Po naběhnutí pc se sama otevře firefox

Zpráva

Gudi · #1 Příspěvek od **Gudi** » 25 lis 2021 21:32

Dobrý den,
prosím o pomoc po zapnutí pc sám naskočí Firefox. A otevře dvě stránky. http://usfinf.net/-81172IPRA/ykT?rndad= ... 1637870423 a http://gestyy.com/w6AWMd .
Je to i v rozšíření v prohlížeči ale po deaktivaci se samo aktivuje. Předem mockrát děkuji.

Gudi · #2 Příspěvek od **Gudi** » 25 lis 2021 21:32

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-11-2021
Ran by bende (25-11-2021 21:25:54)
Running from C:\Users\bende\OneDrive\Plocha
Microsoft Windows 10 Pro Version 20H2 19042.1348 (X64) (2021-02-10 17:05:27)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4041882816-197501499-3392744314-500 - Administrator - Disabled)
bende (S-1-5-21-4041882816-197501499-3392744314-1001 - Administrator - Enabled) => C:\Users\bende
DefaultAccount (S-1-5-21-4041882816-197501499-3392744314-503 - Limited - Disabled)
Guest (S-1-5-21-4041882816-197501499-3392744314-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4041882816-197501499-3392744314-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AIDA64 Extreme v5.99 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.99 - FinalWire Ltd.)
Ashampoo Burning Studio FREE (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.21.5 - Ashampoo GmbH & Co. KG)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.87 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.14.0.1679 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-4041882816-197501499-3392744314-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
Disney princezna - Moje pohádkové dobrodružství verzia 1.0 (HKLM-x32\...\Disney princezna - Moje pohádkové dobrodružství_is1) (Version: 1.0 - CzTorrent.net)
Epic Games Launcher (HKLM-x32\...\{FEF3A9BA-A962-4469-AD62-04839D4BB847}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fallout 4 - Čeština (HKLM-x32\...\{128B0EF8-7109-4709-A619-57607BE524BB}) (Version: 1.0.1 - prekladyher.eu)
Fraps (HKLM-x32\...\Fraps) (Version: - )
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D18FE9D2-2F54-4C68-A2DE-A59D4A80A9BC}) (Version: 3.1.2109.29003 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.34 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.12 (x86) (HKLM-x32\...\{802fde85-84c2-447a-9da5-c3bb0d312ea2}) (Version: 5.0.12.30623 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 94.0.2 (x64 en-US)) (Version: 94.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 85.0.2 - Mozilla)
Nefarius Software Solutions e.U. HidHide (x64) (HKLM\...\{B62A2DE2-E6A8-438B-B05B-6E9287A0191D}) (Version: 1.0.30.0 - Nefarius Software Solutions e.U.)
Nefarius Virtual Gamepad Emulation Bus Driver (HKLM\...\{93D91F60-7C94-4A79-863F-EA713D2EB3F3}) (Version: 1.17.333.0 - Nefarius Software Solutions e.U.)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 472.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 472.12 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project)
Origin (HKLM-x32\...\Origin) (Version: 10.5.105.49133 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Swifty (HKU\S-1-5-21-4041882816-197501499-3392744314-1001\...\Swifty3) (Version: 3.3.0 - Swifty)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 118.0.10358 - Ubisoft)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)

Packages:
=========
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-10-09] (NVIDIA Corp.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-02-11] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-02-11] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\nvshext.dll [2021-09-16] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-05-21 20:04 - 2021-05-21 20:04 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-05-21 20:04 - 2021-05-21 20:04 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2021-05-21 20:04 - 2021-05-21 20:04 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2021-10-10 14:01 - 2021-05-21 20:04 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2021-10-10 14:01 - 2021-05-21 20:04 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2021-10-10 14:01 - 2021-05-21 20:04 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2021-10-10 14:01 - 2021-05-21 20:04 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2021-10-10 14:01 - 2021-05-21 20:04 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2021-10-10 14:01 - 2021-05-21 20:04 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4041882816-197501499-3392744314-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\bende\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\73110.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-4041882816-197501499-3392744314-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-4041882816-197501499-3392744314-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-4041882816-197501499-3392744314-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4041882816-197501499-3392744314-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-4041882816-197501499-3392744314-1001\...\StartupApproved\Run: => "EnlistedLauncher"
HKU\S-1-5-21-4041882816-197501499-3392744314-1001\...\StartupApproved\Run: => "Gaijin.Net Updater"
HKU\S-1-5-21-4041882816-197501499-3392744314-1001\...\StartupApproved\Run: => "Battle.net"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6FA869A5-684B-4A54-B540-3EDC12CB1C55}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CC669F34-73DC-4DC2-9DD1-63D69CC599C1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DB9A6F9F-AD30-484E-BE58-3264B005EAA4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{45FA3C9C-20FD-4BFC-B007-AEBC315AD7EA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{58528389-8FED-4828-8A97-5B05A2113535}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6DE40AA3-4055-4215-A6D5-9A96275E2B45}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E22D99EC-D978-400D-A082-739178E164A3}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{5316EC66-7357-4783-A9AC-B50BD775B129}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{18397840-4F00-4E91-B08A-0BCF6174E547}] => (Allow) D:\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{4A3619A4-4BB1-4876-AC10-85C25CFDA059}] => (Allow) D:\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [TCP Query User{B4384610-C979-44F6-8E85-77847BC6939A}D:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe] => (Allow) D:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [UDP Query User{FB978A68-7DA6-4D49-B207-648C12F2FF70}D:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe] => (Allow) D:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [TCP Query User{F1B1D026-11B4-4515-B48E-65113D052C85}D:\epic\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe] => (Allow) D:\epic\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{0F963299-D749-4449-B283-EC4712B99FF7}D:\epic\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe] => (Allow) D:\epic\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [TCP Query User{BD6A07A1-3D3D-4732-9224-C6EE3307460C}D:\hry\the crew (worldwide)\thecrew.exe] => (Allow) D:\hry\the crew (worldwide)\thecrew.exe (Shanghai Ubi Computer Software Co Ltd -> UBISoft)
FirewallRules: [UDP Query User{9C9F8F7A-9696-4241-8EC0-7B1DCCF99989}D:\hry\the crew (worldwide)\thecrew.exe] => (Allow) D:\hry\the crew (worldwide)\thecrew.exe (Shanghai Ubi Computer Software Co Ltd -> UBISoft)
FirewallRules: [{387BAC48-97F3-42C5-88A7-779611BBEE6C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{36087A9F-3EC4-4C2C-A0AA-44F674ACDAA2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{BBA74761-F74A-4CD8-860F-077FDAFB63C8}D:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe] => (Allow) D:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [UDP Query User{8D98305F-E96F-4F95-852E-27954ED81441}D:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe] => (Allow) D:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{4E64CF70-2CE6-4D9C-BB2A-1DE6FA6A5EFC}] => (Allow) D:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{7875D700-0E5A-4FAD-BE18-7AF71BE4E2AA}] => (Allow) D:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{C4278CD1-0B52-4084-B8CF-E56E30E66C1B}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\eac_wt_mlauncher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{E1F27FBC-0680-4FE3-8C8A-9A5AB97D45AE}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\eac_wt_mlauncher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{8FE9D555-860A-4CC3-8EE5-F0546F5D5165}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [{D2E70F5A-A155-4751-894C-E50FC20FCE32}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [TCP Query User{07C45B9C-F3D2-49D2-9105-C07D4FD073D3}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{4279C6DF-F883-4DD4-B39E-EB0CC681BCF2}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{0043D832-FE47-4667-899B-D1167B0274B1}D:\epic\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe] => (Allow) D:\epic\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{9C6003F3-DFEE-41AC-9D87-8DAAB3B74C57}D:\epic\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe] => (Allow) D:\epic\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [TCP Query User{B7AD3AE8-9784-4715-81B9-0DD916DB6294}D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{9ED9D4DA-5B76-4BB4-87F7-DC7A7173DC7F}D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{AF37EB70-2E03-4830-9D9A-2BE7D12FA7EE}D:\battle.net\hry\diablo iii\x64\diablo iii64.exe] => (Allow) D:\battle.net\hry\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{695E404E-7B7D-4E1E-BA01-2A9426482EE8}D:\battle.net\hry\diablo iii\x64\diablo iii64.exe] => (Allow) D:\battle.net\hry\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{32CFA130-4CD5-4D2D-A22B-8FE61EA02D43}] => (Allow) D:\SteamLibrary\steamapps\common\Company of Heroes\RelicCOH.exe (THQ Canada Inc. -> THQ Canada Inc.)
FirewallRules: [{A686BD2F-C201-4B1B-B3E6-E7FB3F4F7403}] => (Allow) D:\SteamLibrary\steamapps\common\Company of Heroes\RelicCOH.exe (THQ Canada Inc. -> THQ Canada Inc.)
FirewallRules: [TCP Query User{18D6B466-3FC8-4D64-94A9-6B746B3F48B8}D:\steamlibrary\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe] => (Allow) D:\steamlibrary\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe (THQ Canada Inc.) [File not signed]
FirewallRules: [UDP Query User{5A6480D8-EBA9-4B52-BF6F-30EF462F0969}D:\steamlibrary\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe] => (Allow) D:\steamlibrary\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe (THQ Canada Inc.) [File not signed]
FirewallRules: [{B7EA44C1-441B-495F-84D4-050D5D1B5275}] => (Allow) D:\SteamLibrary\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe (The build server will stamp this field) [File not signed]
FirewallRules: [{D6271A7D-335A-43B8-B040-C7F02BBE6FE8}] => (Allow) D:\SteamLibrary\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe (The build server will stamp this field) [File not signed]
FirewallRules: [TCP Query User{32920155-0723-4743-9D83-FA2A017B537E}D:\battle.net\hry\diablo iii\x64\diablo iii64.exe] => (Allow) D:\battle.net\hry\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{A836BA08-0ECB-42B5-97A0-C7DF40072528}D:\battle.net\hry\diablo iii\x64\diablo iii64.exe] => (Allow) D:\battle.net\hry\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{6758F8D6-E3C4-4B30-A2BB-8C59FD18D9F9}D:\epic\farmingsimulator19\x64\farmingsimulator2019game.exe] => (Allow) D:\epic\farmingsimulator19\x64\farmingsimulator2019game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [UDP Query User{B0DB3D87-C03B-44B6-AE28-06FAD6EB0956}D:\epic\farmingsimulator19\x64\farmingsimulator2019game.exe] => (Allow) D:\epic\farmingsimulator19\x64\farmingsimulator2019game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{7051CC0F-0D83-4A16-92FB-1C6A987D5D0A}] => (Allow) D:\SteamLibrary\steamapps\common\Company of Heroes Relaunch\Blitzkrieg Launcher.exe (Wolf) [File not signed]
FirewallRules: [{93A107F8-A6F2-4045-92EE-2EA50BFFC93E}] => (Allow) D:\SteamLibrary\steamapps\common\Company of Heroes Relaunch\Blitzkrieg Launcher.exe (Wolf) [File not signed]
FirewallRules: [TCP Query User{C37CB6F5-8A86-47C3-B552-BED7970EBDA6}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{3B9BA635-8E0A-47A7-B449-6CDD7CCE8A43}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{3A782E08-1A85-45B9-8108-B1D10BD8D9C4}D:\stazeno\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe] => (Allow) D:\stazeno\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe () [File not signed]
FirewallRules: [UDP Query User{A6DBA6AD-5154-4E2A-B2F4-84BE2318AA1F}D:\stazeno\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe] => (Allow) D:\stazeno\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe () [File not signed]
FirewallRules: [{A21870C3-1ABB-4C60-9064-AE36585AD5A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{352BA2E0-EC3C-4492-B329-726D369779F1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9C9A35D9-2166-41B3-913B-0093358263B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5290BAF4-206C-4D01-A34E-61CBE068A378}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{819DC7EB-EEBE-4C0C-8F0F-D38B0C722363}D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{496CF0F3-04D0-4041-84F8-55A279B63F90}D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.28 GB) (Free:57.6 GB) (52%)

==================== Faulty Device Manager Devices ============

Name: Řadič sběrnice SM
Description: Řadič sběrnice SM
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Řadič PCI pro získávání dat a zpracování signálu
Description: Řadič PCI pro získávání dat a zpracování signálu
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Řadič paměti na sběrnici PCI
Description: Řadič paměti na sběrnici PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: ========================

Application errors:
==================
Error: (11/21/2021 08:28:58 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (11/15/2021 02:55:45 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Description: A .NET application failed.
Application: DS4Windows.exe
Path: C:\Users\bende\AppData\Local\Temp\Rar$EXa2028.20044\DS4Windows\DS4Windows.exe
Message: A fatal error occurred. The required library hostfxr.dll could not be found.
If this is a self-contained application, that library should exist in [C:\Users\bende\AppData\Local\Temp\Rar$EXa2028.20044\DS4Windows\].
If this is a framework-dependent application, install the runtime in the global location [C:\Program Files (x86)\dotnet] or use the DOTNET_ROOT(x86) environment variable to specify the runtime location or register the runtime location in [HKLM\SOFTWARE\dotnet\Setup\InstalledVersions\x86\InstallLocation].

The .NET runtime can be found at:
- https://aka.ms/dotnet-core-applaunch?mi ... sion=5.0.8

Error: (11/15/2021 02:51:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program ForzaHorizon4.exe verze 1.472.876.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 11e8

Čas spuštění: 01d7da26e1683ac8

Čas ukončení: 4294967295

Cesta k aplikaci: D:\Stazeno\Forza.Horizon.4.Ultimate.Edition.Steam.Rip-InsaneRamZes\ForzaHorizon4\ForzaHorizon4.exe

ID hlášení: 64bd2147-4dd3-489b-855f-628dc9f51463

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Top level window is idle

Error: (11/13/2021 10:35:13 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (11/06/2021 08:27:30 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (11/05/2021 08:31:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WaaSMedicAgent.exe, verze: 10.0.19041.1165, časové razítko: 0x0ca0147c
Název chybujícího modulu: WaaSMedicCapsule.dll, verze: 10.0.19041.1165, časové razítko: 0x24a8d17e
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000aea2
ID chybujícího procesu: 0xa08
Čas spuštění chybující aplikace: 0x01d7d27b6023cfc5
Cesta k chybující aplikaci: C:\Windows\System32\WaaSMedicAgent.exe
Cesta k chybujícímu modulu: C:\Windows\System32\WaaSMedicCapsule.dll
ID zprávy: 8f0fd572-34c6-4f3c-9d43-ada64b3f2d15
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/22/2021 08:28:40 PM) (Source: BugSplat) (EventID: 1) (User: )
Description: Event-ID 1

Error: (10/11/2021 08:44:25 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

System errors:
=============
Error: (11/25/2021 08:48:38 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-D2U68EA)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (11/25/2021 08:45:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (11/25/2021 08:45:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (11/24/2021 08:45:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba RasMan závisí na službě SstpSvc, která neuspěla při spuštění v důsledku následující chyby:
Operace byla dokončena úspěšně.

Error: (11/24/2021 08:44:30 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (10:19:43, ‎24.‎11.‎2021) bylo neočekávané.

Error: (11/24/2021 10:19:43 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (10:10:09, ‎24.‎11.‎2021) bylo neočekávané.

Error: (11/20/2021 10:25:32 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D2U68EA)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/20/2021 07:31:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Windows Defender:
================
Date: 2021-11-21 21:36:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {EDAA9D88-5776-4E59-A375-51E50461A842}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-11-16 18:43:55
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {992458D0-952C-466B-8F71-946DB24F1E4E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-11-11 09:59:32
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6D2B78BE-E6CD-427D-8FEF-A93D4E9FA980}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-11-06 22:25:25
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DF46117B-4FCF-492A-B0D9-FC2413478BB3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-10-02 21:47:17
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E44A80C4-A4E3-4B9B-A6A1-54EB5484B1A2}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

==================== Memory info ===========================

BIOS: American Megatrends Inc. B.A0 04/24/2017
Motherboard: MSI B150 GAMING M3 (MS-7978)
Processor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
Percentage of memory in use: 31%
Total physical RAM: 8139.71 MB
Available physical RAM: 5560.78 MB
Total Virtual: 14539.71 MB
Available Virtual: 11375.59 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.28 GB) (Free:57.6 GB) NTFS
Drive d: () (Fixed) (Total:930.94 GB) (Free:284.47 GB) NTFS

\\?\Volume{429f7a68-88cb-42b2-a0b1-20cbf69d3e7e}\ () (Fixed) (Total:0 GB) (Free:0 GB)
\\?\Volume{259a2494-d035-4037-81de-20e87953470a}\ () (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{5c02a6c1-3429-4adb-b92b-8db57fca97c9}\ () (Fixed) (Total:0.5 GB) (Free:0.1 GB) NTFS
\\?\Volume{1bb05a06-508f-44ea-ba1f-afdeaea343c7}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 111.8 GB) (Disk ID: E34A21F3)

Partition: GPT.

==================== End of Addition.txt =======================

Gudi · #3 Příspěvek od **Gudi** » 25 lis 2021 21:33

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-11-2021
Ran by bende (administrator) on DESKTOP-D2U68EA (MSI MS-7978) (25-11-2021 21:24:56)
Running from C:\Users\bende\OneDrive\Plocha
Loaded Profiles: bende
Platform: Microsoft Windows 10 Pro Version 20H2 19042.1348 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\NVDisplay.Container.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-4041882816-197501499-3392744314-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4267432 2021-11-22] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4041882816-197501499-3392744314-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33530336 2021-11-13] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4041882816-197501499-3392744314-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35342976 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4041882816-197501499-3392744314-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [408888 2021-02-11] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-4041882816-197501499-3392744314-1001\...\Run: [Battle.net] => D:\Battle.net\Battle.net.exe [1079184 2021-08-15] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2019-12-24] () [File not signed] <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1D217C5D-930E-46E8-8F4C-F1C93CD1CE16} - System32\Tasks\CCleanerSkipUAC - bende => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2B75B1CB-70D1-49CD-A105-7AA4524017E3} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {34A953B9-9420-4ED8-8E5D-BB7C8B42ECEA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {35FF2BAB-E7A0-4467-BEDB-E3CE11A145F1} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4058436B-2E6E-4682-A971-F7D5274ACE00} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {446F211B-74CD-41B7-A8B8-04D1DF3A226D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {4775F61C-E545-4C4F-A3B3-C1A5B6CFE353} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5907F243-2735-48E5-8B55-0AC80A577340} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {68D3F5C7-50B1-4981-B9EF-19E45F518017} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform)
Task: {6DB6B0D8-EAD0-43F5-8571-AB8742FA56E4} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {76330C20-68A0-4A4C-AB17-C95D37C58A8A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {796C0BC1-3EE1-4FA2-A7E5-EEBF14930DE5} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8BBDCE06-7D70-4E25-88C9-5FE0B518E467} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8F6FFBBD-8025-43A9-BF4F-6B4069F9A1CE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {98D31746-69BA-4E0F-BC7C-9FC040EE4CF6} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4041882816-197501499-3392744314-500 => C:\Users\bende\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {B7E1FD0B-761C-4E8C-9AC4-1476763F9259} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {C424AAE5-30BB-4251-B631-38F4178ED844} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D09C988E-E2C6-4EAE-86FC-AD0AD43B144B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {DD907E79-15CD-4517-AB3F-290CD5B03003} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-05] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{adba39a8-bb32-4ea1-8e90-a53df4b33916}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Profile: C:\Users\bende\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-25]

FireFox:
========
FF DefaultProfile: xdwqtf6c.default
FF ProfilePath: C:\Users\bende\AppData\Roaming\Mozilla\Firefox\Profiles\xdwqtf6c.default [2021-02-10]
FF ProfilePath: C:\Users\bende\AppData\Roaming\Mozilla\Firefox\Profiles\5avqvqg1.default-release [2021-11-25]
FF DownloadDir: D:\Stazeno
FF Session Restore: Mozilla\Firefox\Profiles\5avqvqg1.default-release -> is enabled.
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\bende\AppData\Roaming\Mozilla\Firefox\Profiles\5avqvqg1.default-release\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2021-06-21]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\bende\AppData\Roaming\Mozilla\Firefox\Profiles\5avqvqg1.default-release\Extensions\langpack-cs@firefox.mozilla.org.xpi [2021-11-06]
FF Extension: (No Name) - C:\Users\bende\AppData\Roaming\Mozilla\Firefox\Profiles\5avqvqg1.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-11-25]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8894752 2021-02-11] (BattlEye Innovations e.K. -> )
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [5026616 2021-02-11] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2021-05-15] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2557144 2021-10-01] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3475680 2021-10-01] (Electronic Arts, Inc. -> Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6103464 2021-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [42256 2021-02-11] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [59360 2021-02-11] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 HidHide; C:\Windows\System32\drivers\HidHide.sys [61408 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
R1 ViGEmBus; C:\Windows\System32\drivers\ViGEmBus.sys [165744 2020-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48520 2021-11-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [435424 2021-11-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-05] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-25 21:24 - 2021-11-25 21:25 - 000000000 ____D C:\FRST
2021-11-24 21:00 - 2021-11-24 22:22 - 000000000 ____D C:\Users\bende\OneDrive\Dokumenty\GTA San Andreas User Files
2021-11-24 20:57 - 2021-11-24 20:57 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-11-24 20:56 - 2021-11-24 20:56 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-11-24 20:56 - 2021-11-24 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2021-11-24 20:45 - 2021-11-25 20:49 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-11-15 14:57 - 2021-11-15 14:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nefarius Software Solutions e.U
2021-11-15 14:57 - 2021-11-15 14:57 - 000000000 ____D C:\Program Files\Nefarius Software Solutions e.U
2021-11-15 14:57 - 2021-11-15 14:57 - 000000000 ____D C:\Program Files\Nefarius Software Solutions
2021-11-15 14:56 - 2021-11-15 14:56 - 000000000 ____D C:\Program Files (x86)\dotnet
2021-11-11 20:59 - 2021-11-11 20:59 - 000011363 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-11-11 20:58 - 2021-11-11 20:58 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-11-11 20:58 - 2021-11-11 20:58 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-11-11 20:58 - 2021-11-11 20:58 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2021-11-11 20:52 - 2021-11-11 20:52 - 000000000 ___HD C:\$WinREAgent
2021-11-07 09:12 - 2021-11-07 09:12 - 000000000 ____D C:\Users\bende\AppData\Roaming\Ashampoo
2021-11-07 09:11 - 2021-11-07 09:12 - 000000000 ____D C:\Users\bende\AppData\Local\ashampoo
2021-11-07 09:11 - 2021-11-07 09:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2021-11-07 09:11 - 2021-11-07 09:11 - 000000000 ____D C:\ProgramData\Ashampoo
2021-11-07 09:11 - 2021-11-07 09:11 - 000000000 ____D C:\Program Files (x86)\Ashampoo

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-25 21:24 - 2021-02-10 18:16 - 000000000 ____D C:\Users\bende\AppData\LocalLow\Mozilla
2021-11-25 21:07 - 2020-11-19 00:55 - 001693568 _____ C:\Windows\system32\PerfStringBackup.INI
2021-11-25 21:07 - 2019-12-07 15:43 - 000716874 _____ C:\Windows\system32\perfh005.dat
2021-11-25 21:07 - 2019-12-07 15:43 - 000145052 _____ C:\Windows\system32\perfc005.dat
2021-11-25 21:07 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2021-11-25 21:02 - 2021-02-16 20:05 - 000000000 ____D C:\ProgramData\NVIDIA
2021-11-25 21:02 - 2021-02-10 19:11 - 000000000 ____D C:\Program Files\CCleaner
2021-11-25 21:01 - 2021-02-10 18:16 - 000000000 ____D C:\ProgramData\Mozilla
2021-11-25 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-25 21:00 - 2021-02-10 18:03 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-25 21:00 - 2020-11-19 00:46 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-11-25 21:00 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2021-11-25 20:59 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-11-25 20:55 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2021-11-25 20:50 - 2021-02-10 19:11 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-11-25 20:49 - 2021-02-10 18:29 - 000000000 ____D C:\Program Files (x86)\Steam
2021-11-25 20:49 - 2021-02-10 18:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-25 20:48 - 2021-07-08 20:00 - 000007276 _____ C:\Users\bende\OneDrive\Dokumenty\cc_20210708_210035.reg
2021-11-25 20:48 - 2021-02-10 19:34 - 000000000 ____D C:\Users\bende\AppData\Roaming\TS3Client
2021-11-25 20:46 - 2020-11-19 00:48 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-25 20:46 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-24 22:40 - 2021-02-10 18:09 - 000000000 ____D C:\Users\bende
2021-11-24 21:11 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2021-11-24 21:01 - 2019-12-07 10:10 - 000383488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2021-11-24 21:01 - 2019-12-07 10:10 - 000215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplayx.dll
2021-11-24 21:01 - 2019-12-07 10:10 - 000060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2021-11-24 21:01 - 2019-12-07 10:10 - 000045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpwsockx.dll
2021-11-24 21:01 - 2019-12-07 10:10 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpmodemx.dll
2021-11-24 21:01 - 2019-12-07 10:10 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2021-11-24 21:01 - 2019-12-07 10:10 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplaysvr.exe
2021-11-24 21:01 - 2019-12-07 10:10 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2021-11-24 21:01 - 2019-12-07 10:10 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2021-11-24 21:01 - 2019-12-07 10:10 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
2021-11-24 21:01 - 2019-12-07 10:10 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2021-11-24 21:01 - 2019-12-07 10:09 - 000494592 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2021-11-24 21:01 - 2019-12-07 10:09 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2021-11-24 21:01 - 2019-12-07 10:09 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2021-11-24 21:01 - 2019-12-07 10:09 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll
2021-11-24 21:01 - 2019-12-07 10:09 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll
2021-11-24 21:01 - 2019-12-07 10:09 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\dpnlobby.dll
2021-11-24 21:01 - 2019-12-07 10:09 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll
2021-11-24 20:57 - 2021-02-10 18:16 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-11-24 20:44 - 2020-11-18 23:46 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-11-20 19:31 - 2021-02-10 18:13 - 000000000 ____D C:\Users\bende\AppData\Local\Packages
2021-11-20 19:31 - 2020-11-19 00:50 - 000000000 ____D C:\ProgramData\Packages
2021-11-18 20:31 - 2020-11-19 00:48 - 000003584 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-18 20:31 - 2020-11-19 00:48 - 000003460 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-11-16 18:43 - 2021-03-28 20:54 - 000000000 ____D C:\Users\bende\AppData\Local\ElevatedDiagnostics
2021-11-15 14:56 - 2021-02-10 18:36 - 000000000 ____D C:\ProgramData\Package Cache
2021-11-11 22:32 - 2020-11-18 23:46 - 000258096 _____ C:\Windows\system32\FNTCACHE.DAT
2021-11-11 22:31 - 2021-05-21 21:00 - 000000000 ____D C:\Windows\en-GB
2021-11-11 22:31 - 2019-12-07 15:47 - 000000000 ___SD C:\Windows\system32\AppV
2021-11-11 22:31 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-11-11 22:31 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2021-11-11 22:31 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-11-11 22:31 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-11-11 22:31 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-11-11 22:31 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2021-11-11 22:31 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2021-11-11 22:31 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2021-11-11 22:31 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2021-11-11 22:31 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2021-11-11 22:31 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-11-11 22:31 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2021-11-11 22:31 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2021-11-11 20:52 - 2021-02-12 11:04 - 000000000 ____D C:\Windows\system32\MRT
2021-11-11 20:51 - 2021-02-12 11:04 - 141529560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-11-05 20:32 - 2020-11-19 00:46 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-10-29 19:42 - 2021-09-26 09:10 - 000000000 ____D C:\Users\bende\AppData\Roaming\discord
2021-10-29 19:38 - 2021-09-26 09:10 - 000000000 ____D C:\Users\bende\AppData\Local\Discord

==================== Files in the root of some directories ========

2021-03-02 08:33 - 2021-03-02 08:33 - 000007597 _____ () C:\Users\bende\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

#4 Příspěvek od **Rudy** » 25 lis 2021 22:00

Zdravím!
Smažte tento soubor: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat

Gudi · #5 Příspěvek od **Gudi** » 25 lis 2021 22:04

Hotovo.

#6 Příspěvek od **Rudy** » 26 lis 2021 10:23

Už se problém ztratil?

Gudi · #7 Příspěvek od **Gudi** » 26 lis 2021 17:51

Vypadá vše v pořádku. Mockrát děkuji.

#8 Příspěvek od **Rudy** » 26 lis 2021 17:52

Rádo se stalo!

VIRY.CZ

Po naběhnutí pc se sama otevře firefox

Po naběhnutí pc se sama otevře firefox

Re: Po naběhnutí pc se sama otevře firefox

Re: Po naběhnutí pc se sama otevře firefox

Re: Po naběhnutí pc se sama otevře firefox

Re: Po naběhnutí pc se sama otevře firefox

Re: Po naběhnutí pc se sama otevře firefox

Re: Po naběhnutí pc se sama otevře firefox

Re: Po naběhnutí pc se sama otevře firefox