: 0xde4
Čas spuštění chybující aplikace: 0x01d84082c50f5829
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 9b55f948-e288-418d-b6a1-f738ece49e6f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/25/2022 08:59:01 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeUtilsService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na FreemakeUtilsService.Program.Main(System.String[])

Error: (03/25/2022 11:23:08 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/24/2022 12:22:24 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/24/2022 12:16:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x6013e0fe
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1586, časové razítko: 0xe89e47cc
Kód výjimky: 0xe0434352
Posun chyby: 0x0012b922
ID chybujícího procesu: 0xe78
Čas spuštění chybující aplikace: 0x01d83f70979ae50f
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 120c3d02-9fce-4f83-b33d-38f5fb0900a0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/24/2022 12:16:23 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeUtilsService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na FreemakeUtilsService.Program.Main(System.String[])

Error: (03/23/2022 11:45:43 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/22/2022 09:36:29 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (03/25/2022 08:59:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/25/2022 08:59:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Freemake Improver bylo dosaženo časového limitu (45000 ms).

Error: (03/25/2022 08:59:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba lirsgt neuspěla při spuštění v důsledku následující chyby:
Přístup byl odepřen.

Error: (03/25/2022 08:59:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba atksgt neuspěla při spuštění v důsledku následující chyby:
Přístup byl odepřen.

Error: (03/25/2022 08:58:58 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (18:55:23, ‎25.‎03.‎2022) bylo neočekávané.

Error: (03/25/2022 11:22:51 AM) (Source: DCOM) (EventID: 10005) (User: TOMEK-PC)
Description: Služba DCOM zjistila chybu 87 při pokusu o spuštění služby GamingServices s argumenty Není k dispozici za účelem spuštění serveru:
{3E8C9ABE-9226-4609-BF5B-60288A391DEE}

Error: (03/25/2022 11:22:51 AM) (Source: DCOM) (EventID: 10005) (User: TOMEK-PC)
Description: Služba DCOM zjistila chybu 87 při pokusu o spuštění služby GamingServices s argumenty Není k dispozici za účelem spuštění serveru:
{3E8C9ABE-9226-4609-BF5B-60288A391DEE}

Error: (03/25/2022 11:22:46 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9MWPM2CQNLHN-Microsoft.GamingServices.


Windows Defender:
================
Date: 2022-03-25 11:44:56
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C0B0E73A-DCFC-4CDD-B073-7B953E9CEFC5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-03-23 17:02:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A295E745-7233-4716-8708-6C1A7F116F3B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-03-22 11:49:06
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7C2B1879-76E8-4BE5-8834-2CF828A33F2A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-03-20 12:10:02
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {28BAF231-CCEB-49D3-A38D-EA8F921AA509}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-03-19 13:08:27
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5D788FAB-27CB-4902-955E-C58A250DA100}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2022-03-25 11:44:56
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-11-06 18:58:44
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\CCleaner Browser\Application\95.0.12827.72\chrome.dll that did not meet the Microsoft signing level requirements.

Date: 2021-11-04 16:58:44
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\CCleaner Browser\Application\95.0.12674.57\chrome.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.80 09/13/2017
Motherboard: Micro-Star International Co., Ltd. B350 TOMAHAWK (MS-7A34)
Processor: AMD Ryzen 5 1500X Quad-Core Processor
Percentage of memory in use: 55%
Total physical RAM: 8147.55 MB
Available physical RAM: 3645.2 MB
Total Virtual: 12115.55 MB
Available Virtual: 6413.23 MB

==================== Drives ================================

Drive c: (Windows 10 Pro) (Fixed) (Total:111.19 GB) (Free:44.25 GB) NTFS
Drive d: (HDD) (Fixed) (Total:931.51 GB) (Free:522.82 GB) NTFS

\\?\Volume{b7f65ad0-a3a9-4cd2-8dfc-6d507bc64c65}\ () (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
\\?\Volume{322d3815-67c9-c392-dea1-61e7c430f987}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\\?\Volume{39748896-df0e-43d3-a2b0-a6e90382baec}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)

Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 2.

==================== End of Addition.txt =======================

[JaRon]

ahoj,
preventivne s prikazoveho riadku spust ako spravca
sfc /scannow
a potom
chkdsk /f

[votrok33]

Co se týče toho skenu disku mam pocit že to hodilo Error. Trvalo to ani ne 10 vteřin po restartu.
Log jsem nikde v EventLogu nenašel pod ID 1001 bylo jen toto:

Chybný blok 2285815464614847076, typ 1
Název události: APPCRASH
Reakce: Není k dispozici.
ID souboru CAB: 0

Podpis problému:
P1: FreemakeUtilsService.exe
P2: 1.0.0.0
P3: 6013e0fe
P4: KERNELBASE.dll
P5: 10.0.19041.1586
P6: e89e47cc
P7: e0434352
P8: 0012b922
P9:
P10:

Připojené soubory:
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WER7C73.tmp.dmp
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WER7D6E.tmp.WERInternalMetadata.xml
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WER7DBD.tmp.xml
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WER7DBB.tmp.csv
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WER7DDB.tmp.txt

Tyto soubory mohou být k dispozici zde:
\\?\C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_FreemakeUtilsSer_18d932470e119837ce5771a2489bd44a8d190_723d8bdc_7aa81831-dbf0-4b88-aecb-7868298251fa

Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: 8e48c80d-7273-4379-82ef-f78664dda5d6
Stav hlášení: 268435456
Zakódovaný interval: 014dccda080288033fb8d90de6766264
GUID souboru CAB: 0

LOG z prvního skenu v příloze

CBS.zip

(22.81 KiB) Staženo 54 x

[JaRon]

1. otestuj HDD programom HDTune free
2. skusobne odinstaluj freemake

[votrok33]

Freemake tedy nevím jak se bezpečně maže nikdy jsem to nedělal.

HDTune_Error_Scan_________KINGSTON_SA400S3.png (24.88 KiB) Zobrazeno 1394 x

[JaRon]

1. rovnako otestuj aj druhy disk
2. freemake by mal ist normalne odinstalovat, cast chybovych hlasok smeruje k nemu

[votrok33]

Je to sice zvláštní ale nemohu ho nikde najít..

HDTune_Error_Scan_________ST1000DM010-2EP1.png (29.34 KiB) Zobrazeno 1360 x

[JaRon]

Vycisti PC s CCleanerom vcetne registrov