Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-04-2023
Ran by bende (25-04-2023 20:53:30)
Running from C:\Users\bende\Desktop
Microsoft Windows 10 Pro Version 21H2 19044.2846 (X64) (2022-05-14 08:34:50)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3351349204-3615596092-2007429632-500 - Administrator - Disabled)
bende (S-1-5-21-3351349204-3615596092-2007429632-1001 - Administrator - Enabled) => C:\Users\bende
DefaultAccount (S-1-5-21-3351349204-3615596092-2007429632-503 - Limited - Disabled)
ELISKA (S-1-5-21-3351349204-3615596092-2007429632-1004 - Limited - Enabled) => C:\Users\ELISKA
Guest (S-1-5-21-3351349204-3615596092-2007429632-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3351349204-3615596092-2007429632-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Ashampoo Burning Studio FREE (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.24.12 - Ashampoo GmbH & Co. KG)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 26.0.1.243 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 6.11 - Piriform)
Cyberpunk 2077 (HKLM-x32\...\1423049311_is1) (Version: 1.62_PT_cn_fix - GOG.com)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.0.0.1973 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-3351349204-3615596092-2007429632-1001\...\Discord) (Version: 1.0.9004 - Discord Inc.)
DZSALauncher version 0.0.5.2 (HKLM-x32\...\DZSALauncher_is1) (Version: 0.0.5.2 - Maca134)
Epic Games Launcher (HKLM-x32\...\{FAC47927-1A6A-4C6E-AD7D-E9756794A4BC}) (Version: 1.3.23.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.)
Fraps (HKLM-x32\...\Fraps) (Version: - )
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.62.26 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 112.0.5615.138 - Google LLC)
Java 8 Update 341 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180341F0}) (Version: 8.0.3410.10 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 112.0.1722.58 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 112.0.1722.58 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3351349204-3615596092-2007429632-1004\...\OneDriveSetup.exe) (Version: 23.071.0402.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 112.0.1 (x64 cs)) (Version: 112.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 100.0 - Mozilla)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.39.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.16 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 527.56 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 527.56 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.116.52126 - Electronic Arts, Inc.)
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2) (Version: 1.0.1491.17 - Rockstar Games)
REDlauncher (HKU\S-1-5-21-3351349204-3615596092-2007429632-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.70.1389 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.6.7 - Rockstar Games)
StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries GG 36.0.0 (HKLM\...\SteelSeries GG) (Version: 36.0.0 - SteelSeries ApS)
TeamSpeak 3 Client (HKU\S-1-5-21-3351349204-3615596092-2007429632-1001\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 133.0.10702 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{D7B591D8-1091-4A00-A0B3-5301C45E5D51}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.90 - Winamp SA)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Packages:
=========
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-12] (NVIDIA Corp.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2022-06-18] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2022-06-18] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\nvshext.dll [2022-12-06] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2019-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2019-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\ssv.dll [2022-09-28] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\jp2ssv.dll [2022-09-28] (Oracle America, Inc. -> Oracle Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-3351349204-3615596092-2007429632-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\bende\Desktop\High_resolution_wallpaper_background_ID_77701205834-optimized.jpg
HKU\S-1-5-21-3351349204-3615596092-2007429632-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\ELISKA\Pictures\10847308.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3351349204-3615596092-2007429632-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3351349204-3615596092-2007429632-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3351349204-3615596092-2007429632-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_490520D2F1F4F545C5903DA4B47847C4"
HKU\S-1-5-21-3351349204-3615596092-2007429632-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3351349204-3615596092-2007429632-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3351349204-3615596092-2007429632-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3351349204-3615596092-2007429632-1001\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-3351349204-3615596092-2007429632-1004\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{FF4BCED8-641B-4676-AF06-77DA6905EA81}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2EFCF2A0-8DB6-4D2A-A42A-D9156470FDF1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B428FCEE-0023-4C89-8992-5613569F2768}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{5E9F939D-0007-4C73-9717-8DA95071A0A0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B784E905-9809-4106-8A15-7B46FDE5E1F7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{926CDE0D-A224-47BE-9233-A5DA2024E1C8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1ABDA98F-FEB5-44E0-AAD1-77C09459716B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{735180CB-1F59-42F4-9ABC-D3E95E3F10B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{129AAB87-1263-461C-9731-E220EEF27A86}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{940B00E5-B155-4C9A-A836-0B44F4FCBD25}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{E82AECAB-812C-41C1-B2B3-BA0ED56220FE}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{8A0B88F5-CABB-4012-AFA5-2876EB691EC4}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{B670DF49-78EE-47FB-B617-78E4D3DAAF83}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\eac_wt_mlauncher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{970C9FDB-838B-4F6C-93C9-C1FEBA51FD82}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\eac_wt_mlauncher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{DC2E7B81-DCD9-4E60-ADA2-E838270BCF1D}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [{3F535EC5-967C-4B51-A198-CD2069A782E3}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [TCP Query User{C55F8DD6-1FDD-4EB9-BF6D-CD70D8F469D2}D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe (Gaijin Network Ltd -> Gaijin Entertainment)
FirewallRules: [UDP Query User{D7EE9727-DC08-4C6F-AAB0-49DA35048B9D}D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe (Gaijin Network Ltd -> Gaijin Entertainment)
FirewallRules: [TCP Query User{90F94129-1D5F-4750-8738-E90E36D15C99}D:\hry\gog\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\hry\gog\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{7FB616FF-6A7F-4A5E-9ECE-0A3A1F6F47E6}D:\hry\gog\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\hry\gog\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{5AA1BC5F-E75D-4106-9EFB-79E1EFA7F6BC}] => (Allow) D:\SteamLibrary\steamapps\common\DayZ\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{C0C6453E-FCF5-4E63-942E-9AC19A1C1AE6}] => (Allow) D:\SteamLibrary\steamapps\common\DayZ\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{F0B06053-ACCD-43FD-B8CB-44D34B2013FB}] => (Allow) D:\SteamLibrary\steamapps\common\DayZ\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [{987F07F9-5359-4CDF-82AD-1293C82C9D87}] => (Allow) D:\SteamLibrary\steamapps\common\DayZ\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [TCP Query User{ADD07F28-B1E6-4C82-BCC6-F0A530032E3B}D:\steamlibrary\steamapps\common\dayz\dayz_x64.exe] => (Allow) D:\steamlibrary\steamapps\common\dayz\dayz_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [UDP Query User{37D849EC-A2AE-4339-AAD5-89D286599A64}D:\steamlibrary\steamapps\common\dayz\dayz_x64.exe] => (Allow) D:\steamlibrary\steamapps\common\dayz\dayz_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{321FDF87-97AD-460A-919C-6D33930D1618}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{65C90894-99B4-4F0C-B896-02B6A4FE3874}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [TCP Query User{703632EB-052B-45BC-9878-68E63429659E}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{A64A2C2C-B441-4472-8902-B44B7D7AA353}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1FDE314A-39CB-4E07-B5DE-12DC1E3DAF9F}] => (Allow) D:\SteamLibrary\steamapps\common\The Witcher 3\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{C2F4A00E-DA57-466D-A13C-8033DC91F6C7}] => (Allow) D:\SteamLibrary\steamapps\common\The Witcher 3\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [TCP Query User{57414F11-6B98-473A-9854-69C7E00FF468}D:\hry\rdr2\red dead redemption 2\rdr2.exe] => (Allow) D:\hry\rdr2\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{99D81BCD-DC72-4A9B-BF59-DEA1FE8604A7}D:\hry\rdr2\red dead redemption 2\rdr2.exe] => (Allow) D:\hry\rdr2\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{144E0345-7874-4C9B-8C4C-EE89A54004FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{5AF0D0BA-802C-4185-B75E-337D3B45F7CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{42F11B79-E61D-4BF9-A112-40F264701A4E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{541572B9-28E1-4A9A-A7F0-3BD3B6FDD7D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{EC5384E2-9ACB-4EF8-B2FE-C4B8B9B041D0}] => (Allow) D:\SteamLibrary\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [File not signed]
FirewallRules: [{8F9BF7B2-F54D-4460-A29B-FFE7BEEA2CF2}] => (Allow) D:\SteamLibrary\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [File not signed]
FirewallRules: [{BFF05BB2-F586-4B53-913F-1521292B9B04}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F4AAF765-355C-44B6-916B-BAAB789BAC28}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.58\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3C9A20F6-9D48-4DA4-861E-86618D863D7C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{6F66D20C-BFF0-4C4F-BA4C-1B770ACA559F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{D6FE4A7D-38A9-4932-B36A-552FDB4FC839}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{AF0C64D6-CD30-4846-87DE-7AD5E74BC5FB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
==================== Restore Points =========================
13-04-2023 10:43:03 Naplánovaný kontrolní bod
13-04-2023 22:18:24 Instalační služba modulů systému Windows
13-04-2023 22:19:54 Instalační služba modulů systému Windows
22-04-2023 10:25:28 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: ========================
Application errors:
==================
Error: (04/25/2023 08:28:26 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_SNOOZED došlo k chybě.
Error: (04/25/2023 08:03:41 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 3212, identifikátor PID ProfSvc: 1244.
Error: (04/25/2023 08:03:41 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 6008, identifikátor PID ProfSvc: 1244.
Error: (04/25/2023 08:03:41 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe, identifikátor PID: 3228, identifikátor PID ProfSvc: 1244.
Error: (04/23/2023 04:14:58 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (04/16/2023 05:42:09 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (04/16/2023 05:18:34 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 3368, identifikátor PID ProfSvc: 1416.
Error: (04/16/2023 05:18:34 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 3388, identifikátor PID ProfSvc: 1416.
System errors:
=============
Error: (04/25/2023 10:21:30 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-9127NAV)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/15/2023 08:29:24 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 87 při pokusu o spuštění služby GamingServices s argumenty Není k dispozici za účelem spuštění serveru:
{3E8C9ABE-9226-4609-BF5B-60288A391DEE}
Error: (04/15/2023 08:29:24 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 87 při pokusu o spuštění služby GamingServices s argumenty Není k dispozici za účelem spuštění serveru:
{3E8C9ABE-9226-4609-BF5B-60288A391DEE}
Error: (04/13/2023 11:30:30 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (04/13/2023 11:30:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Update neuspěla při spuštění v důsledku následující chyby:
Probíhá vypnutí systému.
Error: (04/12/2023 08:50:05 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error: (04/12/2023 12:20:33 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-9127NAV)
Description: Služba DCOM zjistila chybu 1053 při pokusu o spuštění služby BcastDVRUserService_38271286 s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Media.Capture.Internal.AppCaptureShell
Error: (04/12/2023 12:20:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Uživatelská služba pro GameDVR a vysílání her_38271286 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Windows Defender:
================
Date: 2023-04-23 16:05:33
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {87431E53-AE0D-4660-9F60-91D408C3F404}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-04-22 09:49:28
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C520368D-FFFC-49D7-87C4-41D09B171DD7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-04-16 17:40:29
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7EDF85FF-CEFB-458D-AA87-1A2B74C85008}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-04-15 20:41:26
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3755CD7B-BF56-4225-99D8-BA75772E03D8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-04-13 12:49:23
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C22E1573-3EF9-4B9F-857C-F78F035AA0C7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2023-03-07 15:58:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2022-12-15 14:56:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume6\Program Files\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.
Date: 2022-12-15 14:56:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume6\Program Files\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. B.A0 04/24/2017
Motherboard: MSI B150 GAMING M3 (MS-7978)
Processor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
Percentage of memory in use: 25%
Total physical RAM: 16331.71 MB
Available physical RAM: 12131.1 MB
Total Virtual: 19659.71 MB
Available Virtual: 14242.91 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.28 GB) (Free:40.03 GB) (Model: Samsung SSD 850 EVO 120GB) NTFS
Drive d: () (Fixed) (Total:930.94 GB) (Free:561.42 GB) (Model: ST1000DM003-1SB10C) NTFS
\\?\Volume{429f7a68-88cb-42b2-a0b1-20cbf69d3e7e}\ () (Fixed) (Total:0 GB) (Free:0 GB)
\\?\Volume{259a2494-d035-4037-81de-20e87953470a}\ () (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{5c02a6c1-3429-4adb-b92b-8db57fca97c9}\ () (Fixed) (Total:0.5 GB) (Free:0.1 GB) NTFS
\\?\Volume{1bb05a06-508f-44ea-ba1f-afdeaea343c7}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Size: 111.8 GB) (Disk ID: E34A21F3)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Ahoj prosím kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Ahoj prosím kontrolu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-04-2023
Ran by bende (administrator) on DESKTOP-9127NAV (MSI MS-7978) (25-04-2023 20:52:17)
Running from C:\Users\bende\Desktop\FRST64.exe
Loaded Profiles: bende
Platform: Microsoft Windows 10 Pro Version 21H2 19044.2846 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\prism\SteelSeriesPrism.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCopyAccelerator.exe
(explorer.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.GamingServices_11.76.5001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.GamingServices_11.76.5001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [13129552 2023-04-17] (SteelSeries ApS -> SteelSeries ApS)
HKLM\...\Run: [CL-26-D5F12AA9-6B82-40C4-9FC2-656C2CC72701] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-26-D5F12AA9-6B82-40C4-9FC2-656C2CC72701\setuplauncher.exe" /run:Installer.exe /args:"/setup-folder:"CL-26-D5F12AA9-6B82-40C4-9FC2-656C2CC (the data entry has 7 more characters). (No File)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328 2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3351349204-3615596092-2007429632-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40412472 2023-04-17] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3351349204-3615596092-2007429632-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4362600 2023-03-24] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3351349204-3615596092-2007429632-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37103568 2023-04-24] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3351349204-3615596092-2007429632-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [480712 2022-06-18] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3351349204-3615596092-2007429632-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3351349204-3615596092-2007429632-1001\...\Run: [MicrosoftEdgeAutoLaunch_490520D2F1F4F545C5903DA4B47847C4] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4139968 2023-04-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3351349204-3615596092-2007429632-1004\...\MountPoints2: {331b4d2f-e3c9-11ec-88a8-d8cb8ac4ab15} - "F:\Setup.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\112.0.5615.138\Installer\chrmstp.exe [2023-04-22] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03C94316-E42A-4C62-B06B-8C18CD525327} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {2C2CEBEA-0C9B-45FA-BF6A-1CB70D5ADDB5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-04-17] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {437C204E-6985-411A-B3E2-342708EE8EA7} - System32\Tasks\CCleanerSkipUAC - bende => C:\Program Files\CCleaner\CCleaner.exe [34159416 2023-04-17] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {473DA945-F72E-4778-9569-14C0EC291B8D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {4E07E63C-B9EC-4863-91B3-09E667C3302D} - System32\Tasks\GoogleUpdateTaskMachineCore{616FB022-25B4-4A9C-9EB3-29027F950068} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-07-11] (Google LLC -> Google LLC)
Task: {55FD246E-D4F2-474D-B8EF-82AE4540533D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {57CC6BB5-833C-48CE-99CB-0C7F7F39F7F3} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5EAADFBB-72BA-4916-87A7-86559D32ABA8} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {5F813260-EE90-4EE6-AF1E-E37A153F2538} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718752 2023-04-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {60A24EED-B223-4CE9-BA05-8C0285CC42A2} - System32\Tasks\GoogleUpdateTaskMachineUA{FB87FA58-1013-44F8-9D54-C40E731D3F94} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-07-11] (Google LLC -> Google LLC)
Task: {9A7D5DF8-FF4A-44CC-A208-ECE7F82D8892} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9E65151E-B09B-4172-AECF-C0B4ACB2490E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A1C417E9-C4E0-4ACE-9328-320E814979C0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C1A59B0E-099E-49B8-B310-19F4A731F928} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3351349204-3615596092-2007429632-1004 => C:\Users\bende\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {C1CCEB04-D0E4-4165-AF7C-13F94CC26A2C} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3351349204-3615596092-2007429632-1001 => C:\Users\bende\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {C74BB016-BC87-40A4-9D67-417A365CF38B} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C97C3256-C5CA-4B07-97D0-5DBE1DE9DE34} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-04-18] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {CB792A36-50EB-4806-A1EF-F93A50FD289C} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-04-17] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "d8ea153e-213a-40c0-be4b-ec009263d411" --version "6.11.10435" --silent
Task: {CF2582C9-C37C-4F6C-B3EB-E22E67298CC0} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3351349204-3615596092-2007429632-1004 => C:\Users\bende\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {D8CFFC83-8674-4B43-B636-66B1064CABF1} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E9B4B81A-FF25-4763-B684-C63D339B1AEA} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\26.0.1.243\WatchDog.exe [933928 2023-04-07] (Bitdefender SRL -> Bitdefender)
Task: {FD016183-0E72-4BFB-872F-4BF2A1CF1DFF} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3351349204-3615596092-2007429632-1001 => C:\Users\bende\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d87dc5e5-66b6-472f-ac18-1ab512b8dd4b}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\bende\AppData\Local\Microsoft\Edge\User Data\Default [2023-04-23]
Edge Extension: (Edge relevant text changes) - C:\Users\bende\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-16]
FireFox:
========
FF DefaultProfile: 8wxbvps6.default
FF ProfilePath: C:\Users\bende\AppData\Roaming\Mozilla\Firefox\Profiles\8wxbvps6.default [2023-04-25]
FF ProfilePath: C:\Users\bende\AppData\Roaming\Mozilla\Firefox\Profiles\eg74b3xp.default-release-1681748771198 [2023-04-25]
FF DownloadDir: D:\Stazeno
FF Session Restore: Mozilla\Firefox\Profiles\eg74b3xp.default-release-1681748771198 -> is enabled.
FF Extension: (To Google Translate) - C:\Users\bende\AppData\Roaming\Mozilla\Firefox\Profiles\eg74b3xp.default-release-1681748771198\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2023-04-18]
FF Extension: (uBlock Origin) - C:\Users\bende\AppData\Roaming\Mozilla\Firefox\Profiles\eg74b3xp.default-release-1681748771198\Extensions\uBlock0@raymondhill.net.xpi [2023-04-18]
FF Plugin-x32: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2022-09-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2022-09-28] (Oracle America, Inc. -> Oracle Corporation)
Chrome:
=======
CHR Profile: C:\Users\bende\AppData\Local\Google\Chrome\User Data\Default [2023-04-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\bende\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\bende\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-11]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2457128 2022-02-10] (Bitdefender SRL -> Bitdefender)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8736880 2021-01-17] (BattlEye Innovations e.K. -> )
S2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1063736 2023-04-17] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4959176 2022-06-18] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2023-01-08] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-11-18] (EasyAntiCheat Oy -> Epic Games, Inc.)
S4 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-12-09] (Epic Games Inc. -> Epic Games, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2348000 2023-04-15] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7178720 2023-04-15] (GOG sp. z o.o -> GOG.com)
R2 GamingServices; C:\Program Files\WindowsApps\Microsoft.GamingServices_11.76.5001.0_x64__8wekyb3d8bbwe\GamingServices.exe [75256 2023-04-15] (Microsoft Corporation -> )
R2 GamingServicesNet; C:\Program Files\WindowsApps\Microsoft.GamingServices_11.76.5001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe [75256 2023-04-15] (Microsoft Corporation -> )
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579264 2022-11-16] (Electronic Arts, Inc. -> Electronic Arts)
S4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497800 2022-11-16] (Electronic Arts, Inc. -> Electronic Arts)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [645672 2023-04-07] (Bitdefender SRL -> Bitdefender)
S4 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2196464 2023-03-05] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [285088 2023-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe [35152 2023-04-17] (SteelSeries ApS -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\NisSrv.exe [3228400 2023-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe [133536 2023-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [42256 2021-02-11] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [63696 2022-06-18] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 HidHide; C:\Windows\System32\drivers\HidHide.sys [61408 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
R3 int0800; C:\Windows\System32\drivers\flashud.sys [62984 2019-08-28] (Intel Corporation -> Intel Corporation)
R3 MpKsl8e9a73fa; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{06181BF2-A6D1-4B05-8BC7-B2EFBC9037D6}\MpKslDrv.sys [211208 2023-04-25] (Microsoft Windows -> Microsoft Corporation)
R0 MsSecCore; C:\Windows\System32\drivers\msseccore.sys [26480 2023-04-13] (Microsoft Windows -> Microsoft Corporation)
S3 MsSecWfp; C:\Windows\System32\drivers\mssecwfp.sys [29568 2023-04-13] (Microsoft Windows -> Microsoft Corporation)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R3 SmbIch; C:\Windows\System32\drivers\SmbIch.sys [30248 2020-11-17] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [42912 2022-07-06] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 sshid; C:\Windows\System32\drivers\sshid.sys [44456 2023-03-13] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 SteelSeries_Sonar_VAD; C:\Windows\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_da15ab44a6216a8e\SteelSeries-Sonar-VAD.sys [95440 2023-03-17] (SteelSeries ApS -> Windows (R) Win 7 DDK provider)
R1 ViGEmBus; C:\Windows\System32\drivers\ViGEmBus.sys [165744 2020-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49600 2023-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [497920 2023-04-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99608 2023-04-12] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-04-25 20:52 - 2023-04-25 20:52 - 000021320 _____ C:\Users\bende\Desktop\FRST.txt
2023-04-25 20:52 - 2023-04-25 20:52 - 000000000 ____D C:\FRST
2023-04-25 20:50 - 2023-04-25 20:50 - 002382336 _____ (Farbar) C:\Users\bende\Desktop\FRST64.exe
2023-04-25 20:43 - 2023-04-25 20:43 - 000429532 _____ C:\ProgramData\cl.uninstall.1682448136.bdinstall.v2.bin
2023-04-25 20:38 - 2023-04-25 20:38 - 000000000 ____D C:\Users\ELISKA\AppData\Roaming\Bitdefender
2023-04-25 20:29 - 2023-04-25 20:29 - 000633316 _____ C:\ProgramData\cl.1682447249.bdinstall.v2.bin
2023-04-25 20:29 - 2023-04-25 20:29 - 000113804 _____ C:\ProgramData\cl.kit.1682447248.bdinstall.v2.bin
2023-04-25 20:29 - 2023-04-25 20:29 - 000000000 ____D C:\Users\ELISKA\AppData\Local\Bitdefender
2023-04-25 20:29 - 2023-04-25 20:29 - 000000000 ____D C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
2023-04-25 20:28 - 2023-04-25 20:28 - 000003846 _____ C:\Windows\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2023-04-25 20:28 - 2023-04-25 20:28 - 000000000 ____D C:\Windows\system32\elambkup
2023-04-25 20:28 - 2023-04-25 20:28 - 000000000 ____D C:\ProgramData\Gemma
2023-04-25 20:28 - 2023-04-25 20:28 - 000000000 ____D C:\ProgramData\BDLogging
2023-04-25 20:28 - 2023-04-25 20:28 - 000000000 ____D C:\ProgramData\Atc
2023-04-25 20:26 - 2023-04-25 20:26 - 000158092 _____ C:\ProgramData\agent.1682447210.bdinstall.v2.bin
2023-04-25 20:26 - 2023-04-25 20:26 - 000000000 ____D C:\Users\bende\AppData\Local\Bitdefender
2023-04-25 20:26 - 2023-04-25 20:26 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2023-04-25 20:26 - 2023-04-25 20:26 - 000000000 ____D C:\Program Files\Bitdefender Agent
2023-04-25 20:24 - 2023-04-25 20:24 - 000001554 _____ C:\Users\bende\Desktop\DTShellHlp – zástupce.lnk
2023-04-25 20:24 - 2023-04-25 20:24 - 000001459 _____ C:\Users\bende\Desktop\Origin – zástupce.lnk
2023-04-25 20:19 - 2023-04-25 20:19 - 000001404 _____ C:\Users\bende\Desktop\Ashampoo Burning Studio FREE.lnk
2023-04-25 20:19 - 2023-04-25 20:19 - 000001281 _____ C:\Users\bende\Desktop\aTube Catcher.lnk
2023-04-25 20:19 - 2023-04-25 20:19 - 000000996 _____ C:\Users\bende\Desktop\Steam.lnk
2023-04-25 20:18 - 2023-04-25 20:18 - 000001270 _____ C:\Users\bende\Desktop\Epic Games Launcher.lnk
2023-04-25 20:18 - 2023-04-25 20:18 - 000000886 _____ C:\Users\bende\Desktop\Battle.net.lnk
2023-04-25 08:04 - 2023-04-25 20:16 - 000000000 ____D C:\Users\ELISKA\Desktop\Nová složka
2023-04-25 08:04 - 2023-04-25 08:04 - 000000351 _____ C:\Users\ELISKA\Desktop\Koš – zástupce.lnk
2023-04-18 16:38 - 2023-04-18 16:38 - 000000000 ____D C:\Users\bende\Documents\Command and Conquer 3 Tiberium Wars
2023-04-18 16:35 - 2023-04-18 16:36 - 000000000 ____D C:\Users\bende\AppData\Roaming\Command and Conquer 3 Tiberium Wars
2023-04-18 15:58 - 2023-04-25 20:42 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-04-17 18:26 - 2023-04-17 18:26 - 000000000 ____D C:\Users\bende\Desktop\Původní data aplikace Firefox
2023-04-17 15:37 - 2023-04-17 15:37 - 000597797 _____ C:\Users\bende\Documents\new-document.pdf
2023-04-16 09:25 - 2008-08-18 19:18 - 000077824 _____ (Fox Magic Software) C:\Windows\SysWOW64\fmcodec.DLL
2023-04-15 21:35 - 2023-04-15 21:35 - 000000000 ____D C:\Users\bende\Documents\StarCraft
2023-04-15 21:35 - 2023-04-15 21:35 - 000000000 ____D C:\Users\bende\AppData\Roaming\Blizzard
2023-04-15 21:34 - 2023-04-15 21:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft
2023-04-15 21:31 - 2023-04-15 21:31 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2023-04-15 21:30 - 2023-04-16 01:17 - 000000000 ____D C:\Users\bende\AppData\Local\Battle.net
2023-04-15 21:30 - 2023-04-15 21:31 - 000000000 ____D C:\Users\bende\AppData\Roaming\Battle.net
2023-04-15 21:30 - 2023-04-15 21:31 - 000000000 ____D C:\Program Files (x86)\Battle.net
2023-04-15 21:30 - 2023-04-15 21:30 - 000000940 _____ C:\Users\ELISKA\Desktop\Battle.net.lnk
2023-04-15 21:30 - 2023-04-15 21:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2023-04-15 21:29 - 2023-04-15 21:35 - 000000000 ____D C:\Users\bende\AppData\Local\Blizzard Entertainment
2023-04-15 21:29 - 2023-04-15 21:29 - 000000000 ____D C:\ProgramData\Battle.net
2023-04-13 23:29 - 2023-04-13 23:29 - 000000000 ____D C:\Windows\system32\Drivers\mde
2023-04-13 22:18 - 2023-04-13 22:18 - 000000000 ___HD C:\$WinREAgent
2023-04-07 23:34 - 2023-04-07 23:35 - 000000000 ____D C:\Users\bende\AppData\Roaming\IO Interactive
2023-04-04 15:53 - 2023-04-04 15:53 - 000000000 ____D C:\Users\bende\AppData\Roaming\HelloGames
2023-04-02 08:20 - 2023-04-02 08:20 - 000000000 ____D C:\Users\bende\AppData\Roaming\EasyAntiCheat
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-04-25 20:50 - 2022-05-14 10:38 - 001693136 _____ C:\Windows\system32\PerfStringBackup.INI
2023-04-25 20:50 - 2019-12-07 16:43 - 000716726 _____ C:\Windows\system32\perfh005.dat
2023-04-25 20:50 - 2019-12-07 16:43 - 000144904 _____ C:\Windows\system32\perfc005.dat
2023-04-25 20:50 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-04-25 20:45 - 2022-07-11 19:38 - 000000000 ____D C:\Program Files (x86)\Google
2023-04-25 20:44 - 2022-09-29 19:59 - 000003476 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-04-25 20:44 - 2022-09-29 19:59 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-04-25 20:44 - 2022-05-14 11:44 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-04-25 20:44 - 2022-05-14 11:44 - 000000000 ____D C:\Program Files\CCleaner
2023-04-25 20:44 - 2022-05-14 11:36 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-04-25 20:43 - 2022-05-14 10:32 - 000008192 ___SH C:\DumpStack.log.tmp
2023-04-25 20:43 - 2022-05-14 10:32 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-04-25 20:43 - 2022-05-14 10:32 - 000000000 ____D C:\ProgramData\NVIDIA
2023-04-25 20:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-04-25 20:43 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-25 20:43 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2023-04-25 20:42 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2023-04-25 10:21 - 2022-09-28 13:34 - 000000000 ____D C:\Users\ELISKA\AppData\Roaming\.minecraft
2023-04-25 08:06 - 2022-09-28 13:37 - 000000000 ____D C:\Users\ELISKA\AppData\Local\D3DSCache
2023-04-25 08:03 - 2022-07-11 19:38 - 000003844 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{FB87FA58-1013-44F8-9D54-C40E731D3F94}
2023-04-25 08:03 - 2022-07-11 19:38 - 000003720 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{616FB022-25B4-4A9C-9EB3-29027F950068}
2023-04-25 08:03 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-24 22:43 - 2022-05-14 10:32 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-04-23 16:20 - 2022-05-14 11:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-04-23 15:15 - 2022-09-28 13:37 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-04-22 07:41 - 2022-09-28 13:28 - 000003382 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3351349204-3615596092-2007429632-1004
2023-04-22 07:41 - 2022-09-28 13:28 - 000002384 _____ C:\Users\ELISKA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-04-22 07:31 - 2022-05-14 11:35 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-04-22 07:29 - 2022-07-11 19:38 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-04-22 07:29 - 2022-07-11 19:38 - 000002206 _____ C:\Users\ELISKA\Desktop\Google Chrome.lnk
2023-04-17 18:26 - 2022-05-14 11:35 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-04-17 18:19 - 2022-05-14 11:50 - 000000000 ____D C:\Program Files (x86)\Steam
2023-04-17 15:38 - 2022-05-27 21:21 - 000000000 ____D C:\Users\bende\Documents\My Games
2023-04-17 15:37 - 2022-05-21 22:29 - 000000000 ____D C:\Users\bende\Documents\Rockstar Games
2023-04-16 18:36 - 2022-05-14 18:05 - 000000000 ____D C:\Users\bende\AppData\Roaming\discord
2023-04-16 18:23 - 2022-05-14 18:24 - 000000000 ____D C:\Users\bende\AppData\Local\Discord
2023-04-16 09:27 - 2022-08-09 09:05 - 000000000 ____D C:\ProgramData\Ashampoo
2023-04-16 09:25 - 2022-08-06 12:57 - 000001263 _____ C:\Users\ELISKA\Desktop\aTube Catcher.lnk
2023-04-16 09:25 - 2022-08-06 12:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2023-04-16 08:53 - 2022-05-14 11:35 - 000000000 ____D C:\Users\bende\AppData\Local\D3DSCache
2023-04-16 01:17 - 2023-03-15 23:37 - 000000000 ____D C:\Users\bende\Desktop\Hry
2023-04-15 22:06 - 2022-07-18 09:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyberpunk 2077 [GOG.com]
2023-04-15 21:33 - 2022-07-18 08:52 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2023-04-15 20:29 - 2022-10-25 20:38 - 000079352 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2023-04-15 20:29 - 2022-10-25 20:38 - 000062968 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2023-04-15 20:29 - 2022-09-28 10:53 - 002790904 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2023-04-15 20:29 - 2022-09-28 10:53 - 000484856 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2023-04-15 20:29 - 2022-09-28 10:53 - 000247248 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll
2023-04-15 20:29 - 2022-09-28 10:53 - 000202232 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2023-04-15 20:29 - 2022-09-28 10:53 - 000165368 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2023-04-15 20:29 - 2022-09-28 10:53 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2023-04-14 22:34 - 2022-09-28 13:29 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3351349204-3615596092-2007429632-1004
2023-04-13 23:30 - 2022-05-14 10:32 - 000267672 _____ C:\Windows\system32\FNTCACHE.DAT
2023-04-13 23:29 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-04-13 23:29 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-04-13 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-04-13 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-04-13 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-04-13 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-04-13 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2023-04-13 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX
2023-04-13 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2023-04-13 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2023-04-13 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-04-13 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-04-13 22:28 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-04-13 22:25 - 2022-05-14 10:36 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-04-13 22:18 - 2022-05-18 18:37 - 000000000 ____D C:\Windows\system32\MRT
2023-04-13 22:16 - 2022-05-18 18:37 - 156112424 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-04-12 12:37 - 2022-05-14 10:32 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-04-11 22:01 - 2022-05-14 11:36 - 000000000 ____D C:\Users\bende\AppData\LocalLow\Mozilla
2023-04-10 21:52 - 2022-08-16 21:37 - 000000000 ____D C:\Users\bende\AppData\Roaming\steelseries-gg-client
2023-04-08 10:14 - 2022-05-18 23:03 - 000000000 ____D C:\Users\bende\AppData\Local\CrashDumps
2023-04-06 20:38 - 2022-05-14 18:05 - 000002231 _____ C:\Users\bende\Desktop\Discord.lnk
2023-04-05 13:28 - 2022-09-28 10:53 - 000003716 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{65134AD8-A000-4774-8083-F6B7B14D5907}
2023-04-05 13:28 - 2022-09-28 10:53 - 000003592 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{5768A352-004E-4C98-B5CD-9B96C2DC5514}
2023-04-02 09:26 - 2022-09-28 13:23 - 000000000 ____D C:\Users\ELISKA\AppData\Local\Packages
2023-04-01 22:06 - 2022-11-24 10:00 - 000028806 _____ C:\Users\bende\Documents\cc_20221124_090035.reg
2023-04-01 22:05 - 2023-03-08 17:18 - 000000000 ____D C:\Users\bende\AppData\Roaming\TeamViewer
2023-04-01 22:05 - 2022-08-27 18:30 - 000000000 ____D C:\Users\bende\AppData\Local\Ubisoft Game Launcher
2023-03-29 20:15 - 2022-05-14 12:08 - 000000000 ____D C:\ProgramData\Package Cache
==================== Files in the root of some directories ========
2022-11-20 00:40 - 2022-11-20 00:40 - 152252072 _____ () C:\Users\bende\AppData\Roaming\gta5_patch.bin
2022-09-03 22:18 - 2022-09-03 22:18 - 000332800 _____ () C:\Users\bende\AppData\Roaming\patcher.dll
2022-05-19 17:55 - 2022-05-19 17:55 - 000007601 _____ () C:\Users\bende\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Ran by bende (administrator) on DESKTOP-9127NAV (MSI MS-7978) (25-04-2023 20:52:17)
Running from C:\Users\bende\Desktop\FRST64.exe
Loaded Profiles: bende
Platform: Microsoft Windows 10 Pro Version 21H2 19044.2846 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\prism\SteelSeriesPrism.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCopyAccelerator.exe
(explorer.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.GamingServices_11.76.5001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.GamingServices_11.76.5001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [13129552 2023-04-17] (SteelSeries ApS -> SteelSeries ApS)
HKLM\...\Run: [CL-26-D5F12AA9-6B82-40C4-9FC2-656C2CC72701] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-26-D5F12AA9-6B82-40C4-9FC2-656C2CC72701\setuplauncher.exe" /run:Installer.exe /args:"/setup-folder:"CL-26-D5F12AA9-6B82-40C4-9FC2-656C2CC (the data entry has 7 more characters). (No File)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328 2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3351349204-3615596092-2007429632-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40412472 2023-04-17] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3351349204-3615596092-2007429632-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4362600 2023-03-24] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3351349204-3615596092-2007429632-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37103568 2023-04-24] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3351349204-3615596092-2007429632-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [480712 2022-06-18] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3351349204-3615596092-2007429632-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3351349204-3615596092-2007429632-1001\...\Run: [MicrosoftEdgeAutoLaunch_490520D2F1F4F545C5903DA4B47847C4] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4139968 2023-04-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3351349204-3615596092-2007429632-1004\...\MountPoints2: {331b4d2f-e3c9-11ec-88a8-d8cb8ac4ab15} - "F:\Setup.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\112.0.5615.138\Installer\chrmstp.exe [2023-04-22] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03C94316-E42A-4C62-B06B-8C18CD525327} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {2C2CEBEA-0C9B-45FA-BF6A-1CB70D5ADDB5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-04-17] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {437C204E-6985-411A-B3E2-342708EE8EA7} - System32\Tasks\CCleanerSkipUAC - bende => C:\Program Files\CCleaner\CCleaner.exe [34159416 2023-04-17] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {473DA945-F72E-4778-9569-14C0EC291B8D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {4E07E63C-B9EC-4863-91B3-09E667C3302D} - System32\Tasks\GoogleUpdateTaskMachineCore{616FB022-25B4-4A9C-9EB3-29027F950068} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-07-11] (Google LLC -> Google LLC)
Task: {55FD246E-D4F2-474D-B8EF-82AE4540533D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {57CC6BB5-833C-48CE-99CB-0C7F7F39F7F3} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5EAADFBB-72BA-4916-87A7-86559D32ABA8} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {5F813260-EE90-4EE6-AF1E-E37A153F2538} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718752 2023-04-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {60A24EED-B223-4CE9-BA05-8C0285CC42A2} - System32\Tasks\GoogleUpdateTaskMachineUA{FB87FA58-1013-44F8-9D54-C40E731D3F94} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-07-11] (Google LLC -> Google LLC)
Task: {9A7D5DF8-FF4A-44CC-A208-ECE7F82D8892} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9E65151E-B09B-4172-AECF-C0B4ACB2490E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A1C417E9-C4E0-4ACE-9328-320E814979C0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C1A59B0E-099E-49B8-B310-19F4A731F928} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3351349204-3615596092-2007429632-1004 => C:\Users\bende\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {C1CCEB04-D0E4-4165-AF7C-13F94CC26A2C} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3351349204-3615596092-2007429632-1001 => C:\Users\bende\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {C74BB016-BC87-40A4-9D67-417A365CF38B} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C97C3256-C5CA-4B07-97D0-5DBE1DE9DE34} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-04-18] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {CB792A36-50EB-4806-A1EF-F93A50FD289C} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-04-17] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "d8ea153e-213a-40c0-be4b-ec009263d411" --version "6.11.10435" --silent
Task: {CF2582C9-C37C-4F6C-B3EB-E22E67298CC0} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3351349204-3615596092-2007429632-1004 => C:\Users\bende\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {D8CFFC83-8674-4B43-B636-66B1064CABF1} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E9B4B81A-FF25-4763-B684-C63D339B1AEA} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\26.0.1.243\WatchDog.exe [933928 2023-04-07] (Bitdefender SRL -> Bitdefender)
Task: {FD016183-0E72-4BFB-872F-4BF2A1CF1DFF} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3351349204-3615596092-2007429632-1001 => C:\Users\bende\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d87dc5e5-66b6-472f-ac18-1ab512b8dd4b}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\bende\AppData\Local\Microsoft\Edge\User Data\Default [2023-04-23]
Edge Extension: (Edge relevant text changes) - C:\Users\bende\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-16]
FireFox:
========
FF DefaultProfile: 8wxbvps6.default
FF ProfilePath: C:\Users\bende\AppData\Roaming\Mozilla\Firefox\Profiles\8wxbvps6.default [2023-04-25]
FF ProfilePath: C:\Users\bende\AppData\Roaming\Mozilla\Firefox\Profiles\eg74b3xp.default-release-1681748771198 [2023-04-25]
FF DownloadDir: D:\Stazeno
FF Session Restore: Mozilla\Firefox\Profiles\eg74b3xp.default-release-1681748771198 -> is enabled.
FF Extension: (To Google Translate) - C:\Users\bende\AppData\Roaming\Mozilla\Firefox\Profiles\eg74b3xp.default-release-1681748771198\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2023-04-18]
FF Extension: (uBlock Origin) - C:\Users\bende\AppData\Roaming\Mozilla\Firefox\Profiles\eg74b3xp.default-release-1681748771198\Extensions\uBlock0@raymondhill.net.xpi [2023-04-18]
FF Plugin-x32: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2022-09-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2022-09-28] (Oracle America, Inc. -> Oracle Corporation)
Chrome:
=======
CHR Profile: C:\Users\bende\AppData\Local\Google\Chrome\User Data\Default [2023-04-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\bende\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\bende\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-11]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2457128 2022-02-10] (Bitdefender SRL -> Bitdefender)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8736880 2021-01-17] (BattlEye Innovations e.K. -> )
S2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1063736 2023-04-17] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4959176 2022-06-18] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2023-01-08] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-11-18] (EasyAntiCheat Oy -> Epic Games, Inc.)
S4 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-12-09] (Epic Games Inc. -> Epic Games, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2348000 2023-04-15] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7178720 2023-04-15] (GOG sp. z o.o -> GOG.com)
R2 GamingServices; C:\Program Files\WindowsApps\Microsoft.GamingServices_11.76.5001.0_x64__8wekyb3d8bbwe\GamingServices.exe [75256 2023-04-15] (Microsoft Corporation -> )
R2 GamingServicesNet; C:\Program Files\WindowsApps\Microsoft.GamingServices_11.76.5001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe [75256 2023-04-15] (Microsoft Corporation -> )
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579264 2022-11-16] (Electronic Arts, Inc. -> Electronic Arts)
S4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497800 2022-11-16] (Electronic Arts, Inc. -> Electronic Arts)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [645672 2023-04-07] (Bitdefender SRL -> Bitdefender)
S4 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2196464 2023-03-05] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [285088 2023-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe [35152 2023-04-17] (SteelSeries ApS -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\NisSrv.exe [3228400 2023-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe [133536 2023-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [42256 2021-02-11] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [63696 2022-06-18] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 HidHide; C:\Windows\System32\drivers\HidHide.sys [61408 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
R3 int0800; C:\Windows\System32\drivers\flashud.sys [62984 2019-08-28] (Intel Corporation -> Intel Corporation)
R3 MpKsl8e9a73fa; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{06181BF2-A6D1-4B05-8BC7-B2EFBC9037D6}\MpKslDrv.sys [211208 2023-04-25] (Microsoft Windows -> Microsoft Corporation)
R0 MsSecCore; C:\Windows\System32\drivers\msseccore.sys [26480 2023-04-13] (Microsoft Windows -> Microsoft Corporation)
S3 MsSecWfp; C:\Windows\System32\drivers\mssecwfp.sys [29568 2023-04-13] (Microsoft Windows -> Microsoft Corporation)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R3 SmbIch; C:\Windows\System32\drivers\SmbIch.sys [30248 2020-11-17] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [42912 2022-07-06] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 sshid; C:\Windows\System32\drivers\sshid.sys [44456 2023-03-13] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 SteelSeries_Sonar_VAD; C:\Windows\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_da15ab44a6216a8e\SteelSeries-Sonar-VAD.sys [95440 2023-03-17] (SteelSeries ApS -> Windows (R) Win 7 DDK provider)
R1 ViGEmBus; C:\Windows\System32\drivers\ViGEmBus.sys [165744 2020-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49600 2023-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [497920 2023-04-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99608 2023-04-12] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-04-25 20:52 - 2023-04-25 20:52 - 000021320 _____ C:\Users\bende\Desktop\FRST.txt
2023-04-25 20:52 - 2023-04-25 20:52 - 000000000 ____D C:\FRST
2023-04-25 20:50 - 2023-04-25 20:50 - 002382336 _____ (Farbar) C:\Users\bende\Desktop\FRST64.exe
2023-04-25 20:43 - 2023-04-25 20:43 - 000429532 _____ C:\ProgramData\cl.uninstall.1682448136.bdinstall.v2.bin
2023-04-25 20:38 - 2023-04-25 20:38 - 000000000 ____D C:\Users\ELISKA\AppData\Roaming\Bitdefender
2023-04-25 20:29 - 2023-04-25 20:29 - 000633316 _____ C:\ProgramData\cl.1682447249.bdinstall.v2.bin
2023-04-25 20:29 - 2023-04-25 20:29 - 000113804 _____ C:\ProgramData\cl.kit.1682447248.bdinstall.v2.bin
2023-04-25 20:29 - 2023-04-25 20:29 - 000000000 ____D C:\Users\ELISKA\AppData\Local\Bitdefender
2023-04-25 20:29 - 2023-04-25 20:29 - 000000000 ____D C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
2023-04-25 20:28 - 2023-04-25 20:28 - 000003846 _____ C:\Windows\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2023-04-25 20:28 - 2023-04-25 20:28 - 000000000 ____D C:\Windows\system32\elambkup
2023-04-25 20:28 - 2023-04-25 20:28 - 000000000 ____D C:\ProgramData\Gemma
2023-04-25 20:28 - 2023-04-25 20:28 - 000000000 ____D C:\ProgramData\BDLogging
2023-04-25 20:28 - 2023-04-25 20:28 - 000000000 ____D C:\ProgramData\Atc
2023-04-25 20:26 - 2023-04-25 20:26 - 000158092 _____ C:\ProgramData\agent.1682447210.bdinstall.v2.bin
2023-04-25 20:26 - 2023-04-25 20:26 - 000000000 ____D C:\Users\bende\AppData\Local\Bitdefender
2023-04-25 20:26 - 2023-04-25 20:26 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2023-04-25 20:26 - 2023-04-25 20:26 - 000000000 ____D C:\Program Files\Bitdefender Agent
2023-04-25 20:24 - 2023-04-25 20:24 - 000001554 _____ C:\Users\bende\Desktop\DTShellHlp – zástupce.lnk
2023-04-25 20:24 - 2023-04-25 20:24 - 000001459 _____ C:\Users\bende\Desktop\Origin – zástupce.lnk
2023-04-25 20:19 - 2023-04-25 20:19 - 000001404 _____ C:\Users\bende\Desktop\Ashampoo Burning Studio FREE.lnk
2023-04-25 20:19 - 2023-04-25 20:19 - 000001281 _____ C:\Users\bende\Desktop\aTube Catcher.lnk
2023-04-25 20:19 - 2023-04-25 20:19 - 000000996 _____ C:\Users\bende\Desktop\Steam.lnk
2023-04-25 20:18 - 2023-04-25 20:18 - 000001270 _____ C:\Users\bende\Desktop\Epic Games Launcher.lnk
2023-04-25 20:18 - 2023-04-25 20:18 - 000000886 _____ C:\Users\bende\Desktop\Battle.net.lnk
2023-04-25 08:04 - 2023-04-25 20:16 - 000000000 ____D C:\Users\ELISKA\Desktop\Nová složka
2023-04-25 08:04 - 2023-04-25 08:04 - 000000351 _____ C:\Users\ELISKA\Desktop\Koš – zástupce.lnk
2023-04-18 16:38 - 2023-04-18 16:38 - 000000000 ____D C:\Users\bende\Documents\Command and Conquer 3 Tiberium Wars
2023-04-18 16:35 - 2023-04-18 16:36 - 000000000 ____D C:\Users\bende\AppData\Roaming\Command and Conquer 3 Tiberium Wars
2023-04-18 15:58 - 2023-04-25 20:42 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-04-17 18:26 - 2023-04-17 18:26 - 000000000 ____D C:\Users\bende\Desktop\Původní data aplikace Firefox
2023-04-17 15:37 - 2023-04-17 15:37 - 000597797 _____ C:\Users\bende\Documents\new-document.pdf
2023-04-16 09:25 - 2008-08-18 19:18 - 000077824 _____ (Fox Magic Software) C:\Windows\SysWOW64\fmcodec.DLL
2023-04-15 21:35 - 2023-04-15 21:35 - 000000000 ____D C:\Users\bende\Documents\StarCraft
2023-04-15 21:35 - 2023-04-15 21:35 - 000000000 ____D C:\Users\bende\AppData\Roaming\Blizzard
2023-04-15 21:34 - 2023-04-15 21:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft
2023-04-15 21:31 - 2023-04-15 21:31 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2023-04-15 21:30 - 2023-04-16 01:17 - 000000000 ____D C:\Users\bende\AppData\Local\Battle.net
2023-04-15 21:30 - 2023-04-15 21:31 - 000000000 ____D C:\Users\bende\AppData\Roaming\Battle.net
2023-04-15 21:30 - 2023-04-15 21:31 - 000000000 ____D C:\Program Files (x86)\Battle.net
2023-04-15 21:30 - 2023-04-15 21:30 - 000000940 _____ C:\Users\ELISKA\Desktop\Battle.net.lnk
2023-04-15 21:30 - 2023-04-15 21:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2023-04-15 21:29 - 2023-04-15 21:35 - 000000000 ____D C:\Users\bende\AppData\Local\Blizzard Entertainment
2023-04-15 21:29 - 2023-04-15 21:29 - 000000000 ____D C:\ProgramData\Battle.net
2023-04-13 23:29 - 2023-04-13 23:29 - 000000000 ____D C:\Windows\system32\Drivers\mde
2023-04-13 22:18 - 2023-04-13 22:18 - 000000000 ___HD C:\$WinREAgent
2023-04-07 23:34 - 2023-04-07 23:35 - 000000000 ____D C:\Users\bende\AppData\Roaming\IO Interactive
2023-04-04 15:53 - 2023-04-04 15:53 - 000000000 ____D C:\Users\bende\AppData\Roaming\HelloGames
2023-04-02 08:20 - 2023-04-02 08:20 - 000000000 ____D C:\Users\bende\AppData\Roaming\EasyAntiCheat
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-04-25 20:50 - 2022-05-14 10:38 - 001693136 _____ C:\Windows\system32\PerfStringBackup.INI
2023-04-25 20:50 - 2019-12-07 16:43 - 000716726 _____ C:\Windows\system32\perfh005.dat
2023-04-25 20:50 - 2019-12-07 16:43 - 000144904 _____ C:\Windows\system32\perfc005.dat
2023-04-25 20:50 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-04-25 20:45 - 2022-07-11 19:38 - 000000000 ____D C:\Program Files (x86)\Google
2023-04-25 20:44 - 2022-09-29 19:59 - 000003476 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-04-25 20:44 - 2022-09-29 19:59 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-04-25 20:44 - 2022-05-14 11:44 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-04-25 20:44 - 2022-05-14 11:44 - 000000000 ____D C:\Program Files\CCleaner
2023-04-25 20:44 - 2022-05-14 11:36 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-04-25 20:43 - 2022-05-14 10:32 - 000008192 ___SH C:\DumpStack.log.tmp
2023-04-25 20:43 - 2022-05-14 10:32 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-04-25 20:43 - 2022-05-14 10:32 - 000000000 ____D C:\ProgramData\NVIDIA
2023-04-25 20:43 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-04-25 20:43 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-25 20:43 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2023-04-25 20:42 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2023-04-25 10:21 - 2022-09-28 13:34 - 000000000 ____D C:\Users\ELISKA\AppData\Roaming\.minecraft
2023-04-25 08:06 - 2022-09-28 13:37 - 000000000 ____D C:\Users\ELISKA\AppData\Local\D3DSCache
2023-04-25 08:03 - 2022-07-11 19:38 - 000003844 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{FB87FA58-1013-44F8-9D54-C40E731D3F94}
2023-04-25 08:03 - 2022-07-11 19:38 - 000003720 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{616FB022-25B4-4A9C-9EB3-29027F950068}
2023-04-25 08:03 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-24 22:43 - 2022-05-14 10:32 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-04-23 16:20 - 2022-05-14 11:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-04-23 15:15 - 2022-09-28 13:37 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-04-22 07:41 - 2022-09-28 13:28 - 000003382 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3351349204-3615596092-2007429632-1004
2023-04-22 07:41 - 2022-09-28 13:28 - 000002384 _____ C:\Users\ELISKA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-04-22 07:31 - 2022-05-14 11:35 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-04-22 07:29 - 2022-07-11 19:38 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-04-22 07:29 - 2022-07-11 19:38 - 000002206 _____ C:\Users\ELISKA\Desktop\Google Chrome.lnk
2023-04-17 18:26 - 2022-05-14 11:35 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-04-17 18:19 - 2022-05-14 11:50 - 000000000 ____D C:\Program Files (x86)\Steam
2023-04-17 15:38 - 2022-05-27 21:21 - 000000000 ____D C:\Users\bende\Documents\My Games
2023-04-17 15:37 - 2022-05-21 22:29 - 000000000 ____D C:\Users\bende\Documents\Rockstar Games
2023-04-16 18:36 - 2022-05-14 18:05 - 000000000 ____D C:\Users\bende\AppData\Roaming\discord
2023-04-16 18:23 - 2022-05-14 18:24 - 000000000 ____D C:\Users\bende\AppData\Local\Discord
2023-04-16 09:27 - 2022-08-09 09:05 - 000000000 ____D C:\ProgramData\Ashampoo
2023-04-16 09:25 - 2022-08-06 12:57 - 000001263 _____ C:\Users\ELISKA\Desktop\aTube Catcher.lnk
2023-04-16 09:25 - 2022-08-06 12:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2023-04-16 08:53 - 2022-05-14 11:35 - 000000000 ____D C:\Users\bende\AppData\Local\D3DSCache
2023-04-16 01:17 - 2023-03-15 23:37 - 000000000 ____D C:\Users\bende\Desktop\Hry
2023-04-15 22:06 - 2022-07-18 09:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyberpunk 2077 [GOG.com]
2023-04-15 21:33 - 2022-07-18 08:52 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2023-04-15 20:29 - 2022-10-25 20:38 - 000079352 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2023-04-15 20:29 - 2022-10-25 20:38 - 000062968 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2023-04-15 20:29 - 2022-09-28 10:53 - 002790904 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2023-04-15 20:29 - 2022-09-28 10:53 - 000484856 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2023-04-15 20:29 - 2022-09-28 10:53 - 000247248 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll
2023-04-15 20:29 - 2022-09-28 10:53 - 000202232 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2023-04-15 20:29 - 2022-09-28 10:53 - 000165368 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2023-04-15 20:29 - 2022-09-28 10:53 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2023-04-14 22:34 - 2022-09-28 13:29 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3351349204-3615596092-2007429632-1004
2023-04-13 23:30 - 2022-05-14 10:32 - 000267672 _____ C:\Windows\system32\FNTCACHE.DAT
2023-04-13 23:29 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-04-13 23:29 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-04-13 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-04-13 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-04-13 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-04-13 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-04-13 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2023-04-13 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX
2023-04-13 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2023-04-13 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2023-04-13 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-04-13 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-04-13 22:28 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-04-13 22:25 - 2022-05-14 10:36 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-04-13 22:18 - 2022-05-18 18:37 - 000000000 ____D C:\Windows\system32\MRT
2023-04-13 22:16 - 2022-05-18 18:37 - 156112424 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-04-12 12:37 - 2022-05-14 10:32 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-04-11 22:01 - 2022-05-14 11:36 - 000000000 ____D C:\Users\bende\AppData\LocalLow\Mozilla
2023-04-10 21:52 - 2022-08-16 21:37 - 000000000 ____D C:\Users\bende\AppData\Roaming\steelseries-gg-client
2023-04-08 10:14 - 2022-05-18 23:03 - 000000000 ____D C:\Users\bende\AppData\Local\CrashDumps
2023-04-06 20:38 - 2022-05-14 18:05 - 000002231 _____ C:\Users\bende\Desktop\Discord.lnk
2023-04-05 13:28 - 2022-09-28 10:53 - 000003716 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{65134AD8-A000-4774-8083-F6B7B14D5907}
2023-04-05 13:28 - 2022-09-28 10:53 - 000003592 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{5768A352-004E-4C98-B5CD-9B96C2DC5514}
2023-04-02 09:26 - 2022-09-28 13:23 - 000000000 ____D C:\Users\ELISKA\AppData\Local\Packages
2023-04-01 22:06 - 2022-11-24 10:00 - 000028806 _____ C:\Users\bende\Documents\cc_20221124_090035.reg
2023-04-01 22:05 - 2023-03-08 17:18 - 000000000 ____D C:\Users\bende\AppData\Roaming\TeamViewer
2023-04-01 22:05 - 2022-08-27 18:30 - 000000000 ____D C:\Users\bende\AppData\Local\Ubisoft Game Launcher
2023-03-29 20:15 - 2022-05-14 12:08 - 000000000 ____D C:\ProgramData\Package Cache
==================== Files in the root of some directories ========
2022-11-20 00:40 - 2022-11-20 00:40 - 152252072 _____ () C:\Users\bende\AppData\Roaming\gta5_patch.bin
2022-09-03 22:18 - 2022-09-03 22:18 - 000332800 _____ () C:\Users\bende\AppData\Roaming\patcher.dll
2022-05-19 17:55 - 2022-05-19 17:55 - 000007601 _____ () C:\Users\bende\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Re: Ahoj prosím kontrolu
ahoj,
mozes preventivne prescanovat s MBAM - nic zvlastne tam nevidim
mozes preventivne prescanovat s MBAM - nic zvlastne tam nevidim
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Ahoj prosím kontrolu
Ono párkrát mi zahaluzil Firefox. Ale asi to byla chyba u nich.
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 02.05.23
Čas skenování: 15:41
Logovací soubor: 08e09fe6-e8ef-11ed-8812-d8cb8ac4ab15.json
-Informace o softwaru-
Verze: 4.5.24.248
Verze komponentů: 1.0.1952
Aktualizovat verzi balíku komponent: 1.0.68900
Licence: Zkušební
-Systémová informace-
OS: Windows 10 (Build 19044.2846)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-9127NAV\bende
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 338351
Zjištěné hrozby: 0
Hrozby umístěné do karantény: 0
Uplynulý čas: 2 min, 20 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
WMI: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 02.05.23
Čas skenování: 15:41
Logovací soubor: 08e09fe6-e8ef-11ed-8812-d8cb8ac4ab15.json
-Informace o softwaru-
Verze: 4.5.24.248
Verze komponentů: 1.0.1952
Aktualizovat verzi balíku komponent: 1.0.68900
Licence: Zkušební
-Systémová informace-
OS: Windows 10 (Build 19044.2846)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-9127NAV\bende
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 338351
Zjištěné hrozby: 0
Hrozby umístěné do karantény: 0
Uplynulý čas: 2 min, 20 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
WMI: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
Re: Ahoj prosím kontrolu
Myslim, nateraz OK
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Ahoj prosím kontrolu
Ok diky za pomoc.
Re: Ahoj prosím kontrolu
Za malo 
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?