Preventivní prověření

Zpráva

Windi · #1 Příspěvek od **Windi** » 27 lis 2024 12:38

Zdravím všechny,

rád bych požádal po delší době a preventivní prověření.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-11-2024
Ran by Merme0th (administrator) on DESKTOP-EHKIT8D (ASUS System Product Name) (27-11-2024 12:28:21)
Running from C:\Users\Merme0th\Desktop\FRST64.exe
Loaded Profiles: Merme0th
Platform: Microsoft Windows 11 Pro Version 23H2 22631.4460 (X64) Language: Čeština (Česko)
Default browser: "C:\Users\Merme0th\AppData\Local\Programs\Opera GX\opera.exe" -noautoupdate -- "%1"
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzAppManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzBTLEManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDiagnostic
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaConnectManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaConnectServer
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzIoTDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSmartlightingDeviceManager
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> Razer Inc) C:\ProgramData\Razer\Synapse3\Service\Bin\RzLightingEngineHelper.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Users\Merme0th\AppData\Local\Programs\Opera GX\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Merme0th\AppData\Local\Programs\Opera GX\114.0.5282.233\opera_crashreporter.exe
(cmd.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(DriverStore\FileRepository\u0406784.inf_amd64_f5225d40b64e3982\B405281\atiesrxx.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0406784.inf_amd64_f5225d40b64e3982\B405281\atieclxx.exe
(explorer.exe ->) (Opera Software AS -> Opera Software) C:\Users\Merme0th\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe <2>
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(OpenVPN Inc. -> OpenVPN) C:\Program Files\OpenVPN Connect\OpenVPNConnect.exe <4>
(Opera Norway AS -> Opera Software) C:\Users\Merme0th\AppData\Local\Programs\Opera GX\opera.exe <43>
(services.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0406784.inf_amd64_f5225d40b64e3982\B405281\atiesrxx.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc) C:\Windows\System32\DriverStore\FileRepository\amd3dvcache.inf_amd64_0b3c99dc64473f00\amd3dvcacheSvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(services.exe ->) (OpenVPN Inc. -> ) C:\Program Files\OpenVPN Connect\agent_ovpnconnect.exe
(services.exe ->) (OpenVPN Inc. -> ) C:\Program Files\OpenVPN Connect\ovpnhelper_service.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.200.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24102.48.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(svchost.exe ->) (Ashampoo GmbH & Co. KG -> Ashampoo) C:\Program Files\Ashampoo\Ashampoo Driver Updater\ashpdu.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.30502.30.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-4036908386-2111568235-378885487-1001\...\Run: [Opera GX Stable] => C:\Users\Merme0th\AppData\Local\Programs\Opera GX\opera.exe [1493400 2024-11-26] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-4036908386-2111568235-378885487-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4412512 2024-11-12] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4036908386-2111568235-378885487-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\Merme0th\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-4036908386-2111568235-378885487-1001\...\Run: [EpicGamesLauncher] => D:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36844504 2024-11-08] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4036908386-2111568235-378885487-1001\...\Run: [org.openvpn.client] => C:\Program Files\OpenVPN Connect\OpenVPNConnect.exe [176880232 2024-07-17] (OpenVPN Inc. -> OpenVPN)
HKU\S-1-5-21-4036908386-2111568235-378885487-1001\...\Run: [Discord] => C:\Users\Merme0th\AppData\Local\Discord\Update.exe [1525016 2023-08-28] (Discord Inc. -> GitHub)
HKU\S-1-5-21-4036908386-2111568235-378885487-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3597056 2024-10-24] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-4036908386-2111568235-378885487-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2655848 2023-10-04] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-4036908386-2111568235-378885487-1001\...\Run: [AMDNoiseSuppression] => C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe [164840 2024-06-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3597056 2024-10-24] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.86\Installer\chrmstp.exe [2024-11-22] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {803B2435-096F-4B66-86F6-9D35E48C4F9C} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1031384 2024-07-15] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {FB11E0EC-D253-407D-BFE4-1BF5EEA5C350} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [184024 2024-07-14] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {B2E24FF9-6CF8-4EE8-B4C3-F302EE85DE06} - System32\Tasks\Ashampoo Driver Updater_Logon => C:\Program Files\Ashampoo\Ashampoo Driver Updater\ashpdu.exe [4191392 2022-11-29] (Ashampoo GmbH & Co. KG -> Ashampoo)
Task: {A8306F1D-6A8E-44E1-88F3-C78AC23C6E3F} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{EEC7C87D-87E5-4EF5-B528-8150364026C6} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {C210423E-540F-4103-97C2-452CC633498D} - System32\Tasks\iTop XMS Task (One-Time) => "C:\Program Files\iTop Screen Recorder\Pub\itopxmsp23.exe" -> C:\Program Files\iTop Screen Recorder\Pub\\/xms
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {F7E6CD8D-B629-4617-92A0-E8CA5673007E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1A1B0A86-CA54-439C-A1FF-C1444C18AE2D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4E8CC5CD-A30B-4455-BC9A-A3716D33E2E6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {177478A7-E3BC-4F99-9133-C7D6EC5E7EF0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {440D4A92-CA5A-4E62-98D4-75D3C7EF3AE0} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1031384 2024-07-15] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {9739E37A-181B-4526-BC38-D99BFF6743C3} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671808 2024-11-25] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {35B009DC-219E-496B-B4D8-682E0477F58E} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-4036908386-2111568235-378885487-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671808 2024-11-25] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {61B8D36A-33A9-48F7-A9A9-116BD2BA3FA0} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2024-11-25] (Mozilla Corporation -> Mozilla Foundation)
Task: {DE6CE417-2D32-41F8-82D8-BB5E17196CEC} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1686228536 => C:\Users\Merme0th\AppData\Local\Programs\Opera GX\launcher.exe [1493400 2024-11-26] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Merme0th\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {B8671744-82B7-4A77-ACA7-393AC926330F} - System32\Tasks\Opera GX scheduled Autoupdate 1685789120 => C:\Users\Merme0th\AppData\Local\Programs\Opera GX\autoupdate\opera_autoupdate.exe [5820312 2024-11-25] (Opera Norway AS -> Opera Software)
Task: {A98DEEB8-EAAB-4079-939B-7A230C3790FA} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60632 2024-07-14] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {F63D867A-9998-41CA-9DBD-11875CBB1BE8} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [324312 2024-07-14] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{6347c99d-0d2b-4517-9bdd-be7f9ad23c0e}: [DhcpNameServer] 62.129.50.20 85.135.32.100

Edge:
=======
Edge Profile: C:\Users\Merme0th\AppData\Local\Microsoft\Edge\User Data\Default [2024-09-09]
Edge Extension: (Dokumenty Google offline) - C:\Users\Merme0th\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-09]
Edge Extension: (Edge relevant text changes) - C:\Users\Merme0th\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]

FireFox:
========
FF DefaultProfile: ssklm8n7.default
FF ProfilePath: C:\Users\Merme0th\AppData\Roaming\Mozilla\Firefox\Profiles\ssklm8n7.default [2023-06-03]
FF ProfilePath: C:\Users\Merme0th\AppData\Roaming\Mozilla\Firefox\Profiles\r9hrvbwk.default-release [2024-11-25]
FF Extension: (AdBlocker Ultimate) - C:\Users\Merme0th\AppData\Roaming\Mozilla\Firefox\Profiles\r9hrvbwk.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2024-09-27]
FF Extension: (No Name) - C:\Users\Merme0th\AppData\Roaming\Mozilla\Firefox\Profiles\r9hrvbwk.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2024-11-25]

Chrome:
=======
CHR Profile: C:\Users\Merme0th\AppData\Local\Google\Chrome\User Data\Default [2023-11-28]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006","hxxps: ... oogle.com/"
CHR Extension: (Dark Mode) - C:\Users\Merme0th\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmghijelimhndkbmpgbldicpogfkceaj [2023-06-03]
CHR Extension: (React Developer Tools) - C:\Users\Merme0th\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmkadmapgofadopljbjfkapdkoienihi [2023-11-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Merme0th\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-03]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Merme0th\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-11-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Merme0th\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-06-03]

Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-4036908386-2111568235-378885487-1001) Opera GXStable - "C:\Users\Merme0th\AppData\Local\Programs\Opera GX\opera.exe"

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 agent_ovpnconnect; C:\Program Files\OpenVPN Connect\agent_ovpnconnect.exe [4688488 2024-07-17] (OpenVPN Inc. -> )
R2 amd3dvcacheSvc; C:\Windows\System32\DriverStore\FileRepository\amd3dvcache.inf_amd64_0b3c99dc64473f00\amd3dvcacheSvc.exe [154552 2022-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc)
S2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [845256 2024-11-25] (ASUSTeK Computer Inc. -> )
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3280000 2024-11-08] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11070056 2023-10-04] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2023-06-27] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-03-16] (Epic Games Inc. -> Epic Games, Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ovpnhelper_service; C:\Program Files\OpenVPN Connect\ovpnhelper_service.exe [5218920 2024-07-17] (OpenVPN Inc. -> )
S3 ProtonVPN Service; D:\Program Files\Proton\VPN\v3.4.3\ProtonVPNService.exe [466664 2024-11-04] (Proton AG -> ProtonVPN)
S3 ProtonVPN WireGuard; D:\Program Files\Proton\VPN\v3.4.3\ProtonVPN.WireGuardService.exe [466152 2024-11-04] (Proton AG -> ProtonVPN)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1882024 2024-10-11] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [232360 2024-10-11] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1268176 2024-07-18] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256256 2024-10-15] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [298240 2024-10-24] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [538416 2024-11-08] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amd3dvcache; C:\Windows\System32\DriverStore\FileRepository\amd3dvcache.inf_amd64_0b3c99dc64473f00\amd3dvcache.sys [40536 2022-12-20] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdfendrmgr; C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_987f8cede005f427\amdfendrmgr.sys [36040 2024-05-09] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [36928 2022-09-16] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
S2 AMDRyzenMasterDriverV22; C:\Windows\system32\AMDRyzenMasterDriver.sys [60576 2024-07-14] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R2 AMDRyzenMasterDriverV26; C:\Windows\system32\AMDRyzenMasterDriver.sys [60576 2024-07-14] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_d4de13a10f2586d0\amdsafd.sys [112952 2024-06-15] (AMD Test Build -> Advanced Micro Devices)
R3 amduw23g; C:\Windows\System32\DriverStore\FileRepository\u0406784.inf_amd64_f5225d40b64e3982\B405281\amdkmdag.sys [106157352 2024-08-23] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [63008 2024-05-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [532480 2023-05-05] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [184320 2023-05-05] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
R3 ovpn-dco; C:\Windows\System32\drivers\ovpn-dco.sys [92664 2024-05-22] (WDKTestCert lev,133391533294737317 -> OpenVPN, Inc)
S3 ProtonVPNCallout; D:\Program Files\Proton\VPN\v3.4.3\Resources\ProtonVPN.CalloutDriver.sys [37768 2024-11-04] (Proton AG -> Proton Technologies AG)
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
R3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_021e; C:\Windows\System32\drivers\RzDev_021e.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 Serial; C:\Windows\system32\DRIVERS\wdfserial.sys [89976 2018-04-26] (LG Electronics Inc. -> LG Electronics Inc.)
R3 tap_ovpnconnect; C:\Windows\System32\drivers\tap_ovpnconnect.sys [41112 2024-07-17] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22104 2024-10-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [606624 2024-10-30] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-30] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\Windows\System32\drivers\wintun.sys [29592 2023-10-24] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2023-06-14] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-11-27 12:28 - 2024-11-27 12:28 - 000025278 _____ C:\Users\Merme0th\Desktop\FRST.txt
2024-11-27 12:28 - 2024-11-27 12:28 - 000000000 ____D C:\FRST
2024-11-27 12:27 - 2024-11-27 12:27 - 002402816 _____ (Farbar) C:\Users\Merme0th\Desktop\FRST64.exe
2024-11-26 10:38 - 2024-11-26 10:38 - 000000000 ____D C:\Users\Merme0th\AppData\LocalLow\Cordyceps Collective
2024-11-25 12:55 - 2024-11-25 12:55 - 003313808 _____ () C:\Users\Merme0th\Downloads\OperaGXSetup.exe
2024-11-25 12:55 - 2024-11-25 12:55 - 003313808 _____ () C:\Users\Merme0th\Downloads\OperaGXSetup(1).exe
2024-11-25 12:13 - 2024-11-25 16:11 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-11-25 08:49 - 2024-11-25 08:49 - 000725758 _____ C:\Windows\system32\perfh005.dat
2024-11-25 08:49 - 2024-11-25 08:49 - 000151026 _____ C:\Windows\system32\perfc005.dat
2024-11-14 09:00 - 2024-11-14 09:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
2024-11-08 14:32 - 2024-11-08 14:32 - 000000000 ____D C:\Users\Merme0th\AppData\Local\PDX
2024-11-07 17:45 - 2024-11-07 17:45 - 000000000 ____D C:\Users\Merme0th\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paradox Interactive
2024-11-07 17:45 - 2024-11-07 17:45 - 000000000 ____D C:\Users\Merme0th\AppData\Local\Package Cache
2024-10-31 16:13 - 2024-10-31 16:13 - 000000000 ____D C:\Users\Public\mod.io
2024-10-31 16:13 - 2024-10-31 16:13 - 000000000 ____D C:\Users\Merme0th\AppData\Local\mod.io
2024-10-31 16:12 - 2024-10-31 16:12 - 000000000 ____D C:\Users\Merme0th\AppData\Local\11bitstudios
2024-10-31 08:00 - 2024-10-31 08:00 - 000026650 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-10-31 08:00 - 2024-10-31 08:00 - 000026650 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-11-27 12:24 - 2024-08-29 15:38 - 000003124 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2024-11-27 12:23 - 2023-06-03 11:21 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-11-27 12:22 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-11-27 12:13 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemTemp
2024-11-27 12:02 - 2023-08-23 08:09 - 000000000 ____D C:\Users\Merme0th\AppData\Roaming\OpenVPN Connect
2024-11-27 12:02 - 2023-06-03 11:44 - 000003214 _____ C:\Windows\system32\Tasks\Ashampoo Driver Updater_Logon
2024-11-26 17:54 - 2023-06-03 11:56 - 000000000 ____D C:\Program Files (x86)\Steam
2024-11-26 16:52 - 2023-06-03 11:45 - 000004302 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1685789120
2024-11-26 16:52 - 2023-06-03 11:45 - 000001424 _____ C:\Users\Merme0th\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera GX.lnk
2024-11-26 13:13 - 2023-06-03 11:29 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4036908386-2111568235-378885487-1001
2024-11-26 13:13 - 2023-06-03 11:29 - 000003384 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4036908386-2111568235-378885487-1001
2024-11-26 13:13 - 2023-06-03 11:29 - 000002386 _____ C:\Users\Merme0th\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-11-26 11:46 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-11-26 11:46 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\AppReadiness
2024-11-26 10:23 - 2023-06-03 12:09 - 000000000 ____D C:\Users\Merme0th\AppData\Roaming\paradox-launcher-v2
2024-11-26 09:05 - 2023-06-04 21:00 - 000000000 ____D C:\Users\Merme0th\AppData\Roaming\WeMod
2024-11-26 09:05 - 2023-06-04 21:00 - 000000000 ____D C:\Users\Merme0th\AppData\Local\SquirrelTemp
2024-11-26 08:19 - 2023-06-03 11:21 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-11-26 08:19 - 2023-06-03 11:21 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-11-25 16:11 - 2023-06-03 11:48 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2024-11-25 16:11 - 2023-06-03 11:47 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-11-25 16:11 - 2023-06-03 11:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-11-25 12:14 - 2023-06-03 11:48 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-11-25 09:10 - 2023-06-03 11:21 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-11-25 09:10 - 2023-06-03 11:21 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-11-25 08:49 - 2023-06-03 11:27 - 001718036 _____ C:\Windows\system32\PerfStringBackup.INI
2024-11-25 08:49 - 2022-05-07 06:22 - 000000000 ____D C:\Windows\INF
2024-11-25 08:42 - 2023-06-03 11:22 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2024-11-25 08:42 - 2023-06-03 11:21 - 000901328 _____ () C:\Windows\system32\wpbbin.exe
2024-11-25 08:42 - 2023-06-03 11:21 - 000845256 _____ C:\Windows\system32\AsusUpdateCheck.exe
2024-11-25 08:42 - 2023-06-03 11:21 - 000012288 ___SH C:\DumpStack.log.tmp
2024-11-25 08:42 - 2023-06-03 11:21 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-11-23 21:23 - 2023-06-03 22:34 - 000000000 ____D C:\Users\Merme0th\AppData\Local\Battle.net
2024-11-23 18:18 - 2023-06-06 17:55 - 000000000 ____D C:\Program Files (x86)\Diablo IV
2024-11-23 18:10 - 2023-07-03 17:09 - 000001288 _____ C:\Users\Merme0th\Desktop\ts3client_win64 – zástupce.lnk
2024-11-23 17:57 - 2023-06-03 22:34 - 000000000 ____D C:\Users\Merme0th\AppData\Local\Blizzard Entertainment
2024-11-23 17:57 - 2023-06-03 12:13 - 000000000 ____D C:\Users\Merme0th\Documents\Warcraft III
2024-11-23 11:23 - 2023-06-03 11:28 - 000000000 ____D C:\Users\Merme0th\AppData\Local\D3DSCache
2024-11-22 22:10 - 2022-05-07 06:17 - 000524288 _____ C:\Windows\system32\config\BBI
2024-11-22 21:46 - 2023-06-27 18:01 - 000000000 ____D C:\Users\Merme0th\AppData\Local\CrashDumps
2024-11-22 21:46 - 2023-06-03 11:32 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-11-22 21:46 - 2023-06-03 11:32 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-11-19 10:54 - 2023-06-14 12:09 - 000000921 _____ C:\Users\Public\Desktop\Proton VPN.lnk
2024-11-19 10:54 - 2023-06-14 12:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proton
2024-11-15 10:10 - 2023-06-03 11:51 - 000000000 ____D C:\Users\Merme0th\AppData\Local\AMD_Common
2024-11-14 09:55 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-11-14 09:51 - 2023-06-03 11:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2024-11-14 09:50 - 2023-06-03 11:32 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2024-11-14 09:40 - 2023-06-03 11:21 - 000470736 _____ C:\Windows\system32\FNTCACHE.DAT
2024-11-14 09:37 - 2023-10-11 15:24 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-11-14 09:37 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemResources
2024-11-14 09:37 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-11-14 09:37 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\bcastdvr
2024-11-13 10:07 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\CbsTemp
2024-11-13 08:53 - 2023-06-05 16:56 - 000000000 ____D C:\Windows\system32\MRT
2024-11-13 08:52 - 2023-06-05 16:56 - 202035632 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-11-08 14:24 - 2023-06-03 12:09 - 000000000 ____D C:\Users\Merme0th\Documents\Paradox Interactive
2024-11-07 17:45 - 2023-06-03 12:09 - 000002590 _____ C:\Users\Merme0th\Desktop\Paradox Launcher v2.lnk
2024-11-05 17:39 - 2023-06-03 22:34 - 000000000 ____D C:\Program Files (x86)\Battle.net
2024-10-31 16:13 - 2023-06-14 06:58 - 000000000 ____D C:\Users\Merme0th\AppData\Local\UnrealEngine
2024-10-31 13:02 - 2022-05-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-10-31 13:02 - 2022-05-07 06:24 - 000000000 ___SD C:\Windows\system32\UNP
2024-10-31 13:02 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\PrintDialog
2024-10-31 13:02 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-10-31 13:02 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-10-31 13:02 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-10-31 13:02 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2024-10-31 13:02 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\ShellExperiences
2024-10-31 13:02 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\Sgrm
2024-10-31 13:02 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\setup
2024-10-31 13:02 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2024-10-31 13:02 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\oobe
2024-10-31 13:02 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2024-10-31 13:02 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\Dism
2024-10-31 13:02 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\appraiser
2024-10-31 13:02 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellExperiences
2024-10-31 13:02 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellComponents
2024-10-31 13:02 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\DiagTrack
2024-10-31 13:02 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\servicing
2024-10-30 08:53 - 2023-06-03 11:21 - 000000000 ____D C:\Windows\system32\Drivers\wd

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-11-2024
Ran by Merme0th (27-11-2024 12:29:04)
Running from C:\Users\Merme0th\Desktop
Microsoft Windows 11 Pro Version 23H2 22631.4460 (X64) (2023-06-03 10:23:02)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4036908386-2111568235-378885487-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4036908386-2111568235-378885487-503 - Limited - Disabled)
Guest (S-1-5-21-4036908386-2111568235-378885487-501 - Limited - Disabled)
Merme0th (S-1-5-21-4036908386-2111568235-378885487-1001 - Administrator - Enabled) => C:\Users\Merme0th
WDAGUtilityAccount (S-1-5-21-4036908386-2111568235-378885487-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD 3D V-Cache Performance Optimizer Driver (HKLM-x32\...\{4537278A-8E70-4021-A866-38CE644D92F8}) (Version: 1.0.0.7 - Advanced Micro Devices, Inc.) Hidden
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 5.05.16.529 - Advanced Micro Devices, Inc.)
AMD I2C Driver (HKLM-x32\...\{B31D92D9-2914-46B0-9738-F668A563DE73}) (Version: 1.2.0.121 - Advanced Micro Devices, Inc.) Hidden
AMD PPM Provisioning File Driver (HKLM-x32\...\{3665A5DE-D07C-46D7-9207-713E8E9FEF32}) (Version: 8.0.0.20 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.24.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 24.7.1 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{fa489a41-09bb-480e-95ff-0856f05112eb}) (Version: 5.05.16.529 - Advanced Micro Devices, Inc.) Hidden
Ashampoo Driver Updater (HKLM\...\{0A11EA01-9351-AD68-8AFA-02337415E1F8}_is1) (Version: 1.5.2 - Ashampoo GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Branding64 (HKLM\...\{492AEFBE-1B81-4C20-A111-E6974BB98EC5}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.78.1094 - AB Team, d.o.o.)
CK3 to EU4 version 0.14 Nestorian (HKU\S-1-5-21-4036908386-2111568235-378885487-1001\...\{D5A23363-3092-48F1-8838-7AC4B2B5BBC5}_is1) (Version: 0.14 Nestorian - Paradox Game Converters Group)
Diablo IV (HKLM-x32\...\Diablo IV) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-4036908386-2111568235-378885487-1001\...\Discord) (Version: 1.0.9017 - Discord Inc.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.37.0.5550 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{9fadc9c1-bd21-46fd-ad7e-8e08ace2687e}) (Version: 13.37.0.5550 - Electronic Arts)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{5ECE0190-5997-4944-9F16-839A4326D404}) (Version: 2.0.40.0 - Epic Games, Inc.)
EU4 to Vic3 version 0.3 Craiova (HKU\S-1-5-21-4036908386-2111568235-378885487-1001\...\{38314A5E-B83C-4C08-B031-F4596A091C11}_is1) (Version: 0.3 Craiova - Paradox Game Converters Group)
Europa Universalis IV King of Kings (HKLM-x32\...\Europa Universalis IV King of Kings_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 131.0.6778.86 - Google LLC)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 7.5.4.2 (HKLM\...\{B8BF99B6-750E-45C5-A07D-AF394E5B6139}) (Version: 7.5.4.2 - The Document Foundation)
Microsoft .NET Core Host - 3.1.8 (x64) (HKLM\...\{D375EE6D-18EF-4EC9-8260-555DEB0EE4EC}) (Version: 24.96.29220 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.8 (x64) (HKLM\...\{907E0A78-B4DF-4E35-9878-FEE2F22B6852}) (Version: 24.96.29220 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.8 (x64) (HKLM\...\{912B84A5-61CC-4308-B244-5C34C2C02899}) (Version: 24.96.29220 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.13 (x64) (HKLM\...\{9511601E-12FF-4972-BF9C-2992F2CA5A32}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.13 (x64) (HKLM\...\{8CDACE3C-0064-4A17-A02C-49F831D5F73A}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.13 (x64) (HKLM\...\{5F0DB006-2AE3-4D36-8077-65247FD687D4}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.13 - Shared Framework (x64) (HKLM-x32\...\{373915e3-2fa6-41a5-80e3-49fe1115263d}) (Version: 6.0.13.22580 - Microsoft Corporation)
Microsoft ASP.NET Core 6.0.13 Shared Framework (x64) (HKLM\...\{A6500837-F3BE-357E-9A21-6A78D098659F}) (Version: 6.0.13.22580 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.70 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.63 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-4036908386-2111568235-378885487-1001\...\OneDriveSetup.exe) (Version: 24.216.1027.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.40.33810 (HKLM-x32\...\{5af95fd8-a22e-458f-acee-c61bd787178e}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.40.33810 (HKLM-x32\...\{47109d57-d746-4f8b-9618-ed6a17cc922b}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.40.33810 (HKLM\...\{59CED48F-EBFE-480C-8A38-FC079C2BEC0F}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33810 (HKLM\...\{B8B3BB4A-A10D-4F51-91B7-A64FFAC31EA7}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.40.33810 (HKLM-x32\...\{5EA6C998-D5AC-4ED9-89C3-9F25B17CCD3D}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.40.33810 (HKLM-x32\...\{0C3457A0-3DCE-4A33-BEF0-9B528C557771}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.8 (x64) (HKLM\...\{F3871724-6A58-425C-8E4C-4A54935AA68F}) (Version: 24.96.29220 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.8 (x64) (HKLM-x32\...\{3e04c2ef-ccc7-4fe6-a32f-f36572af0f42}) (Version: 3.1.8.29220 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.13 (x64) (HKLM\...\{8484730A-68A4-4C63-93B4-52628D3B488D}) (Version: 48.55.53270 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.13 (x64) (HKLM-x32\...\{96cf40b0-81d6-43ed-ad0e-611e67899196}) (Version: 6.0.13.32001 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 132.0.2 (x64 cs)) (Version: 132.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 113.0.2 - Mozilla)
OpenVPN Connect (HKLM\...\{476194D5-A162-4677-A53F-1DE4ED5F27CF}) (Version: 3.5.0 - OpenVPN Inc.)
Opera GX Stable 114.0.5282.233 (HKU\S-1-5-21-4036908386-2111568235-378885487-1001\...\Opera GX 114.0.5282.233) (Version: 114.0.5282.233 - Opera Software)
Paradox Launcher v2 (HKLM\...\{3F707BD9-8CA5-4B63-B9B9-D67B96A84587}) (Version: 2.4.0 - Paradox Interactive) Hidden
Paradox Launcher v2 (HKU\S-1-5-21-4036908386-2111568235-378885487-1001\...\{a96f86ae-549e-473d-ae26-42627703e8a8}) (Version: 1.0.0.0 - Paradox Interactive)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden
Proton VPN (HKLM\...\Proton VPN_is1) (Version: 3.4.3 - Proton AG)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.9.1130.102506 - Razer Inc.)
RyzenMasterSDK (HKLM\...\{8A8733F2-07F6-4FA2-8D58-C00FCFC438FB}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Vic3 to HoI4 version 0.3 Chen (HKU\S-1-5-21-4036908386-2111568235-378885487-1001\...\{820C5B58-D3E7-4BCA-A9E4-4805A4A6CFA1}_is1) (Version: 0.3 Chen - Paradox Game Converters Group)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
WeMod (HKU\S-1-5-21-4036908386-2111568235-378885487-1001\...\WeMod) (Version: 9.10.7 - WeMod)

Packages:
=========
AMD Radeon Software -> C:\Program Files\AMD\CNext\CNext [2024-08-29] (Advanced Micro Devices Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4036908386-2111568235-378885487-1001_Classes\CLSID\{23e0a65b-d209-b1e3-12db-50e8c66ec176}\localserver32 -> "D:\Program Files\Proton\VPN\v3.0.7\ProtonVPN.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-4036908386-2111568235-378885487-1001_Classes\CLSID\{2bded112-ee63-7b72-597b-5706f267cec9}\localserver32 -> "D:\Program Files\Proton\VPN\v3.2.2\ProtonVPN.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-4036908386-2111568235-378885487-1001_Classes\CLSID\{50726f74-6f6e-2e56-504e-000000000000}\localserver32 -> D:\Program Files\Proton\VPN\v3.4.3\ProtonVPN.exe (Proton AG -> )
CustomCLSID: HKU\S-1-5-21-4036908386-2111568235-378885487-1001_Classes\CLSID\{c738d90c-3d01-97a1-e4f0-fb9f693e21e9}\localserver32 -> "D:\Program Files\Proton\VPN\v3.0.5\ProtonVPN.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-4036908386-2111568235-378885487-1001_Classes\CLSID\{cc961737-4dcb-f39b-0182-db01d6cdceca}\localserver32 -> "D:\Program Files\Proton\VPN\v3.1.0\ProtonVPN.exe" -ToastActivated => No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 06:24 - 2022-05-07 06:22 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\dotnet\;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\Users\Merme0th\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-4036908386-2111568235-378885487-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Merme0th\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Připojení k místní síti: TAP-Windows Adapter V9 for OpenVPN Connect -> tap_ovpnconnect.sys
Ethernet: Realtek Gaming 2.5GbE Family Controller -> rt640x64.sys
OpenVPN Connect DCO Adapter: OpenVPN Data Channel Offload -> ovpn-dco.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-4036908386-2111568235-378885487-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4036908386-2111568235-378885487-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4036908386-2111568235-378885487-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-4036908386-2111568235-378885487-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-4036908386-2111568235-378885487-1001\...\StartupApproved\Run: => "EADM"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DDAC22AE-C891-4D73-9E11-6309304345ED}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{811A838A-19A1-49C7-8355-AD7AF5EF9744}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{84FD46D7-3597-4CB7-BF4E-65B5A16B0E90}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DB0F3095-B28C-4C1F-96F3-F9FC2D97058C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1B6AAB7B-D8D8-4C51-9B32-B653BFA61050}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D0B02AE0-6E66-4265-8C1C-E7106CBEBC50}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{74ABCCDB-5DE9-4E8B-AE5E-B34795490B1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Victoria 3\launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{3D90A8FF-6FBE-4087-882A-BEE6759CC42E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Victoria 3\launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{D33DEB2F-E483-4865-8B20-E2F6893F478F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER III\launcher\launcher.exe (The Creative Assembly Ltd -> Creative Assembly Ltd)
FirewallRules: [{FCFB7B0B-0C63-453D-8B63-E814D5D73483}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER III\launcher\launcher.exe (The Creative Assembly Ltd -> Creative Assembly Ltd)
FirewallRules: [TCP Query User{21A90528-8F6A-4854-B58E-AFD0CA4FC03F}C:\users\merme0th\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\merme0th\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{E11EA96F-597E-4E26-B4A6-62938AA7236C}C:\users\merme0th\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\merme0th\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{035D7365-8697-4CBD-BD08-2744AA256FED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{37E07665-0341-41C8-B073-6B0F10D49230}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{E718D844-612B-4ED8-A19C-D63D6F835075}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{B4F76165-42EE-4CF9-8280-885AAAC44344}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [TCP Query User{AFC580D5-F284-4B1B-91A6-40B9F545B8C3}C:\program files (x86)\steam\steamapps\common\total war warhammer iii\warhammer3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war warhammer iii\warhammer3.exe (The Creative Assembly Ltd -> The Creative Assembly Ltd)
FirewallRules: [UDP Query User{9D1EA4B3-2405-46CB-B612-4D643A8D2495}C:\program files (x86)\steam\steamapps\common\total war warhammer iii\warhammer3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war warhammer iii\warhammer3.exe (The Creative Assembly Ltd -> The Creative Assembly Ltd)
FirewallRules: [TCP Query User{653EFA54-5AF8-4026-8E67-4A57ADBE4B4F}C:\program files (x86)\diablo iv\diablo iv.exe] => (Allow) C:\program files (x86)\diablo iv\diablo iv.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{E19575A2-4EB7-431A-A130-7A365B773038}C:\program files (x86)\diablo iv\diablo iv.exe] => (Allow) C:\program files (x86)\diablo iv\diablo iv.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{8583F720-B002-485A-A771-510C4E67BEA0}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{3EBCB907-9540-453A-A5A7-321973B31D2C}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{07DFA25F-16F1-49CC-8654-0E116599AB04}D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{6C8E5857-2C12-499B-B6E7-C924D26AA578}D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{A7F8B90D-A562-4792-A49B-7CDD74C4E591}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rise of Nations\patriots.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{D4D4AF81-BD45-46C4-8101-C739B858A10C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rise of Nations\patriots.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{D8C1AABD-2770-4195-9CD7-37C27D988079}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warhammer Vermintide 2\launcher\Launcher.exe (Fatshark AB -> Fatshark AB)
FirewallRules: [{073B393C-1DD8-4B3C-8124-AEB38F484EF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warhammer Vermintide 2\launcher\Launcher.exe (Fatshark AB -> Fatshark AB)
FirewallRules: [TCP Query User{199440A4-6D3C-46A4-8973-BBC25282AD51}C:\program files (x86)\steam\steamapps\common\rise of nations\riseofnations.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rise of nations\riseofnations.exe (Big Huge Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{E66E5C3D-817A-4FC7-B161-669C2F8CD6AB}C:\program files (x86)\steam\steamapps\common\rise of nations\riseofnations.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rise of nations\riseofnations.exe (Big Huge Games, Inc.) [File not signed]
FirewallRules: [{FDDA5C2D-DE5A-4555-8415-7E1B25D93D5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{CC9CE9C5-EF99-46C2-B7B5-999A54F6EEED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [TCP Query User{48ACCB95-18EC-4456-A5CF-D9C141B3A809}D:\program files\utorrent\utorrent.exe] => (Allow) D:\program files\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{18600E31-6D42-4689-90EB-87F9A7525588}D:\program files\utorrent\utorrent.exe] => (Allow) D:\program files\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{D054090C-0AF2-4FE4-B58D-6E3DB219FC8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6616BE7E-B9EA-4BF5-9F24-F6095DA7C93B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{196516DF-D5B0-4CD3-AAE8-783650DE936F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe => No File
FirewallRules: [{D7637CA4-B6AC-41D2-A86E-81032DA83701}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe => No File
FirewallRules: [{5B2B8D89-DEF7-4A76-B12D-452FE5907EE8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\BattleServer\BattleServer.exe (Microsoft Corporation -> )
FirewallRules: [{67764CF3-0EFD-4329-9B42-B8942FD19713}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\BattleServer\BattleServer.exe (Microsoft Corporation -> )
FirewallRules: [{CE60F6DD-893B-40D6-979B-ACB129F273A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WormsWMD\Worms W.M.D.exe () [File not signed]
FirewallRules: [{0AE14A7C-1B72-4B5A-B673-B74E4E3E767D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WormsWMD\Worms W.M.D.exe () [File not signed]
FirewallRules: [TCP Query User{2C9614A7-E404-48DB-B723-F3A2B0DE8D8F}C:\users\merme0th\appdata\local\temp\mxt232\bin\xwin_mobax.exe] => (Allow) C:\users\merme0th\appdata\local\temp\mxt232\bin\xwin_mobax.exe => No File
FirewallRules: [UDP Query User{946AD4E2-9488-4593-B262-E0EED310902E}C:\users\merme0th\appdata\local\temp\mxt232\bin\xwin_mobax.exe] => (Allow) C:\users\merme0th\appdata\local\temp\mxt232\bin\xwin_mobax.exe => No File
FirewallRules: [TCP Query User{7FA5219F-11EF-46E0-896F-BE4D1D6488B8}C:\users\merme0th\appdata\local\temp\mxt230\bin\xwin_mobax.exe] => (Block) C:\users\merme0th\appdata\local\temp\mxt230\bin\xwin_mobax.exe => No File
FirewallRules: [UDP Query User{49FB0406-93BF-44AC-B624-9A0081E42355}C:\users\merme0th\appdata\local\temp\mxt230\bin\xwin_mobax.exe] => (Block) C:\users\merme0th\appdata\local\temp\mxt230\bin\xwin_mobax.exe => No File
FirewallRules: [TCP Query User{90907096-0F0C-41A6-AFAA-89278F1C6D5C}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [UDP Query User{91D2DF38-F0E8-4A6F-A8AC-297555E0BEB0}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [{B6B6D1D1-B0CE-4848-9C8B-30FA1BB6FBEF}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{98256D76-48CC-45CA-B5FB-1509AD67D79F}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{4ADC07F2-0527-4F76-8F22-5DC400C4DC65}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{F4DDE6DB-8761-4C51-A4C0-A8387B8684A0}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{1B0508F1-FB52-4191-B35F-14F622CACD5D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{AC6A31C9-628D-461D-BE73-7F8D0B1D94EA}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{7421C481-4171-4D78-99D7-A54362B1880A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{014D901F-D5A3-463D-9DD6-54A0AC56C523}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{C6CC5578-925E-4320-812C-F47A729239A3}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{5F9E82A1-7EEC-4A88-985B-E6582FE5EA32}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{FEBEC878-4BA3-419D-B513-6E929A04DA82}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{E8DF5981-250B-46DC-9B32-74B4FE4C5183}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thrive\ThriveLauncher.exe (Revolutionary Games Studio) [File not signed]
FirewallRules: [{445C624B-C76F-4149-A32D-B057B2EDF6BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Thrive\ThriveLauncher.exe (Revolutionary Games Studio) [File not signed]
FirewallRules: [{8F8E9BF6-F20F-461A-B129-C93946A570E5}] => (Allow) D:\SteamLibrary\steamapps\common\Europa Universalis IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{15F84DAB-C761-4299-A104-0CA19520B25F}] => (Allow) D:\SteamLibrary\steamapps\common\Europa Universalis IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [TCP Query User{DA6695BA-1ADE-458B-AD4B-6D7626B09269}D:\games\hearts.of.iron.iv.v1.13.5\game\hoi4.exe] => (Block) D:\games\hearts.of.iron.iv.v1.13.5\game\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [UDP Query User{81EC78CB-E3FC-447C-95F2-56B914718A22}D:\games\hearts.of.iron.iv.v1.13.5\game\hoi4.exe] => (Block) D:\games\hearts.of.iron.iv.v1.13.5\game\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [TCP Query User{2FF94958-9B1E-455F-AA4C-68A02D34BFB3}C:\users\merme0th\downloads\sdio_1.12.18.759\sdio_x64_r759.exe] => (Allow) C:\users\merme0th\downloads\sdio_1.12.18.759\sdio_x64_r759.exe => No File
FirewallRules: [UDP Query User{2A2DC78F-5AD5-4CF9-AEBC-46541B60BD2C}C:\users\merme0th\downloads\sdio_1.12.18.759\sdio_x64_r759.exe] => (Allow) C:\users\merme0th\downloads\sdio_1.12.18.759\sdio_x64_r759.exe => No File
FirewallRules: [{87A7BD4E-F501-4D2F-A710-EF958CE3A974}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Baldurs Gate 3\Launcher\LariLauncher.exe (Larian Studios Games Ltd. -> LariLauncher)
FirewallRules: [{D1275268-E7AA-44E7-BAC7-F07C3B5DADCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Baldurs Gate 3\Launcher\LariLauncher.exe (Larian Studios Games Ltd. -> LariLauncher)
FirewallRules: [TCP Query User{7DE6FD3F-C4A6-4B7A-B927-E7F16486699C}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe (Larian Studios Games Ltd. -> )
FirewallRules: [UDP Query User{FF404EB4-2604-4FDC-B75A-7DFA1F98C550}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe (Larian Studios Games Ltd. -> )
FirewallRules: [{AA80E0D7-BE83-4DF1-AEF0-80F61DD66B63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Last Epoch\Last Epoch.exe () [File not signed]
FirewallRules: [{973D6CD5-8E9A-4E5F-B2E9-EEB01442E718}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Last Epoch\Last Epoch.exe () [File not signed]
FirewallRules: [{65854D81-922D-450B-9CA5-4AE1C37ED80A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Frostpunk2\Frostpunk2.exe (11 BIT STUDIOS S A -> Epic Games, Inc.)
FirewallRules: [{1D10998D-478B-430F-ADED-E5BCB7DDB8B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Frostpunk2\Frostpunk2.exe (11 BIT STUDIOS S A -> Epic Games, Inc.)
FirewallRules: [{95F571A0-7249-4355-AF26-BE8E65162C2B}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24244.507.3118.4732_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2DB3CCA5-B28F-4DB4-A765-4CFC19018A78}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24244.507.3118.4732_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7D501134-CB05-46C0-922C-D4C3E76E4F19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\x64\This War of Mine.exe (11 BIT STUDIOS S.A. -> )
FirewallRules: [{71DD4875-3C64-4393-A9CE-E0558836287A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\x64\This War of Mine.exe (11 BIT STUDIOS S.A. -> )
FirewallRules: [{CDEAAFEA-8282-4005-ADB9-FA1F615173F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\Storyteller.exe () [File not signed]
FirewallRules: [{223EBC98-18FA-4D71-BB1D-2F66BDBDE6B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\Storyteller.exe () [File not signed]
FirewallRules: [{D4BE4DEA-1934-46F7-A53F-B3E1791E93DD}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{DDB874B8-B74A-4CEA-B09C-58E1F9FBDB45}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.63\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

18-11-2024 14:54:24 Windows Update
22-11-2024 21:54:21 Windows Update
26-11-2024 10:02:58 Windows Update

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (11/26/2024 09:05:37 AM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 9.10.7.0 programu WeMod.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.

Error: (11/25/2024 06:18:25 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 9.10.7.0 programu WeMod.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.

Error: (11/25/2024 06:09:38 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 9.10.7.0 programu WeMod.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.

Error: (11/22/2024 09:46:43 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-EHKIT8D)
Description: Název chybující aplikace: RzLightingEngineHelper.exe, verze: 1.0.0.33, časové razítko: 0x65efc04c
Název chybujícího modulu: RzLightingEngineHelper.exe, verze: 1.0.0.33, časové razítko: 0x65efc04c
Kód výjimky: 0xc0000005
Posun chyby: 0x0000ab09
ID chybujícího procesu: 0x0x40b0
Čas spuštění chybující aplikace: 0x0x1db3d1fa2dc9737
Cesta k chybující aplikaci: C:\ProgramData\Razer\Synapse3\Service\Bin\RzLightingEngineHelper.exe
Cesta k chybujícímu modulu: C:\ProgramData\Razer\Synapse3\Service\Bin\RzLightingEngineHelper.exe
ID zprávy: 393755eb-0471-422d-b460-c83b61c4be36
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/14/2024 09:41:18 AM) (Source: amd3dvcacheSvc) (EventID: 1) (User: )
Description: Event-ID 1

Error: (11/08/2024 11:39:42 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-EHKIT8D)
Description: Název chybující aplikace: ts3client_win64.exe, verze: 3.6.2.0, časové razítko: 0x650ac282
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.22621.3593, časové razítko: 0x10c46e71
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007f6fe
ID chybujícího procesu: 0x0x44bc
Čas spuštění chybující aplikace: 0x0x1db31ff9e194ada
Cesta k chybující aplikaci: D:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
Cesta k chybujícímu modulu: C:\Windows\System32\ucrtbase.dll
ID zprávy: a18deac0-ed11-483f-b9d9-e50c5d7a7d57
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/04/2024 10:49:07 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (11/04/2024 10:49:07 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

System errors:
=============
Error: (11/26/2024 08:24:52 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (11/25/2024 06:00:01 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (11/25/2024 12:54:01 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec %2. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.

Error: (11/25/2024 12:54:01 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec %2. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.

Error: (11/25/2024 12:38:21 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec %2. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.

Error: (11/25/2024 12:38:21 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec %2. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.

Error: (11/25/2024 12:29:30 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec %2. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.

Error: (11/25/2024 12:29:30 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec %2. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.

Windows Defender:
================
Date: 2024-11-27 12:13:35
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F69691B7-1675-481E-A6EF-8CDB3C60BDC5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-11-26 11:46:17
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {177FAAE8-3914-4F20-ACC6-4EBF41421EE4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-11-23 10:30:50
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {57546A94-D0BB-4FFB-ADFD-0752036094D8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-11-21 13:52:28
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {FC43B6BB-401C-4DF9-9D2B-80956E4B6BF9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-11-20 10:15:36
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {914F7FC5-9D0B-428F-A7D8-C4017A7F3674}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]

Date: 2024-01-23 22:21:30
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: 1.403.2580.0;1.403.2580.0
Verze modulu: 1.1.23110.2

Date: 2023-11-05 17:21:48
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0

CodeIntegrity:
===============
Date: 2024-02-14 09:37:51
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1811 10/07/2023
Motherboard: ASUSTeK COMPUTER INC. TUF GAMING B650-PLUS
Processor: AMD Ryzen 7 7800X3D 8-Core Processor
Percentage of memory in use: 34%
Total physical RAM: 31967.9 MB
Available physical RAM: 21000.52 MB
Total Virtual: 57567.9 MB
Available Virtual: 43038.36 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.18 GB) (Free:1057.2 GB) (Model: KINGSTON SFYRD2000G) NTFS
Drive d: (Nový svazek) (Fixed) (Total:1863.01 GB) (Free:327.72 GB) (Model: ST2000DM001-1ER164) NTFS

\\?\Volume{a4158d27-bc4b-4631-862e-84f3ef450b20}\ () (Fixed) (Total:0.73 GB) (Free:0.1 GB) NTFS
\\?\Volume{4d7cee2b-c8b2-478b-889a-9eafaeb9a781}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 15C8F8A6)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: B7FE9059)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

#2 Příspěvek od **Rudy** » 27 lis 2024 15:36

Zdravím vás též.
Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {A8306F1D-6A8E-44E1-88F3-C78AC23C6E3F} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{EEC7C87D-87E5-4EF5-B528-8150364026C6} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-4036908386-2111568235-378885487-1001_Classes\CLSID\{23e0a65b-d209-b1e3-12db-50e8c66ec176}\localserver32 -> "D:\Program Files\Proton\VPN\v3.0.7\ProtonVPN.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-4036908386-2111568235-378885487-1001_Classes\CLSID\{2bded112-ee63-7b72-597b-5706f267cec9}\localserver32 -> "D:\Program Files\Proton\VPN\v3.2.2\ProtonVPN.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-4036908386-2111568235-378885487-1001_Classes\CLSID\{c738d90c-3d01-97a1-e4f0-fb9f693e21e9}\localserver32 -> "D:\Program Files\Proton\VPN\v3.0.5\ProtonVPN.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-4036908386-2111568235-378885487-1001_Classes\CLSID\{cc961737-4dcb-f39b-0182-db01d6cdceca}\localserver32 -> "D:\Program Files\Proton\VPN\v3.1.0\ProtonVPN.exe" -ToastActivated => No File
FirewallRules: [{196516DF-D5B0-4CD3-AAE8-783650DE936F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe => No File
FirewallRules: [{D7637CA4-B6AC-41D2-A86E-81032DA83701}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe => No File
FirewallRules: [TCP Query User{2C9614A7-E404-48DB-B723-F3A2B0DE8D8F}C:\users\merme0th\appdata\local\temp\mxt232\bin\xwin_mobax.exe] => (Allow) C:\users\merme0th\appdata\local\temp\mxt232\bin\xwin_mobax.exe => No File
FirewallRules: [UDP Query User{946AD4E2-9488-4593-B262-E0EED310902E}C:\users\merme0th\appdata\local\temp\mxt232\bin\xwin_mobax.exe] => (Allow) C:\users\merme0th\appdata\local\temp\mxt232\bin\xwin_mobax.exe => No File
FirewallRules: [TCP Query User{7FA5219F-11EF-46E0-896F-BE4D1D6488B8}C:\users\merme0th\appdata\local\temp\mxt230\bin\xwin_mobax.exe] => (Block) C:\users\merme0th\appdata\local\temp\mxt230\bin\xwin_mobax.exe => No File
FirewallRules: [UDP Query User{49FB0406-93BF-44AC-B624-9A0081E42355}C:\users\merme0th\appdata\local\temp\mxt230\bin\xwin_mobax.exe] => (Block) C:\users\merme0th\appdata\local\temp\mxt230\bin\xwin_mobax.exe => No File
FirewallRules: [TCP Query User{90907096-0F0C-41A6-AFAA-89278F1C6D5C}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [UDP Query User{91D2DF38-F0E8-4A6F-A8AC-297555E0BEB0}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [TCP Query User{2FF94958-9B1E-455F-AA4C-68A02D34BFB3}C:\users\merme0th\downloads\sdio_1.12.18.759\sdio_x64_r759.exe] => (Allow) C:\users\merme0th\downloads\sdio_1.12.18.759\sdio_x64_r759.exe => No File
FirewallRules: [UDP Query User{2A2DC78F-5AD5-4CF9-AEBC-46541B60BD2C}C:\users\merme0th\downloads\sdio_1.12.18.759\sdio_x64_r759.exe] => (Allow) C:\users\merme0th\downloads\sdio_1.12.18.759\sdio_x64_r759.exe => No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Windi · #3 Příspěvek od **Windi** » 27 lis 2024 16:17

Děkuji. Provedeno

Fix result of Farbar Recovery Scan Tool (x64) Version: 25-11-2024
Ran by Merme0th (27-11-2024 16:15:06) Run:1
Running from C:\Users\Merme0th\Desktop
Loaded Profiles: Merme0th
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {A8306F1D-6A8E-44E1-88F3-C78AC23C6E3F} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{EEC7C87D-87E5-4EF5-B528-8150364026C6} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-4036908386-2111568235-378885487-1001_Classes\CLSID\{23e0a65b-d209-b1e3-12db-50e8c66ec176}\localserver32 -> "D:\Program Files\Proton\VPN\v3.0.7\ProtonVPN.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-4036908386-2111568235-378885487-1001_Classes\CLSID\{2bded112-ee63-7b72-597b-5706f267cec9}\localserver32 -> "D:\Program Files\Proton\VPN\v3.2.2\ProtonVPN.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-4036908386-2111568235-378885487-1001_Classes\CLSID\{c738d90c-3d01-97a1-e4f0-fb9f693e21e9}\localserver32 -> "D:\Program Files\Proton\VPN\v3.0.5\ProtonVPN.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-4036908386-2111568235-378885487-1001_Classes\CLSID\{cc961737-4dcb-f39b-0182-db01d6cdceca}\localserver32 -> "D:\Program Files\Proton\VPN\v3.1.0\ProtonVPN.exe" -ToastActivated => No File
FirewallRules: [{196516DF-D5B0-4CD3-AAE8-783650DE936F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe => No File
FirewallRules: [{D7637CA4-B6AC-41D2-A86E-81032DA83701}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe => No File
FirewallRules: [TCP Query User{2C9614A7-E404-48DB-B723-F3A2B0DE8D8F}C:\users\merme0th\appdata\local\temp\mxt232\bin\xwin_mobax.exe] => (Allow) C:\users\merme0th\appdata\local\temp\mxt232\bin\xwin_mobax.exe => No File
FirewallRules: [UDP Query User{946AD4E2-9488-4593-B262-E0EED310902E}C:\users\merme0th\appdata\local\temp\mxt232\bin\xwin_mobax.exe] => (Allow) C:\users\merme0th\appdata\local\temp\mxt232\bin\xwin_mobax.exe => No File
FirewallRules: [TCP Query User{7FA5219F-11EF-46E0-896F-BE4D1D6488B8}C:\users\merme0th\appdata\local\temp\mxt230\bin\xwin_mobax.exe] => (Block) C:\users\merme0th\appdata\local\temp\mxt230\bin\xwin_mobax.exe => No File
FirewallRules: [UDP Query User{49FB0406-93BF-44AC-B624-9A0081E42355}C:\users\merme0th\appdata\local\temp\mxt230\bin\xwin_mobax.exe] => (Block) C:\users\merme0th\appdata\local\temp\mxt230\bin\xwin_mobax.exe => No File
FirewallRules: [TCP Query User{90907096-0F0C-41A6-AFAA-89278F1C6D5C}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [UDP Query User{91D2DF38-F0E8-4A6F-A8AC-297555E0BEB0}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [TCP Query User{2FF94958-9B1E-455F-AA4C-68A02D34BFB3}C:\users\merme0th\downloads\sdio_1.12.18.759\sdio_x64_r759.exe] => (Allow) C:\users\merme0th\downloads\sdio_1.12.18.759\sdio_x64_r759.exe => No File
FirewallRules: [UDP Query User{2A2DC78F-5AD5-4CF9-AEBC-46541B60BD2C}C:\users\merme0th\downloads\sdio_1.12.18.759\sdio_x64_r759.exe] => (Allow) C:\users\merme0th\downloads\sdio_1.12.18.759\sdio_x64_r759.exe => No File

EmptyTemp:
End

*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A8306F1D-6A8E-44E1-88F3-C78AC23C6E3F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A8306F1D-6A8E-44E1-88F3-C78AC23C6E3F}" => removed successfully
C:\Windows\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{EEC7C87D-87E5-4EF5-B528-8150364026C6} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{EEC7C87D-87E5-4EF5-B528-8150364026C6}" => removed successfully
HKU\S-1-5-21-4036908386-2111568235-378885487-1001_Classes\CLSID\{23e0a65b-d209-b1e3-12db-50e8c66ec176} => removed successfully
HKU\S-1-5-21-4036908386-2111568235-378885487-1001_Classes\CLSID\{2bded112-ee63-7b72-597b-5706f267cec9} => removed successfully
HKU\S-1-5-21-4036908386-2111568235-378885487-1001_Classes\CLSID\{c738d90c-3d01-97a1-e4f0-fb9f693e21e9} => removed successfully
HKU\S-1-5-21-4036908386-2111568235-378885487-1001_Classes\CLSID\{cc961737-4dcb-f39b-0182-db01d6cdceca} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{196516DF-D5B0-4CD3-AAE8-783650DE936F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D7637CA4-B6AC-41D2-A86E-81032DA83701}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2C9614A7-E404-48DB-B723-F3A2B0DE8D8F}C:\users\merme0th\appdata\local\temp\mxt232\bin\xwin_mobax.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{946AD4E2-9488-4593-B262-E0EED310902E}C:\users\merme0th\appdata\local\temp\mxt232\bin\xwin_mobax.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7FA5219F-11EF-46E0-896F-BE4D1D6488B8}C:\users\merme0th\appdata\local\temp\mxt230\bin\xwin_mobax.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{49FB0406-93BF-44AC-B624-9A0081E42355}C:\users\merme0th\appdata\local\temp\mxt230\bin\xwin_mobax.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{90907096-0F0C-41A6-AFAA-89278F1C6D5C}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{91D2DF38-F0E8-4A6F-A8AC-297555E0BEB0}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2FF94958-9B1E-455F-AA4C-68A02D34BFB3}C:\users\merme0th\downloads\sdio_1.12.18.759\sdio_x64_r759.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2A2DC78F-5AD5-4CF9-AEBC-46541B60BD2C}C:\users\merme0th\downloads\sdio_1.12.18.759\sdio_x64_r759.exe" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 235400019 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 891636808 B
Windows/system/drivers => 286219 B
Edge => 0 B
Chrome => 102503566 B
Firefox => 170225859 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 1676704 B
LocalService => 2338994 B
NetworkService => 2771932 B
Merme0th => 108249689 B

RecycleBin => 2972414954 B
EmptyTemp: => 4.2 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 16:15:46 ====

#4 Příspěvek od **Rudy** » 27 lis 2024 17:00

Smazáno, v PC byly jen zbytečnosti.

Windi · #5 Příspěvek od **Windi** » 27 lis 2024 17:46

Super. Děkuji moc

#6 Příspěvek od **Rudy** » 27 lis 2024 18:45

Rádo se stalo!

VIRY.CZ

Preventivní prověření

Preventivní prověření

Re: Preventivní prověření

Re: Preventivní prověření

Re: Preventivní prověření

Re: Preventivní prověření

Re: Preventivní prověření