reklama po startu systému

Zpráva

Haltaa · #1 Příspěvek od **Haltaa** » 10 dub 2022 15:19

Dobrý den, nedávno jsem půjčil bratranci NTB na pár dní. Prý si něco stáhnul a nainstaloval, netuším co(hru?).. Od té doby se mi po nastartování systému otevře prohlížeč a otevřou se 2 panely s reklamou. Co je to za reklamu netuším, mám adblock a tak vidím dvě bílé stránky. Budu rád za pomoc. Jedná se o prohlížeč Firefox.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-04-2022 01
Ran by karel (administrator) on DESKTOP-CQ5VBUJ (LENOVO 80E5) (10-04-2022 16:03:22)
Running from C:\Users\karel\Desktop
Loaded Profiles: karel
Platform: Microsoft Windows 10 Home Version 21H2 19044.1586 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe
(cmd.exe ->) (Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\karel\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atieclxx.exe
(explorer.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atiesrxx.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5166872 2016-08-04] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-22] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6613896 2016-06-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2019-04-22] () [File not signed] <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04A48DB4-9CC9-4EB9-8BD5-769716172C67} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1225251027-1679250536-123389074-1001 => C:\Users\karel\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [88408 2021-12-29] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {5865B7E6-728A-410D-BDE6-C49F1153CA13} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {663EFD5A-5861-4471-9ABA-9FDDFC382AF5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {72B50FF6-0A92-4A2C-9C1D-E662A26BFE70} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {86D064E0-E17C-4A79-8AF1-963659766354} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9EFF2394-DB29-4484-A04A-ED045A5573D6} - System32\Tasks\infatica_p2b => C:\Program Files (x86)\Infatica P2B\infatica-service-app.exe [19056 2021-04-29] (Infatica pte ltd -> )
Task: {DABAAAD5-9BBE-49FA-8A6D-06AC3D8A3002} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [10385288 2016-06-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {E233EA5F-E235-4E10-9456-D2D1DA38165B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EA32247A-8ABB-44A5-82A5-6747E5538FC3} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1897824 2022-03-09] (Lenovo -> )
Task: {F41DAE04-D47A-4FDB-BE49-F088B9D96E90} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [110660344 2021-09-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
Task: {F83E9EF8-9956-49CF-A8EB-8D625B3D8577} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1897824 2022-03-09] (Lenovo -> )
Task: {FCECFE7A-A40B-4BB4-86C8-517711F35721} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 8.8.8.8
Tcpip\..\Interfaces\{80ee4cd9-f024-4731-84a1-3d6de9e84035}: [DhcpNameServer] 192.168.0.1 8.8.8.8

Edge:
=======
Edge Profile: C:\Users\karel\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-05]

FireFox:
========
FF DefaultProfile: jjm14yst.default
FF ProfilePath: C:\Users\karel\AppData\Roaming\Mozilla\Firefox\Profiles\jjm14yst.default [2021-10-29]
FF ProfilePath: C:\Users\karel\AppData\Roaming\Mozilla\Firefox\Profiles\o6qjs5uk.default-release [2022-04-10]
FF DownloadDir: E:\Downloads
FF Homepage: Mozilla\Firefox\Profiles\o6qjs5uk.default-release -> www.seznam.cz
FF Extension: (Facebook Container) - C:\Users\karel\AppData\Roaming\Mozilla\Firefox\Profiles\o6qjs5uk.default-release\Extensions\@contain-facebook.xpi [2022-03-18]
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\karel\AppData\Roaming\Mozilla\Firefox\Profiles\o6qjs5uk.default-release\Extensions\firefox@ghostery.com.xpi [2022-02-11]
FF Extension: (Linkificator) - C:\Users\karel\AppData\Roaming\Mozilla\Firefox\Profiles\o6qjs5uk.default-release\Extensions\linkificator@markapola.xpi [2021-10-29]
FF Extension: (Titulky++) - C:\Users\karel\AppData\Roaming\Mozilla\Firefox\Profiles\o6qjs5uk.default-release\Extensions\titulkyplus@idzor.cf.xpi [2022-03-15]
FF Extension: (uBlock Origin) - C:\Users\karel\AppData\Roaming\Mozilla\Firefox\Profiles\o6qjs5uk.default-release\Extensions\uBlock0@raymondhill.net.xpi [2022-04-08]
FF Extension: (Text Link) - C:\Users\karel\AppData\Roaming\Mozilla\Firefox\Profiles\o6qjs5uk.default-release\Extensions\{54BB9F3F-07E5-486c-9B39-C7398B99391C}.xpi [2021-12-21]
FF Extension: (Return YouTube Dislike) - C:\Users\karel\AppData\Roaming\Mozilla\Firefox\Profiles\o6qjs5uk.default-release\Extensions\{762f9885-5a13-4abd-9c77-433dcd38b8fd}.xpi [2022-01-11]
FF Extension: (Video DownloadHelper) - C:\Users\karel\AppData\Roaming\Mozilla\Firefox\Profiles\o6qjs5uk.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-11-10]
FF Extension: (No Name) - C:\Users\karel\AppData\Roaming\Mozilla\Firefox\Profiles\o6qjs5uk.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-11-24]
FF Extension: (Dark Fox) - C:\Users\karel\AppData\Roaming\Mozilla\Firefox\Profiles\o6qjs5uk.default-release\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2021-10-29]
FF Plugin: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\S-1-5-21-1225251027-1679250536-123389074-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\S-1-5-21-1225251027-1679250536-123389074-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\S-1-5-21-1225251027-1679250536-123389074-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 MagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [348728 2021-09-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 SamsungMagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [348728 2021-09-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-04-10 16:03 - 2022-04-10 16:04 - 000015723 _____ C:\Users\karel\Desktop\FRST.txt
2022-04-10 16:03 - 2022-04-10 16:03 - 000000000 ____D C:\FRST
2022-04-10 16:01 - 2022-04-10 16:01 - 002365440 _____ (Farbar) C:\Users\karel\Desktop\FRST64.exe
2022-04-06 17:54 - 2022-04-06 17:54 - 000000000 ____D C:\Users\karel\AppData\Roaming\MPC-HC
2022-04-06 15:53 - 2022-04-06 15:53 - 000000000 ____D C:\Users\karel\AppData\Local\Tvsukernel
2022-04-05 15:39 - 2022-04-05 15:39 - 000000277 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog
2022-04-05 15:39 - 2022-04-05 15:39 - 000000000 ____D C:\Program Files (x86)\Lenovo
2022-04-05 15:38 - 2022-04-06 17:51 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-03-22 15:27 - 2022-03-22 15:27 - 000000000 ____D C:\ProgramData\Caphyon
2022-03-22 14:33 - 2022-03-22 14:33 - 001941203 _____ C:\Users\karel\Desktop\ba_sqr2_05_14_am1_parallel_cs.pdf
2022-03-22 14:33 - 2022-03-22 14:33 - 001089890 _____ C:\Users\karel\Desktop\document.pdf
2022-03-14 16:45 - 2022-03-14 16:45 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-03-14 16:45 - 2022-03-14 16:45 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-03-14 16:45 - 2022-03-14 16:45 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-03-14 16:45 - 2022-03-14 16:45 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-03-14 16:45 - 2022-03-14 16:45 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-03-14 16:37 - 2022-03-14 16:37 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-04-10 15:30 - 2022-02-10 15:02 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-04-10 15:29 - 2021-10-29 17:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-10 11:18 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-10 10:56 - 2021-10-29 21:11 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7ccdd39077342
2022-04-10 10:56 - 2021-10-29 17:56 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-10 10:55 - 2021-10-29 11:00 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-04-10 10:55 - 2021-10-29 11:00 - 000000000 __SHD C:\Users\karel\IntelGraphicsProfiles
2022-04-09 09:33 - 2021-10-29 10:36 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-09 09:33 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-09 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-08 21:25 - 2021-10-29 12:01 - 000000000 ____D C:\Users\karel\AppData\Roaming\discord
2022-04-08 21:11 - 2021-10-29 12:01 - 000000000 ____D C:\Users\karel\AppData\Local\Discord
2022-04-08 17:25 - 2021-10-29 17:56 - 001607418 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-08 17:25 - 2019-12-07 16:41 - 000683426 _____ C:\WINDOWS\system32\perfh005.dat
2022-04-08 17:25 - 2019-12-07 16:41 - 000137206 _____ C:\WINDOWS\system32\perfc005.dat
2022-04-08 17:25 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-04-08 17:21 - 2021-10-29 10:44 - 000000000 ____D C:\Users\karel\AppData\LocalLow\Mozilla
2022-04-08 17:20 - 2021-10-29 17:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-08 17:20 - 2021-10-29 17:52 - 000008192 ___SH C:\DumpStack.log.tmp
2022-04-08 17:20 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-04-08 16:06 - 2021-10-29 10:32 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-04-07 15:43 - 2021-10-29 14:11 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-06 17:51 - 2021-10-29 10:51 - 000000000 ____D C:\WINDOWS\TempInst
2022-04-06 17:51 - 2021-10-29 10:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-04-06 15:52 - 2021-10-29 10:51 - 000000000 ____D C:\ProgramData\Lenovo
2022-04-05 16:24 - 2021-10-29 12:41 - 000000000 _____ C:\end
2022-04-05 16:05 - 2021-10-29 12:41 - 000001764 _____ C:\nsispromotion_log.txt
2022-04-05 16:04 - 2021-10-29 17:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-04-05 16:04 - 2021-10-29 10:44 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-04-05 15:39 - 2021-10-29 17:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\TVT
2022-04-05 15:39 - 2021-10-29 10:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lenovo
2022-04-04 16:56 - 2021-10-29 12:26 - 000000000 ____D C:\Users\karel\AppData\Roaming\qBittorrent
2022-04-02 15:49 - 2021-10-29 18:01 - 000000000 ____D C:\Users\karel\AppData\Local\D3DSCache
2022-03-23 21:13 - 2021-10-29 14:11 - 000601432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-03-23 21:12 - 2021-10-29 14:11 - 000483664 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2022-03-14 18:05 - 2021-10-29 17:52 - 000456832 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-14 18:05 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-03-14 18:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-14 18:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-03-14 18:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-14 18:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-03-14 18:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-14 18:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-14 18:05 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2022-03-14 16:50 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-14 16:45 - 2021-10-29 17:53 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-03-11 17:02 - 2021-10-29 15:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-11 17:00 - 2021-10-29 15:17 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ========

2021-10-29 14:15 - 2021-10-29 14:15 - 000000017 _____ () C:\Users\karel\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-04-2022 01
Ran by karel (10-04-2022 16:05:08)
Running from C:\Users\karel\Desktop
Microsoft Windows 10 Home Version 21H2 19044.1586 (X64) (2021-10-29 15:56:59)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1225251027-1679250536-123389074-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1225251027-1679250536-123389074-503 - Limited - Disabled)
Guest (S-1-5-21-1225251027-1679250536-123389074-501 - Limited - Disabled)
karel (S-1-5-21-1225251027-1679250536-123389074-1001 - Administrator - Enabled) => C:\Users\karel
WDAGUtilityAccount (S-1-5-21-1225251027-1679250536-123389074-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{5853172b-5520-4089-9ef4-e26c594382b3}) (Version: 19.30.0 - Intel Corporation)
Call of Duty 2 CZ (HKLM-x32\...\Call of Duty 2 CZ 1.3) (Version: 1.3 - Activision)
Discord (HKU\S-1-5-21-1225251027-1679250536-123389074-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.75.5339 - GOM & Company)
Infatica P2B Network (HKLM-x32\...\{043C71DF-992B-4A8C-B584-DE65480802F8}_is1) (Version: 1.0.5.1 - )
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1025 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0200-1029-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Java 8 Update 321 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180321F0}) (Version: 8.0.3210.7 - Oracle Corporation)
K-Lite Codec Pack 16.5.3 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 16.5.3 - KLCP)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Lenovo Diagnostics Tool (HKLM\...\{01ADF966-E3BA-40DC-9037-E90BBA9ED50E}_is1) (Version: 4.41.0.154 - LENOVO (UNITED STATES) INC.)
Lenovo Service Bridge (HKU\S-1-5-21-1225251027-1679250536-123389074-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.9 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0136 - Lenovo)
LibreOffice 7.2.2.2 (HKLM\...\{51F1B587-D4A5-41C0-A4E8-A64BBD343F23}) (Version: 7.2.2.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 100.0.1185.36 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 99.0 (x64 cs)) (Version: 99.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 93.0 - Mozilla)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
qBittorrent 4.3.8 (HKLM-x32\...\qBittorrent) (Version: 4.3.8 - The qBittorrent project)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 7.0.0.510 - Samsung Electronics)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
VdhCoApp 1.6.3 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-10-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-10-30] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-03-27] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-06-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2015-06-25 16:53 - 2015-06-25 16:53 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-06-25 17:34 - 2015-06-25 17:34 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-07-22 10:44 - 2015-07-22 10:44 - 000285184 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2015-07-22 10:44 - 2015-07-22 10:44 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2015-06-25 17:15 - 2015-06-25 17:15 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2015-06-25 17:15 - 2015-06-25 17:15 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2015-06-25 17:15 - 2015-06-25 17:15 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2015-06-25 17:17 - 2015-06-25 17:17 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2015-06-25 17:21 - 2015-06-25 17:21 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2015-06-25 17:14 - 2015-06-25 17:14 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2015-07-02 12:58 - 2015-07-02 12:58 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2015-06-25 17:03 - 2015-06-25 17:03 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2015-06-25 05:13 - 2015-06-25 05:13 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2015-06-25 17:00 - 2015-06-25 17:00 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2015-06-25 17:23 - 2015-06-25 17:23 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2015-06-25 17:28 - 2015-06-25 17:28 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2015-06-25 17:16 - 2015-06-25 17:16 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2015-06-25 17:08 - 2015-06-25 17:08 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2015-06-25 17:58 - 2015-06-25 17:58 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2015-06-25 16:59 - 2015-06-25 16:59 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-1225251027-1679250536-123389074-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_321\bin\ssv.dll [2022-01-20] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_321\bin\jp2ssv.dll [2022-01-20] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-1225251027-1679250536-123389074-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\karel\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.0.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{71220BA9-5CC2-477B-A644-B98F59FB315F}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{828F2ACE-C049-4B84-A165-125A19874EAB}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{C6CBCDDD-4323-4A0A-BA82-437792A56294}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{E0A67C7B-55BA-45D0-AD5B-B9E2EAAC2095}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{88206752-3036-46DA-AC9B-9008E0DEA586}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{8F976BDF-D727-4309-8320-CA71A8372E72}C:\program files\java\jre1.8.0_311\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_311\bin\javaw.exe => No File
FirewallRules: [UDP Query User{D1CE2732-96BB-4E96-908A-143DFCD0D0F0}C:\program files\java\jre1.8.0_311\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_311\bin\javaw.exe => No File
FirewallRules: [TCP Query User{A89D9A71-F9C7-45DC-B3E3-2A4A2E5E5931}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [UDP Query User{EE0E1F75-6EE6-4F1B-B1B9-5088C67734BE}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{012E18A8-26FC-4A53-9160-94F92F2161E0}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{FAA90F6B-19E0-4F8E-89AE-6B900DEA16B7}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )

==================== Restore Points =========================

21-03-2022 19:11:58 Naplánovaný kontrolní bod
31-03-2022 20:11:15 Naplánovaný kontrolní bod
08-04-2022 17:58:04 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (04/06/2022 08:37:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RadeonSettings.exe, verze: 10.1.1.1641, časové razítko: 0x57732628
Název chybujícího modulu: Qt5Qml.dll, verze: 5.5.0.0, časové razítko: 0x558c716c
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000146e1e
ID chybujícího procesu: 0x1ee4
Čas spuštění chybující aplikace: 0x01d849ce391a39e8
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Cesta k chybujícímu modulu: C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
ID zprávy: 73aa6fab-fb44-4037-941c-ae1380e11495
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/04/2022 06:48:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RadeonSettings.exe, verze: 10.1.1.1641, časové razítko: 0x57732628
Název chybujícího modulu: Qt5Core.dll, verze: 5.5.0.0, časové razítko: 0x558c6b3a
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000001ca39e
ID chybujícího procesu: 0x26d0
Čas spuštění chybující aplikace: 0x01d84829a4059181
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Cesta k chybujícímu modulu: C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
ID zprávy: f153faca-d8bc-4d07-ac7a-14095a584158
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/01/2022 07:32:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RadeonSettings.exe, verze: 10.1.1.1641, časové razítko: 0x57732628
Název chybujícího modulu: Qt5Core.dll, verze: 5.5.0.0, časové razítko: 0x558c6b3a
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000001ca39e
ID chybujícího procesu: 0x2020
Čas spuštění chybující aplikace: 0x01d845ce1a7e6867
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Cesta k chybujícímu modulu: C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
ID zprávy: 545fa2c1-a51b-4dab-92c8-49394ea47d14
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/30/2022 05:07:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RadeonSettings.exe, verze: 10.1.1.1641, časové razítko: 0x57732628
Název chybujícího modulu: Qt5Core.dll, verze: 5.5.0.0, časové razítko: 0x558c6b3a
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000001ca39e
ID chybujícího procesu: 0x234c
Čas spuštění chybující aplikace: 0x01d8443e4c526e3d
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Cesta k chybujícímu modulu: C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
ID zprávy: 1772c651-450f-40bb-bf92-4167d6c5340d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/29/2022 04:32:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RadeonSettings.exe, verze: 10.1.1.1641, časové razítko: 0x57732628
Název chybujícího modulu: Qt5Core.dll, verze: 5.5.0.0, časové razítko: 0x558c6b3a
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000001ca4ae
ID chybujícího procesu: 0xa38
Čas spuštění chybující aplikace: 0x01d8436fb5e6ed07
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Cesta k chybujícímu modulu: C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
ID zprávy: f8ea8ece-edfa-455b-86f3-698e55f492e1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/28/2022 04:30:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RadeonSettings.exe, verze: 10.1.1.1641, časové razítko: 0x57732628
Název chybujícího modulu: Qt5Core.dll, verze: 5.5.0.0, časové razítko: 0x558c6b3a
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000001ca39e
ID chybujícího procesu: 0x204c
Čas spuštění chybující aplikace: 0x01d842a8be4e5f12
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Cesta k chybujícímu modulu: C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
ID zprávy: 7b3a3270-b32e-4221-9164-1e776f3b894e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/26/2022 09:47:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RadeonSettings.exe, verze: 10.1.1.1641, časové razítko: 0x57732628
Název chybujícího modulu: Qt5Qml.dll, verze: 5.5.0.0, časové razítko: 0x558c716c
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000144b30
ID chybujícího procesu: 0x227c
Čas spuštění chybující aplikace: 0x01d840db29d46e95
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Cesta k chybujícímu modulu: C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
ID zprávy: 41153584-a4c3-44fa-a765-061edf169e91
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/24/2022 08:40:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RadeonSettings.exe, verze: 10.1.1.1641, časové razítko: 0x57732628
Název chybujícího modulu: Qt5Core.dll, verze: 5.5.0.0, časové razítko: 0x558c6b3a
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000001ca4ae
ID chybujícího procesu: 0x2390
Čas spuštění chybující aplikace: 0x01d83f4978992da9
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Cesta k chybujícímu modulu: C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
ID zprávy: de09d6bf-002c-4468-a9bf-abbd50878e92
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

System errors:
=============
Error: (03/31/2022 06:50:36 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (03/12/2022 01:21:34 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Vzájemné ověření mezi místním adaptérem Bluetooth a zařízením s adresou adaptéru Bluetooth (04:cb:88:82:21:0f) se nezdařilo.

Error: (03/06/2022 09:44:44 AM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (02/02/2022 06:20:10 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (01/27/2022 08:20:13 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (01/14/2022 06:22:15 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (01/11/2022 04:37:10 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (01/09/2022 06:19:28 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Windows Defender:
================
Date: 2022-04-06 17:48:03
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CA81A8CA-638F-47D5-88F1-7C9CD4A6EB5D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-04-05 17:22:08
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9177BE32-3B23-4311-95E3-8EB02D973127}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-04-04 16:41:31
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7C2E8860-C887-4153-B0F4-46BB6B0AB3E2}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-04-03 22:37:33
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {332A7334-3E09-4EB5-B27F-0A518BF965CC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-04-02 17:40:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {45E4AAF7-37F4-47FB-ADE1-80FE862AA228}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

==================== Memory info ===========================

BIOS: LENOVO B0CNA0WW 09/30/2016
Motherboard: LENOVO Lenovo G50-80
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 54%
Total physical RAM: 8106.45 MB
Available physical RAM: 3658.95 MB
Total Virtual: 9386.45 MB
Available Virtual: 4349.44 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:145.85 GB) (Free:103.09 GB) NTFS
Drive e: (Místní disk) (Fixed) (Total:319.28 GB) (Free:43.59 GB) NTFS

\\?\Volume{c14699ce-a33f-4496-8ae7-dfb43db6dba3}\ () (Fixed) (Total:0.52 GB) (Free:0.03 GB) NTFS
\\?\Volume{a263f56b-3d94-4b17-be3c-03c49216c768}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

#2 Příspěvek od **Rudy** » 10 dub 2022 18:43

Zdravím!
Smažte tento soubor: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat a restartujte PC.

Haltaa · #3 Příspěvek od **Haltaa** » 11 dub 2022 15:29

Pomohlo to. Jste skvělý, mnohokrát vám děkuji.

#4 Příspěvek od **Rudy** » 11 dub 2022 15:53

Rádo se stalo!

VIRY.CZ

reklama po startu systému

reklama po startu systému

Re: reklama po startu systému

Re: reklama po startu systému

Re: reklama po startu systému