Preventivní Kontrola

[Joskyc]

Dobrý den,
Poslední dobou mám podezření jestli je vše v pořádku.

Poprosil bych tedy o preventivní kontrolu. Níže zasílám logy FRST a Addition.

FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-05-2023 01
Ran by josef.tomek (administrator) on TOMEK-PC (Micro-Star International Co., Ltd. MS-7A34) (12-05-2023 23:29:51)
Running from D:\Downloads\FRST64.exe
Loaded Profiles: josef.tomek
Platform: Microsoft Windows 11 Pro Version 22H2 22621.1555 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.11600.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.35\msedgewebview2.exe <6>
(C:\Windows\UUS\amd64\MoUsoCoreWorker.exe ->) (Microsoft Windows -> Poskytovatel Windows (R) Win 7 DDK) C:\Windows\UUS\amd64\MoNotificationUx.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <16>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_50916785244854f2\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.11600.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (PALIT MICROSYSTEMS LTD. TAIWAN BRANCH (BELIZE) -> Palit Microsystems Ltd.) D:\Thunder Master\ThPanel.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40412984 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Run: [EpicGamesLauncher] => D:\Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37123024 2023-05-09] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Run: [electron.app.Mobalytics Desktop] => C:\Users\josef.tomek\AppData\Local\Programs\mobalytics-desktop\Mobalytics Desktop.exe [146624736 2023-04-11] (Gamers Net Inc -> Mobalytics)
HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Run: [MobalyticsHQ.DesktopApp] => C:\Users\josef.tomek\AppData\Local\Programs\mobalytics-desktop\Mobalytics Desktop.exe [146624736 2023-04-11] (Gamers Net Inc -> Mobalytics)
HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Run: [MicrosoftEdgeAutoLaunch_4E61AFCCF636DA0486317091569B355F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4152224 2023-05-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\113.0.5672.93\Installer\chrmstp.exe [2023-05-12] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01C5F21A-E4E4-4337-B697-05942D038136} - System32\Tasks\ThunderMaster => D:\Thunder Master\ThPanel.exe [4516664 2022-01-12] (PALIT MICROSYSTEMS LTD. TAIWAN BRANCH (BELIZE) -> Palit Microsystems Ltd.)
Task: {07241107-1D61-4DF4-9C2C-D646E9CA0A39} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {130E75B4-F48B-49CC-8CE4-260EF47715FA} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe/RunOnBattery ReadyToReboot
Task: {22A57645-EC92-40B9-A39B-BDC0070E2457} - System32\Tasks\GoogleUpdateTaskMachineCore{AED4C23D-FE13-4C74-9A1C-B1502A0F654E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-07-06] (Google LLC -> Google LLC)
Task: {38DA3059-4493-4024-B166-1408F3812B80} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3CE1FD29-EF1A-40E8-8D51-8EDE9CDEBD7C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718240 2023-05-01] (Mozilla Corporation -> Mozilla Foundation)
Task: {547B5AA6-8836-4305-9538-36E563ECDF0A} - System32\Tasks\GoogleUpdateTaskMachineUA{AF0ED489-400F-40E3-8057-E96867EC96CE} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-07-06] (Google LLC -> Google LLC)
Task: {5B2904FA-0228-4F4F-A368-F8ADAD70A7D7} - System32\Tasks\CCleanerSkipUAC - josef.tomek => C:\Program Files\CCleaner\CCleaner.exe [34159416 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {6DC8B576-CE97-414E-A077-25190DD72900} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7E5E2DFF-9E84-499F-9A4F-3A313352C7F5} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2638856 2023-04-23] (Overwolf Ltd -> Overwolf LTD)
Task: {8135F585-28F3-4639-B699-A72C82F38259} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {8FD4BDCC-98C3-48A0-888F-AA17E6F2EB78} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-05-01] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {9D082DAB-B131-4B66-AFD8-2AEDB882FEAC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {A83249EE-44BF-407A-A55E-6D1B78F73F6D} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [669320 2022-03-23] (Advanced Micro Devices Inc. -> )
Task: {B6C12CC6-7F03-4D07-9AD5-E5960407FA48} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => C:\WINDOWS\system32\MusNotification.exeLogonUpdateResults
Task: {BDC7A737-4F52-4C1F-9DDE-3F97E8287679} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "d977f7f3-b3bf-4a45-8c48-0789c31aa628" --version "6.11.10455" --silent
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {D65E9010-4A9D-40F5-A7EB-C470320F3EEA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DBA65F8E-9CBF-45E1-8142-EF8822237739} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe/RunOnAC ReadyToReboot
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3c6ab3c3-981a-479a-b7ff-69aa4ee7883b}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{62257993-4a5b-40e3-89a4-ec4e8d5432e4}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9fd6388c-99af-4905-9038-68e853b9649d}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Profile: C:\Users\josef.tomek\AppData\Local\Microsoft\Edge\User Data\Default [2023-05-03]

FireFox:
========
FF DefaultProfile: wkfr123x.default
FF ProfilePath: C:\Users\josef.tomek\AppData\Roaming\Mozilla\Firefox\Profiles\wkfr123x.default [2022-08-03]
FF ProfilePath: C:\Users\josef.tomek\AppData\Roaming\Mozilla\Firefox\Profiles\b9890vmc.default-release [2023-05-12]
FF Plugin: @java.com/DTPlugin,version=11.361.2 -> C:\Program Files\Java\jre1.8.0_361\bin\dtplugin\npDeployJava1.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.361.2 -> C:\Program Files\Java\jre1.8.0_361\bin\plugin2\npjp2.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-05-04] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default [2023-05-12]
CHR Notifications: Default -> hxxps://www.divokekmeny.cz
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-05-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-25]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-05-02]
CHR Extension: (Shazam: Hledejte názvy skladeb v prohlížeči) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2023-02-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-06]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-07-07] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2022-11-23] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2022-07-11] (Epic Games Inc. -> Epic Games, Inc.)
S3 FACEITService; C:\Program Files\FACEIT AC\faceitservice.exe [59031432 2023-05-08] (FACE IT LIMITED -> )
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2638856 2023-04-23] (Overwolf Ltd -> Overwolf LTD)
S3 Rockstar Service; E:\SteamLibrary\RockstarGamesLauncher\RockstarService.exe [2703192 2022-12-28] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [307224 2023-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe [3216064 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe [133544 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_50916785244854f2\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_50916785244854f2\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 akshasp; C:\WINDOWS\System32\drivers\akshasp.sys [69560 2020-08-19] (Gemalto, Inc. -> SafeNet, Inc.)
S3 akshhl; C:\WINDOWS\System32\drivers\akshhl.sys [68536 2020-08-19] (Gemalto, Inc. -> SafeNet, Inc.)
S3 aksusb; C:\WINDOWS\System32\drivers\aksusb.sys [313784 2020-08-19] (Gemalto, Inc. -> SafeNet, Inc.)
S3 AndDiag; C:\WINDOWS\System32\drivers\lganddiag64.sys [27648 2019-12-30] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus64.sys [30208 2019-12-30] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-10-01] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-10-01] (Disc Soft Ltd -> Disc Soft Ltd)
R1 FACEIT; C:\Program Files\FACEIT AC\FACEIT.sys [64945688 2023-05-08] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 MpKslb8717e0a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AEA4C513-54CA-4D06-8DF4-8A61B96C037D}\MpKslDrv.sys [212264 2023-05-12] (Microsoft Windows -> Microsoft Corporation)
S3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [54632 2021-03-30] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_008c; C:\WINDOWS\System32\drivers\RzDev_008c.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64880 2020-11-11] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
R1 steamxbox; C:\WINDOWS\System32\drivers\steamxbox.sys [278208 2023-02-21] (Valve Corp. -> Valve Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2023-05-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-05-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-05-03] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-05-12 14:39 - 2023-05-12 14:41 - 000000000 ___HD C:\$WinREAgent
2023-05-09 19:14 - 2023-05-09 19:14 - 000000000 ____D C:\Users\josef.tomek\Documents\DeadIslandDE
2023-05-09 18:16 - 2023-05-09 18:16 - 000000202 _____ C:\Users\josef.tomek\Desktop\Dead Island Definitive Edition.url
2023-05-09 17:58 - 2023-05-09 17:58 - 000000000 ____D C:\Users\josef.tomek\AppData\Roaming\IO Interactive
2023-05-09 17:58 - 2023-05-09 17:58 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\IO Interactive
2023-05-09 16:24 - 2023-05-09 16:24 - 000000000 ____D C:\Users\josef.tomek\AppData\Roaming\hdpoker-steam
2023-05-09 16:16 - 2023-05-09 16:16 - 000000202 _____ C:\Users\josef.tomek\Desktop\HD Poker.url
2023-05-08 21:41 - 2023-05-08 23:51 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\FACEIT
2023-05-04 15:52 - 2023-05-04 15:52 - 000000698 _____ C:\Users\josef.tomek\Desktop\rpcs3 – zástupce.lnk
2023-05-03 18:19 - 2023-05-03 18:19 - 000000203 _____ C:\Users\josef.tomek\Desktop\HITMAN 3.url
2023-05-01 15:51 - 2023-05-02 15:22 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-04-29 18:43 - 2023-04-29 18:43 - 000725758 _____ C:\WINDOWS\system32\perfh005.dat
2023-04-29 18:43 - 2023-04-29 18:43 - 000151026 _____ C:\WINDOWS\system32\perfc005.dat
2023-04-25 21:29 - 2023-04-25 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Burning Crusade Classic
2023-04-25 20:20 - 2023-04-25 20:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft Classic
2023-04-13 00:43 - 2023-04-13 00:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\mde

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-05-12 23:30 - 2021-08-12 22:28 - 000000000 ____D C:\FRST
2023-05-12 23:29 - 2022-07-06 23:43 - 000000000 ____D C:\Program Files (x86)\Google
2023-05-12 23:28 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2023-05-12 23:19 - 2022-07-06 23:41 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\D3DSCache
2023-05-12 23:14 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-05-12 23:13 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-05-12 23:13 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-05-12 23:13 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-05-12 21:43 - 2022-07-07 15:33 - 000000000 ____D C:\Users\josef.tomek\AppData\Roaming\TS3Client
2023-05-12 18:01 - 2022-11-21 20:35 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\Battle.net
2023-05-12 18:01 - 2022-07-20 16:19 - 000000000 ____D C:\ProgramData\Riot Games
2023-05-12 15:07 - 2022-07-06 23:48 - 000000000 ____D C:\Program Files\CCleaner
2023-05-12 14:57 - 2023-01-30 19:33 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-05-12 14:57 - 2023-01-30 19:33 - 000002087 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-05-12 14:57 - 2023-01-30 19:33 - 000002075 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-05-12 14:53 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-05-12 14:40 - 2022-07-06 23:43 - 000002261 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-05-12 14:40 - 2022-07-06 23:43 - 000002220 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-05-11 17:04 - 2022-07-06 21:56 - 000000000 ____D C:\ProgramData\NVIDIA
2023-05-10 12:08 - 2022-07-07 01:23 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-05-10 12:07 - 2022-07-07 01:23 - 159583304 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-05-08 23:52 - 2023-02-23 22:19 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\Overwolf
2023-05-08 23:52 - 2023-02-23 22:15 - 000000000 ____D C:\Users\josef.tomek\AppData\Roaming\.minecraft
2023-05-08 23:52 - 2022-08-23 14:41 - 000000000 ____D C:\Users\josef.tomek\AppData\Roaming\.tlauncher
2023-05-08 23:52 - 2022-08-06 21:37 - 000000000 ____D C:\Users\josef.tomek\AppData\Roaming\Wargaming.net
2023-05-08 23:51 - 2022-11-22 15:14 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\CrashDumps
2023-05-08 23:51 - 2022-07-31 22:27 - 000000000 ____D C:\Users\josef.tomek\AppData\Roaming\FACEIT
2023-05-08 23:51 - 2019-08-12 17:01 - 000000000 ____D C:\Users\josef.tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FACEIT Ltd
2023-05-08 23:50 - 2022-12-15 18:56 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\Discord
2023-05-08 23:50 - 2022-09-23 17:50 - 000000000 ____D C:\Users\josef.tomek\AppData\Roaming\discord
2023-05-08 23:43 - 2022-11-21 20:34 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\Blizzard Entertainment
2023-05-08 21:47 - 2022-07-31 22:27 - 000000000 ____D C:\Program Files\FACEIT AC
2023-05-08 21:41 - 2022-07-31 22:27 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\SquirrelTemp
2023-05-08 21:40 - 2022-09-06 12:39 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\Razer
2023-05-08 21:40 - 2022-09-06 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2023-05-08 21:40 - 2022-09-06 12:37 - 000000000 ____D C:\Program Files\Razer
2023-05-08 21:40 - 2022-09-06 12:34 - 000000000 ____D C:\ProgramData\Razer
2023-05-08 21:40 - 2022-09-06 12:34 - 000000000 ____D C:\Program Files (x86)\Razer
2023-05-08 19:36 - 2022-12-15 01:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-05-07 18:49 - 2020-06-06 19:50 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-05-07 18:49 - 2020-06-06 19:50 - 000002288 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-05-04 15:26 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2023-05-03 22:15 - 2022-07-07 01:24 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-05-03 18:48 - 2022-08-03 19:36 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-05-03 15:44 - 2022-07-06 21:55 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-05-02 15:31 - 2022-12-15 01:35 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-05-02 15:31 - 2022-12-15 01:35 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-05-02 15:31 - 2022-09-21 11:37 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-05-02 15:22 - 2022-08-03 19:36 - 000001019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-05-02 15:22 - 2022-08-03 19:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-04-29 19:36 - 2022-12-15 01:32 - 000000000 ____D C:\Users\josef.tomek
2023-04-29 18:43 - 2022-12-15 01:37 - 001718028 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-04-29 18:36 - 2022-12-15 01:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-04-29 18:36 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState
2023-04-29 18:36 - 2020-10-31 01:37 - 000012288 ___SH C:\DumpStack.log.tmp
2023-04-29 17:24 - 2022-07-06 23:39 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\Packages
2023-04-25 18:24 - 2022-12-15 01:35 - 000003844 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{AF0ED489-400F-40E3-8057-E96867EC96CE}
2023-04-25 18:24 - 2022-12-15 01:35 - 000003720 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{AED4C23D-FE13-4C74-9A1C-B1502A0F654E}
2023-04-15 23:32 - 2022-10-30 11:49 - 000000000 ____D C:\Users\josef.tomek\AppData\Roaming\mobalytics-desktop
2023-04-14 15:47 - 2022-10-21 17:10 - 000079352 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2023-04-14 15:47 - 2022-10-21 17:10 - 000062968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2023-04-14 15:47 - 2022-08-22 18:04 - 002790904 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2023-04-14 15:47 - 2022-08-22 18:04 - 000484856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2023-04-14 15:47 - 2022-08-22 18:04 - 000247248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2023-04-14 15:47 - 2022-08-22 18:04 - 000202232 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2023-04-14 15:47 - 2022-08-22 18:04 - 000165368 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2023-04-14 15:47 - 2022-08-22 18:04 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2023-04-13 00:44 - 2022-05-07 07:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-04-13 00:43 - 2022-12-15 01:30 - 000294024 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-04-13 00:43 - 2022-05-07 12:14 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-04-13 00:43 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-04-13 00:43 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\UUS
2023-04-13 00:43 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-04-13 00:43 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-04-13 00:43 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-04-13 00:43 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-04-13 00:43 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-04-13 00:43 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Provisioning
2023-04-13 00:43 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-04-13 00:43 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-04-12 19:11 - 2019-01-04 18:25 - 000000000 ____D C:\Users\josef.tomek\AppData\LocalLow\Mozilla
2023-04-12 12:03 - 2022-12-15 01:35 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

==================== Files in the root of some directories ========

2022-07-12 01:21 - 2021-12-26 16:00 - 000215040 _____ (Igor Pavlov) C:\Users\josef.tomek\7zxa.dll
2022-07-12 01:21 - 2022-03-03 15:16 - 000627352 _____ (Alexander Roshal) C:\Users\josef.tomek\Rar.exe
2022-07-12 01:21 - 2022-03-03 15:16 - 000647832 _____ (Alexander Roshal) C:\Users\josef.tomek\RarExt.dll
2022-07-12 01:21 - 2022-03-03 15:16 - 000557720 _____ (Alexander Roshal) C:\Users\josef.tomek\RarExt32.dll
2022-07-12 01:21 - 2022-03-03 15:16 - 000180888 _____ (Alexander Roshal) C:\Users\josef.tomek\RarExtInstaller.exe
2022-07-12 01:21 - 2022-03-07 10:15 - 000993432 _____ () C:\Users\josef.tomek\rarlng.dll
2022-07-12 01:21 - 2022-07-12 01:21 - 000000024 _____ () C:\Users\josef.tomek\rarnew.dat
2022-07-12 01:21 - 2022-03-03 15:16 - 000422552 _____ (Alexander Roshal) C:\Users\josef.tomek\Uninstall.exe
2022-07-12 01:21 - 2022-03-03 15:16 - 000427160 _____ (Alexander Roshal) C:\Users\josef.tomek\UnRAR.exe
2022-07-12 01:21 - 2022-03-03 15:16 - 002461336 _____ (Alexander Roshal) C:\Users\josef.tomek\WinRAR.exe
2022-07-12 01:21 - 2022-07-12 01:21 - 000000022 _____ () C:\Users\josef.tomek\zipnew.dat
2022-07-16 00:16 - 2022-07-16 00:16 - 000000022 _____ () C:\Users\josef.tomek\AppData\Roaming\Microsoft\{8ADA9B80-E373-E18E-DB02-F11B969F143C}
2023-02-19 19:46 - 2023-02-19 19:46 - 000003463 _____ () C:\Users\josef.tomek\AppData\Local\recently-used.xbel
2022-10-03 22:35 - 2022-10-03 22:35 - 000007600 _____ () C:\Users\josef.tomek\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================






Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-05-2023 01
Ran by josef.tomek (12-05-2023 23:30:37)
Running from D:\Downloads
Microsoft Windows 11 Pro Version 22H2 22621.1555 (X64) (2022-12-14 23:35:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2317344584-338335979-3697871285-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2317344584-338335979-3697871285-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2317344584-338335979-3697871285-1000 - Limited - Disabled)
Guest (S-1-5-21-2317344584-338335979-3697871285-501 - Limited - Disabled)
josef.tomek (S-1-5-21-2317344584-338335979-3697871285-1002 - Administrator - Enabled) => C:\Users\josef.tomek
WDAGUtilityAccount (S-1-5-21-2317344584-338335979-3697871285-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 23.001.20174 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Ryzen Master (HKLM\...\{02247819-03CD-414E-AC8D-FD518BFBA445}) (Version: 2.9.0.2093 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.9.0.2093 - Advanced Micro Devices, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 6.11 - Piriform)
Core Temp 1.17.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.17.1 - ALCPU)
CurseForge (HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.222.2.9650 - Overwolf app)
Ekura (HKLM-x32\...\Sindicate Ekura) (Version: 12.159.10674 - Sindicate)
Epic Games Launcher (HKLM-x32\...\{20235E2B-1E9F-473D-A215-B2467F1F06E3}) (Version: 1.3.51.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{19695986-25CE-41AC-9C6F-54794653EDBA}) (Version: 2.0.36.0 - Epic Games, Inc.)
FACEIT Anti-Cheat (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 2.1 - FACEIT LTD)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
GIMP 2.10.32-1 (HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\GIMP-2_is1) (Version: 2.10.32 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 113.0.5672.93 - Google LLC)
Java 8 Update 361 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180361F0}) (Version: 8.0.3610.9 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 113.0.1774.35 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 113.0.1774.35 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{43D501A5-E5E3-46EC-8F33-9E15D2A2CBD5}) (Version: 5.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29914 (HKLM-x32\...\{1b5476d9-ab8e-4b0d-b004-059a1bd5568b}) (Version: 14.28.29914.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29334 (HKLM\...\{2E11EF4E-901F-4B2D-B68E-3DB2A566C857}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29334 (HKLM\...\{8A3F7D5B-422D-49D9-84F7-8DC1B7782967}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29914 (HKLM-x32\...\{BD8C6100-7C7D-48DD-93BA-69F6828213FE}) (Version: 14.28.29914 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29914 (HKLM-x32\...\{42365A3A-622A-4EED-A727-FE192A794AFD}) (Version: 14.28.29914 - Microsoft Corporation) Hidden
Mobalytics Desktop 1.105.25 (HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\4e3246c6-dac2-5647-bc85-745a4bcf689f) (Version: 1.105.25 - Mobalytics)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 112.0.2 (x64 cs)) (Version: 112.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 103.0.1 - Mozilla)
NVIDIA Ovladač HD audia 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 531.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 531.41 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.221.109.14 - Overwolf Ltd.)
REDlauncher (HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.67.1178 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.6.5 - Rockstar Games)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
Thunder Master v4.11 (HKLM\...\{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1) (Version: 4.11.0.3 - Palit Microsystems Ltd.)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 136.0.10773 - Ubisoft)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

Packages:
=========
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.19.0_neutral__8xx8rvfyw5nnt [2023-04-13] (Instagram)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.2.4.0_x64__8wekyb3d8bbwe [2023-03-22] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-26] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-22] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0 [2023-04-29] (Spotify AB) [Startup Task]
WinRAR -> C:\Users\josef.tomek [2023-04-29] (0)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2317344584-338335979-3697871285-1002_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2317344584-338335979-3697871285-1002_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Users\josef.tomek\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Users\josef.tomek\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_50916785244854f2\nvshext.dll [2023-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Users\josef.tomek\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Users\josef.tomek\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FACEIT AC.lnk:550995E265 [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk:F208FC6732 [3434]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [4188]
AlternateDataStreams: C:\Users\Public\Documents\settings.ini:ABCC4E1BB3 [4138]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_361\bin\ssv.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_361\bin\jp2ssv.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\ProgramData\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2317344584-338335979-3697871285-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\josef.tomek\Desktop\282236971_1137794680286356_8403560913449049767_n.jpg
HKU\S-1-5-21-2317344584-338335979-3697871285-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\StartupApproved\StartupFolder: => "GIGABYTE XTREME GAMING ENGINE.lnk"
HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_4E61AFCCF636DA0486317091569B355F"
HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\StartupApproved\Run: => "electron.app.Mobalytics Desktop"
HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\StartupApproved\Run: => "MobalyticsHQ.DesktopApp"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{D1D29F53-BBA3-4DD9-882F-FD289750C95E}E:\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe] => (Block) E:\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{F02FA567-347A-4976-84F1-821C9C83B4BE}E:\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe] => (Block) E:\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{960CBB98-CF70-4E43-A68F-5947BFF643D9}] => (Allow) D:4\SteamLibrary\steamapps\common\Painkiller Black Edition\Bin\Painkiller.exe => No File
FirewallRules: [{852DEC67-D9DF-4EAF-AF5F-CC9372928143}] => (Allow) D:4\SteamLibrary\steamapps\common\Painkiller Black Edition\Bin\Painkiller.exe => No File
FirewallRules: [UDP Query User{69736724-3BB9-49C1-B134-8725BD72EB5B}C:\users\josef.tomek\appdata\local\programs\mobalytics-desktop\mobalytics desktop.exe] => (Allow) C:\users\josef.tomek\appdata\local\programs\mobalytics-desktop\mobalytics desktop.exe (Gamers Net Inc -> Mobalytics)
FirewallRules: [TCP Query User{9CF88E85-D261-46F8-B63B-E61F510A98EE}C:\users\josef.tomek\appdata\local\programs\mobalytics-desktop\mobalytics desktop.exe] => (Allow) C:\users\josef.tomek\appdata\local\programs\mobalytics-desktop\mobalytics desktop.exe (Gamers Net Inc -> Mobalytics)
FirewallRules: [{D3BB37B4-6140-4D77-A9E5-D00998DBCFEA}] => (Allow) D:4\SteamLibrary\steamapps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe => No File
FirewallRules: [{791A7B9F-6A50-4272-9F82-1D2DBCA4D22B}] => (Allow) D:4\SteamLibrary\steamapps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe => No File
FirewallRules: [{F43CFF5E-C2B3-4EED-9979-49FB5881FC57}] => (Allow) D:4\SteamLibrary\steamapps\common\Assassins Creed Brotherhood\ACBSP.exe => No File
FirewallRules: [{1681EBC2-03A3-4293-8BA9-7D203ED1548C}] => (Allow) D:4\SteamLibrary\steamapps\common\Assassins Creed Brotherhood\ACBSP.exe => No File
FirewallRules: [{01181F56-8F79-4D9F-A2CF-74209058D9CE}] => (Allow) D:4\SteamLibrary\steamapps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe => No File
FirewallRules: [{91409ABA-C436-4980-8E5F-8A0DF9DAC9EB}] => (Allow) D:4\SteamLibrary\steamapps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe => No File
FirewallRules: [UDP Query User{FCA2FED1-A451-45FF-A243-357F44CD8073}D:4\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) D:4\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe => No File
FirewallRules: [TCP Query User{79CD142C-2A35-45F4-B684-880947EDDF66}D:4\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) D:4\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe => No File
FirewallRules: [{99B1FA2B-6698-4BA3-ACC6-D5B0D12B9BC9}] => (Allow) D:4\SteamLibrary\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe => No File
FirewallRules: [{AD4031D6-D8BF-4826-8D9B-68BF10FBFA8B}] => (Allow) D:4\SteamLibrary\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe => No File
FirewallRules: [UDP Query User{47E8F4B0-BB2B-40AD-BB6E-5CCA77D8A3E4}D:\games\riot games\riot client\riotclientservices.exe] => (Allow) D:\games\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{CDE836FB-FC06-4BFD-B491-2486DDB4A0BF}D:\games\riot games\riot client\riotclientservices.exe] => (Allow) D:\games\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{75EB5888-0FA4-4F6F-8759-01D8EFEE9D1B}] => (Allow) D:\Steam\steamapps\common\GodOfWar\GoW.exe (Santa Monica Studio) [File not signed]
FirewallRules: [{AF66A046-3AF7-4885-ADF8-4051FCBCE91D}] => (Allow) D:\Steam\steamapps\common\GodOfWar\GoW.exe (Santa Monica Studio) [File not signed]
FirewallRules: [UDP Query User{2A9A7C31-7A85-4393-A919-E53AD06464DE}C:\users\josef.tomek\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\josef.tomek\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{0AC5A811-E18F-491E-ADDB-C46C80CAF4F8}C:\users\josef.tomek\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\josef.tomek\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [{316A20F8-898D-4B26-B319-999329B0048E}] => (Allow) D:\Steam\steamapps\common\FlatOut2\FlatOut2.exe () [File not signed]
FirewallRules: [{4B6F7E45-F250-440A-9C03-F0D859BA1F44}] => (Allow) D:\Steam\steamapps\common\FlatOut2\FlatOut2.exe () [File not signed]
FirewallRules: [{B696F236-779F-4AE2-B767-EA95FD1715B1}] => (Allow) D:\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD Projekt Red)
FirewallRules: [{9DB7E25C-07B0-4FDD-AC77-056DB5E4867F}] => (Allow) D:\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD Projekt Red)
FirewallRules: [UDP Query User{D015290B-5B06-464B-8E9F-F7CCAF36EBD2}D:\torrent\utorrent.exe] => (Allow) D:\torrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{456DB5BD-DFD7-4FF8-8562-903EF96DA48D}D:\torrent\utorrent.exe] => (Allow) D:\torrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{B7A979FB-99A4-4BC1-B422-6F5281A385CF}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{6268CBB7-A533-458A-8AB9-6D2711D55472}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FF57200A-F447-488C-9C9C-06719ACB6AE0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CB00B0E0-97B2-4BDD-816A-E76BD550C08B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5D92A6B7-D54E-4CDC-A149-A04BB770E37E}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{F9C2D47E-E25D-4DF0-AEE7-809B1935B3AF}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{7329A517-8B83-4EE3-8F58-12D6B9A195B7}] => (Allow) D:\Steam\steamapps\common\Titan Quest Anniversary Edition\TQ.exe () [File not signed]
FirewallRules: [{60C87B3E-7EE9-4877-A720-2B49AE0CEBA4}] => (Allow) D:\Steam\steamapps\common\Titan Quest Anniversary Edition\TQ.exe () [File not signed]
FirewallRules: [{60DECC46-6522-4807-80EE-E5E19B145643}] => (Allow) D:\Steam\steamapps\common\Driver Parallel Lines\DriverParallelLines.exe () [File not signed]
FirewallRules: [{08C867BE-0430-4602-8400-72B0A7432C34}] => (Allow) D:\Steam\steamapps\common\Driver Parallel Lines\DriverParallelLines.exe () [File not signed]
FirewallRules: [UDP Query User{2DAEBCB1-7183-477F-9AF2-F8FDF4943357}D:\games\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\games\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{3FD3D73C-A328-4543-8E2B-E17478F5B9E4}D:\games\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\games\epic games\fortnite\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{DC8BB753-C0BA-43A6-A17B-6ED45B08B8FC}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3A9720D8-5B30-4D4C-B662-BF0C53B6D939}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{C3EF6BDC-E8A2-4F0A-B569-7A9DB929639E}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{0E2C2398-4E1A-4DE0-88E2-332BEAA2CE88}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{250A6FE8-16CD-4812-A9CB-702F9BBCE71D}D:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{8CEBAFE8-EAD6-41A2-ACE2-40AEE0F88087}D:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\games\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{252B7B51-671F-44BA-A979-E1A821E79C07}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22308.1003.1743.8209_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{88D52A8D-CC89-4AE3-8D86-9C1702539ADC}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22308.1003.1743.8209_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B2777F72-7249-4142-8812-B7B01AF9EF63}] => (Allow) E:\SteamLibrary\steamapps\common\Devour\DEVOUR.exe () [File not signed]
FirewallRules: [{7885DFEB-23F6-4FFF-9D33-47491EA3A1D8}] => (Allow) E:\SteamLibrary\steamapps\common\Devour\DEVOUR.exe () [File not signed]
FirewallRules: [TCP Query User{7F2A994E-D3E6-4BC9-B81F-EBBC992B6D4E}D:\games\epic games\firstclasstrouble\fct\binaries\win64\fctclient-win64-shipping.exe] => (Allow) D:\games\epic games\firstclasstrouble\fct\binaries\win64\fctclient-win64-shipping.exe (Invisible Walls) [File not signed]
FirewallRules: [UDP Query User{4D409CB9-70DE-488A-A690-E8235134688F}D:\games\epic games\firstclasstrouble\fct\binaries\win64\fctclient-win64-shipping.exe] => (Allow) D:\games\epic games\firstclasstrouble\fct\binaries\win64\fctclient-win64-shipping.exe (Invisible Walls) [File not signed]
FirewallRules: [{10EBA862-0739-4899-9A04-211B008356BE}] => (Allow) E:\SteamLibrary\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [{D7560B17-A2BF-4F54-BFF8-92A5CBDA675D}] => (Allow) E:\SteamLibrary\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [{54C56500-4C17-45C3-93FB-20E9088E005D}] => (Allow) D:\Steam\steamapps\common\The Witcher 3\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{25C203E9-DD2E-4AA2-9029-0B793122E368}] => (Allow) D:\Steam\steamapps\common\The Witcher 3\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{B540E896-B307-472F-A094-80FA610AC610}] => (Allow) D:\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{6B1E784F-12B4-4E45-8C14-96061F7462C6}] => (Allow) D:\Steam\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{F6D40EA6-770D-4A2C-8FF5-005BDDA8274F}] => (Allow) E:\SteamLibrary\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe (Warner Bros. Interactive) [File not signed]
FirewallRules: [{BA016892-098A-4757-A133-CF9C855C5D16}] => (Allow) E:\SteamLibrary\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe (Warner Bros. Interactive) [File not signed]
FirewallRules: [TCP Query User{28D06444-8827-4BC2-ACCF-E3614982D7AC}C:\users\josef.tomek\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\josef.tomek\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{9EE1BB7D-DB1F-4668-9929-915A8CB2B337}C:\users\josef.tomek\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\josef.tomek\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{73D473A1-9477-4DB5-A4D3-3C3CA7DDD84C}C:\users\josef.tomek\curseforge\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\josef.tomek\curseforge\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{7AA5D414-1AAD-45EA-B820-2460075F3382}C:\users\josef.tomek\curseforge\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\josef.tomek\curseforge\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [{02F6033D-0695-47AA-B9C6-E20A563C985C}] => (Allow) E:\overwolf\0.221.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{E27B6A73-50C1-47F0-89C8-0DF66302FEAE}] => (Allow) E:\overwolf\0.221.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{8340194B-0C2A-45AA-990C-F283F0D53C3E}] => (Block) E:\overwolf\0.221.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{AAA3D722-5550-4F52-A651-C7C6FE930F76}] => (Block) E:\overwolf\0.221.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{31CA72D5-DC08-45A2-BCA6-9E5C387FB7FB}] => (Allow) E:\overwolf\0.221.109.14\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{7A01203F-FD50-4302-B7D4-27DA32B28CD1}] => (Allow) E:\overwolf\0.221.109.14\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{2D4E7740-0CA9-4926-A053-BD5888598928}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CC86850F-2F3F-41EF-B798-1A0AFFED6340}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3690A936-7210-4AFA-8692-EA6216DF4554}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DD5BC5F4-E364-40A4-85A5-70AAF1B79EE2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1F067325-2885-4D3C-AC31-15E07054425F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6703FE2E-740F-43D6-B7FE-9EB58B342D6B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{03FD5D59-63A6-4B53-A01E-99E86C82D334}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9E78255E-49D3-4095-B755-36DDA2E6846C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B47CE55D-3A28-4076-A738-10C6372EFA56}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F3A3069D-2696-40D7-8235-1139FA62E7B4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C04EFB8E-071C-40D8-9C45-2358296CD75B}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.35\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{74036D33-AC39-4632-A9DF-7C06B6132C71}] => (Allow) E:\SteamLibrary\steamapps\common\HD Poker\HD Poker.exe () [File not signed]
FirewallRules: [{1B4FC6D0-2DD2-434D-8200-3BF5DDD6AFF9}] => (Allow) E:\SteamLibrary\steamapps\common\HD Poker\HD Poker.exe () [File not signed]
FirewallRules: [{66C6EB61-DFC5-4D7D-85FF-586CA1052FDC}] => (Allow) E:\SteamLibrary\steamapps\common\HITMAN 3\Launcher.exe (IO INTERACTIVE A/S -> )
FirewallRules: [{2A432ACC-6F24-4BEB-9451-732230251979}] => (Allow) E:\SteamLibrary\steamapps\common\HITMAN 3\Launcher.exe (IO INTERACTIVE A/S -> )
FirewallRules: [{A42582B9-7040-4C83-87FA-6C58109C5A80}] => (Allow) E:\SteamLibrary\steamapps\common\DIDE\DeadIslandGame.exe (Techland Sp. z o.o. -> Techland)
FirewallRules: [{E6E5BAE8-480B-48C8-9D92-D5A9A11F0BF2}] => (Allow) E:\SteamLibrary\steamapps\common\DIDE\DeadIslandGame.exe (Techland Sp. z o.o. -> Techland)
FirewallRules: [{DCAAA271-34C2-4259-8DD3-8C8551F2D6B0}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.19 GB) (Free:56.94 GB) (51%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/08/2023 11:51:08 PM) (Source: Application Error) (EventID: 1000) (User: TOMEK-PC)
Description: Název chybující aplikace: FACEIT.exe, verze: 1.31.14.0, časové razítko: 0x62a0cec5
Název chybujícího modulu: FACEIT.exe, verze: 1.31.14.0, časové razítko: 0x62a0cec5
Kód výjimky: 0x80000003
Posun chyby: 0x00000000016db32f
ID chybujícího procesu: 0x0x3154
Čas spuštění chybující aplikace: 0x0x1d981f7311dc736
Cesta k chybující aplikaci: C:\Users\josef.tomek\AppData\Local\FACEIT\app-1.31.14\FACEIT.exe
Cesta k chybujícímu modulu: C:\Users\josef.tomek\AppData\Local\FACEIT\app-1.31.14\FACEIT.exe
ID zprávy: e8cba3d2-55ff-41de-ab02-3ca9faa7baac
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/08/2023 09:41:41 PM) (Source: Application Error) (EventID: 1000) (User: TOMEK-PC)
Description: Název chybující aplikace: FACEIT.exe, verze: 1.31.14.0, časové razítko: 0x62a0cec5
Název chybujícího modulu: FACEIT.exe, verze: 1.31.14.0, časové razítko: 0x62a0cec5
Kód výjimky: 0x80000003
Posun chyby: 0x00000000016db32f
ID chybujícího procesu: 0x0x23c8
Čas spuštění chybující aplikace: 0x0x1d981e51ca156e8
Cesta k chybující aplikaci: C:\Users\josef.tomek\AppData\Local\FACEIT\app-1.31.14\FACEIT.exe
Cesta k chybujícímu modulu: C:\Users\josef.tomek\AppData\Local\FACEIT\app-1.31.14\FACEIT.exe
ID zprávy: f99f967c-e0af-43fb-8f1f-7705661dbf4a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/08/2023 09:41:40 PM) (Source: Application Error) (EventID: 1000) (User: TOMEK-PC)
Description: Název chybující aplikace: FACEIT.exe, verze: 1.31.14.0, časové razítko: 0x62a0cec5
Název chybujícího modulu: FACEIT.exe, verze: 1.31.14.0, časové razítko: 0x62a0cec5
Kód výjimky: 0x80000003
Posun chyby: 0x00000000016db32f
ID chybujícího procesu: 0x0x1f8c
Čas spuštění chybující aplikace: 0x0x1d981e51b8b594c
Cesta k chybující aplikaci: C:\Users\josef.tomek\AppData\Local\FACEIT\app-1.31.14\FACEIT.exe
Cesta k chybujícímu modulu: C:\Users\josef.tomek\AppData\Local\FACEIT\app-1.31.14\FACEIT.exe
ID zprávy: 13bc1b61-87b0-4a8b-94db-aa261144e0fe
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/08/2023 09:38:45 PM) (Source: Application Error) (EventID: 1000) (User: TOMEK-PC)
Description: Název chybující aplikace: FACEIT.exe, verze: 1.31.14.0, časové razítko: 0x62a0cec5
Název chybujícího modulu: FACEIT.exe, verze: 1.31.14.0, časové razítko: 0x62a0cec5
Kód výjimky: 0x80000003
Posun chyby: 0x00000000016db32f
ID chybujícího procesu: 0x0x30b8
Čas spuštění chybující aplikace: 0x0x1d981e4b3589844
Cesta k chybující aplikaci: C:\Users\josef.tomek\AppData\Local\FACEIT\app-1.31.14\FACEIT.exe
Cesta k chybujícímu modulu: C:\Users\josef.tomek\AppData\Local\FACEIT\app-1.31.14\FACEIT.exe
ID zprávy: 026f1eca-e134-4b74-b5a6-e9c4432a19ef
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/08/2023 09:38:32 PM) (Source: Application Error) (EventID: 1000) (User: TOMEK-PC)
Description: Název chybující aplikace: FACEIT.exe, verze: 1.31.14.0, časové razítko: 0x62a0cec5
Název chybujícího modulu: FACEIT.exe, verze: 1.31.14.0, časové razítko: 0x62a0cec5
Kód výjimky: 0x80000003
Posun chyby: 0x00000000016db32f
ID chybujícího procesu: 0x0x11c4
Čas spuštění chybující aplikace: 0x0x1d981e4ab92db74
Cesta k chybující aplikaci: C:\Users\josef.tomek\AppData\Local\FACEIT\app-1.31.14\FACEIT.exe
Cesta k chybujícímu modulu: C:\Users\josef.tomek\AppData\Local\FACEIT\app-1.31.14\FACEIT.exe
ID zprávy: d9df3154-795b-41c3-bcc5-826911d57845
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/08/2023 09:38:30 PM) (Source: Application Error) (EventID: 1000) (User: TOMEK-PC)
Description: Název chybující aplikace: FACEIT.exe, verze: 1.31.14.0, časové razítko: 0x62a0cec5
Název chybujícího modulu: FACEIT.exe, verze: 1.31.14.0, časové razítko: 0x62a0cec5
Kód výjimky: 0x80000003
Posun chyby: 0x00000000016db32f
ID chybujícího procesu: 0x0x1528
Čas spuštění chybující aplikace: 0x0x1d981e4aa9c4b71
Cesta k chybující aplikaci: C:\Users\josef.tomek\AppData\Local\FACEIT\app-1.31.14\FACEIT.exe
Cesta k chybujícímu modulu: C:\Users\josef.tomek\AppData\Local\FACEIT\app-1.31.14\FACEIT.exe
ID zprávy: bebb5c64-4534-481b-a8b6-7565f4675ce0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/08/2023 09:37:31 PM) (Source: Application Error) (EventID: 1000) (User: TOMEK-PC)
Description: Název chybující aplikace: FACEIT.exe, verze: 1.31.14.0, časové razítko: 0x62a0cec5
Název chybujícího modulu: FACEIT.exe, verze: 1.31.14.0, časové razítko: 0x62a0cec5
Kód výjimky: 0x80000003
Posun chyby: 0x00000000016db32f
ID chybujícího procesu: 0x0x1910
Čas spuštění chybující aplikace: 0x0x1d981e4875d71ae
Cesta k chybující aplikaci: C:\Users\josef.tomek\AppData\Local\FACEIT\app-1.31.14\FACEIT.exe
Cesta k chybujícímu modulu: C:\Users\josef.tomek\AppData\Local\FACEIT\app-1.31.14\FACEIT.exe
ID zprávy: e5671ca3-6a4b-4f0a-8cd1-c022cc4fa9e9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/08/2023 09:37:30 PM) (Source: Application Error) (EventID: 1000) (User: TOMEK-PC)
Description: Název chybující aplikace: FACEIT.exe, verze: 1.31.14.0, časové razítko: 0x62a0cec5
Název chybujícího modulu: FACEIT.exe, verze: 1.31.14.0, časové razítko: 0x62a0cec5
Kód výjimky: 0x80000003
Posun chyby: 0x00000000016db32f
ID chybujícího procesu: 0x0x830
Čas spuštění chybující aplikace: 0x0x1d981e4865f5072
Cesta k chybující aplikaci: C:\Users\josef.tomek\AppData\Local\FACEIT\app-1.31.14\FACEIT.exe
Cesta k chybujícímu modulu: C:\Users\josef.tomek\AppData\Local\FACEIT\app-1.31.14\FACEIT.exe
ID zprávy: 16fc3b95-86cd-40a0-bc23-299256f296a7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (05/10/2023 02:08:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240035): 2023-05 Kumulativní aktualizace pro Windows 11 Version 22H2 pro systémy typu x64 (KB5026372).

Error: (05/09/2023 04:15:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (05/09/2023 04:15:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (05/08/2023 09:39:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Razer Synapse Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Spustit nakonfigurovaný program pro obnovení.

Error: (05/08/2023 09:39:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Razer Central Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/07/2023 07:39:49 PM) (Source: DCOM) (EventID: 10010) (User: TOMEK-PC)
Description: Server Windows.Media.Capture.Internal.AppCaptureShell se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/05/2023 09:03:22 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9MSSGKG348SP-MicrosoftWindows.Client.WebExperience.

Error: (05/04/2023 03:26:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Zabezpečení Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.


Windows Defender:
================
Date: 2023-05-12 23:01:06
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Phonzy.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\josef.tomek\AppData\Local\Temp\Rar$EXb15332.24806\Setup.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: TOMEK-PC\josef.tomek
Název procesu: C:\Users\josef.tomek\WinRAR.exe
Verze bezpečnostních informací: AV: 1.389.1036.0, AS: 1.389.1036.0, NIS: 1.389.1036.0
Verze modulu: AM: 1.1.20300.3, NIS: 1.1.20300.3

Date: 2023-05-12 14:38:20
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DE12D3FB-0A10-4525-980B-441083604F9C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-05-10 16:37:27
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {50CE2FF3-64C4-41B1-BC2E-09ED083D2BE2}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-05-09 23:26:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F5BD9229-B264-4F06-BCD4-BC49E927615F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-05-08 17:15:20
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F32291B7-6FBD-4C0B-8CA6-AF713EF0A6F1}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]

Date: 2023-02-17 17:43:38
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.383.60.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20000.2
Kód chyby: 0x80072f8f
Popis chyby: Došlo k chybě zabezpečení.

CodeIntegrity:
===============
Date: 2023-05-04 15:26:50
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

BIOS: American Megatrends International, LLC. 1.Q7 07/17/2022
Motherboard: Micro-Star International Co., Ltd. B350 TOMAHAWK (MS-7A34)
Processor: AMD Ryzen 5 5500
Percentage of memory in use: 35%
Total physical RAM: 16277.1 MB
Available physical RAM: 10499.43 MB
Total Virtual: 17301.1 MB
Available Virtual: 9635 MB

==================== Drives ================================

Drive c: (Windows 10 Pro) (Fixed) (Total:111.19 GB) (Free:56.94 GB) (Model: KINGSTON SA400S37120G) NTFS
Drive d: (HDD) (Fixed) (Total:931.51 GB) (Free:450.67 GB) (Model: ST1000DM010-2EP102) NTFS
Drive e: (HDD 2) (Fixed) (Total:1863 GB) (Free:1423.77 GB) (Model: ST2000DM008-2UB102) NTFS

\\?\Volume{b7f65ad0-a3a9-4cd2-8dfc-6d507bc64c65}\ () (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
\\?\Volume{39748896-df0e-43d3-a2b0-a6e90382baec}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: C66A33DA)

Partition: GPT.

==================== End of Addition.txt =======================

[JaRon]

Ahoj,
prescanuj PC s MBAM

[Joskyc]

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 13.05.23
Čas skenování: 19:51
Logovací soubor: baf7a7d6-f1b6-11ed-80f8-309c23624273.json

-Informace o softwaru-
Verze: 4.5.24.248
Verze komponentů: 1.0.1952
Aktualizovat verzi balíku komponent: 1.0.69431
Licence: Zkušební

-Systémová informace-
OS: Windows 11 (Build 22621.1702)
CPU: x64
Systém souborů: NTFS
Uživatel: TOMEK-PC\josef.tomek

-Shrnutí skenování-
Typ skenování: Vlastní skenování
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 712487
Zjištěné hrozby: 0
Hrozby umístěné do karantény: 0
Uplynulý čas: 3 hod, 10 min, 10 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

[JaRon]

1. Název: Trojan:Script/Phonzy.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\josef.tomek\AppData\Local\Temp\Rar$EXb15332.24806\Setup.exe
Tento subor uz bol zmazany ? Ak nie - zmaz
2. Aplikacia Faceit hadze chyby - odinstaluj alebo preinstaluj
3. s prikazoveho riadku spust
sfc /scannow

[Joskyc]

CBS LOG.rar

(13.5 KiB) Staženo 30 x

[JaRon]

Pokial nie su problemy OK