Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o Preventivku

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
jsktmk
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 12 srp 2021 21:26

Prosím o Preventivku

#1 Příspěvek od jsktmk »

Dobrý den, poprosil bych o preventivní kontrolu PC.

FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-08-2021
Ran by josef.tomek (administrator) on TOMEK-PC (Micro-Star International Co., Ltd. MS-7A34) (12-08-2021 22:29:55)
Running from D:\Downloads
Loaded Profiles: josef.tomek
Platform: Windows 10 Pro Version 21H1 19043.1110 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12105.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Thales DIS CPL USA, Inc. -> Thales Group) C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplms.exe
(Thales DIS CPL USA, Inc. -> Thales Group) C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplmv.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35062912 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Policies\Explorer: []
HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Policies\Explorer\DisallowRun: [1] 1.exe
HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Policies\Explorer\DisallowRun: [2] irsetup.exe
HKLM\...\Windows x64\Print Processors\LogMeIn Print Processor: C:\Windows\System32\spool\prtprocs\x64\LMIproc.dll [60416 2016-01-29] (LogMeIn, Inc. -> LogMeIn, Inc.)
HKLM\...\Print\Monitors\LogMeIn Printer Port Monitor: C:\Windows\system32\LMIport.dll [35328 2016-01-29] (LogMeIn, Inc. -> LogMeIn, Inc.)
HKLM\Software\...\AppCompatFlags\Custom\GXSetup.exe: [{0e82bf4c-b906-4635-a97e-6a9740686b33}.sdb] -> Rayman 2: The Great Escape GOG Edition
HKLM\Software\...\AppCompatFlags\Custom\Rayman2.exe: [{0e82bf4c-b906-4635-a97e-6a9740686b33}.sdb] -> Rayman 2: The Great Escape GOG Edition
HKLM\Software\...\AppCompatFlags\InstalledSDB\{0e82bf4c-b906-4635-a97e-6a9740686b33}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{0e82bf4c-b906-4635-a97e-6a9740686b33}.sdb [2011-03-17]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\92.0.11264.134\Installer\chrmstp.exe [2021-08-12] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.131\Installer\chrmstp.exe [2021-08-04] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{65CD7F9B-E8F3-4bb0-82EB-6F6875B745DF}] -> C:\Windows\system32\LMIinit.dll [2020-05-08] (LogMeIn, Inc. -> LogMeIn, Inc.)
Startup: C:\Users\josef.tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE XTREME GAMING ENGINE.lnk [2018-10-02]
ShortcutTarget: GIGABYTE XTREME GAMING ENGINE.lnk -> D:\XTREME GAMING ENGINE\autorun.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04F931A7-53FB-480E-8961-6AFF4EB69C7E} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2287472 2021-08-03] (Piriform Software Ltd -> Piriform Software)
Task: {151F17B0-6C99-4935-BEB0-6EA4716B24CF} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-06-08] (Piriform Software Ltd -> Piriform Software)
Task: {1A5E1F78-801E-431E-8948-6548960F36FA} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773328 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {1B17C3CA-8ADB-4CE1-B5F0-0D9368E45518} - System32\Tasks\Opera scheduled assistant Autoupdate 1582725469 => C:\Users\josef.tomek\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-21] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\josef.tomek\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {2AAC00DC-84AA-464C-BB8C-0B58E8DD302C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2D1F1153-FFC8-4B9E-8D01-418B04FB31C0} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-06-08] (Piriform Software Ltd -> Piriform Software)
Task: {311240D7-8463-42C1-A848-908D815AEEBF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-10-01] (Google Inc -> Google Inc.)
Task: {590854D4-F497-4028-9BE0-BE4FFE14D60B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {5ECAB301-B478-490A-84C0-5A725E2BCBBE} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950480 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {793EE2E1-AA87-4F46-8898-B752940727F7} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855760 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {79A9F6A7-F4C7-48B8-8119-B4555233FE42} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773328 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {7ACA6E36-F635-4C43-9975-EF5399131AA7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7D9C328F-CA5B-46A4-BF93-923AE98BD9D4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-07-16] (Piriform Software Ltd -> Piriform)
Task: {8C76EF1F-A2FA-408C-9DD1-77C9A8550496} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950480 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {96F1ECEE-43CF-4C2C-BD25-AC54AD49EEE0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9847E2EE-DB9D-4678-910F-7EABF7667AAB} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2317344584-338335979-3697871285-500 => C:\Users\josef.tomek\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {985BE318-527E-46D1-A54B-8FD0ADA020D5} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2287472 2021-08-03] (Piriform Software Ltd -> Piriform Software)
Task: {9F53D1CE-9E07-4B9C-BC23-F8547478C204} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950480 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A8D76F95-3072-4994-BF85-BE3BD83B8079} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29136000 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AF8DEE2D-A59C-4D87-AED6-2744FBC12332} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B69AEE43-1072-4F29-9D5B-F0FDDE62B58B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B7D2C4E3-BF81-431D-9BAC-CBC35CAD4CBA} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {BFB1198F-9947-4073-96DE-7F65EABF2982} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5F0127D-C04C-453E-AF78-C3F042BC5E3C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [696016 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CA1F09E6-3095-420A-8900-820FD1C907C4} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950480 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CBFA0632-9EDE-481C-AA11-5F47390E358C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [995024 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E42C4F47-FFD9-422E-A4C1-A195474304FE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-10-01] (Google Inc -> Google Inc.)
Task: {EFBE24DA-07BC-4B26-94A2-6BADE8CFBEB2} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3487440 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F352E3EE-1F2D-4B68-8E57-92F76AFAA168} - System32\Tasks\Opera scheduled Autoupdate 1550496882 => C:\Users\josef.tomek\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-21] (Opera Software AS -> Opera Software)
Task: {FA40F41F-9F62-4028-AA00-7B6613E23FF8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855760 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0bfbe3c0-262b-4006-9f83-a8c30be782ca}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{39042313-b12b-4806-bdf6-42a082645fa1}: [DhcpNameServer] 10.107.4.100 10.107.4.129

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\josef.tomek\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-12]

FireFox:
========
FF DefaultProfile: 8kavqy3r.default
FF ProfilePath: C:\Users\josef.tomek\AppData\Roaming\Mozilla\Firefox\Profiles\8kavqy3r.default [2021-08-12]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-04-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-04-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-06-08] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-06-08] (Piriform Software Ltd -> Piriform Software)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default [2021-08-12]
CHR Notifications: Default -> hxxps://aternos.org; hxxps://cs66.divokekmeny.cz; hxxps://cs70.divokekmeny.cz; hxxps://cz.pinterest.com; hxxps://golive.im; hxxps://meet.google.com; hxxps://tabletopia.com; hxxps://teams.microsoft.com; hxxps://www.divokekmeny.cz; hxxps://www.netflix.com; hxxps://www.youtube.com
CHR Extension: (Prezentace) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-01]
CHR Extension: (Dokumenty) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-01]
CHR Extension: (Disk Google) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (YouTube) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-01]
CHR Extension: (Watch2Gether) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cimpffimgeipdhnhjohpbehjkcdpjolg [2021-06-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-29]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-08-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-23]
CHR Profile: C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-08-12]

Opera:
=======
OPR Profile: C:\Users\josef.tomek\AppData\Roaming\Opera Software\Opera Stable [2021-08-12]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\josef.tomek\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-07-02]

Brave:
=======
BRA Profile: C:\Users\josef.tomek\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-08-12]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\josef.tomek\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2019-07-13]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\josef.tomek\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2019-07-21]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\josef.tomek\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2019-07-13]
BRA Extension: (PDF Viewer) - C:\Users\josef.tomek\AppData\Local\BraveSoftware\Brave-Browser\User Data\oemmndcbldboiebfnladdacbdfmadadm [2019-07-13]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\josef.tomek\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2019-07-13]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-06-08] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\92.0.11264.134\elevation_service.exe [1419240 2021-08-03] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-06-08] (Piriform Software Ltd -> Piriform Software)
S3 Disc Soft Lite Bus Service; D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3606120 2018-04-03] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-09-21] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 FACEITService; C:\Program Files\FACEIT AC\FACEITService.exe [25942472 2021-08-03] (FACE IT LIMITED -> )
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2021-01-29] (Mixbyte Inc -> Freemake)
R2 hasplms; C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplms.exe [6181600 2020-08-19] (Thales DIS CPL USA, Inc. -> Thales Group)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5395384 2021-07-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2019-11-07] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10147296 2021-06-22] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [269200 2020-04-02] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aksdf; C:\WINDOWS\system32\drivers\aksdf.sys [389560 2020-08-19] (Gemalto, Inc. -> SafeNet, Inc.)
R2 aksfridge; C:\WINDOWS\system32\drivers\aksfridge.sys [510800 2020-08-19] (Gemalto, Inc. -> SafeNet, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-10-01] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-10-01] (Disc Soft Ltd -> Disc Soft Ltd)
S3 esgiguard; D:\SpyHunter4\SpyHunter\App\SpyHunter\esgiguard.sys [15920 2016-05-19] (Enigma Software Group USA, LLC -> Enigma Software Group USA, LLC.)
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2018-11-23] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [1970104 2020-08-19] (Gemalto, Inc. -> SafeNet, Inc.)
R2 LMIInfo; C:\WINDOWS\system32\drivers\LMIInfo.sys [30432 2017-01-11] (LogMeIn, Inc. -> LogMeIn, Inc.)
S4 LMIRfsClientNP; no ImagePath
S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [66952 2018-07-30] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.)
S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8241992 2021-06-22] (Riot Games, Inc. -> Riot Games, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2020-05-06] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 VBAudioVMVAIOMME; \SystemRoot\System32\drivers\vbaudio_vmvaio64_win10.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-12 22:28 - 2021-08-12 22:30 - 000000000 ____D C:\FRST
2021-08-12 22:11 - 2021-08-12 22:11 - 000055818 _____ C:\Users\josef.tomek\Desktop\cc_20210812_221149.reg
2021-08-11 11:55 - 2021-08-11 11:55 - 000000000 ___HD C:\$WinREAgent
2021-08-05 21:49 - 2021-08-05 21:49 - 000000000 ____D C:\Users\josef.tomek\Documents\Assassin's Creed IV Black Flag
2021-08-05 21:47 - 2021-08-05 21:47 - 000000826 _____ C:\Users\Public\Desktop\Assassin's Creed IV - Black Flag.lnk
2021-08-05 21:47 - 2021-08-05 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed IV - Black Flag
2021-08-05 21:36 - 2021-08-05 21:36 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\Setup Integrity Check
2021-07-22 15:12 - 2021-07-22 15:12 - 000000000 ____D C:\Users\josef.tomek\AppData\LocalLow\Sage_gg s_r_o_
2021-07-22 15:12 - 2021-07-22 15:12 - 000000000 ____D C:\Users\josef.tomek\AppData\LocalLow\Sage.gg s.r.o_
2021-07-22 15:08 - 2021-07-22 15:12 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\GitGut
2021-07-22 15:08 - 2021-07-22 15:08 - 000000370 _____ C:\Users\josef.tomek\Desktop\GitGut.ai.appref-ms
2021-07-22 15:08 - 2021-07-22 15:08 - 000000000 ____D C:\Users\josef.tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sage.gg s.r.o
2021-07-16 13:24 - 2021-07-16 13:24 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-16 13:24 - 2021-07-16 13:24 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-16 13:24 - 2021-07-16 13:24 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-16 13:24 - 2021-07-16 13:24 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-16 13:24 - 2021-07-16 13:24 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-16 13:24 - 2021-07-16 13:24 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-12 22:30 - 2020-10-31 01:47 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-12 22:30 - 2019-12-07 16:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2021-08-12 22:30 - 2019-12-07 16:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2021-08-12 22:30 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-12 22:27 - 2020-06-06 19:50 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-12 22:27 - 2020-06-06 19:50 - 000002288 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-08-12 22:27 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-12 22:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-12 22:26 - 2020-06-19 19:21 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-08-12 22:25 - 2019-04-10 16:09 - 000000000 ____D C:\Program Files\CCleaner
2021-08-12 22:25 - 2018-10-01 16:40 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-12 22:23 - 2020-10-31 01:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-12 22:23 - 2020-10-31 01:37 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-12 22:23 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-12 22:23 - 2018-10-23 14:08 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-08-12 22:23 - 2018-10-01 16:12 - 000000000 ____D C:\ProgramData\NVIDIA
2021-08-12 22:22 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-08-12 22:20 - 2018-10-01 18:01 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\CrashDumps
2021-08-12 22:17 - 2018-11-12 19:48 - 000000000 ____D C:\Users\josef.tomek\AppData\Roaming\discord
2021-08-12 22:17 - 2018-11-12 19:48 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\Discord
2021-08-12 22:16 - 2020-06-03 21:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2021-08-12 22:15 - 2021-02-06 15:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2021-08-12 22:15 - 2020-10-31 01:17 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-08-12 22:15 - 2020-09-21 18:06 - 000000000 ____D C:\Users\josef.tomek\AppData\Roaming\JetBrains
2021-08-12 22:15 - 2018-12-13 18:37 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2021-08-12 22:15 - 2018-10-01 16:24 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\Packages
2021-08-12 22:14 - 2019-05-21 16:31 - 000000000 ____D C:\Program Files\FACEIT AC
2021-08-12 22:13 - 2020-06-03 22:57 - 000000000 ____D C:\Program Files\IIS Express
2021-08-12 22:13 - 2020-06-03 22:57 - 000000000 ____D C:\Program Files (x86)\IIS Express
2021-08-12 22:13 - 2018-12-13 18:37 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2021-08-12 22:12 - 2020-06-03 21:46 - 000000000 ____D C:\Users\josef.tomek\AppData\Roaming\Visual Studio Setup
2021-08-12 22:12 - 2019-08-12 17:01 - 000000000 ____D C:\Users\josef.tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FACEIT Ltd
2021-08-12 22:12 - 2019-08-12 17:00 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\FACEITApp
2021-08-12 22:12 - 2019-05-21 16:31 - 000000000 ____D C:\Users\josef.tomek\AppData\Roaming\FACEIT
2021-08-12 22:11 - 2020-09-13 16:43 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\Spotify
2021-08-12 21:49 - 2020-09-13 16:42 - 000000000 ____D C:\Users\josef.tomek\AppData\Roaming\Spotify
2021-08-12 21:15 - 2020-10-31 01:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-12 17:34 - 2021-06-08 19:58 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2021-08-12 17:34 - 2021-06-08 19:58 - 000002366 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2021-08-12 17:34 - 2021-06-08 19:58 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2021-08-12 16:23 - 2019-02-26 20:24 - 000000000 ____D C:\ProgramData\Riot Games
2021-08-12 12:00 - 2021-06-03 22:44 - 000000032 _____ C:\Users\josef.tomek\AppData\Roaming\.machineId
2021-08-11 21:36 - 2021-07-09 11:30 - 000004478 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582725469
2021-08-05 21:49 - 2018-10-01 16:36 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\D3DSCache
2021-08-05 10:04 - 2020-10-04 17:36 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-05 09:59 - 2020-10-31 01:50 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-05 09:59 - 2020-10-31 01:50 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-04 11:21 - 2018-10-01 15:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-08-04 11:12 - 2018-10-01 16:46 - 000002315 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-04 11:12 - 2018-10-01 16:46 - 000002274 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-07-31 15:20 - 2020-10-31 01:58 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6af166b8e5672
2021-07-31 15:20 - 2020-10-31 01:50 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-27 14:35 - 2021-04-23 14:28 - 000001507 _____ C:\Users\josef.tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-07-27 14:35 - 2020-10-31 01:50 - 000004212 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1550496882
2021-07-26 11:58 - 2020-06-22 22:17 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\blitz-updater
2021-07-26 11:57 - 2020-11-23 17:44 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\Deployment
2021-07-21 13:22 - 2020-10-31 01:50 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-07-18 11:47 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-17 00:10 - 2020-10-31 01:37 - 000435904 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-17 00:08 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-07-17 00:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-17 00:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-17 00:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-17 00:08 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-16 13:16 - 2018-10-01 16:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-16 13:14 - 2018-10-01 16:36 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-07-16 09:45 - 2020-10-04 17:36 - 000740152 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-07-16 09:45 - 2020-10-04 17:36 - 000486712 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-07-15 01:44 - 2020-10-31 01:39 - 000000000 ____D C:\Users\josef.tomek
2021-07-13 21:59 - 2018-11-12 19:48 - 000002271 _____ C:\Users\josef.tomek\Desktop\Discord.lnk

==================== Files in the root of some directories ========

2021-06-03 22:44 - 2021-08-12 12:00 - 000000032 _____ () C:\Users\josef.tomek\AppData\Roaming\.machineId
2021-02-07 19:53 - 2021-02-07 19:53 - 000000064 _____ () C:\Users\josef.tomek\AppData\Roaming\changzhi_leidian.data
2020-10-17 22:41 - 2020-10-28 19:35 - 000004665 _____ () C:\Users\josef.tomek\AppData\Roaming\VoiceMeeterDefault.xml
2021-02-03 12:26 - 2021-02-03 12:26 - 000002004 _____ () C:\Users\josef.tomek\AppData\Local\recently-used.xbel
2020-02-13 20:05 - 2020-02-13 20:05 - 000000017 _____ () C:\Users\josef.tomek\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================






Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-08-2021
Ran by josef.tomek (12-08-2021 22:31:02)
Running from D:\Downloads
Windows 10 Pro Version 21H1 19043.1110 (X64) (2020-10-30 23:50:58)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Admin (S-1-5-21-2317344584-338335979-3697871285-1001 - Administrator - Disabled) => C:\Users\Admin
Administrator (S-1-5-21-2317344584-338335979-3697871285-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2317344584-338335979-3697871285-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2317344584-338335979-3697871285-1000 - Limited - Disabled)
Guest (S-1-5-21-2317344584-338335979-3697871285-501 - Limited - Disabled)
josef.tomek (S-1-5-21-2317344584-338335979-3697871285-1002 - Administrator - Enabled) => C:\Users\josef.tomek
WDAGUtilityAccount (S-1-5-21-2317344584-338335979-3697871285-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"Assassin's Creed IV - Black Flag" (HKLM-x32\...\{959CF39B-F3FA-4A80-AECF-8AF6BA639276}_is1) (Version: 1.02.0.0 - )
CCleaner (HKLM\...\CCleaner) (Version: 5.83 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 92.0.11264.134 - Autoři prohlížeče CCleaner Browser)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
GitGut.ai (HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\b32e79ee6fc1dfdf) (Version: 0.9.0.30 - Sage.gg s.r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.131 - Google LLC)
IIS 10.0 Express (HKLM\...\{2B8326B6-4202-4239-B9A9-F3EC8812E82D}) (Version: 10.0.03917 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) Hidden
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Hidden
Java 8 Update 291 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
League of Legends (HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.73 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2317344584-338335979-3697871285-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2317344584-338335979-3697871285-500\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{9097BF1A-13A0-4A4A-A1F8-473E2A669863}) (Version: 13.1.4001.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Teams) (Version: 1.4.00.11161 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.26.28720 (HKLM-x32\...\{86380aef-fd23-4fc3-8723-a98ccad8f2c6}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NVIDIA GeForce Experience 3.15.0.164 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.164 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 457.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.30 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Opera Stable 77.0.4054.277 (HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Opera 77.0.4054.277) (Version: 77.0.4054.277 - Opera Software)
Rayman 2: The Great Escape GOG Edition (HKLM\...\{0e82bf4c-b906-4635-a97e-6a9740686b33}.sdb) (Version: - )
Rayman 3 1.0 (HKLM-x32\...\Rayman 3_is1) (Version: - )
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Spotify (HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Spotify) (Version: 1.1.65.643.g2d707698 - Spotify AB)
Stronghold Crusader (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: - )
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
Uložit do služby Autodesk Web and Mobile (HKLM\...\{A9005AC0-4AD8-4E84-B1F7-EE38BB6BCC2D}) (Version: 3.0.26 - Autodesk)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
VALORANT (HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
WinRAR 5.11 beta 1 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.1 - win.rar GmbH)
XTREME GAMING ENGINE (HKLM-x32\...\GIGABYTE XTREME GAMING ENGINE_is1) (Version: 1.2.5.1 - GIGABYTE Technology Co.,Inc.)

Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.9.253.0_x64__rz1tebttyb220 [2021-08-12] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-03-10] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Rozšíření pro video HEVC -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_1.0.41531.0_x64__8wekyb3d8bbwe [2021-06-20] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2317344584-338335979-3697871285-1002_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\josef.tomek\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21063.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2014-08-06] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2014-08-06] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2014-08-06] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2014-08-06] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [484]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2317344584-338335979-3697871285-1002\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\ssv.dll [2021-04-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-04-27] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2018-04-12 01:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\
HKU\S-1-5-21-2317344584-338335979-3697871285-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2317344584-338335979-3697871285-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\josef.tomek\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\b22c96d8ee01f9e5bd7304cb2509393d.jpeg
HKU\S-1-5-21-2317344584-338335979-3697871285-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-2317344584-338335979-3697871285-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{62F9457B-9E9E-492D-9CFC-23D147C4AC85}] => (Allow) C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplms.exe (Thales DIS CPL USA, Inc. -> Thales Group)
FirewallRules: [{31BBB547-9B06-4452-8858-8844490BAE1B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FB3BEF0D-0A41-4188-B926-4956FC73AFF8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B89BFC93-6B40-4D9C-9D68-0B209DC15B9A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9A9E17D2-F27C-4F0E-B854-95C93BB77ACC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [UDP Query User{336E8066-CE45-485F-B367-A0AA8918851E}C:\program files\jetbrains\pycharm community edition 2020.2.1\bin\pycharm64.exe] => (Allow) C:\program files\jetbrains\pycharm community edition 2020.2.1\bin\pycharm64.exe => No File
FirewallRules: [TCP Query User{EF9D3B5A-6419-4772-9147-325CAE791F95}C:\program files\jetbrains\pycharm community edition 2020.2.1\bin\pycharm64.exe] => (Allow) C:\program files\jetbrains\pycharm community edition 2020.2.1\bin\pycharm64.exe => No File
FirewallRules: [UDP Query User{75C60632-3314-4CE7-B1F3-2492F48A285C}C:\users\josef.tomek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\josef.tomek\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{02CE7997-F4FC-4EB2-82DF-3DCE7A84BB1C}C:\users\josef.tomek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\josef.tomek\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{8ED0C72D-DA75-4F71-A0BE-B6C314A5E7D5}C:\users\josef.tomek\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\josef.tomek\appdata\local\programs\blitz\blitz.exe => No File
FirewallRules: [TCP Query User{C6CC7E72-14F9-4FF4-9FAB-EBAFF08A1725}C:\users\josef.tomek\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\josef.tomek\appdata\local\programs\blitz\blitz.exe => No File
FirewallRules: [{A80FBBD3-43E0-4C4F-92D3-7BDAB4F49B72}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{839B9FCF-AD23-48A3-A23E-D9BC448980E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{14C54888-55E1-43DA-8477-5F22D0A62761}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A627E39A-7FE9-41CE-A14B-07B9F3612BE5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{31B101C3-7CE3-4377-9CE0-F28AED2EFBEF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9C3CE40A-1DBE-42BB-B09E-7EDC65355608}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8D8042BF-A9B1-4F61-AA9E-ACF4B0E76F35}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BFEC4D7F-064A-4058-896E-BD5C1AB848ED}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{EC068911-C8D4-464F-BAD2-E71D6F82F4F2}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{0F258053-7694-491F-ADFE-E650B3FB61F9}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{4A9EE9B7-1A2C-495C-AD61-C56E66E0FEC6}D:\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\steam\steamapps\common\counter-strike global offensive\csgo.exe (Valve -> )
FirewallRules: [UDP Query User{80E3CE13-F48B-4353-925C-164A3949AA60}D:\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\steam\steamapps\common\counter-strike global offensive\csgo.exe (Valve -> )
FirewallRules: [{68D666F4-DEB0-4E16-9AAC-14738AB84BB4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F9A15747-C756-450C-A4B7-89DB14DFE638}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{94EC5158-D328-4FDC-9D28-374B2421ECF8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8416B311-D3EC-450E-B353-F2C6E79D20D1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{9E28572D-B632-4720-ACB4-0B6D6C5B2F48}D:\torrent\utorrent.exe] => (Allow) D:\torrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{33E2BE81-E6FE-4CC2-A255-C87F8A14ADB6}D:\torrent\utorrent.exe] => (Allow) D:\torrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{2A879778-F867-4BC0-871F-FFF1B951693A}D:\torrent\utorrent.exe] => (Allow) D:\torrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{F1158047-D30B-4031-96D5-DCF1A01DB88B}D:\torrent\utorrent.exe] => (Allow) D:\torrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{987319EA-6C5E-43D3-BC01-F33D75CDFC37}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
FirewallRules: [TCP Query User{A16B57FF-81B7-46BD-AE84-D13F46E187D6}D:\games\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{2E11076C-8A4E-4838-AB02-F0506DCDDBE7}D:\games\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{2E1425DC-5F73-4359-8795-5A78F79A9B22}] => (Allow) D:\Steam\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{B7014848-BACC-40C2-AEEA-1DE4388C4F76}] => (Allow) D:\Steam\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{3E488B0D-3DA4-4C1E-8FE1-FCC5503D34D3}] => (Allow) D:\Steam\steamapps\common\HD Poker\HD Poker.exe () [File not signed]
FirewallRules: [{D455BFAC-414B-40AE-A9A5-7A730C69D12A}] => (Allow) D:\Steam\steamapps\common\HD Poker\HD Poker.exe () [File not signed]
FirewallRules: [TCP Query User{E3D1AFF7-6589-4CA9-9FF6-7F24FA21BFCD}C:\users\josef.tomek\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\josef.tomek\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{70EF502A-C7E6-4B5A-9D1A-E879317B5BDA}C:\users\josef.tomek\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\josef.tomek\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{04CE87D9-B189-435A-9C19-375F9EE9C29D}] => (Allow) D:\Steam\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [{03B606CB-4CED-47B8-B53C-D2B7147EA6CA}] => (Allow) D:\Steam\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [TCP Query User{BE267A5F-C7AD-4B7B-A795-E5A6E8B144ED}D:\games\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{2476D8F9-EB1A-424B-B869-DA56DD951899}D:\games\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{DCBC8EE8-5171-4B3A-AB2C-8E18E2E63115}D:\games\stronghold crusader\stronghold crusader.exe] => (Allow) D:\games\stronghold crusader\stronghold crusader.exe () [File not signed]
FirewallRules: [UDP Query User{6E819466-5BBD-4523-81D6-BD9009397D36}D:\games\stronghold crusader\stronghold crusader.exe] => (Allow) D:\games\stronghold crusader\stronghold crusader.exe () [File not signed]
FirewallRules: [TCP Query User{B777C044-E456-44FD-B20F-AA6FCE359A02}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{4CD5681C-C827-4DF1-BA63-5C24F8147CC3}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{581D09F5-6BD0-42C8-87B6-F3F2584C6ADE}D:\games\riot games\riot client\riotclientservices.exe] => (Allow) D:\games\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{81537650-1088-498B-9754-CE7B41A29476}D:\games\riot games\riot client\riotclientservices.exe] => (Allow) D:\games\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{7A39D53C-BA75-4CEE-A62F-67977A33442A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C6A0548F-3D8C-4455-8B7D-2FA0D1B38732}] => (Allow) D:\Games\Assassin's Creed IV - Black Flag\AC4BFSP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{8734A9D8-3FB6-4CF1-B19D-77A68AA7057A}] => (Allow) D:\Games\Assassin's Creed IV - Black Flag\AC4BFSP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{4992BE24-9805-40DE-A7B1-3C86A90D395A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D75931E2-9B0B-44EC-B78B-00AAD0B8C32D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{23FE6ADF-F152-42E8-A9D2-C0CF1215C898}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{061C8263-E018-41A5-9F10-44F23D73C3AC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D7D105F6-445C-4ACE-ACD9-D4641EBD8F32}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.19 GB) (Free:53.35 GB) (48%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/12/2021 10:23:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x6013e0fe
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1110, časové razítko: 0xc830c52d
Kód výjimky: 0xe0434352
Posun chyby: 0x0012b4b2
ID chybujícího procesu: 0xf2c
Čas spuštění chybující aplikace: 0x01d78fb7e600ed90
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: c67b0c2b-3ccc-4b64-81e3-d6837c245e15
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/12/2021 10:23:24 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeUtilsService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na FreemakeUtilsService.Program.Main(System.String[])

Error: (08/12/2021 10:20:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: vgtray.exe, verze: 1.8.1.246, časové razítko: 0x60d2249f
Název chybujícího modulu: vgtray.exe, verze: 1.8.1.246, časové razítko: 0x60d2249f
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000070114
ID chybujícího procesu: 0x1bc0
Čas spuštění chybující aplikace: 0x01d78f60e7ae3c3d
Cesta k chybující aplikaci: C:\Program Files\Riot Vanguard\vgtray.exe
Cesta k chybujícímu modulu: C:\Program Files\Riot Vanguard\vgtray.exe
ID zprávy: 07a41d29-92b1-4a5d-9852-e039f798b4d2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/12/2021 12:03:25 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (08/12/2021 12:00:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Blitz.exe, verze: 1.15.28.466, časové razítko: 0x60fef721
Název chybujícího modulu: blitz_core.node, verze: 0.0.0.0, časové razítko: 0x6113b46f
Kód výjimky: 0xc0000409
Posun chyby: 0x00040dcb
ID chybujícího procesu: 0x1870
Čas spuštění chybující aplikace: 0x01d78f60e8ac06a6
Cesta k chybující aplikaci: C:\Users\josef.tomek\AppData\Local\Programs\Blitz\Blitz.exe
Cesta k chybujícímu modulu: \\?\C:\Users\josef.tomek\AppData\Roaming\Blitz\blitz-deps\1.15.28\blitz_core.node
ID zprávy: 0765b326-dcf0-4b3b-adb5-a6ac20d83684
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/11/2021 11:54:14 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (08/10/2021 11:35:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Blitz.exe, verze: 1.15.27.394, časové razítko: 0x60fef721
Název chybujícího modulu: blitz_core.node, verze: 0.0.0.0, časové razítko: 0x610a1436
Kód výjimky: 0xc0000409
Posun chyby: 0x00040d4b
ID chybujícího procesu: 0x26b4
Čas spuštění chybující aplikace: 0x01d78dc45f11c487
Cesta k chybující aplikaci: C:\Users\josef.tomek\AppData\Local\Programs\Blitz\Blitz.exe
Cesta k chybujícímu modulu: \\?\C:\Users\josef.tomek\AppData\Roaming\Blitz\blitz-deps\1.15.27\blitz_core.node
ID zprávy: 45be91b6-fa52-4a5f-905c-a7572a838f2a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/10/2021 10:50:21 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (08/12/2021 10:27:27 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {CECDDD22-2E72-4832-9606-A9B0E5E344B2} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/12/2021 10:23:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (08/12/2021 10:23:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Freemake Improver bylo dosaženo časového limitu (45000 ms).

Error: (08/12/2021 10:11:10 PM) (Source: DCOM) (EventID: 10000) (User: TOMEK-PC)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (08/01/2021 11:37:55 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/01/2021 11:37:55 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/01/2021 11:37:55 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/01/2021 11:37:55 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2021-08-11 12:18:43
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8CB2BCBB-3E9F-47ED-B17B-5284B49A15B4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-10 12:11:52
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {44555551-1835-4D47-B964-63DDC9CDBC8A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-09 12:39:01
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {702228B1-71A3-4475-A809-F6BDD676B928}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-08 14:39:11
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {209EE9E8-31B9-4F14-854E-341223BB8415}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-07 15:17:07
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {12DAF0C5-08A0-4CC0-AF3E-8A889BF27D18}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2021-06-23 20:17:53
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Users\josef.tomek\AppData\Local\Programs\Blitz\Blitz.exe) attempted to load \Device\HarddiskVolume1\Overwolf\0.173.0.14\win32\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2021-05-06 10:37:56
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Users\josef.tomek\AppData\Local\Microsoft\Teams\current\Teams.exe) attempted to load \Device\HarddiskVolume1\Overwolf\0.169.0.24\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2021-05-06 09:50:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Users\josef.tomek\AppData\Local\Microsoft\Teams\current\Teams.exe) attempted to load \Device\HarddiskVolume1\Overwolf\0.169.0.22\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2020-11-04 10:41:51
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-11-04 10:41:51
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-11-04 10:41:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\AVG\Antivirus\AVGSvc.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.80 09/13/2017
Motherboard: Micro-Star International Co., Ltd. B350 TOMAHAWK (MS-7A34)
Processor: AMD Ryzen 5 1500X Quad-Core Processor
Percentage of memory in use: 42%
Total physical RAM: 8147.55 MB
Available physical RAM: 4671.75 MB
Total Virtual: 11731.55 MB
Available Virtual: 7039.4 MB

==================== Drives ================================

Drive c: (Windows 10 Pro) (Fixed) (Total:111.19 GB) (Free:53.35 GB) NTFS
Drive d: (HDD) (Fixed) (Total:931.51 GB) (Free:535.62 GB) NTFS

\\?\Volume{b7f65ad0-a3a9-4cd2-8dfc-6d507bc64c65}\ () (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
\\?\Volume{39748896-df0e-43d3-a2b0-a6e90382baec}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15364
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o Preventivku

#2 Příspěvek od JaRon »

ahoj,
1. prescanuj PC s MBAM
2. spust s prikazoveho riadku ako spravca sfc/scannow
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

jsktmk
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 12 srp 2021 21:26

Re: Prosím o Preventivku

#3 Příspěvek od jsktmk »

2021-08-13 00:23:27, Info CBS TI: --- Initializing Trusted Installer ---
2021-08-13 00:23:27, Info CBS TI: Last boot time: 2021-08-12 22:23:08.500
2021-08-13 00:23:27, Info CBS Starting TrustedInstaller initialization.
2021-08-13 00:23:27, Info CBS Lock: New lock added: CCbsPublicSessionClassFactory, level: 30, total lock:4
2021-08-13 00:23:27, Info CBS Lock: New lock added: CCbsPublicSessionClassFactory, level: 30, total lock:5
2021-08-13 00:23:27, Info CBS Lock: New lock added: WinlogonNotifyLock, level: 8, total lock:6
2021-08-13 00:23:27, Info CBS Ending TrustedInstaller initialization.
2021-08-13 00:23:27, Info CBS Starting the TrustedInstaller main loop.
2021-08-13 00:23:27, Info CBS TrustedInstaller service starts successfully.
2021-08-13 00:23:27, Info CBS No startup processing required, TrustedInstaller service was not set as autostart
2021-08-13 00:23:27, Info CBS Startup processing thread terminated normally
2021-08-13 00:23:27, Info CBS TI: Startup Processing completes, release startup processing lock.
2021-08-13 00:23:27, Info CBS Starting TiWorker initialization.
2021-08-13 00:23:27, Info CBS Lock: New lock added: TiWorkerClassFactory, level: 30, total lock:2
2021-08-13 00:23:27, Info CBS Ending TiWorker initialization.
2021-08-13 00:23:27, Info CBS Starting the TiWorker main loop.
2021-08-13 00:23:27, Info CBS TiWorker starts successfully.
2021-08-13 00:23:27, Info CBS Lock: New lock added: CCbsWorker, level: 5, total lock:3
2021-08-13 00:23:27, Info CBS Universal Time is: 2021-08-12 22:23:27.564
2021-08-13 00:23:27, Info CBS Loaded Servicing Stack v10.0.19041.1081 with Core: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1081_none_7e3d47227c694b34\cbscore.dll
2021-08-13 00:23:27, Info CBS Build: 19041.1.amd64fre.vb_release.191206-1406
2021-08-13 00:23:27, Info CSI 00000001@2021/8/12:22:23:27.594 WcpInitialize: wcp.dll version 10.0.19041.1081 (WinBuild.160101.0800)
2021-08-13 00:23:27, Info CBS Lock: New lock added: CCbsSessionManager, level: 11, total lock:9
2021-08-13 00:23:27, Info CBS Lock: New lock added: CSIInventoryCriticalSection, level: 64, total lock:10
2021-08-13 00:23:27, Info CBS NonStart: Set pending store consistency check.
2021-08-13 00:23:27, Info CBS Session: 30904264_2889171015 initialized by client LanguageSettings, external staging directory: (null), external registry directory: (null)
2021-08-13 00:23:27, Info CBS Session: 30904264_2889171016 initialized by client LanguageSettings, external staging directory: (null), external registry directory: (null)
2021-08-13 00:23:27, Info CBS Appl:Feature On Demand package without explicit comparator, using GE on build version
2021-08-13 00:23:27, Info CBS Appl:Feature On Demand package without explicit comparator, using GE on build version
2021-08-13 00:23:27, Info CBS Package Format: PSFX
2021-08-13 00:23:27, Info CBS Appl:LCU package and revision compare set to explicit
2021-08-13 00:23:27, Info CBS Package Format: PSFX
2021-08-13 00:23:27, Info CBS Session: 30904264_2892847876 initialized by client LanguageSettings, external staging directory: (null), external registry directory: (null)
2021-08-13 00:23:28, Info CBS Appl:Feature On Demand package without explicit comparator, using GE on build version
2021-08-13 00:23:28, Info CBS Appl:Feature On Demand package without explicit comparator, using GE on build version
2021-08-13 00:23:28, Info CBS Package Format: PSFX
2021-08-13 00:23:28, Info CBS Appl:LCU package and revision compare set to explicit
2021-08-13 00:23:28, Info CBS Package Format: PSFX
2021-08-13 00:23:28, Info CBS Session: 30904264_2894661058 initialized by client LanguageSettings, external staging directory: (null), external registry directory: (null)
2021-08-13 00:23:28, Info CBS Appl:Feature On Demand package without explicit comparator, using GE on build version
2021-08-13 00:23:28, Info CBS Appl:Feature On Demand package without explicit comparator, using GE on build version
2021-08-13 00:23:28, Info CBS Package Format: PSFX
2021-08-13 00:23:28, Info CBS Appl:LCU package and revision compare set to explicit
2021-08-13 00:23:28, Info CBS Package Format: PSFX
2021-08-13 00:25:29, Info CBS Trusted Installer is shutting down because: SHUTDOWN_REASON_AUTOSTOP
2021-08-13 00:25:29, Info CBS TiWorker signaled for shutdown, going to exit.
2021-08-13 00:25:29, Info CBS CbsCoreFinalize: ExecutionEngineFinalize
2021-08-13 00:25:29, Info CBS Execution Engine Finalize
2021-08-13 00:25:29, Info CBS Execution Engine Finalize
2021-08-13 00:25:29, Info CBS Deleting the contents of directory: \\?\C:\WINDOWS\CbsTemp
2021-08-13 00:25:29, Info CBS Deletion of: \\?\C:\WINDOWS\CbsTemp successful
2021-08-13 00:25:29, Info CBS Lock: Lock removed: TiWorkerClassFactory, level: 30, total lock:3
2021-08-13 00:25:29, Info CBS Lock: Lock removed: CCbsWorker, level: 5, total lock:2
2021-08-13 00:25:29, Info CBS Ending the TiWorker main loop.
2021-08-13 00:25:29, Info CBS Starting TiWorker finalization.
2021-08-13 00:25:29, Info CBS CbsCoreFinalize: ExecutionEngineFinalize
2021-08-13 00:25:29, Info CBS CBS Engine already deactivated
2021-08-13 00:25:29, Info CBS CBS Engine already deactivated
2021-08-13 00:25:29, Info CBS CbsCoreFinalize: ComponentAnalyzerFinalize
2021-08-13 00:25:29, Info CBS CbsCoreFinalize: PackageTrackerFinalize
2021-08-13 00:25:29, Info CBS CbsCoreFinalize: CoreResourcesUnload
2021-08-13 00:25:29, Info CBS CbsCoreFinalize: SessionManagerFinalize
2021-08-13 00:25:29, Info CBS Lock: Lock removed: CSIInventoryCriticalSection, level: 64, total lock:10
2021-08-13 00:25:29, Info CBS Lock: Lock removed: CCbsSessionManager, level: 11, total lock:9
2021-08-13 00:25:29, Info CBS CbsCoreFinalize: CapabilityManagerFinalize
2021-08-13 00:25:29, Info CBS CbsCoreFinalize: PublicObjectMonitorFinalize
2021-08-13 00:25:29, Info CBS CbsCoreFinalize: Enter vCoreInitializeLock
2021-08-13 00:25:29, Info CBS CbsCoreFinalize: WcpUnload
2021-08-13 00:25:29, Info CBS CbsCoreFinalize: DrupUnload
2021-08-13 00:25:29, Info CBS CbsCoreFinalize: CfgMgr32Unload
2021-08-13 00:25:29, Info CBS CbsCoreFinalize: DpxUnload
2021-08-13 00:25:29, Info CBS CbsCoreFinalize: SrUnload
2021-08-13 00:25:29, Info CBS CbsCoreFinalize: CbsEsdUnload
2021-08-13 00:25:29, Info CBS CbsCoreFinalize: CbsTraceInfoUninitialize
2021-08-13 00:25:29, Info CBS CbsCoreFinalize: CbsEventUnregister
2021-08-13 00:25:29, Info CBS CbsCoreFinalize: AppContainerUnload
2021-08-13 00:25:29, Info CBS CbsCoreFinalize: WdsUnload, logging from cbscore will end.
2021-08-13 00:25:29, Info CBS Ending TiWorker finalization.
2021-08-13 00:25:29, Info CBS Ending the TrustedInstaller main loop.
2021-08-13 00:25:29, Info CBS Starting TrustedInstaller finalization.
2021-08-13 00:25:29, Info CBS Lock: Lock removed: WinlogonNotifyLock, level: 8, total lock:6
2021-08-13 00:25:29, Info CBS Ending TrustedInstaller finalization.
2021-08-13 00:28:26, Info CBS TI: --- Initializing Trusted Installer ---
2021-08-13 00:28:26, Info CBS TI: Last boot time: 2021-08-12 22:23:08.500
2021-08-13 00:28:26, Info CBS Starting TrustedInstaller initialization.
2021-08-13 00:28:26, Info CBS Lock: New lock added: CCbsPublicSessionClassFactory, level: 30, total lock:4
2021-08-13 00:28:26, Info CBS Lock: New lock added: CCbsPublicSessionClassFactory, level: 30, total lock:5
2021-08-13 00:28:26, Info CBS Lock: New lock added: WinlogonNotifyLock, level: 8, total lock:6
2021-08-13 00:28:26, Info CBS Ending TrustedInstaller initialization.
2021-08-13 00:28:26, Info CBS Starting the TrustedInstaller main loop.
2021-08-13 00:28:26, Info CBS TrustedInstaller service starts successfully.
2021-08-13 00:28:26, Info CBS No startup processing required, TrustedInstaller service was not set as autostart
2021-08-13 00:28:26, Info CBS Startup processing thread terminated normally
2021-08-13 00:28:26, Info CBS TI: Startup Processing completes, release startup processing lock.
2021-08-13 00:28:26, Info CBS Starting TiWorker initialization.
2021-08-13 00:28:26, Info CBS Lock: New lock added: TiWorkerClassFactory, level: 30, total lock:2
2021-08-13 00:28:26, Info CBS Ending TiWorker initialization.
2021-08-13 00:28:26, Info CBS Starting the TiWorker main loop.
2021-08-13 00:28:26, Info CBS TiWorker starts successfully.
2021-08-13 00:28:26, Info CBS Lock: New lock added: CCbsWorker, level: 5, total lock:3
2021-08-13 00:28:26, Info CBS Universal Time is: 2021-08-12 22:28:26.058
2021-08-13 00:28:26, Info CBS Loaded Servicing Stack v10.0.19041.1081 with Core: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1081_none_7e3d47227c694b34\cbscore.dll
2021-08-13 00:28:26, Info CBS Build: 19041.1.amd64fre.vb_release.191206-1406
2021-08-13 00:28:26, Info CSI 00000001@2021/8/12:22:28:26.060 WcpInitialize: wcp.dll version 10.0.19041.1081 (WinBuild.160101.0800)
2021-08-13 00:28:26, Info CBS Lock: New lock added: CCbsSessionManager, level: 11, total lock:9
2021-08-13 00:28:26, Info CBS Lock: New lock added: CSIInventoryCriticalSection, level: 64, total lock:10
2021-08-13 00:28:26, Info CBS NonStart: Set pending store consistency check.
2021-08-13 00:28:26, Info CBS Session: 30904265_1578745422 initialized by client WindowsUpdateAgent, external staging directory: (null), external registry directory: (null)
2021-08-13 00:28:26, Info CBS InternalOpenPackage failed for Package_for_KB3025096~31bf3856ad364e35~amd64~~6.4.1.0 [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2021-08-13 00:28:26, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2021-08-13 00:28:26, Info CBS Failed to create open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2021-08-13 00:28:26, Info CBS Failed to OpenPackage using worker session [HRESULT = 0x800f0805]
2021-08-13 00:28:26, Info CBS Session: 30904265_1578774609 initialized by client WindowsUpdateAgent, external staging directory: (null), external registry directory: (null)
2021-08-13 00:28:26, Info CBS InternalOpenPackage failed for Package_for_KB3025096~31bf3856ad364e35~x86~~6.4.1.0 [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2021-08-13 00:28:26, Info CBS Failed to internally open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2021-08-13 00:28:26, Info CBS Failed to create open package. [HRESULT = 0x800f0805 - CBS_E_INVALID_PACKAGE]
2021-08-13 00:28:26, Info CBS Failed to OpenPackage using worker session [HRESULT = 0x800f0805]
2021-08-13 00:28:27, Info CBS WU creates the package, AppID:MoUpdateOrchestrator, UpdateID:{33D6CF13-224E-459B-AD4F-AF8C5E3CC469}, revision: 202
2021-08-13 00:28:27, Info CBS Read out cached applicability from TiLight for package: Mapping_Package_for_KB3089226_af-ZA_amd64~31bf3856ad364e35~amd64~~10.0.10240.0, ApplicableState: 0, CurrentState:0
2021-08-13 00:28:27, Info CBS WU creates the package, AppID:MoUpdateOrchestrator, UpdateID:{1103CC99-E96C-4F7C-885C-A67A975ECBEE}, revision: 200
2021-08-13 00:28:27, Info CBS Read out cached applicability from TiLight for package: Package_for_DotNetRollup~31bf3856ad364e35~amd64~~10.0.4400.1, ApplicableState: 112, CurrentState:0
2021-08-13 00:28:27, Info CBS WU creates the package, AppID:MoUpdateOrchestrator, UpdateID:{E9E3D40F-558A-4478-B125-A2B18B25662D}, revision: 201
2021-08-13 00:28:27, Info CBS Read out cached applicability from TiLight for package: Package_for_DotNetRollup~31bf3856ad364e35~amd64~~10.0.4400.1, ApplicableState: 112, CurrentState:0
2021-08-13 00:28:27, Info CBS WU creates the package, AppID:MoUpdateOrchestrator, UpdateID:{6A8E4C43-E87D-4868-BB75-175A18282B0E}, revision: 200
2021-08-13 00:28:27, Info CBS Read out cached applicability from TiLight for package: Package_for_DotNetRollup~31bf3856ad364e35~amd64~~10.0.4390.1, ApplicableState: 112, CurrentState:112
2021-08-13 00:28:27, Info CBS WU creates the package, AppID:MoUpdateOrchestrator, UpdateID:{33238534-6440-4232-9A18-E7A602E51BE6}, revision: 201
2021-08-13 00:28:27, Info CBS Read out cached applicability from TiLight for package: Package_for_KB3064238~31bf3856ad364e35~amd64~~10.0.1.2, ApplicableState: 0, CurrentState:0
2021-08-13 00:30:28, Info CBS Trusted Installer is shutting down because: SHUTDOWN_REASON_AUTOSTOP
2021-08-13 00:30:28, Info CBS TiWorker signaled for shutdown, going to exit.
2021-08-13 00:30:28, Info CBS CbsCoreFinalize: ExecutionEngineFinalize
2021-08-13 00:30:28, Info CBS Execution Engine Finalize
2021-08-13 00:30:28, Info CBS Execution Engine Finalize
2021-08-13 00:30:28, Info CBS Deleting the contents of directory: \\?\C:\WINDOWS\CbsTemp
2021-08-13 00:30:28, Info CBS Deletion of: \\?\C:\WINDOWS\CbsTemp successful
2021-08-13 00:30:28, Info CBS Lock: Lock removed: TiWorkerClassFactory, level: 30, total lock:3
2021-08-13 00:30:28, Info CBS Lock: Lock removed: CCbsWorker, level: 5, total lock:2
2021-08-13 00:30:28, Info CBS Ending the TiWorker main loop.
2021-08-13 00:30:28, Info CBS Starting TiWorker finalization.
2021-08-13 00:30:28, Info CBS CbsCoreFinalize: ExecutionEngineFinalize
2021-08-13 00:30:28, Info CBS CBS Engine already deactivated
2021-08-13 00:30:28, Info CBS CBS Engine already deactivated
2021-08-13 00:30:28, Info CBS CbsCoreFinalize: ComponentAnalyzerFinalize
2021-08-13 00:30:28, Info CBS CbsCoreFinalize: PackageTrackerFinalize
2021-08-13 00:30:28, Info CBS CbsCoreFinalize: CoreResourcesUnload
2021-08-13 00:30:28, Info CBS CbsCoreFinalize: SessionManagerFinalize
2021-08-13 00:30:28, Info CBS Lock: Lock removed: CSIInventoryCriticalSection, level: 64, total lock:10
2021-08-13 00:30:28, Info CBS Lock: Lock removed: CCbsSessionManager, level: 11, total lock:9
2021-08-13 00:30:28, Info CBS CbsCoreFinalize: CapabilityManagerFinalize
2021-08-13 00:30:28, Info CBS CbsCoreFinalize: PublicObjectMonitorFinalize
2021-08-13 00:30:28, Info CBS CbsCoreFinalize: Enter vCoreInitializeLock
2021-08-13 00:30:28, Info CBS CbsCoreFinalize: WcpUnload
2021-08-13 00:30:28, Info CBS CbsCoreFinalize: DrupUnload
2021-08-13 00:30:28, Info CBS CbsCoreFinalize: CfgMgr32Unload
2021-08-13 00:30:28, Info CBS CbsCoreFinalize: DpxUnload
2021-08-13 00:30:28, Info CBS CbsCoreFinalize: SrUnload
2021-08-13 00:30:28, Info CBS CbsCoreFinalize: CbsEsdUnload
2021-08-13 00:30:28, Info CBS CbsCoreFinalize: CbsTraceInfoUninitialize
2021-08-13 00:30:28, Info CBS CbsCoreFinalize: CbsEventUnregister
2021-08-13 00:30:28, Info CBS CbsCoreFinalize: AppContainerUnload
2021-08-13 00:30:28, Info CBS CbsCoreFinalize: WdsUnload, logging from cbscore will end.
2021-08-13 00:30:28, Info CBS Ending TiWorker finalization.
2021-08-13 00:30:28, Info CBS Ending the TrustedInstaller main loop.
2021-08-13 00:30:28, Info CBS Starting TrustedInstaller finalization.
2021-08-13 00:30:28, Info CBS Lock: Lock removed: WinlogonNotifyLock, level: 8, total lock:6
2021-08-13 00:30:28, Info CBS Ending TrustedInstaller finalization.
2021-08-13 10:55:49, Info CBS TI: --- Initializing Trusted Installer ---
2021-08-13 10:55:49, Info CBS TI: Last boot time: 2021-08-12 22:23:08.500
2021-08-13 10:55:49, Info CBS Starting TrustedInstaller initialization.
2021-08-13 10:55:49, Info CBS Lock: New lock added: CCbsPublicSessionClassFactory, level: 30, total lock:4
2021-08-13 10:55:49, Info CBS Lock: New lock added: CCbsPublicSessionClassFactory, level: 30, total lock:5
2021-08-13 10:55:49, Info CBS Lock: New lock added: WinlogonNotifyLock, level: 8, total lock:6
2021-08-13 10:55:49, Info CBS Ending TrustedInstaller initialization.
2021-08-13 10:55:49, Info CBS Starting the TrustedInstaller main loop.
2021-08-13 10:55:49, Info CBS TrustedInstaller service starts successfully.
2021-08-13 10:55:49, Info CBS No startup processing required, TrustedInstaller service was not set as autostart
2021-08-13 10:55:49, Info CBS Startup processing thread terminated normally
2021-08-13 10:55:49, Info CBS TI: Startup Processing completes, release startup processing lock.
2021-08-13 10:55:50, Info CBS Starting TiWorker initialization.
2021-08-13 10:55:50, Info CBS Lock: New lock added: TiWorkerClassFactory, level: 30, total lock:2
2021-08-13 10:55:50, Info CBS Ending TiWorker initialization.
2021-08-13 10:55:50, Info CBS Starting the TiWorker main loop.
2021-08-13 10:55:50, Info CBS TiWorker starts successfully.
2021-08-13 10:55:50, Info CBS Lock: New lock added: CCbsWorker, level: 5, total lock:3
2021-08-13 10:55:50, Info CBS TiWorker: Client requests SFP repair object.
2021-08-13 10:55:50, Info CBS Universal Time is: 2021-08-13 08:55:50.702
2021-08-13 10:55:50, Info CBS Loaded Servicing Stack v10.0.19041.1081 with Core: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1081_none_7e3d47227c694b34\cbscore.dll
2021-08-13 10:55:50, Info CBS Build: 19041.1.amd64fre.vb_release.191206-1406
2021-08-13 10:55:50, Info CSI 00000001@2021/8/13:08:55:50.705 WcpInitialize: wcp.dll version 10.0.19041.1081 (WinBuild.160101.0800)
2021-08-13 10:55:50, Info CBS Lock: New lock added: CCbsSessionManager, level: 11, total lock:9
2021-08-13 10:55:50, Info CBS Lock: New lock added: CSIInventoryCriticalSection, level: 64, total lock:10
2021-08-13 10:55:50, Info CBS NonStart: Set pending store consistency check.
2021-08-13 10:55:50, Info CSI 00000002@2021/8/13:08:55:50.714 WcpInitialize: wcp.dll version 10.0.19041.1081 (WinBuild.160101.0800)
2021-08-13 10:55:51, Info CSI 00000003 IAdvancedInstallerAwareStore_ResolvePendingTransactions (call 1) (flags = 00000004, progress = NULL, phase = 0, pdwDisposition = @0xe8e9c7dd10
2021-08-13 10:55:51, Info CSI 00000004 Poqexec successfully registered in [l:12 ml:13]'SetupExecute'
2021-08-13 10:55:51, Info CSI 00000005 CSI Store 3104320881600 initialized
2021-08-13 10:55:53, Info CSI 00000006 [SR] Verifying 100 components
2021-08-13 10:55:53, Info CSI 00000007 [SR] Beginning Verify and Repair transaction
2021-08-13 10:55:53, Info CSI 00000008 [SR] Verify complete
2021-08-13 10:55:53, Info CSI 00000009 [SR] Verifying 100 components
2021-08-13 10:55:53, Info CSI 0000000a [SR] Beginning Verify and Repair transaction
2021-08-13 10:55:54, Info CSI 0000000b [SR] Verify complete
2021-08-13 10:55:54, Info CSI 0000000c [SR] Verifying 100 components
2021-08-13 10:55:54, Info CSI 0000000d [SR] Beginning Verify and Repair transaction
2021-08-13 10:55:54, Info CSI 0000000e [SR] Verify complete
2021-08-13 10:55:54, Info CSI 0000000f [SR] Verifying 100 components
2021-08-13 10:55:54, Info CSI 00000010 [SR] Beginning Verify and Repair transaction
2021-08-13 10:55:55, Info CSI 00000011 [SR] Verify complete
2021-08-13 10:55:55, Info CSI 00000012 [SR] Verifying 100 components
2021-08-13 10:55:55, Info CSI 00000013 [SR] Beginning Verify and Repair transaction
2021-08-13 10:55:55, Info CSI 00000014 [SR] Verify complete
2021-08-13 10:55:55, Info CSI 00000015 [SR] Verifying 100 components
2021-08-13 10:55:55, Info CSI 00000016 [SR] Beginning Verify and Repair transaction
2021-08-13 10:55:56, Info CSI 00000017 [SR] Verify complete
2021-08-13 10:55:56, Info CSI 00000018 [SR] Verifying 100 components
2021-08-13 10:55:56, Info CSI 00000019 [SR] Beginning Verify and Repair transaction
2021-08-13 10:55:57, Info CSI 0000001a [SR] Verify complete
2021-08-13 10:55:57, Info CSI 0000001b [SR] Verifying 100 components
2021-08-13 10:55:57, Info CSI 0000001c [SR] Beginning Verify and Repair transaction
2021-08-13 10:55:58, Info CSI 0000001d [SR] Verify complete
2021-08-13 10:55:58, Info CSI 0000001e [SR] Verifying 100 components
2021-08-13 10:55:58, Info CSI 0000001f [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:00, Info CSI 00000020 [SR] Verify complete
2021-08-13 10:56:00, Info CSI 00000021 [SR] Verifying 100 components
2021-08-13 10:56:00, Info CSI 00000022 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:02, Info CSI 00000023 [SR] Verify complete
2021-08-13 10:56:02, Info CSI 00000024 [SR] Verifying 100 components
2021-08-13 10:56:02, Info CSI 00000025 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:08, Info CSI 00000026 [SR] Verify complete
2021-08-13 10:56:08, Info CSI 00000027 [SR] Verifying 100 components
2021-08-13 10:56:08, Info CSI 00000028 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:09, Info CSI 00000029 [SR] Verify complete
2021-08-13 10:56:09, Info CSI 0000002a [SR] Verifying 100 components
2021-08-13 10:56:09, Info CSI 0000002b [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:10, Info CSI 0000002c [SR] Verify complete
2021-08-13 10:56:10, Info CSI 0000002d [SR] Verifying 100 components
2021-08-13 10:56:10, Info CSI 0000002e [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:11, Info CSI 0000002f [SR] Verify complete
2021-08-13 10:56:11, Info CSI 00000030 [SR] Verifying 100 components
2021-08-13 10:56:11, Info CSI 00000031 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:11, Info CSI 00000032 [SR] Verify complete
2021-08-13 10:56:11, Info CSI 00000033 [SR] Verifying 100 components
2021-08-13 10:56:11, Info CSI 00000034 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:12, Info CSI 00000035 [SR] Verify complete
2021-08-13 10:56:12, Info CSI 00000036 [SR] Verifying 100 components
2021-08-13 10:56:12, Info CSI 00000037 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:13, Info CSI 00000038 [SR] Verify complete
2021-08-13 10:56:13, Info CSI 00000039 [SR] Verifying 100 components
2021-08-13 10:56:13, Info CSI 0000003a [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:14, Info CSI 0000003b [SR] Verify complete
2021-08-13 10:56:14, Info CSI 0000003c [SR] Verifying 100 components
2021-08-13 10:56:14, Info CSI 0000003d [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:14, Info CSI 0000003e [SR] Verify complete
2021-08-13 10:56:15, Info CSI 0000003f [SR] Verifying 100 components
2021-08-13 10:56:15, Info CSI 00000040 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:15, Info CSI 00000041 CSIPERF - FilePI Queue 278ms
2021-08-13 10:56:16, Info CSI 00000042 [SR] Verify complete
2021-08-13 10:56:16, Info CSI 00000043 [SR] Verifying 100 components
2021-08-13 10:56:16, Info CSI 00000044 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:17, Info CSI 00000045 [SR] Verify complete
2021-08-13 10:56:17, Info CSI 00000046 [SR] Verifying 100 components
2021-08-13 10:56:17, Info CSI 00000047 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:18, Info CSI 00000048 [SR] Verify complete
2021-08-13 10:56:18, Info CSI 00000049 [SR] Verifying 100 components
2021-08-13 10:56:18, Info CSI 0000004a [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:19, Info CSI 0000004b [SR] Verify complete
2021-08-13 10:56:19, Info CSI 0000004c [SR] Verifying 100 components
2021-08-13 10:56:19, Info CSI 0000004d [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:20, Info CSI 0000004e [SR] Verify complete
2021-08-13 10:56:20, Info CSI 0000004f [SR] Verifying 100 components
2021-08-13 10:56:20, Info CSI 00000050 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:20, Info CSI 00000051 [SR] Verify complete
2021-08-13 10:56:20, Info CSI 00000052 [SR] Verifying 100 components
2021-08-13 10:56:20, Info CSI 00000053 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:21, Info CSI 00000054 CSIPERF - FilePI Queue 192ms
2021-08-13 10:56:21, Info CSI 00000055 [SR] Verify complete
2021-08-13 10:56:21, Info CSI 00000056 [SR] Verifying 100 components
2021-08-13 10:56:21, Info CSI 00000057 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:22, Info CSI 00000058 [SR] Verify complete
2021-08-13 10:56:22, Info CSI 00000059 [SR] Verifying 100 components
2021-08-13 10:56:22, Info CSI 0000005a [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:24, Info CSI 0000005b CSIPERF - FilePI Queue 232ms
2021-08-13 10:56:24, Info CSI 0000005c [SR] Verify complete
2021-08-13 10:56:24, Info CSI 0000005d [SR] Verifying 100 components
2021-08-13 10:56:24, Info CSI 0000005e [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:24, Info CSI 0000005f [SR] Verify complete
2021-08-13 10:56:24, Info CSI 00000060 [SR] Verifying 100 components
2021-08-13 10:56:24, Info CSI 00000061 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:25, Info CSI 00000062 CSIPERF - FilePI Queue 132ms
2021-08-13 10:56:25, Info CSI 00000063 [SR] Verify complete
2021-08-13 10:56:25, Info CSI 00000064 [SR] Verifying 100 components
2021-08-13 10:56:25, Info CSI 00000065 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:26, Info CSI 00000066 [SR] Verify complete
2021-08-13 10:56:26, Info CSI 00000067 [SR] Verifying 100 components
2021-08-13 10:56:26, Info CSI 00000068 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:27, Info CSI 00000069 [SR] Verify complete
2021-08-13 10:56:27, Info CSI 0000006a [SR] Verifying 100 components
2021-08-13 10:56:27, Info CSI 0000006b [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:28, Info CSI 0000006c [SR] Verify complete
2021-08-13 10:56:28, Info CSI 0000006d [SR] Verifying 100 components
2021-08-13 10:56:28, Info CSI 0000006e [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:28, Info CSI 0000006f [SR] Verify complete
2021-08-13 10:56:28, Info CSI 00000070 [SR] Verifying 100 components
2021-08-13 10:56:28, Info CSI 00000071 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:29, Info CSI 00000072 [SR] Verify complete
2021-08-13 10:56:29, Info CSI 00000073 [SR] Verifying 100 components
2021-08-13 10:56:29, Info CSI 00000074 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:30, Info CSI 00000075 [SR] Verify complete
2021-08-13 10:56:30, Info CSI 00000076 [SR] Verifying 100 components
2021-08-13 10:56:30, Info CSI 00000077 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:31, Info CSI 00000078 [SR] Verify complete
2021-08-13 10:56:31, Info CSI 00000079 [SR] Verifying 100 components
2021-08-13 10:56:31, Info CSI 0000007a [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:31, Info CSI 0000007b [SR] Verify complete
2021-08-13 10:56:31, Info CSI 0000007c [SR] Verifying 100 components
2021-08-13 10:56:31, Info CSI 0000007d [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:32, Info CSI 0000007e [SR] Verify complete
2021-08-13 10:56:32, Info CSI 0000007f [SR] Verifying 100 components
2021-08-13 10:56:32, Info CSI 00000080 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:33, Info CSI 00000081 [SR] Verify complete
2021-08-13 10:56:33, Info CSI 00000082 [SR] Verifying 100 components
2021-08-13 10:56:33, Info CSI 00000083 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:34, Info CSI 00000084 [SR] Verify complete
2021-08-13 10:56:34, Info CSI 00000085 [SR] Verifying 100 components
2021-08-13 10:56:34, Info CSI 00000086 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:35, Info CSI 00000087 [SR] Verify complete
2021-08-13 10:56:35, Info CSI 00000088 [SR] Verifying 100 components
2021-08-13 10:56:35, Info CSI 00000089 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:36, Info CSI 0000008a [SR] Verify complete
2021-08-13 10:56:36, Info CSI 0000008b [SR] Verifying 100 components
2021-08-13 10:56:36, Info CSI 0000008c [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:37, Info CSI 0000008d [SR] Verify complete
2021-08-13 10:56:37, Info CSI 0000008e [SR] Verifying 100 components
2021-08-13 10:56:37, Info CSI 0000008f [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:38, Info CSI 00000090 CSIPERF - FilePI Queue 181ms
2021-08-13 10:56:38, Info CSI 00000091 Warning: Overlap: Directory \??\C:\WINDOWS\System32\drivers\en-US\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch amd64, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch amd64, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
2021-08-13 10:56:38, Info CSI 00000092 Warning: Overlap: Directory \??\C:\WINDOWS\System32\wbem\en-US\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch amd64, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch amd64, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
2021-08-13 10:56:38, Info CSI 00000093 Warning: Overlap: Directory \??\C:\WINDOWS\help\mui\0409\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch amd64, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch amd64, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
2021-08-13 10:56:39, Info CSI 00000094 CSIPERF - FilePI Commit 113ms
2021-08-13 10:56:39, Info CSI 00000095 [SR] Verify complete
2021-08-13 10:56:39, Info CSI 00000096 [SR] Verifying 100 components
2021-08-13 10:56:39, Info CSI 00000097 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:40, Info CSI 00000098 [SR] Verify complete
2021-08-13 10:56:40, Info CSI 00000099 [SR] Verifying 100 components
2021-08-13 10:56:40, Info CSI 0000009a [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:41, Info CSI 0000009b CSIPERF - FilePI Queue 137ms
2021-08-13 10:56:42, Info CSI 0000009c [SR] Verify complete
2021-08-13 10:56:42, Info CSI 0000009d [SR] Verifying 100 components
2021-08-13 10:56:42, Info CSI 0000009e [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:43, Info CSI 0000009f [SR] Verify complete
2021-08-13 10:56:43, Info CSI 000000a0 [SR] Verifying 100 components
2021-08-13 10:56:43, Info CSI 000000a1 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:44, Info CSI 000000a2 [SR] Verify complete
2021-08-13 10:56:44, Info CSI 000000a3 [SR] Verifying 100 components
2021-08-13 10:56:44, Info CSI 000000a4 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:45, Info CSI 000000a5 [SR] Verify complete
2021-08-13 10:56:45, Info CSI 000000a6 [SR] Verifying 100 components
2021-08-13 10:56:45, Info CSI 000000a7 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:46, Info CSI 000000a8 CSIPERF - FilePI Queue 109ms
2021-08-13 10:56:46, Info CSI 000000a9 [SR] Verify complete
2021-08-13 10:56:46, Info CSI 000000aa [SR] Verifying 100 components
2021-08-13 10:56:46, Info CSI 000000ab [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:47, Info CSI 000000ac [SR] Verify complete
2021-08-13 10:56:47, Info CSI 000000ad [SR] Verifying 100 components
2021-08-13 10:56:47, Info CSI 000000ae [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:48, Info CSI 000000af [SR] Verify complete
2021-08-13 10:56:48, Info CSI 000000b0 [SR] Verifying 100 components
2021-08-13 10:56:48, Info CSI 000000b1 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:49, Info CSI 000000b2 [SR] Verify complete
2021-08-13 10:56:49, Info CSI 000000b3 [SR] Verifying 100 components
2021-08-13 10:56:49, Info CSI 000000b4 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:50, Info CSI 000000b5 CSIPERF - FilePI Queue 124ms
2021-08-13 10:56:50, Info CSI 000000b6 [SR] Verify complete
2021-08-13 10:56:50, Info CSI 000000b7 [SR] Verifying 100 components
2021-08-13 10:56:50, Info CSI 000000b8 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:51, Info CSI 000000b9 [SR] Verify complete
2021-08-13 10:56:51, Info CSI 000000ba [SR] Verifying 100 components
2021-08-13 10:56:51, Info CSI 000000bb [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:52, Info CSI 000000bc [SR] Verify complete
2021-08-13 10:56:52, Info CSI 000000bd [SR] Verifying 100 components
2021-08-13 10:56:52, Info CSI 000000be [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:53, Info CSI 000000bf [SR] Verify complete
2021-08-13 10:56:53, Info CSI 000000c0 [SR] Verifying 100 components
2021-08-13 10:56:53, Info CSI 000000c1 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:54, Info CSI 000000c2 [SR] Verify complete
2021-08-13 10:56:54, Info CSI 000000c3 [SR] Verifying 100 components
2021-08-13 10:56:54, Info CSI 000000c4 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:55, Info CSI 000000c5 [SR] Verify complete
2021-08-13 10:56:55, Info CSI 000000c6 [SR] Verifying 100 components
2021-08-13 10:56:55, Info CSI 000000c7 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:55, Info CSI 000000c8 [SR] Verify complete
2021-08-13 10:56:56, Info CSI 000000c9 [SR] Verifying 100 components
2021-08-13 10:56:56, Info CSI 000000ca [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:57, Info CSI 000000cb [SR] Verify complete
2021-08-13 10:56:57, Info CSI 000000cc [SR] Verifying 100 components
2021-08-13 10:56:57, Info CSI 000000cd [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:58, Info CSI 000000ce CSIPERF - FilePI Queue 278ms
2021-08-13 10:56:59, Info CSI 000000cf [SR] Verify complete
2021-08-13 10:56:59, Info CSI 000000d0 [SR] Verifying 100 components
2021-08-13 10:56:59, Info CSI 000000d1 [SR] Beginning Verify and Repair transaction
2021-08-13 10:56:59, Info CSI 000000d2 [SR] Verify complete
2021-08-13 10:57:00, Info CSI 000000d3 [SR] Verifying 100 components
2021-08-13 10:57:00, Info CSI 000000d4 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:01, Info CSI 000000d5 [SR] Verify complete
2021-08-13 10:57:01, Info CSI 000000d6 [SR] Verifying 100 components
2021-08-13 10:57:01, Info CSI 000000d7 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:02, Info CSI 000000d8 [SR] Verify complete
2021-08-13 10:57:02, Info CSI 000000d9 [SR] Verifying 100 components
2021-08-13 10:57:02, Info CSI 000000da [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:03, Info CSI 000000db [SR] Verify complete
2021-08-13 10:57:03, Info CSI 000000dc [SR] Verifying 100 components
2021-08-13 10:57:03, Info CSI 000000dd [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:04, Info CSI 000000de [SR] Verify complete
2021-08-13 10:57:04, Info CSI 000000df [SR] Verifying 100 components
2021-08-13 10:57:04, Info CSI 000000e0 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:05, Info CSI 000000e1 [SR] Verify complete
2021-08-13 10:57:05, Info CSI 000000e2 [SR] Verifying 100 components
2021-08-13 10:57:05, Info CSI 000000e3 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:06, Info CSI 000000e4 [SR] Verify complete
2021-08-13 10:57:06, Info CSI 000000e5 [SR] Verifying 100 components
2021-08-13 10:57:06, Info CSI 000000e6 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:07, Info CSI 000000e7 [SR] Verify complete
2021-08-13 10:57:07, Info CSI 000000e8 [SR] Verifying 100 components
2021-08-13 10:57:07, Info CSI 000000e9 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:08, Info CSI 000000ea [SR] Verify complete
2021-08-13 10:57:08, Info CSI 000000eb [SR] Verifying 100 components
2021-08-13 10:57:08, Info CSI 000000ec [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:09, Info CSI 000000ed [SR] Verify complete
2021-08-13 10:57:09, Info CSI 000000ee [SR] Verifying 100 components
2021-08-13 10:57:09, Info CSI 000000ef [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:10, Info CSI 000000f0 [SR] Verify complete
2021-08-13 10:57:10, Info CSI 000000f1 [SR] Verifying 100 components
2021-08-13 10:57:10, Info CSI 000000f2 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:11, Info CSI 000000f3 [SR] Verify complete
2021-08-13 10:57:11, Info CSI 000000f4 [SR] Verifying 100 components
2021-08-13 10:57:11, Info CSI 000000f5 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:11, Info CSI 000000f6 [SR] Verify complete
2021-08-13 10:57:11, Info CSI 000000f7 [SR] Verifying 100 components
2021-08-13 10:57:11, Info CSI 000000f8 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:12, Info CSI 000000f9 [SR] Verify complete
2021-08-13 10:57:12, Info CSI 000000fa [SR] Verifying 100 components
2021-08-13 10:57:12, Info CSI 000000fb [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:13, Info CSI 000000fc [SR] Verify complete
2021-08-13 10:57:13, Info CSI 000000fd [SR] Verifying 100 components
2021-08-13 10:57:13, Info CSI 000000fe [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:14, Info CSI 000000ff [SR] Verify complete
2021-08-13 10:57:14, Info CSI 00000100 [SR] Verifying 100 components
2021-08-13 10:57:14, Info CSI 00000101 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:15, Info CSI 00000102 [SR] Verify complete
2021-08-13 10:57:15, Info CSI 00000103 [SR] Verifying 100 components
2021-08-13 10:57:15, Info CSI 00000104 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:15, Info CSI 00000105 [SR] Verify complete
2021-08-13 10:57:16, Info CSI 00000106 [SR] Verifying 100 components
2021-08-13 10:57:16, Info CSI 00000107 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:16, Info CSI 00000108 [SR] Verify complete
2021-08-13 10:57:16, Info CSI 00000109 [SR] Verifying 100 components
2021-08-13 10:57:16, Info CSI 0000010a [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:17, Info CSI 0000010b CSIPERF - FilePI Queue 119ms
2021-08-13 10:57:17, Info CSI 0000010c [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\RecoveryDrive.lnk from store
2021-08-13 10:57:17, Info CSI 0000010d [SR] Verify complete
2021-08-13 10:57:17, Info CSI 0000010e [SR] Verifying 100 components
2021-08-13 10:57:17, Info CSI 0000010f [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:18, Info CSI 00000110 [SR] Verify complete
2021-08-13 10:57:18, Info CSI 00000111 [SR] Verifying 100 components
2021-08-13 10:57:18, Info CSI 00000112 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:19, Info CSI 00000113 [SR] Verify complete
2021-08-13 10:57:19, Info CSI 00000114 [SR] Verifying 100 components
2021-08-13 10:57:19, Info CSI 00000115 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:20, Info CSI 00000116 CSIPERF - FilePI Queue 124ms
2021-08-13 10:57:20, Info CSI 00000117 [SR] Verify complete
2021-08-13 10:57:20, Info CSI 00000118 [SR] Verifying 100 components
2021-08-13 10:57:20, Info CSI 00000119 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:21, Info CSI 0000011a [SR] Verify complete
2021-08-13 10:57:21, Info CSI 0000011b [SR] Verifying 100 components
2021-08-13 10:57:21, Info CSI 0000011c [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:22, Info CSI 0000011d [SR] Verify complete
2021-08-13 10:57:22, Info CSI 0000011e [SR] Verifying 100 components
2021-08-13 10:57:22, Info CSI 0000011f [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:22, Info CSI 00000120 [SR] Verify complete
2021-08-13 10:57:23, Info CSI 00000121 [SR] Verifying 100 components
2021-08-13 10:57:23, Info CSI 00000122 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:24, Info CSI 00000123 [SR] Verify complete
2021-08-13 10:57:24, Info CSI 00000124 [SR] Verifying 100 components
2021-08-13 10:57:24, Info CSI 00000125 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:25, Info CSI 00000126 [SR] Verify complete
2021-08-13 10:57:25, Info CSI 00000127 [SR] Verifying 100 components
2021-08-13 10:57:25, Info CSI 00000128 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:26, Info CSI 00000129 [SR] Verify complete
2021-08-13 10:57:26, Info CSI 0000012a [SR] Verifying 100 components
2021-08-13 10:57:26, Info CSI 0000012b [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:27, Info CSI 0000012c [SR] Verify complete
2021-08-13 10:57:27, Info CSI 0000012d [SR] Verifying 100 components
2021-08-13 10:57:27, Info CSI 0000012e [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:29, Info CSI 0000012f [SR] Verify complete
2021-08-13 10:57:29, Info CSI 00000130 [SR] Verifying 100 components
2021-08-13 10:57:29, Info CSI 00000131 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:30, Info CSI 00000132 Warning: Overlap: Directory \??\C:\ProgramData\Microsoft\Windows\Start Menu\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-shell32, version 10.0.19041.1023, arch amd64, nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-shell32, version 10.0.19041.1023, arch amd64, nonSxS, pkt {l:8 b:31bf3856ad364e35}
2021-08-13 10:57:30, Info CSI 00000133 Warning: Overlap: Directory \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-shell32, version 10.0.19041.1023, arch amd64, nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-shell32, version 10.0.19041.1023, arch amd64, nonSxS, pkt {l:8 b:31bf3856ad364e35}
2021-08-13 10:57:30, Info CSI 00000134 Warning: Overlap: Directory \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-shell32, version 10.0.19041.1023, arch amd64, nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-shell32, version 10.0.19041.1023, arch amd64, nonSxS, pkt {l:8 b:31bf3856ad364e35}
2021-08-13 10:57:30, Info CSI 00000135 [SR] Verify complete
2021-08-13 10:57:30, Info CSI 00000136 [SR] Verifying 100 components
2021-08-13 10:57:30, Info CSI 00000137 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:32, Info CSI 00000138 CSIPERF - FilePI Queue 114ms
2021-08-13 10:57:32, Info CSI 00000139 [SR] Verify complete
2021-08-13 10:57:32, Info CSI 0000013a [SR] Verifying 100 components
2021-08-13 10:57:32, Info CSI 0000013b [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:33, Info CSI 0000013c [SR] Verify complete
2021-08-13 10:57:33, Info CSI 0000013d [SR] Verifying 100 components
2021-08-13 10:57:33, Info CSI 0000013e [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:34, Info CSI 0000013f [SR] Verify complete
2021-08-13 10:57:34, Info CSI 00000140 [SR] Verifying 100 components
2021-08-13 10:57:34, Info CSI 00000141 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:35, Info CSI 00000142 CSIPERF - FilePI Queue 249ms
2021-08-13 10:57:35, Info CSI 00000143 [SR] Verify complete
2021-08-13 10:57:35, Info CSI 00000144 [SR] Verifying 100 components
2021-08-13 10:57:35, Info CSI 00000145 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:36, Info CSI 00000146 [SR] Verify complete
2021-08-13 10:57:36, Info CSI 00000147 [SR] Verifying 100 components
2021-08-13 10:57:36, Info CSI 00000148 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:38, Info CSI 00000149 CSIPERF - FilePI Queue 223ms
2021-08-13 10:57:38, Info CSI 0000014a [SR] Verify complete
2021-08-13 10:57:38, Info CSI 0000014b [SR] Verifying 100 components
2021-08-13 10:57:38, Info CSI 0000014c [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:38, Info CSI 0000014d [SR] Verify complete
2021-08-13 10:57:38, Info CSI 0000014e [SR] Verifying 100 components
2021-08-13 10:57:38, Info CSI 0000014f [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:39, Info CSI 00000150 [SR] Verify complete
2021-08-13 10:57:39, Info CSI 00000151 [SR] Verifying 100 components
2021-08-13 10:57:39, Info CSI 00000152 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:40, Info CSI 00000153 CSIPERF - FilePI Queue 141ms
2021-08-13 10:57:41, Info CSI 00000154 [SR] Verify complete
2021-08-13 10:57:41, Info CSI 00000155 [SR] Verifying 100 components
2021-08-13 10:57:41, Info CSI 00000156 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:42, Info CSI 00000157 CSIPERF - FilePI Queue 226ms
2021-08-13 10:57:42, Info CSI 00000158 [SR] Verify complete
2021-08-13 10:57:42, Info CSI 00000159 [SR] Verifying 100 components
2021-08-13 10:57:42, Info CSI 0000015a [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:43, Info CSI 0000015b [SR] Verify complete
2021-08-13 10:57:43, Info CSI 0000015c [SR] Verifying 100 components
2021-08-13 10:57:43, Info CSI 0000015d [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:43, Info CSI 0000015e [SR] Verify complete
2021-08-13 10:57:43, Info CSI 0000015f [SR] Verifying 100 components
2021-08-13 10:57:43, Info CSI 00000160 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:44, Info CSI 00000161 [SR] Verify complete
2021-08-13 10:57:44, Info CSI 00000162 [SR] Verifying 100 components
2021-08-13 10:57:44, Info CSI 00000163 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:45, Info CSI 00000164 [SR] Verify complete
2021-08-13 10:57:45, Info CSI 00000165 [SR] Verifying 100 components
2021-08-13 10:57:45, Info CSI 00000166 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:46, Info CSI 00000167 [SR] Verify complete
2021-08-13 10:57:46, Info CSI 00000168 [SR] Verifying 100 components
2021-08-13 10:57:46, Info CSI 00000169 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:46, Info CSI 0000016a [SR] Verify complete
2021-08-13 10:57:46, Info CSI 0000016b [SR] Verifying 100 components
2021-08-13 10:57:46, Info CSI 0000016c [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:48, Info CSI 0000016d [SR] Verify complete
2021-08-13 10:57:48, Info CSI 0000016e [SR] Verifying 100 components
2021-08-13 10:57:48, Info CSI 0000016f [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:49, Info CSI 00000170 [SR] Verify complete
2021-08-13 10:57:49, Info CSI 00000171 [SR] Verifying 100 components
2021-08-13 10:57:49, Info CSI 00000172 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:50, Info CSI 00000173 [SR] Verify complete
2021-08-13 10:57:50, Info CSI 00000174 [SR] Verifying 100 components
2021-08-13 10:57:50, Info CSI 00000175 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:51, Info CSI 00000176 CSIPERF - FilePI Queue 939ms
2021-08-13 10:57:52, Info CSI 00000177 [SR] Verify complete
2021-08-13 10:57:52, Info CSI 00000178 [SR] Verifying 100 components
2021-08-13 10:57:52, Info CSI 00000179 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:52, Info CSI 0000017a [SR] Verify complete
2021-08-13 10:57:52, Info CSI 0000017b [SR] Verifying 100 components
2021-08-13 10:57:52, Info CSI 0000017c [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:53, Info CSI 0000017d [SR] Verify complete
2021-08-13 10:57:53, Info CSI 0000017e [SR] Verifying 100 components
2021-08-13 10:57:53, Info CSI 0000017f [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:54, Info CSI 00000180 [SR] Verify complete
2021-08-13 10:57:54, Info CSI 00000181 [SR] Verifying 100 components
2021-08-13 10:57:54, Info CSI 00000182 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:54, Info CSI 00000183 [SR] Verify complete
2021-08-13 10:57:54, Info CSI 00000184 [SR] Verifying 100 components
2021-08-13 10:57:54, Info CSI 00000185 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:55, Info CSI 00000186 [SR] Verify complete
2021-08-13 10:57:55, Info CSI 00000187 [SR] Verifying 100 components
2021-08-13 10:57:55, Info CSI 00000188 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:56, Info CSI 00000189 [SR] Verify complete
2021-08-13 10:57:56, Info CSI 0000018a [SR] Verifying 100 components
2021-08-13 10:57:56, Info CSI 0000018b [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:57, Info CSI 0000018c [SR] Verify complete
2021-08-13 10:57:57, Info CSI 0000018d [SR] Verifying 100 components
2021-08-13 10:57:57, Info CSI 0000018e [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:58, Info CSI 0000018f [SR] Verify complete
2021-08-13 10:57:58, Info CSI 00000190 [SR] Verifying 100 components
2021-08-13 10:57:58, Info CSI 00000191 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:58, Info CSI 00000192 [SR] Verify complete
2021-08-13 10:57:58, Info CSI 00000193 [SR] Verifying 100 components
2021-08-13 10:57:58, Info CSI 00000194 [SR] Beginning Verify and Repair transaction
2021-08-13 10:57:59, Info CSI 00000195 [SR] Verify complete
2021-08-13 10:57:59, Info CSI 00000196 [SR] Verifying 100 components
2021-08-13 10:57:59, Info CSI 00000197 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:00, Info CSI 00000198 [SR] Verify complete
2021-08-13 10:58:00, Info CSI 00000199 [SR] Verifying 100 components
2021-08-13 10:58:00, Info CSI 0000019a [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:01, Info CSI 0000019b [SR] Verify complete
2021-08-13 10:58:01, Info CSI 0000019c [SR] Verifying 100 components
2021-08-13 10:58:01, Info CSI 0000019d [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:01, Info CSI 0000019e [SR] Verify complete
2021-08-13 10:58:01, Info CSI 0000019f [SR] Verifying 100 components
2021-08-13 10:58:01, Info CSI 000001a0 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:02, Info CSI 000001a1 [SR] Verify complete
2021-08-13 10:58:02, Info CSI 000001a2 [SR] Verifying 100 components
2021-08-13 10:58:02, Info CSI 000001a3 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:03, Info CSI 000001a4 [SR] Verify complete
2021-08-13 10:58:03, Info CSI 000001a5 [SR] Verifying 100 components
2021-08-13 10:58:03, Info CSI 000001a6 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:03, Info CSI 000001a7 CSIPERF - FilePI Queue 315ms
2021-08-13 10:58:04, Info CSI 000001a8 [SR] Verify complete
2021-08-13 10:58:04, Info CSI 000001a9 [SR] Verifying 100 components
2021-08-13 10:58:04, Info CSI 000001aa [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:05, Info CSI 000001ab [SR] Verify complete
2021-08-13 10:58:05, Info CSI 000001ac [SR] Verifying 100 components
2021-08-13 10:58:05, Info CSI 000001ad [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:05, Info CSI 000001ae [SR] Verify complete
2021-08-13 10:58:05, Info CSI 000001af [SR] Verifying 100 components
2021-08-13 10:58:05, Info CSI 000001b0 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:06, Info CSI 000001b1 [SR] Verify complete
2021-08-13 10:58:06, Info CSI 000001b2 [SR] Verifying 100 components
2021-08-13 10:58:06, Info CSI 000001b3 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:07, Info CSI 000001b4 CSIPERF - FilePI Queue 254ms
2021-08-13 10:58:07, Info CSI 000001b5 [SR] Verify complete
2021-08-13 10:58:07, Info CSI 000001b6 [SR] Verifying 100 components
2021-08-13 10:58:07, Info CSI 000001b7 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:08, Info CSI 000001b8 [SR] Verify complete
2021-08-13 10:58:08, Info CSI 000001b9 [SR] Verifying 100 components
2021-08-13 10:58:08, Info CSI 000001ba [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:09, Info CSI 000001bb [SR] Verify complete
2021-08-13 10:58:09, Info CSI 000001bc [SR] Verifying 100 components
2021-08-13 10:58:09, Info CSI 000001bd [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:09, Info CSI 000001be [SR] Verify complete
2021-08-13 10:58:09, Info CSI 000001bf [SR] Verifying 100 components
2021-08-13 10:58:09, Info CSI 000001c0 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:10, Info CSI 000001c1 [SR] Verify complete
2021-08-13 10:58:10, Info CSI 000001c2 [SR] Verifying 100 components
2021-08-13 10:58:10, Info CSI 000001c3 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:11, Info CSI 000001c4 [SR] Verify complete
2021-08-13 10:58:11, Info CSI 000001c5 [SR] Verifying 100 components
2021-08-13 10:58:11, Info CSI 000001c6 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:11, Info CSI 000001c7 [SR] Verify complete
2021-08-13 10:58:11, Info CSI 000001c8 [SR] Verifying 100 components
2021-08-13 10:58:11, Info CSI 000001c9 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:12, Info CSI 000001ca [SR] Verify complete
2021-08-13 10:58:12, Info CSI 000001cb [SR] Verifying 100 components
2021-08-13 10:58:12, Info CSI 000001cc [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:13, Info CSI 000001cd [SR] Verify complete
2021-08-13 10:58:13, Info CSI 000001ce [SR] Verifying 100 components
2021-08-13 10:58:13, Info CSI 000001cf [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:14, Info CSI 000001d0 [SR] Verify complete
2021-08-13 10:58:14, Info CSI 000001d1 [SR] Verifying 100 components
2021-08-13 10:58:14, Info CSI 000001d2 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:14, Info CSI 000001d3 [SR] Verify complete
2021-08-13 10:58:14, Info CSI 000001d4 [SR] Verifying 100 components
2021-08-13 10:58:14, Info CSI 000001d5 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:15, Info CSI 000001d6 [SR] Verify complete
2021-08-13 10:58:15, Info CSI 000001d7 [SR] Verifying 100 components
2021-08-13 10:58:15, Info CSI 000001d8 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:16, Info CSI 000001d9 [SR] Verify complete
2021-08-13 10:58:16, Info CSI 000001da [SR] Verifying 100 components
2021-08-13 10:58:16, Info CSI 000001db [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:17, Info CSI 000001dc [SR] Verify complete
2021-08-13 10:58:17, Info CSI 000001dd [SR] Verifying 100 components
2021-08-13 10:58:17, Info CSI 000001de [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:17, Info CSI 000001df [SR] Verify complete
2021-08-13 10:58:18, Info CSI 000001e0 [SR] Verifying 100 components
2021-08-13 10:58:18, Info CSI 000001e1 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:18, Info CSI 000001e2 [SR] Verify complete
2021-08-13 10:58:18, Info CSI 000001e3 [SR] Verifying 100 components
2021-08-13 10:58:18, Info CSI 000001e4 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:19, Info CSI 000001e5 [SR] Verify complete
2021-08-13 10:58:19, Info CSI 000001e6 [SR] Verifying 100 components
2021-08-13 10:58:19, Info CSI 000001e7 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:20, Info CSI 000001e8 Warning: Overlap: Directory \??\C:\WINDOWS\SysWOW64\drivers\en-US\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch Host= amd64 Guest= x86, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch Host= amd64 Guest= x86, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
2021-08-13 10:58:20, Info CSI 000001e9 Warning: Overlap: Directory \??\C:\WINDOWS\SysWOW64\wbem\en-US\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch Host= amd64 Guest= x86, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch Host= amd64 Guest= x86, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
2021-08-13 10:58:20, Info CSI 000001ea Warning: Overlap: Directory \??\C:\WINDOWS\help\mui\0409\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch Host= amd64 Guest= x86, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch Host= amd64 Guest= x86, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
2021-08-13 10:58:20, Info CSI 000001eb [SR] Verify complete
2021-08-13 10:58:20, Info CSI 000001ec [SR] Verifying 100 components
2021-08-13 10:58:20, Info CSI 000001ed [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:21, Info CSI 000001ee [SR] Verify complete
2021-08-13 10:58:21, Info CSI 000001ef [SR] Verifying 100 components
2021-08-13 10:58:21, Info CSI 000001f0 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:21, Info CSI 000001f1 [SR] Verify complete
2021-08-13 10:58:21, Info CSI 000001f2 [SR] Verifying 100 components
2021-08-13 10:58:21, Info CSI 000001f3 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:22, Info CSI 000001f4 [SR] Verify complete
2021-08-13 10:58:22, Info CSI 000001f5 [SR] Verifying 100 components
2021-08-13 10:58:22, Info CSI 000001f6 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:22, Info CSI 000001f7 [SR] Verify complete
2021-08-13 10:58:22, Info CSI 000001f8 [SR] Verifying 100 components
2021-08-13 10:58:22, Info CSI 000001f9 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:23, Info CSI 000001fa [SR] Verify complete
2021-08-13 10:58:23, Info CSI 000001fb [SR] Verifying 100 components
2021-08-13 10:58:23, Info CSI 000001fc [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:24, Info CSI 000001fd [SR] Verify complete
2021-08-13 10:58:24, Info CSI 000001fe [SR] Verifying 100 components
2021-08-13 10:58:24, Info CSI 000001ff [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:25, Info CSI 00000200 [SR] Verify complete
2021-08-13 10:58:25, Info CSI 00000201 [SR] Verifying 100 components
2021-08-13 10:58:25, Info CSI 00000202 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:26, Info CSI 00000203 [SR] Verify complete
2021-08-13 10:58:26, Info CSI 00000204 [SR] Verifying 100 components
2021-08-13 10:58:26, Info CSI 00000205 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:27, Info CSI 00000206 [SR] Verify complete
2021-08-13 10:58:27, Info CSI 00000207 [SR] Verifying 100 components
2021-08-13 10:58:27, Info CSI 00000208 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:28, Info CSI 00000209 [SR] Verify complete
2021-08-13 10:58:28, Info CSI 0000020a [SR] Verifying 100 components
2021-08-13 10:58:28, Info CSI 0000020b [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:29, Info CSI 0000020c [SR] Verify complete
2021-08-13 10:58:29, Info CSI 0000020d [SR] Verifying 100 components
2021-08-13 10:58:29, Info CSI 0000020e [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:30, Info CSI 0000020f [SR] Verify complete
2021-08-13 10:58:30, Info CSI 00000210 [SR] Verifying 100 components
2021-08-13 10:58:30, Info CSI 00000211 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:30, Info CSI 00000212 [SR] Verify complete
2021-08-13 10:58:30, Info CSI 00000213 [SR] Verifying 100 components
2021-08-13 10:58:30, Info CSI 00000214 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:31, Info CSI 00000215 [SR] Verify complete
2021-08-13 10:58:31, Info CSI 00000216 [SR] Verifying 100 components
2021-08-13 10:58:31, Info CSI 00000217 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:32, Info CSI 00000218 [SR] Verify complete
2021-08-13 10:58:32, Info CSI 00000219 [SR] Verifying 100 components
2021-08-13 10:58:32, Info CSI 0000021a [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:33, Info CSI 0000021b [SR] Verify complete
2021-08-13 10:58:33, Info CSI 0000021c [SR] Verifying 100 components
2021-08-13 10:58:33, Info CSI 0000021d [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:33, Info CSI 0000021e [SR] Verify complete
2021-08-13 10:58:34, Info CSI 0000021f [SR] Verifying 100 components
2021-08-13 10:58:34, Info CSI 00000220 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:34, Info CSI 00000221 Warning: Overlap: Directory \??\C:\Program Files (x86)\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-shell32, version 10.0.19041.1023, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-shell32, version 10.0.19041.1023, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35}
2021-08-13 10:58:34, Info CSI 00000222 Warning: Overlap: Directory \??\C:\ProgramData\Microsoft\Windows\Start Menu\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-shell32, version 10.0.19041.1023, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-shell32, version 10.0.19041.1023, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35}
2021-08-13 10:58:34, Info CSI 00000223 Warning: Overlap: Directory \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-shell32, version 10.0.19041.1023, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-shell32, version 10.0.19041.1023, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35}
2021-08-13 10:58:34, Info CSI 00000224 Warning: Overlap: Directory \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ is owned twice or has its security set twice
Original owner: Microsoft-Windows-shell32, version 10.0.19041.1023, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35}
New owner: Microsoft-Windows-shell32, version 10.0.19041.1023, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35}
2021-08-13 10:58:34, Info CSI 00000225 [SR] Verify complete
2021-08-13 10:58:34, Info CSI 00000226 [SR] Verifying 100 components
2021-08-13 10:58:34, Info CSI 00000227 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:35, Info CSI 00000228 [SR] Verify complete
2021-08-13 10:58:35, Info CSI 00000229 [SR] Verifying 100 components
2021-08-13 10:58:35, Info CSI 0000022a [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:36, Info CSI 0000022b [SR] Verify complete
2021-08-13 10:58:36, Info CSI 0000022c [SR] Verifying 100 components
2021-08-13 10:58:36, Info CSI 0000022d [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:37, Info CSI 0000022e [SR] Verify complete
2021-08-13 10:58:37, Info CSI 0000022f [SR] Verifying 100 components
2021-08-13 10:58:37, Info CSI 00000230 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:38, Info CSI 00000231 [SR] Verify complete
2021-08-13 10:58:38, Info CSI 00000232 [SR] Verifying 100 components
2021-08-13 10:58:38, Info CSI 00000233 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:39, Info CSI 00000234 [SR] Verify complete
2021-08-13 10:58:39, Info CSI 00000235 [SR] Verifying 100 components
2021-08-13 10:58:39, Info CSI 00000236 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:39, Info CSI 00000237 [SR] Verify complete
2021-08-13 10:58:39, Info CSI 00000238 [SR] Verifying 100 components
2021-08-13 10:58:39, Info CSI 00000239 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:40, Info CSI 0000023a [SR] Verify complete
2021-08-13 10:58:40, Info CSI 0000023b [SR] Verifying 100 components
2021-08-13 10:58:40, Info CSI 0000023c [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:42, Info CSI 0000023d CSIPERF - FilePI Queue 297ms
2021-08-13 10:58:42, Info CSI 0000023e [SR] Verify complete
2021-08-13 10:58:42, Info CSI 0000023f [SR] Verifying 100 components
2021-08-13 10:58:42, Info CSI 00000240 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:43, Info CSI 00000241 [SR] Verify complete
2021-08-13 10:58:43, Info CSI 00000242 [SR] Verifying 100 components
2021-08-13 10:58:43, Info CSI 00000243 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:44, Info CSI 00000244 [SR] Verify complete
2021-08-13 10:58:44, Info CSI 00000245 [SR] Verifying 100 components
2021-08-13 10:58:44, Info CSI 00000246 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:45, Info CSI 00000247 [SR] Verify complete
2021-08-13 10:58:45, Info CSI 00000248 [SR] Verifying 100 components
2021-08-13 10:58:45, Info CSI 00000249 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:46, Info CSI 0000024a [SR] Verify complete
2021-08-13 10:58:46, Info CSI 0000024b [SR] Verifying 100 components
2021-08-13 10:58:46, Info CSI 0000024c [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:47, Info CSI 0000024d [SR] Verify complete
2021-08-13 10:58:47, Info CSI 0000024e [SR] Verifying 100 components
2021-08-13 10:58:47, Info CSI 0000024f [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:48, Info CSI 00000250 [SR] Verify complete
2021-08-13 10:58:48, Info CSI 00000251 [SR] Verifying 100 components
2021-08-13 10:58:48, Info CSI 00000252 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:49, Info CSI 00000253 [SR] Verify complete
2021-08-13 10:58:49, Info CSI 00000254 [SR] Verifying 100 components
2021-08-13 10:58:49, Info CSI 00000255 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:49, Info CSI 00000256 [SR] Verify complete
2021-08-13 10:58:49, Info CSI 00000257 [SR] Verifying 100 components
2021-08-13 10:58:49, Info CSI 00000258 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:50, Info CSI 00000259 Hashes for file member [l:12]'mscormmc.dll' do not match.
Expected: {l:32 ml:33 b:cc8bc6700d3f44928b8c7022569beda57ab7971326be21f131498e9456f4c8a4}.
Actual: {l:32 b:be39e9b8105c2b1b11446965404455019df6526e958fc3413da83b33fc574380}.
2021-08-13 10:58:50, Info CSI 0000025a [SR] Repairing file \??\C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\\mscormmc.dll from store
2021-08-13 10:58:50, Info CSI 0000025b [SR] Verify complete
2021-08-13 10:58:50, Info CSI 0000025c [SR] Verifying 100 components
2021-08-13 10:58:50, Info CSI 0000025d [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:51, Info CSI 0000025e [SR] Verify complete
2021-08-13 10:58:51, Info CSI 0000025f [SR] Verifying 100 components
2021-08-13 10:58:51, Info CSI 00000260 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:51, Info CSI 00000261 [SR] Verify complete
2021-08-13 10:58:52, Info CSI 00000262 [SR] Verifying 100 components
2021-08-13 10:58:52, Info CSI 00000263 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:52, Info CSI 00000264 [SR] Verify complete
2021-08-13 10:58:52, Info CSI 00000265 [SR] Verifying 100 components
2021-08-13 10:58:52, Info CSI 00000266 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:53, Info CSI 00000267 [SR] Verify complete
2021-08-13 10:58:53, Info CSI 00000268 [SR] Verifying 13 components
2021-08-13 10:58:53, Info CSI 00000269 [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:53, Info CSI 0000026a [SR] Verify complete
2021-08-13 10:58:53, Info CSI 0000026b [SR] Repairing 2 components
2021-08-13 10:58:53, Info CSI 0000026c [SR] Beginning Verify and Repair transaction
2021-08-13 10:58:53, Info CSI 0000026d Hashes for file member [l:12]'mscormmc.dll' do not match.
Expected: {l:32 ml:33 b:cc8bc6700d3f44928b8c7022569beda57ab7971326be21f131498e9456f4c8a4}.
Actual: {l:32 b:be39e9b8105c2b1b11446965404455019df6526e958fc3413da83b33fc574380}.
2021-08-13 10:58:53, Info CSI 0000026e [SR] Repairing file \??\C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\\mscormmc.dll from store
2021-08-13 10:58:53, Info CSI 0000026f [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\RecoveryDrive.lnk from store
2021-08-13 10:58:53, Info CSI 00000270 [SR] Repair complete
2021-08-13 10:58:53, Info CSI 00000271 [SR] Committing transaction
2021-08-13 10:58:53, Info CSI 00000272 Creating NT transaction (seq 1)
2021-08-13 10:58:53, Info CSI 00000273 Created NT transaction (seq 1) result 0x00000000, handle @0xd64
2021-08-13 10:58:53, Info CSI 00000274@2021/8/13:08:58:53.779 Beginning NT transaction commit...
2021-08-13 10:58:53, Info CSI 00000275@2021/8/13:08:58:53.782 CSI perf trace:
CSIPERF:TXCOMMIT;3290
2021-08-13 10:58:53, Info CSI 00000276 [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction have been successfully repaired
2021-08-13 11:00:55, Info CBS Trusted Installer is shutting down because: SHUTDOWN_REASON_AUTOSTOP
2021-08-13 11:00:55, Info CBS TiWorker signaled for shutdown, going to exit.
2021-08-13 11:00:55, Info CBS CbsCoreFinalize: ExecutionEngineFinalize
2021-08-13 11:00:55, Info CBS Execution Engine Finalize
2021-08-13 11:00:55, Info CBS Execution Engine Finalize
2021-08-13 11:00:55, Info CBS Deleting the contents of directory: \\?\C:\WINDOWS\CbsTemp
2021-08-13 11:00:55, Info CBS Deletion of: \\?\C:\WINDOWS\CbsTemp successful
2021-08-13 11:00:55, Info CBS Lock: Lock removed: TiWorkerClassFactory, level: 30, total lock:3
2021-08-13 11:00:55, Info CBS Lock: Lock removed: CCbsWorker, level: 5, total lock:2
2021-08-13 11:00:55, Info CBS Ending the TiWorker main loop.
2021-08-13 11:00:55, Info CBS Starting TiWorker finalization.
2021-08-13 11:00:55, Info CBS CbsCoreFinalize: ExecutionEngineFinalize
2021-08-13 11:00:55, Info CBS CBS Engine already deactivated
2021-08-13 11:00:55, Info CBS CBS Engine already deactivated
2021-08-13 11:00:55, Info CBS CbsCoreFinalize: ComponentAnalyzerFinalize
2021-08-13 11:00:55, Info CBS CbsCoreFinalize: PackageTrackerFinalize
2021-08-13 11:00:55, Info CBS CbsCoreFinalize: CoreResourcesUnload
2021-08-13 11:00:55, Info CBS CbsCoreFinalize: SessionManagerFinalize
2021-08-13 11:00:55, Info CBS Lock: Lock removed: CSIInventoryCriticalSection, level: 64, total lock:10
2021-08-13 11:00:55, Info CBS Lock: Lock removed: CCbsSessionManager, level: 11, total lock:9
2021-08-13 11:00:55, Info CBS CbsCoreFinalize: CapabilityManagerFinalize
2021-08-13 11:00:55, Info CBS CbsCoreFinalize: PublicObjectMonitorFinalize
2021-08-13 11:00:55, Info CBS CbsCoreFinalize: Enter vCoreInitializeLock
2021-08-13 11:00:55, Info CBS CbsCoreFinalize: WcpUnload
2021-08-13 11:00:55, Info CSI 00000277 Direct SIL provider: Number of files opened: 243616.
2021-08-13 11:00:55, Info CBS CbsCoreFinalize: DrupUnload
2021-08-13 11:00:55, Info CBS CbsCoreFinalize: CfgMgr32Unload
2021-08-13 11:00:55, Info CBS CbsCoreFinalize: DpxUnload
2021-08-13 11:00:55, Info CBS CbsCoreFinalize: SrUnload
2021-08-13 11:00:55, Info CBS CbsCoreFinalize: CbsEsdUnload
2021-08-13 11:00:55, Info CBS CbsCoreFinalize: CbsTraceInfoUninitialize
2021-08-13 11:00:55, Info CBS CbsCoreFinalize: CbsEventUnregister
2021-08-13 11:00:55, Info CBS CbsCoreFinalize: AppContainerUnload
2021-08-13 11:00:55, Info CBS CbsCoreFinalize: WdsUnload, logging from cbscore will end.
2021-08-13 11:00:55, Info CBS Ending TiWorker finalization.
2021-08-13 11:00:55, Info CBS Ending the TrustedInstaller main loop.
2021-08-13 11:00:55, Info CBS Starting TrustedInstaller finalization.
2021-08-13 11:00:55, Info CBS Lock: Lock removed: WinlogonNotifyLock, level: 8, total lock:6
2021-08-13 11:00:55, Info CBS Ending TrustedInstaller finalization.

jsktmk
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 12 srp 2021 21:26

Re: Prosím o Preventivku

#4 Příspěvek od jsktmk »

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 13.08.21
Čas skenování: 11:21
Logovací soubor: cd3693ee-fc17-11eb-bac6-309c23624273.json

-Informace o softwaru-
Verze: 4.4.4.126
Verze komponentů: 1.0.1413
Aktualizovat verzi balíku komponent: 1.0.44094
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 19043.1110)
CPU: x64
Systém souborů: NTFS
Uživatel: TOMEK-PC\josef.tomek

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 403891
Zjištěné hrozby: 0
Hrozby umístěné do karantény: 0
Uplynulý čas: 4 min, 20 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Akorát mi vyskočil troják když sem byl tu na webu.

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum události ochrany: 13.08.21
Čas události ochrany: 11:16
Logovací soubor: 1c870f9c-fc17-11eb-9c6d-309c23624273.json

-Informace o softwaru-
Verze: 4.4.4.126
Verze komponentů: 1.0.1413
Aktualizovat verzi balíku komponent: 1.0.44094
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 19043.1110)
CPU: x64
Systém souborů: NTFS
Uživatel: System

-Podrobnosti o zablokovaném webu-
Škodlivý web: 1
, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, Zablokováno, -1, -1, 0.0.0, ,

-Údaje o webu-
Kategorie: Trojský kůň
Doména: forum.viry.cz
IP Adresa: 89.221.217.81
Port: 443
Typ: Odchozí
Soubor: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe



(end)

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15364
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o Preventivku

#5 Příspěvek od JaRon »

hlaska je falosna
vloz aktualne logy FRST - docistime :)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

jsktmk
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 12 srp 2021 21:26

Re: Prosím o Preventivku

#6 Příspěvek od jsktmk »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-08-2021
Ran by josef.tomek (administrator) on TOMEK-PC (Micro-Star International Co., Ltd. MS-7A34) (13-08-2021 12:16:12)
Running from D:\Downloads
Loaded Profiles: josef.tomek
Platform: Windows 10 Pro Version 21H1 19043.1110 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10>
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20090.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Thales DIS CPL USA, Inc. -> Thales Group) C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplms.exe
(Thales DIS CPL USA, Inc. -> Thales Group) C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplmv.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3180256 2021-07-21] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35062912 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Policies\Explorer: []
HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Policies\Explorer\DisallowRun: [1] 1.exe
HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Policies\Explorer\DisallowRun: [2] irsetup.exe
HKLM\...\Windows x64\Print Processors\LogMeIn Print Processor: C:\Windows\System32\spool\prtprocs\x64\LMIproc.dll [60416 2016-01-29] (LogMeIn, Inc. -> LogMeIn, Inc.)
HKLM\...\Print\Monitors\LogMeIn Printer Port Monitor: C:\Windows\system32\LMIport.dll [35328 2016-01-29] (LogMeIn, Inc. -> LogMeIn, Inc.)
HKLM\Software\...\AppCompatFlags\Custom\GXSetup.exe: [{0e82bf4c-b906-4635-a97e-6a9740686b33}.sdb] -> Rayman 2: The Great Escape GOG Edition
HKLM\Software\...\AppCompatFlags\Custom\Rayman2.exe: [{0e82bf4c-b906-4635-a97e-6a9740686b33}.sdb] -> Rayman 2: The Great Escape GOG Edition
HKLM\Software\...\AppCompatFlags\InstalledSDB\{0e82bf4c-b906-4635-a97e-6a9740686b33}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{0e82bf4c-b906-4635-a97e-6a9740686b33}.sdb [2011-03-17]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\92.0.11264.134\Installer\chrmstp.exe [2021-08-12] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.131\Installer\chrmstp.exe [2021-08-04] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{65CD7F9B-E8F3-4bb0-82EB-6F6875B745DF}] -> C:\Windows\system32\LMIinit.dll [2020-05-08] (LogMeIn, Inc. -> LogMeIn, Inc.)
Startup: C:\Users\josef.tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE XTREME GAMING ENGINE.lnk [2018-10-02]
ShortcutTarget: GIGABYTE XTREME GAMING ENGINE.lnk -> D:\XTREME GAMING ENGINE\autorun.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04F931A7-53FB-480E-8961-6AFF4EB69C7E} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2287472 2021-08-03] (Piriform Software Ltd -> Piriform Software)
Task: {05DB93C7-CE46-48A4-9A93-273C4EC9A5A4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {151F17B0-6C99-4935-BEB0-6EA4716B24CF} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-06-08] (Piriform Software Ltd -> Piriform Software)
Task: {1A5E1F78-801E-431E-8948-6548960F36FA} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773328 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {1B17C3CA-8ADB-4CE1-B5F0-0D9368E45518} - System32\Tasks\Opera scheduled assistant Autoupdate 1582725469 => C:\Users\josef.tomek\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-21] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\josef.tomek\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {2AAC00DC-84AA-464C-BB8C-0B58E8DD302C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2D1F1153-FFC8-4B9E-8D01-418B04FB31C0} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-06-08] (Piriform Software Ltd -> Piriform Software)
Task: {311240D7-8463-42C1-A848-908D815AEEBF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-10-01] (Google Inc -> Google Inc.)
Task: {3AF0A177-BC41-496D-8FCA-048E71952038} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {590854D4-F497-4028-9BE0-BE4FFE14D60B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {5ECAB301-B478-490A-84C0-5A725E2BCBBE} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950480 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {793EE2E1-AA87-4F46-8898-B752940727F7} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855760 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {79A9F6A7-F4C7-48B8-8119-B4555233FE42} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773328 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {7D9C328F-CA5B-46A4-BF93-923AE98BD9D4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-07-16] (Piriform Software Ltd -> Piriform)
Task: {8C76EF1F-A2FA-408C-9DD1-77C9A8550496} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950480 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9847E2EE-DB9D-4678-910F-7EABF7667AAB} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2317344584-338335979-3697871285-500 => C:\Users\josef.tomek\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {985BE318-527E-46D1-A54B-8FD0ADA020D5} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2287472 2021-08-03] (Piriform Software Ltd -> Piriform Software)
Task: {9F53D1CE-9E07-4B9C-BC23-F8547478C204} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950480 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A8D76F95-3072-4994-BF85-BE3BD83B8079} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29136000 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B7D2C4E3-BF81-431D-9BAC-CBC35CAD4CBA} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {BFB1198F-9947-4073-96DE-7F65EABF2982} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5F0127D-C04C-453E-AF78-C3F042BC5E3C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [696016 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CA1F09E6-3095-420A-8900-820FD1C907C4} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [950480 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CBFA0632-9EDE-481C-AA11-5F47390E358C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [995024 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E42C4F47-FFD9-422E-A4C1-A195474304FE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2018-10-01] (Google Inc -> Google Inc.)
Task: {EFBE24DA-07BC-4B26-94A2-6BADE8CFBEB2} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3487440 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F2E48B34-3A9D-4931-A36A-CAA5A46C7DDE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F352E3EE-1F2D-4B68-8E57-92F76AFAA168} - System32\Tasks\Opera scheduled Autoupdate 1550496882 => C:\Users\josef.tomek\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-21] (Opera Software AS -> Opera Software)
Task: {FA40F41F-9F62-4028-AA00-7B6613E23FF8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855760 2018-09-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FEC1F236-EE00-4B42-AAE7-A1F72AFBC46F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0bfbe3c0-262b-4006-9f83-a8c30be782ca}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{39042313-b12b-4806-bdf6-42a082645fa1}: [DhcpNameServer] 10.107.4.100 10.107.4.129

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\josef.tomek\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-13]

FireFox:
========
FF DefaultProfile: 8kavqy3r.default
FF ProfilePath: C:\Users\josef.tomek\AppData\Roaming\Mozilla\Firefox\Profiles\8kavqy3r.default [2021-08-13]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-04-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-04-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-06-08] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-06-08] (Piriform Software Ltd -> Piriform Software)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default [2021-08-13]
CHR Notifications: Default -> hxxps://aternos.org; hxxps://cs66.divokekmeny.cz; hxxps://cs70.divokekmeny.cz; hxxps://cz.pinterest.com; hxxps://golive.im; hxxps://meet.google.com; hxxps://tabletopia.com; hxxps://teams.microsoft.com; hxxps://www.divokekmeny.cz; hxxps://www.netflix.com; hxxps://www.youtube.com
CHR Extension: (Prezentace) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-01]
CHR Extension: (Dokumenty) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-01]
CHR Extension: (Disk Google) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (YouTube) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-01]
CHR Extension: (Watch2Gether) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cimpffimgeipdhnhjohpbehjkcdpjolg [2021-06-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-29]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-08-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-23]
CHR Profile: C:\Users\josef.tomek\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-08-12]

Opera:
=======
OPR Profile: C:\Users\josef.tomek\AppData\Roaming\Opera Software\Opera Stable [2021-08-12]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\josef.tomek\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-07-02]

Brave:
=======
BRA Profile: C:\Users\josef.tomek\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-08-12]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\josef.tomek\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2019-07-13]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\josef.tomek\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2019-07-21]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\josef.tomek\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2019-07-13]
BRA Extension: (PDF Viewer) - C:\Users\josef.tomek\AppData\Local\BraveSoftware\Brave-Browser\User Data\oemmndcbldboiebfnladdacbdfmadadm [2019-07-13]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\josef.tomek\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2019-07-13]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-06-08] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\92.0.11264.134\elevation_service.exe [1419240 2021-08-03] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-06-08] (Piriform Software Ltd -> Piriform Software)
S3 Disc Soft Lite Bus Service; D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3606120 2018-04-03] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-09-21] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 FACEITService; C:\Program Files\FACEIT AC\FACEITService.exe [25942472 2021-08-03] (FACE IT LIMITED -> )
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2021-01-29] (Mixbyte Inc -> Freemake)
R2 hasplms; C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplms.exe [6181600 2020-08-19] (Thales DIS CPL USA, Inc. -> Thales Group)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7477704 2021-08-13] (Malwarebytes Inc -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5395384 2021-07-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2019-11-07] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10147296 2021-07-21] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [269200 2020-04-02] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aksdf; C:\WINDOWS\system32\drivers\aksdf.sys [389560 2020-08-19] (Gemalto, Inc. -> SafeNet, Inc.)
R2 aksfridge; C:\WINDOWS\system32\drivers\aksfridge.sys [510800 2020-08-19] (Gemalto, Inc. -> SafeNet, Inc.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-10-01] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-10-01] (Disc Soft Ltd -> Disc Soft Ltd)
S3 esgiguard; D:\SpyHunter4\SpyHunter\App\SpyHunter\esgiguard.sys [15920 2016-05-19] (Enigma Software Group USA, LLC -> Enigma Software Group USA, LLC.)
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2018-11-23] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [1970104 2020-08-19] (Gemalto, Inc. -> SafeNet, Inc.)
R2 LMIInfo; C:\WINDOWS\system32\drivers\LMIInfo.sys [30432 2017-01-11] (LogMeIn, Inc. -> LogMeIn, Inc.)
S4 LMIRfsClientNP; no ImagePath
S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [66952 2018-07-30] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-08-13] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-08-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-08-13] (Malwarebytes Inc -> Malwarebytes)
S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
R3 MpKsl6f01eed8; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{30608777-F0C9-4E72-8479-4B3967AC9055}\MpKslDrv.sys [123112 2021-08-13] (Microsoft Windows -> Microsoft Corporation)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8243528 2021-07-21] (Riot Games, Inc. -> Riot Games, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2020-05-06] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 VBAudioVMVAIOMME; \SystemRoot\System32\drivers\vbaudio_vmvaio64_win10.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-13 11:09 - 2021-08-13 11:09 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-08-13 11:09 - 2021-08-13 11:09 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-08-13 11:09 - 2021-08-13 11:09 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-08-13 11:09 - 2021-08-13 11:09 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-08-13 11:09 - 2021-08-13 11:09 - 000002047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-08-13 11:09 - 2021-08-13 11:09 - 000002035 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-08-13 11:09 - 2021-08-13 11:09 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\mbam
2021-08-13 11:09 - 2021-08-13 11:09 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-08-13 11:09 - 2021-08-13 11:09 - 000000000 ____D C:\Program Files\Malwarebytes
2021-08-12 22:28 - 2021-08-13 12:16 - 000000000 ____D C:\FRST
2021-08-12 22:11 - 2021-08-12 22:11 - 000055818 _____ C:\Users\josef.tomek\Desktop\cc_20210812_221149.reg
2021-08-11 11:55 - 2021-08-11 11:55 - 000000000 ___HD C:\$WinREAgent
2021-08-05 21:49 - 2021-08-05 21:49 - 000000000 ____D C:\Users\josef.tomek\Documents\Assassin's Creed IV Black Flag
2021-08-05 21:47 - 2021-08-05 21:47 - 000000826 _____ C:\Users\Public\Desktop\Assassin's Creed IV - Black Flag.lnk
2021-08-05 21:47 - 2021-08-05 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed IV - Black Flag
2021-08-05 21:36 - 2021-08-05 21:36 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\Setup Integrity Check
2021-07-22 15:12 - 2021-07-22 15:12 - 000000000 ____D C:\Users\josef.tomek\AppData\LocalLow\Sage_gg s_r_o_
2021-07-22 15:12 - 2021-07-22 15:12 - 000000000 ____D C:\Users\josef.tomek\AppData\LocalLow\Sage.gg s.r.o_
2021-07-22 15:08 - 2021-07-22 15:12 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\GitGut
2021-07-22 15:08 - 2021-07-22 15:08 - 000000370 _____ C:\Users\josef.tomek\Desktop\GitGut.ai.appref-ms
2021-07-22 15:08 - 2021-07-22 15:08 - 000000000 ____D C:\Users\josef.tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sage.gg s.r.o
2021-07-16 13:24 - 2021-07-16 13:24 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-16 13:24 - 2021-07-16 13:24 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-16 13:24 - 2021-07-16 13:24 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-16 13:24 - 2021-07-16 13:24 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-16 13:24 - 2021-07-16 13:24 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-16 13:24 - 2021-07-16 13:24 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-13 12:15 - 2020-10-31 01:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-13 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-13 12:04 - 2018-10-01 16:40 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-13 11:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-13 11:35 - 2018-10-01 16:24 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\Packages
2021-08-13 11:09 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-08-13 09:56 - 2020-06-19 19:21 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-08-13 09:53 - 2021-04-10 14:57 - 000000000 ____D C:\Program Files\Riot Vanguard
2021-08-13 09:52 - 2019-02-26 20:24 - 000000000 ____D C:\ProgramData\Riot Games
2021-08-13 09:24 - 2019-04-10 16:09 - 000000000 ____D C:\Program Files\CCleaner
2021-08-13 09:21 - 2018-10-01 16:12 - 000000000 ____D C:\ProgramData\NVIDIA
2021-08-12 22:31 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-12 22:30 - 2020-10-31 01:47 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-12 22:30 - 2019-12-07 16:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2021-08-12 22:30 - 2019-12-07 16:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2021-08-12 22:27 - 2020-06-06 19:50 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-12 22:27 - 2020-06-06 19:50 - 000002288 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-08-12 22:27 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-12 22:23 - 2020-10-31 01:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-12 22:23 - 2020-10-31 01:37 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-12 22:23 - 2018-10-23 14:08 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-08-12 22:22 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-08-12 22:20 - 2018-10-01 18:01 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\CrashDumps
2021-08-12 22:17 - 2018-11-12 19:48 - 000000000 ____D C:\Users\josef.tomek\AppData\Roaming\discord
2021-08-12 22:17 - 2018-11-12 19:48 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\Discord
2021-08-12 22:16 - 2020-06-03 21:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2021-08-12 22:15 - 2021-02-06 15:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2021-08-12 22:15 - 2020-10-31 01:17 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-08-12 22:15 - 2020-09-21 18:06 - 000000000 ____D C:\Users\josef.tomek\AppData\Roaming\JetBrains
2021-08-12 22:15 - 2018-12-13 18:37 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2021-08-12 22:14 - 2019-05-21 16:31 - 000000000 ____D C:\Program Files\FACEIT AC
2021-08-12 22:13 - 2020-06-03 22:57 - 000000000 ____D C:\Program Files\IIS Express
2021-08-12 22:13 - 2020-06-03 22:57 - 000000000 ____D C:\Program Files (x86)\IIS Express
2021-08-12 22:13 - 2018-12-13 18:37 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2021-08-12 22:12 - 2020-06-03 21:46 - 000000000 ____D C:\Users\josef.tomek\AppData\Roaming\Visual Studio Setup
2021-08-12 22:12 - 2019-08-12 17:01 - 000000000 ____D C:\Users\josef.tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FACEIT Ltd
2021-08-12 22:12 - 2019-08-12 17:00 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\FACEITApp
2021-08-12 22:12 - 2019-05-21 16:31 - 000000000 ____D C:\Users\josef.tomek\AppData\Roaming\FACEIT
2021-08-12 22:11 - 2020-09-13 16:43 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\Spotify
2021-08-12 21:49 - 2020-09-13 16:42 - 000000000 ____D C:\Users\josef.tomek\AppData\Roaming\Spotify
2021-08-12 17:34 - 2021-06-08 19:58 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2021-08-12 17:34 - 2021-06-08 19:58 - 000002366 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2021-08-12 17:34 - 2021-06-08 19:58 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2021-08-12 12:00 - 2021-06-03 22:44 - 000000032 _____ C:\Users\josef.tomek\AppData\Roaming\.machineId
2021-08-11 21:36 - 2021-07-09 11:30 - 000004478 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582725469
2021-08-05 21:49 - 2018-10-01 16:36 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\D3DSCache
2021-08-05 10:04 - 2020-10-04 17:36 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-05 09:59 - 2020-10-31 01:50 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-05 09:59 - 2020-10-31 01:50 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-04 11:21 - 2018-10-01 15:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-08-04 11:12 - 2018-10-01 16:46 - 000002315 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-04 11:12 - 2018-10-01 16:46 - 000002274 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-07-31 15:20 - 2020-10-31 01:58 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6af166b8e5672
2021-07-31 15:20 - 2020-10-31 01:50 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-27 14:35 - 2021-04-23 14:28 - 000001507 _____ C:\Users\josef.tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-07-27 14:35 - 2020-10-31 01:50 - 000004212 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1550496882
2021-07-26 11:58 - 2020-06-22 22:17 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\blitz-updater
2021-07-26 11:57 - 2020-11-23 17:44 - 000000000 ____D C:\Users\josef.tomek\AppData\Local\Deployment
2021-07-21 13:22 - 2020-10-31 01:50 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-07-18 11:47 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-17 00:10 - 2020-10-31 01:37 - 000435904 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-17 00:08 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-07-17 00:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-17 00:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-17 00:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-17 00:08 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-16 13:16 - 2018-10-01 16:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-16 13:14 - 2018-10-01 16:36 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-07-16 09:45 - 2020-10-04 17:36 - 000740152 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-07-16 09:45 - 2020-10-04 17:36 - 000486712 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-07-15 01:44 - 2020-10-31 01:39 - 000000000 ____D C:\Users\josef.tomek

==================== Files in the root of some directories ========

2021-06-03 22:44 - 2021-08-12 12:00 - 000000032 _____ () C:\Users\josef.tomek\AppData\Roaming\.machineId
2021-02-07 19:53 - 2021-02-07 19:53 - 000000064 _____ () C:\Users\josef.tomek\AppData\Roaming\changzhi_leidian.data
2020-10-17 22:41 - 2020-10-28 19:35 - 000004665 _____ () C:\Users\josef.tomek\AppData\Roaming\VoiceMeeterDefault.xml
2021-02-03 12:26 - 2021-02-03 12:26 - 000002004 _____ () C:\Users\josef.tomek\AppData\Local\recently-used.xbel
2020-02-13 20:05 - 2020-02-13 20:05 - 000000017 _____ () C:\Users\josef.tomek\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================









Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-08-2021
Ran by josef.tomek (13-08-2021 12:17:16)
Running from D:\Downloads
Windows 10 Pro Version 21H1 19043.1110 (X64) (2020-10-30 23:50:58)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Admin (S-1-5-21-2317344584-338335979-3697871285-1001 - Administrator - Disabled) => C:\Users\Admin
Administrator (S-1-5-21-2317344584-338335979-3697871285-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2317344584-338335979-3697871285-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2317344584-338335979-3697871285-1000 - Limited - Disabled)
Guest (S-1-5-21-2317344584-338335979-3697871285-501 - Limited - Disabled)
josef.tomek (S-1-5-21-2317344584-338335979-3697871285-1002 - Administrator - Enabled) => C:\Users\josef.tomek
WDAGUtilityAccount (S-1-5-21-2317344584-338335979-3697871285-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"Assassin's Creed IV - Black Flag" (HKLM-x32\...\{959CF39B-F3FA-4A80-AECF-8AF6BA639276}_is1) (Version: 1.02.0.0 - )
CCleaner (HKLM\...\CCleaner) (Version: 5.83 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 92.0.11264.134 - Autoři prohlížeče CCleaner Browser)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
GitGut.ai (HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\b32e79ee6fc1dfdf) (Version: 0.9.0.30 - Sage.gg s.r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.131 - Google LLC)
IIS 10.0 Express (HKLM\...\{2B8326B6-4202-4239-B9A9-F3EC8812E82D}) (Version: 10.0.03917 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) Hidden
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Hidden
Java 8 Update 291 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
League of Legends (HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Malwarebytes version 4.4.4.126 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.4.126 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.73 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2317344584-338335979-3697871285-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2317344584-338335979-3697871285-500\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{9097BF1A-13A0-4A4A-A1F8-473E2A669863}) (Version: 13.1.4001.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Teams) (Version: 1.4.00.11161 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.26.28720 (HKLM-x32\...\{86380aef-fd23-4fc3-8723-a98ccad8f2c6}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NVIDIA GeForce Experience 3.15.0.164 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.164 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 457.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.30 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Opera Stable 77.0.4054.277 (HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Opera 77.0.4054.277) (Version: 77.0.4054.277 - Opera Software)
Rayman 2: The Great Escape GOG Edition (HKLM\...\{0e82bf4c-b906-4635-a97e-6a9740686b33}.sdb) (Version: - )
Rayman 3 1.0 (HKLM-x32\...\Rayman 3_is1) (Version: - )
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Spotify (HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Spotify) (Version: 1.1.65.643.g2d707698 - Spotify AB)
Stronghold Crusader (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: - )
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
Uložit do služby Autodesk Web and Mobile (HKLM\...\{A9005AC0-4AD8-4E84-B1F7-EE38BB6BCC2D}) (Version: 3.0.26 - Autodesk)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
VALORANT (HKU\S-1-5-21-2317344584-338335979-3697871285-1002\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
WinRAR 5.11 beta 1 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.1 - win.rar GmbH)
XTREME GAMING ENGINE (HKLM-x32\...\GIGABYTE XTREME GAMING ENGINE_is1) (Version: 1.2.5.1 - GIGABYTE Technology Co.,Inc.)

Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.9.253.0_x64__rz1tebttyb220 [2021-08-12] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-03-10] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Rozšíření pro video HEVC -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_1.0.41531.0_x64__8wekyb3d8bbwe [2021-06-20] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2317344584-338335979-3697871285-1002_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\josef.tomek\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21063.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2014-08-06] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2014-08-06] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-08-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-08-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2014-08-06] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2014-08-06] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [484]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2317344584-338335979-3697871285-1002\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\ssv.dll [2021-04-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-04-27] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2018-04-12 01:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\
HKU\S-1-5-21-2317344584-338335979-3697871285-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2317344584-338335979-3697871285-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\josef.tomek\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\b22c96d8ee01f9e5bd7304cb2509393d.jpeg
HKU\S-1-5-21-2317344584-338335979-3697871285-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-2317344584-338335979-3697871285-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{62F9457B-9E9E-492D-9CFC-23D147C4AC85}] => (Allow) C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplms.exe (Thales DIS CPL USA, Inc. -> Thales Group)
FirewallRules: [{31BBB547-9B06-4452-8858-8844490BAE1B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FB3BEF0D-0A41-4188-B926-4956FC73AFF8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B89BFC93-6B40-4D9C-9D68-0B209DC15B9A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9A9E17D2-F27C-4F0E-B854-95C93BB77ACC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [UDP Query User{336E8066-CE45-485F-B367-A0AA8918851E}C:\program files\jetbrains\pycharm community edition 2020.2.1\bin\pycharm64.exe] => (Allow) C:\program files\jetbrains\pycharm community edition 2020.2.1\bin\pycharm64.exe => No File
FirewallRules: [TCP Query User{EF9D3B5A-6419-4772-9147-325CAE791F95}C:\program files\jetbrains\pycharm community edition 2020.2.1\bin\pycharm64.exe] => (Allow) C:\program files\jetbrains\pycharm community edition 2020.2.1\bin\pycharm64.exe => No File
FirewallRules: [UDP Query User{75C60632-3314-4CE7-B1F3-2492F48A285C}C:\users\josef.tomek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\josef.tomek\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{02CE7997-F4FC-4EB2-82DF-3DCE7A84BB1C}C:\users\josef.tomek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\josef.tomek\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{8ED0C72D-DA75-4F71-A0BE-B6C314A5E7D5}C:\users\josef.tomek\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\josef.tomek\appdata\local\programs\blitz\blitz.exe => No File
FirewallRules: [TCP Query User{C6CC7E72-14F9-4FF4-9FAB-EBAFF08A1725}C:\users\josef.tomek\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\josef.tomek\appdata\local\programs\blitz\blitz.exe => No File
FirewallRules: [{A80FBBD3-43E0-4C4F-92D3-7BDAB4F49B72}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{839B9FCF-AD23-48A3-A23E-D9BC448980E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{14C54888-55E1-43DA-8477-5F22D0A62761}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A627E39A-7FE9-41CE-A14B-07B9F3612BE5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{31B101C3-7CE3-4377-9CE0-F28AED2EFBEF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9C3CE40A-1DBE-42BB-B09E-7EDC65355608}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8D8042BF-A9B1-4F61-AA9E-ACF4B0E76F35}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BFEC4D7F-064A-4058-896E-BD5C1AB848ED}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{EC068911-C8D4-464F-BAD2-E71D6F82F4F2}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{0F258053-7694-491F-ADFE-E650B3FB61F9}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{4A9EE9B7-1A2C-495C-AD61-C56E66E0FEC6}D:\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\steam\steamapps\common\counter-strike global offensive\csgo.exe (Valve -> )
FirewallRules: [UDP Query User{80E3CE13-F48B-4353-925C-164A3949AA60}D:\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\steam\steamapps\common\counter-strike global offensive\csgo.exe (Valve -> )
FirewallRules: [{68D666F4-DEB0-4E16-9AAC-14738AB84BB4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F9A15747-C756-450C-A4B7-89DB14DFE638}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{94EC5158-D328-4FDC-9D28-374B2421ECF8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8416B311-D3EC-450E-B353-F2C6E79D20D1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{9E28572D-B632-4720-ACB4-0B6D6C5B2F48}D:\torrent\utorrent.exe] => (Allow) D:\torrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{33E2BE81-E6FE-4CC2-A255-C87F8A14ADB6}D:\torrent\utorrent.exe] => (Allow) D:\torrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{2A879778-F867-4BC0-871F-FFF1B951693A}D:\torrent\utorrent.exe] => (Allow) D:\torrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{F1158047-D30B-4031-96D5-DCF1A01DB88B}D:\torrent\utorrent.exe] => (Allow) D:\torrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{987319EA-6C5E-43D3-BC01-F33D75CDFC37}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
FirewallRules: [TCP Query User{A16B57FF-81B7-46BD-AE84-D13F46E187D6}D:\games\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{2E11076C-8A4E-4838-AB02-F0506DCDDBE7}D:\games\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{2E1425DC-5F73-4359-8795-5A78F79A9B22}] => (Allow) D:\Steam\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{B7014848-BACC-40C2-AEEA-1DE4388C4F76}] => (Allow) D:\Steam\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{3E488B0D-3DA4-4C1E-8FE1-FCC5503D34D3}] => (Allow) D:\Steam\steamapps\common\HD Poker\HD Poker.exe () [File not signed]
FirewallRules: [{D455BFAC-414B-40AE-A9A5-7A730C69D12A}] => (Allow) D:\Steam\steamapps\common\HD Poker\HD Poker.exe () [File not signed]
FirewallRules: [TCP Query User{E3D1AFF7-6589-4CA9-9FF6-7F24FA21BFCD}C:\users\josef.tomek\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\josef.tomek\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{70EF502A-C7E6-4B5A-9D1A-E879317B5BDA}C:\users\josef.tomek\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\josef.tomek\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{04CE87D9-B189-435A-9C19-375F9EE9C29D}] => (Allow) D:\Steam\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [{03B606CB-4CED-47B8-B53C-D2B7147EA6CA}] => (Allow) D:\Steam\steamapps\common\BloonsTD6\BloonsTD6.exe () [File not signed]
FirewallRules: [TCP Query User{BE267A5F-C7AD-4B7B-A795-E5A6E8B144ED}D:\games\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{2476D8F9-EB1A-424B-B869-DA56DD951899}D:\games\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{DCBC8EE8-5171-4B3A-AB2C-8E18E2E63115}D:\games\stronghold crusader\stronghold crusader.exe] => (Allow) D:\games\stronghold crusader\stronghold crusader.exe () [File not signed]
FirewallRules: [UDP Query User{6E819466-5BBD-4523-81D6-BD9009397D36}D:\games\stronghold crusader\stronghold crusader.exe] => (Allow) D:\games\stronghold crusader\stronghold crusader.exe () [File not signed]
FirewallRules: [TCP Query User{B777C044-E456-44FD-B20F-AA6FCE359A02}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{4CD5681C-C827-4DF1-BA63-5C24F8147CC3}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{581D09F5-6BD0-42C8-87B6-F3F2584C6ADE}D:\games\riot games\riot client\riotclientservices.exe] => (Allow) D:\games\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{81537650-1088-498B-9754-CE7B41A29476}D:\games\riot games\riot client\riotclientservices.exe] => (Allow) D:\games\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{7A39D53C-BA75-4CEE-A62F-67977A33442A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C6A0548F-3D8C-4455-8B7D-2FA0D1B38732}] => (Allow) D:\Games\Assassin's Creed IV - Black Flag\AC4BFSP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{8734A9D8-3FB6-4CF1-B19D-77A68AA7057A}] => (Allow) D:\Games\Assassin's Creed IV - Black Flag\AC4BFSP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{4992BE24-9805-40DE-A7B1-3C86A90D395A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D75931E2-9B0B-44EC-B78B-00AAD0B8C32D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{23FE6ADF-F152-42E8-A9D2-C0CF1215C898}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{061C8263-E018-41A5-9F10-44F23D73C3AC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D7D105F6-445C-4ACE-ACD9-D4641EBD8F32}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.19 GB) (Free:53.24 GB) (48%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/13/2021 12:00:34 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (08/12/2021 10:23:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x6013e0fe
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1110, časové razítko: 0xc830c52d
Kód výjimky: 0xe0434352
Posun chyby: 0x0012b4b2
ID chybujícího procesu: 0xf2c
Čas spuštění chybující aplikace: 0x01d78fb7e600ed90
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: c67b0c2b-3ccc-4b64-81e3-d6837c245e15
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/12/2021 10:23:24 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeUtilsService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na FreemakeUtilsService.Program.Main(System.String[])

Error: (08/12/2021 10:20:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: vgtray.exe, verze: 1.8.1.246, časové razítko: 0x60d2249f
Název chybujícího modulu: vgtray.exe, verze: 1.8.1.246, časové razítko: 0x60d2249f
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000070114
ID chybujícího procesu: 0x1bc0
Čas spuštění chybující aplikace: 0x01d78f60e7ae3c3d
Cesta k chybující aplikaci: C:\Program Files\Riot Vanguard\vgtray.exe
Cesta k chybujícímu modulu: C:\Program Files\Riot Vanguard\vgtray.exe
ID zprávy: 07a41d29-92b1-4a5d-9852-e039f798b4d2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/12/2021 12:03:25 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (08/12/2021 12:00:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Blitz.exe, verze: 1.15.28.466, časové razítko: 0x60fef721
Název chybujícího modulu: blitz_core.node, verze: 0.0.0.0, časové razítko: 0x6113b46f
Kód výjimky: 0xc0000409
Posun chyby: 0x00040dcb
ID chybujícího procesu: 0x1870
Čas spuštění chybující aplikace: 0x01d78f60e8ac06a6
Cesta k chybující aplikaci: C:\Users\josef.tomek\AppData\Local\Programs\Blitz\Blitz.exe
Cesta k chybujícímu modulu: \\?\C:\Users\josef.tomek\AppData\Roaming\Blitz\blitz-deps\1.15.28\blitz_core.node
ID zprávy: 0765b326-dcf0-4b3b-adb5-a6ac20d83684
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/11/2021 11:54:14 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (08/10/2021 11:35:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Blitz.exe, verze: 1.15.27.394, časové razítko: 0x60fef721
Název chybujícího modulu: blitz_core.node, verze: 0.0.0.0, časové razítko: 0x610a1436
Kód výjimky: 0xc0000409
Posun chyby: 0x00040d4b
ID chybujícího procesu: 0x26b4
Čas spuštění chybující aplikace: 0x01d78dc45f11c487
Cesta k chybující aplikaci: C:\Users\josef.tomek\AppData\Local\Programs\Blitz\Blitz.exe
Cesta k chybujícímu modulu: \\?\C:\Users\josef.tomek\AppData\Roaming\Blitz\blitz-deps\1.15.27\blitz_core.node
ID zprávy: 45be91b6-fa52-4a5f-905c-a7572a838f2a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (08/12/2021 10:27:27 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {CECDDD22-2E72-4832-9606-A9B0E5E344B2} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/12/2021 10:23:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (08/12/2021 10:23:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Freemake Improver bylo dosaženo časového limitu (45000 ms).

Error: (08/12/2021 10:11:10 PM) (Source: DCOM) (EventID: 10000) (User: TOMEK-PC)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (08/01/2021 11:37:55 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/01/2021 11:37:55 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/01/2021 11:37:55 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/01/2021 11:37:55 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2021-08-11 12:18:43
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8CB2BCBB-3E9F-47ED-B17B-5284B49A15B4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-10 12:11:52
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {44555551-1835-4D47-B964-63DDC9CDBC8A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-09 12:39:01
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {702228B1-71A3-4475-A809-F6BDD676B928}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-08 14:39:11
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {209EE9E8-31B9-4F14-854E-341223BB8415}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-08-07 15:17:07
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {12DAF0C5-08A0-4CC0-AF3E-8A889BF27D18}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2021-06-23 20:17:53
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Users\josef.tomek\AppData\Local\Programs\Blitz\Blitz.exe) attempted to load \Device\HarddiskVolume1\Overwolf\0.173.0.14\win32\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2021-05-06 10:37:56
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Users\josef.tomek\AppData\Local\Microsoft\Teams\current\Teams.exe) attempted to load \Device\HarddiskVolume1\Overwolf\0.169.0.24\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2021-05-06 09:50:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Users\josef.tomek\AppData\Local\Microsoft\Teams\current\Teams.exe) attempted to load \Device\HarddiskVolume1\Overwolf\0.169.0.22\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2020-11-04 10:41:51
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-11-04 10:41:51
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-11-04 10:41:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\AVG\Antivirus\AVGSvc.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.80 09/13/2017
Motherboard: Micro-Star International Co., Ltd. B350 TOMAHAWK (MS-7A34)
Processor: AMD Ryzen 5 1500X Quad-Core Processor
Percentage of memory in use: 47%
Total physical RAM: 8147.55 MB
Available physical RAM: 4308.42 MB
Total Virtual: 11731.55 MB
Available Virtual: 6334.02 MB

==================== Drives ================================

Drive c: (Windows 10 Pro) (Fixed) (Total:111.19 GB) (Free:53.24 GB) NTFS
Drive d: (HDD) (Fixed) (Total:931.51 GB) (Free:535.67 GB) NTFS

\\?\Volume{b7f65ad0-a3a9-4cd2-8dfc-6d507bc64c65}\ () (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
\\?\Volume{39748896-df0e-43d3-a2b0-a6e90382baec}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15364
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o Preventivku

#7 Příspěvek od JaRon »

citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {B7D2C4E3-BF81-431D-9BAC-CBC35CAD4CBA} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
S3 VBAudioVMVAIOMME; \SystemRoot\System32\drivers\vbaudio_vmvaio64_win10.sys [X]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
FirewallRules: [UDP Query User{8ED0C72D-DA75-4F71-A0BE-B6C314A5E7D5}C:\users\josef.tomek\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\josef.tomek\appdata\local\programs\blitz\blitz.exe => No File
FirewallRules: [TCP Query User{C6CC7E72-14F9-4FF4-9FAB-EBAFF08A1725}C:\users\josef.tomek\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\josef.tomek\appdata\local\programs\blitz\blitz.exe => No File
FirewallRules: [UDP Query User{336E8066-CE45-485F-B367-A0AA8918851E}C:\program files\jetbrains\pycharm community edition 2020.2.1\bin\pycharm64.exe] => (Allow) C:\program files\jetbrains\pycharm community edition 2020.2.1\bin\pycharm64.exe => No File
FirewallRules: [TCP Query User{EF9D3B5A-6419-4772-9147-325CAE791F95}C:\program files\jetbrains\pycharm community edition 2020.2.1\bin\pycharm64.exe] => (Allow) C:\program files\jetbrains\pycharm community edition 2020.2.1\bin\pycharm64.exe => No File
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [484]


EmptyTemp:
Reboot:
End
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

:arrow: Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

:arrow: Restart PC a dejte mi sem fixlog.txt
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

jsktmk
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 12 srp 2021 21:26

Re: Prosím o Preventivku

#8 Příspěvek od jsktmk »

Fixlog.rar
(1.77 KiB) Staženo 46 x

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15364
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o Preventivku

#9 Příspěvek od JaRon »

Vsetko by malo byt OK
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

jsktmk
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 12 srp 2021 21:26

Re: Prosím o Preventivku

#10 Příspěvek od jsktmk »

Ok díky moc <3

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15364
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o Preventivku

#11 Příspěvek od JaRon »

za malo :)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Zamčeno