VIRY.CZ

Ahoj, prosím o kontrolu logu.

Něco v mém PC mi zatěžuje procesor. Zasílám obrázek do příloh.

Přídávám logy.

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-10-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-31-2021
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1462 octets] - [14/08/2021 20:23:48]
AdwCleaner[C00].txt - [1612 octets] - [14/08/2021 20:24:47]
AdwCleaner[S01].txt - [1528 octets] - [14/08/2021 20:26:19]
AdwCleaner[S02].txt - [1589 octets] - [16/09/2021 17:16:30]
AdwCleaner[C02].txt - [1779 octets] - [16/09/2021 17:17:05]
AdwCleaner[S03].txt - [1711 octets] - [16/09/2021 17:18:14]
AdwCleaner[S04].txt - [1772 octets] - [30/10/2021 19:10:16]
AdwCleaner[S05].txt - [1833 octets] - [30/10/2021 19:17:52]
AdwCleaner[S06].txt - [1894 octets] - [31/10/2021 10:37:48]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C06].txt ##########

Toto je OK. Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 (RSIT není plně kompatibilní s desítkami) a uděláme dočištění od zbytečností.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-10-2021
Ran by dbube (31-10-2021 11:42:30)
Running from C:\Users\dbube\Desktop
Microsoft Windows 10 Home Version 2004 19041.1288 (X64) (2020-09-06 11:45:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1558997955-55845073-2629518697-500 - Administrator - Disabled)
dbube (S-1-5-21-1558997955-55845073-2629518697-1001 - Administrator - Enabled) => C:\Users\dbube
DefaultAccount (S-1-5-21-1558997955-55845073-2629518697-503 - Limited - Disabled)
Guest (S-1-5-21-1558997955-55845073-2629518697-501 - Limited - Disabled)
Vlasťule (S-1-5-21-1558997955-55845073-2629518697-1002 - Administrator - Enabled) => C:\Users\Vlasťule
WDAGUtilityAccount (S-1-5-21-1558997955-55845073-2629518697-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Auto Keys 1.0 (HKLM-x32\...\Auto Keys) (Version: - )
BakkesMod version 3.0 (HKLM\...\{BF029534-4334-4CFC-B771-50B7EE54346F}_is1) (Version: 3.0 - BakkesMod)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Discord (HKU\S-1-5-21-1558997955-55845073-2629518697-1002\...\Discord) (Version: 0.0.309 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FiveM (HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\CitizenFX_FiveM) (Version: - Cfx.re)
Gas Station Simulator (HKLM-x32\...\Gas Station Simulator_is1) (Version: - )
Gif Your Game 5.2.4 (HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\d4bdf6df-7a5c-51e4-b6d0-4309a13db14d) (Version: 5.2.4 - Bad Panda, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 95.0.4638.54 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2372.2 - Rockstar Games)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 6.2.5.2 (HKLM\...\{207F3229-8AA5-4544-BDB7-7995538A5ED5}) (Version: 6.2.5.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.40 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\OneDriveSetup.exe) (Version: 21.196.0921.0007 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1558997955-55845073-2629518697-1002\...\OneDriveSetup.exe) (Version: 21.150.0725.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{650c9b4a-60ec-4e4e-8d8e-32d85ce3b7c5}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30040 (HKLM-x32\...\{a8968509-65be-4c09-a460-fd1584b1cdbf}) (Version: 14.29.30040.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.1 (x64) (HKLM-x32\...\{ca778be6-9737-4a9d-a3e2-8d90ea0d5fec}) (Version: 5.0.1.29530 - Microsoft Corporation)
Native Instruments Kontakt (HKLM-x32\...\Native Instruments Kontakt) (Version: 6.2.2.51 - Native Instruments)
Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.12.1.129 - Native Instruments)
Native Instruments Reaktor 6 (HKLM-x32\...\Native Instruments Reaktor 6) (Version: 6.3.2.30 - Native Instruments)
Nightbot 0.1.3 (HKU\S-1-5-21-1558997955-55845073-2629518697-1002\...\b66ff3d2-8923-5696-ac2e-977beadfec4e) (Version: 0.1.3 - NightDev, LLC)
Novicorp WinToFlash Lite verze 1.13.0000 (HKLM-x32\...\{A1A1FF24-34C6-4B77-BDB7-A689979F018C}_is1) (Version: 1.13.0000 - Novicorp)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.92 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 496.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 496.49 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.8 - OBS Project)
PokerStars.cz (HKLM-x32\...\PokerStars.cz) (Version: - PokerStars.cz)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.6 - Power Software Ltd)
qBittorrent 4.2.3 (HKLM-x32\...\qBittorrent) (Version: 4.2.3 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8668 - Realtek Semiconductor Corp.)
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2_is1) (Version: - )
Revo Uninstaller Pro 3.1.9 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.9 - VS Revo Group, Ltd.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.47.484 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.9.0 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.22.3 - General Workings, Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.3.0 - TeamSpeak Systems GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 87.0 - Ubisoft)
WG-GX38 (HKLM-x32\...\{232A7387-56A4-4142-9B7B-090B3488E3A8}) (Version: 1.00.0000 - WG-GX38)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.10.20.0_x86__kgqvnymyfvs32 [2021-10-13] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.67.3.0_x86__kgqvnymyfvs32 [2021-10-22] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2140.1.0_x86__kgqvnymyfvs32 [2021-10-28] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-08-09] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-10-31] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-10-30] (NVIDIA Corp.)
RAR Opener -> C:\Program Files\WindowsApps\DeviceDoctor.RAROpener_1.3.48.0_x64__mkdtfchztkfbm [2020-07-01] (Tiny Opener)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => D:\Programy\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => D:\Programy\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_44dc4eefedc0d082\nvshext.dll [2021-10-21] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => D:\Programy\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\dbube\AppData\Roaming\Microsoft\Windows\Start Menu\Розыгрыш ключей Steam.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> url,OpenURL "hxxps//terra.im/gl/?cid=19349&oid=mZWZvCwR&v=3&utm_campaign=repacks2&utm_medium=cpi"&trash= <==== Cyrillic

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\dbube\Desktop\Dohoda sken.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\Dohoda sken.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\Pro soud sken.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\Pro soud sken.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\sken1.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\sken1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\sken2.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\sken2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Documents\RL - Terezka.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\Vlasťule\Desktop\dpč 2.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\Vlasťule\Desktop\dpč 2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Vlasťule\Desktop\DPČ.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\Vlasťule\Desktop\DPČ.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-1558997955-55845073-2629518697-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-1558997955-55845073-2629518697-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKU\S-1-5-21-1558997955-55845073-2629518697-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-1558997955-55845073-2629518697-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-1558997955-55845073-2629518697-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
SearchScopes: HKU\S-1-5-21-1558997955-55845073-2629518697-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&src ... ORM=IESR02

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-05-21 15:16 - 2021-09-26 14:30 - 000001856 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
127.0.0.1 checkhost.local
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 fitgirlrepack.games # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
109.94.209.70 fitgirlpack.site # Fake FitGirl site
109.94.209.70 www.fitgirlpack.site # Fake FitGirl site
109.94.209.70 fitgirl-repack.org # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.org # Fake FitGirl site

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1558997955-55845073-2629518697-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dbube\Desktop\Chicago-Night-Ultra-HD-4K-Wallpaper.jpg
HKU\S-1-5-21-1558997955-55845073-2629518697-1002\Control Panel\Desktop\\Wallpaper -> D:\ZÁLOHA!\Záloha externího disku Verbatin Fotky a videa od Denise a od Vlastuli 09.02.2021\Vlasťule VŠE KOMPLET!!!! 30.5 2021\Terinka 2-3roky\inCollage_20210515_104310171.jpg
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{6F1027CE-8DA9-42B0-9DBF-708982713D48}D:\hry\gta v\grand theft auto v\gta5.exe] => (Allow) D:\hry\gta v\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{5CBDE432-6C17-4828-B06D-A6E3E18500EA}D:\hry\gta v\grand theft auto v\gta5.exe] => (Allow) D:\hry\gta v\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{62B9B81B-4850-47E7-9B27-E8C5EC217FFD}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{41A9AB65-40EF-4A39-8E11-C07E3389FA08}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{906657C5-1A37-4A55-8923-60C4DDDF73D6}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{5D6715E2-D232-4745-93A6-3B97D4DE8341}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{F0EF74A3-704E-490F-B237-B5CA35C8467A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{656A6944-FA05-4E81-8E9B-3B7F867A1688}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{1FF47BF8-CA24-4450-BB9E-3BEDD10FFFDA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{B5B82461-1D3E-44ED-91E2-EA78BB305CAB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [UDP Query User{C84FAEBA-99FE-4154-81C9-0DF8578167A2}D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{9B3ECFAE-B315-4C2A-B105-74F58F912EC1}D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{A58E956B-F463-4685-A3C0-752812D3B99E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E7413426-3073-4EA1-9B95-7F493B776FAE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{DA22F86F-F0AF-4CC9-9F4B-FF99018B0984}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{362F35D2-870E-41C9-B4B4-F58E51FDB4F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{9C6B20A8-8F7A-4212-8E69-00DA9781089B}C:\users\dbube\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dbube\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{15637F6B-4B83-40C3-960C-E0C198322A71}C:\users\dbube\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dbube\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{1C6C1601-D79E-4C74-86F3-00DC335F1EEF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{149C46C4-381D-453B-9296-52D5A5E0BC80}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{C5956D0D-F8FF-4E57-9BE2-35E47142004E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{D7754C03-BF99-41E7-BEDF-971E72E4312A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [TCP Query User{9DE93AE4-91A4-49FE-AEA5-E894078E6EB5}C:\users\dbube\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dbube\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{6686FBC0-2D5F-43A1-9778-FD9CBFFAC320}C:\users\dbube\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dbube\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{EC0A99D1-7C09-45F5-AC3C-4FEED5547E95}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [UDP Query User{C78E9613-00CC-421A-9AE4-9AC8E4856F95}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{74137B26-D78B-4065-8DD8-C68EF612F6B4}] => (Allow) D:\Hry\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [{BD5E418F-2D04-4012-904C-A86CCB4B12D9}] => (Allow) D:\Hry\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [TCP Query User{C70081E0-C108-4AF2-95F8-0A64DCDC2EED}D:\hry\gta v\grand theft auto v\gta5.exe] => (Allow) D:\hry\gta v\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{0049EB04-3AE9-45F8-9AB8-ABA733E3D784}D:\hry\gta v\grand theft auto v\gta5.exe] => (Allow) D:\hry\gta v\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{D7B85F29-D3D2-4056-A8F4-91D594BE617A}D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{AE621556-1D17-4015-8EFF-8A75D2A40912}D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\hry\cod warzone\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{0EF78E67-E32C-4B48-AE97-B4C6A8041B7B}D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [UDP Query User{C06FE38F-A0D8-4D84-903D-BBDBC52D8446}D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [{33448BA5-E5F1-44C8-A9AF-28FF941B8CFD}] => (Allow) D:\Hry\steamapps\common\Deceit\bin\win_x64\Deceit.exe (Crytek GmbH) [File not signed]
FirewallRules: [{294D19F6-7CBB-4F00-9211-4D158208A4EE}] => (Allow) D:\Hry\steamapps\common\Deceit\bin\win_x64\Deceit.exe (Crytek GmbH) [File not signed]
FirewallRules: [{15D9113B-F7ED-4DEA-B76A-F047F9F2A075}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D713B075-3D9C-4356-84E8-AAC199FD3EB5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4E520BA6-D7B6-4ECF-B239-976EAA25B7B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FAC393C9-C468-4745-B08E-6FBDFABBF95B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{895D0120-4CC3-494B-8D42-E848652B896D}] => (Allow) D:\Hry\steamapps\common\Deceit\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{B7780F92-ED5D-4688-8C98-EAE145733B7B}] => (Allow) D:\Hry\steamapps\common\Deceit\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{C000F113-0FDA-4F10-86AF-6668EFB5C30C}] => (Allow) D:\Hry\steamapps\common\Gas Station Simulator - Early Days\GSS2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{5A26776F-6101-4965-86FB-0668F3CB986A}] => (Allow) D:\Hry\steamapps\common\Gas Station Simulator - Early Days\GSS2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{6369D46E-A39C-4B5E-828D-0202B229D112}] => (Allow) D:\Hry\Red Dead Redemption 2\RDR2.exe (Rockstar Games) [File not signed]
FirewallRules: [{3B6FBA05-21D1-4583-B01B-3717953E9B07}] => (Allow) D:\Hry\Red Dead Redemption 2\RDR2.exe (Rockstar Games) [File not signed]
FirewallRules: [{3797C0A8-6C66-4AF9-9024-4217F7990F2D}] => (Block) D:\Hry\Red Dead Redemption 2\Launcher.exe () [File not signed]
FirewallRules: [TCP Query User{B6602F36-B824-492C-915B-0CB52CC3392A}D:\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) D:\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{EA1FFC6C-F116-49D3-B97B-E068DE0FFF15}D:\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) D:\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{459D91BB-50E5-4626-8997-52D1637C8647}D:\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) D:\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{3442F657-5EF7-4E32-AC8F-2BFDB735B79B}D:\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) D:\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [{5D510572-0235-44EE-8E34-10362E086386}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{04462073-C3CF-41B4-9EAC-1914E2BABEC4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{18DF21D0-2055-4900-94F0-0115207A1C69}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A9451A82-40DE-47D5-B86D-0CD73A50B526}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CC9642C4-0B13-4DC2-98E6-8949AA47B041}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{FED1ED96-EDAE-4938-ACF0-096B3113DD32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{8C40DB4F-B434-41D9-9DD6-B8E903F6E9E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.08 GB) (Free:24.44 GB) (22%)

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (10/31/2021 11:10:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RocketLeague.exe, verze: 1.0.10897.0, časové razítko: 0x616f76e8
Název chybujícího modulu: EOSSDK-Win64-Shipping.dll, verze: 1.13.0.0, časové razítko: 0x614289bc
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000406ccf
ID chybujícího procesu: 0x1a84
Čas spuštění chybující aplikace: 0x01d7ce3e3c70371a
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\EOSSDK-Win64-Shipping.dll
ID zprávy: 20b687d0-32a9-45e5-a08f-0c8c2d8fa47a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/29/2021 08:47:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GygFrameGrabber-4.1.6.8.exe, verze: 0.0.0.0, časové razítko: 0x606f567a
Název chybujícího modulu: GygFrameGrabber-4.1.6.8.exe, verze: 0.0.0.0, časové razítko: 0x606f567a
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007b545
ID chybujícího procesu: 0x4080
Čas spuštění chybující aplikace: 0x01d7ccfd566ab375
Cesta k chybující aplikaci: C:\Users\dbube\AppData\Local\Programs\badpanda-react\resources\bin\win\GygGameClient\exes\GygFrameGrabber-4.1.6.8.exe
Cesta k chybujícímu modulu: C:\Users\dbube\AppData\Local\Programs\badpanda-react\resources\bin\win\GygGameClient\exes\GygFrameGrabber-4.1.6.8.exe
ID zprávy: 5f4e090d-07d3-4ba7-8aac-0a973e36a90f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/29/2021 08:47:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GygFrameEncoder-4.1.6.7.exe, verze: 0.0.0.0, časové razítko: 0x606f39e3
Název chybujícího modulu: GygFrameEncoder-4.1.6.7.exe, verze: 0.0.0.0, časové razítko: 0x606f39e3
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007ba25
ID chybujícího procesu: 0x34fc
Čas spuštění chybující aplikace: 0x01d7ccfd56e7d281
Cesta k chybující aplikaci: C:\Users\dbube\AppData\Local\Programs\badpanda-react\resources\bin\win\GygGameClient\exes\GygFrameEncoder-4.1.6.7.exe
Cesta k chybujícímu modulu: C:\Users\dbube\AppData\Local\Programs\badpanda-react\resources\bin\win\GygGameClient\exes\GygFrameEncoder-4.1.6.7.exe
ID zprávy: cc1dc522-f220-464e-8175-9cd5bb50a696
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/29/2021 08:44:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GygFrameGrabber-4.1.6.8.exe, verze: 0.0.0.0, časové razítko: 0x606f567a
Název chybujícího modulu: GygFrameGrabber-4.1.6.8.exe, verze: 0.0.0.0, časové razítko: 0x606f567a
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007b545
ID chybujícího procesu: 0x2994
Čas spuštění chybující aplikace: 0x01d7ccfd51b43e9e
Cesta k chybující aplikaci: C:\Users\dbube\AppData\Local\Programs\badpanda-react\resources\bin\win\GygGameClient\exes\GygFrameGrabber-4.1.6.8.exe
Cesta k chybujícímu modulu: C:\Users\dbube\AppData\Local\Programs\badpanda-react\resources\bin\win\GygGameClient\exes\GygFrameGrabber-4.1.6.8.exe
ID zprávy: 1a125de6-27dd-41db-85df-09ca3ff9c17b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/29/2021 08:43:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GygFrameGrabber-4.1.6.8.exe, verze: 0.0.0.0, časové razítko: 0x606f567a
Název chybujícího modulu: GygFrameGrabber-4.1.6.8.exe, verze: 0.0.0.0, časové razítko: 0x606f567a
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007b545
ID chybujícího procesu: 0x5c48
Čas spuštění chybující aplikace: 0x01d7ccfd4d8f5eea
Cesta k chybující aplikaci: C:\Users\dbube\AppData\Local\Programs\badpanda-react\resources\bin\win\GygGameClient\exes\GygFrameGrabber-4.1.6.8.exe
Cesta k chybujícímu modulu: C:\Users\dbube\AppData\Local\Programs\badpanda-react\resources\bin\win\GygGameClient\exes\GygFrameGrabber-4.1.6.8.exe
ID zprávy: 8b7d423a-e6b2-42f0-9067-cf0522823480
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/29/2021 08:43:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GygFrameEncoder-4.1.6.7.exe, verze: 0.0.0.0, časové razítko: 0x606f39e3
Název chybujícího modulu: GygFrameEncoder-4.1.6.7.exe, verze: 0.0.0.0, časové razítko: 0x606f39e3
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000005d8bc
ID chybujícího procesu: 0x3f10
Čas spuštění chybující aplikace: 0x01d7ccfd4e0ebda1
Cesta k chybující aplikaci: C:\Users\dbube\AppData\Local\Programs\badpanda-react\resources\bin\win\GygGameClient\exes\GygFrameEncoder-4.1.6.7.exe
Cesta k chybujícímu modulu: C:\Users\dbube\AppData\Local\Programs\badpanda-react\resources\bin\win\GygGameClient\exes\GygFrameEncoder-4.1.6.7.exe
ID zprávy: 01174448-abf6-441a-936e-51a5c1c9ad3d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/29/2021 08:43:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GygFrameGrabber-4.1.6.8.exe, verze: 0.0.0.0, časové razítko: 0x606f567a
Název chybujícího modulu: GygFrameGrabber-4.1.6.8.exe, verze: 0.0.0.0, časové razítko: 0x606f567a
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007b545
ID chybujícího procesu: 0x6008
Čas spuštění chybující aplikace: 0x01d7ccfd48e41d00
Cesta k chybující aplikaci: C:\Users\dbube\AppData\Local\Programs\badpanda-react\resources\bin\win\GygGameClient\exes\GygFrameGrabber-4.1.6.8.exe
Cesta k chybujícímu modulu: C:\Users\dbube\AppData\Local\Programs\badpanda-react\resources\bin\win\GygGameClient\exes\GygFrameGrabber-4.1.6.8.exe
ID zprávy: 0a2f7bdb-1246-4217-8874-d117b9223a39
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/29/2021 08:43:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GygFrameGrabber-4.1.6.8.exe, verze: 0.0.0.0, časové razítko: 0x606f567a
Název chybujícího modulu: GygFrameGrabber-4.1.6.8.exe, verze: 0.0.0.0, časové razítko: 0x606f567a
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007b545
ID chybujícího procesu: 0x5130
Čas spuštění chybující aplikace: 0x01d7ccfd44b0073f
Cesta k chybující aplikaci: C:\Users\dbube\AppData\Local\Programs\badpanda-react\resources\bin\win\GygGameClient\exes\GygFrameGrabber-4.1.6.8.exe
Cesta k chybujícímu modulu: C:\Users\dbube\AppData\Local\Programs\badpanda-react\resources\bin\win\GygGameClient\exes\GygFrameGrabber-4.1.6.8.exe
ID zprávy: 899298f2-12a2-4868-a662-5a5145f36737
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (10/31/2021 10:38:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (10/31/2021 10:38:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (10/30/2021 06:34:21 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-48MB1C3)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/30/2021 06:34:21 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-48MB1C3)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/30/2021 06:34:21 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-48MB1C3)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/30/2021 06:34:21 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-48MB1C3)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/30/2021 06:34:21 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-48MB1C3)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/30/2021 06:34:21 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-48MB1C3)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2021-10-29 22:07:08
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A38B80ED-34E9-4BD5-8119-60FCD616D486}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-10-28 15:22:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7A2EE096-58C0-48FC-8DE6-A655486E09ED}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-10-27 15:32:06
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {4614B239-EBA9-4319-BAED-281E46635984}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-10-26 16:07:24
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7964F402-222E-478F-8103-D4725006D45B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-10-25 15:15:50
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F35F2D47-7A25-4FF7-BEA8-52B2C6D6FC9F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

==================== Memory info ===========================

BIOS: American Megatrends Inc. 2304 05/26/2015
Motherboard: ASUSTeK COMPUTER INC. H81M-D PLUS
Processor: Intel(R) Core(TM) i5-4430 CPU @ 3.00GHz
Percentage of memory in use: 32%
Total physical RAM: 16319.71 MB
Available physical RAM: 11048.84 MB
Total Virtual: 18751.71 MB
Available Virtual: 11819.63 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.08 GB) (Free:24.44 GB) NTFS
Drive d: (Disk D) (Fixed) (Total:1863.01 GB) (Free:1189.6 GB) NTFS

\\?\Volume{b2b6ce9f-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS
\\?\Volume{b2b6ce9f-0000-0000-0000-c0d11b000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 4A7FA3EF)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: B2B6CE9F)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=524 MB) - (Type=27)

==================== End of Addition.txt =======================

Kde najdu log FRST? Vidím zde jen Addition.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-10-2021
Ran by dbube (administrator) on DESKTOP-48MB1C3 (ATComputers TRILINE PROFI OFFICE) (31-10-2021 11:41:13)
Running from C:\Users\dbube\Desktop
Loaded Profiles: dbube
: Microsoft Windows 10 Home Version 2004 19041.1288 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] D:\Hry\Rocket League smurf BubenD\rocketleague\BakkesMod\BakkesMod.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <16>
(Microsoft Corporation) [File not signed] C:\Windows\Microsoft.NET\Framework\v3.5\mscorsvw.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21102.10421.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_44dc4eefedc0d082\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9270776 2019-04-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\Run: [Discord] => C:\Users\dbube\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1558997955-55845073-2629518697-1001\...\Run: [Gif Your Game] => C:\Users\dbube\AppData\Local\Programs\badpanda-react\Gif Your Game.exe [126447560 2021-09-23] (Bad Panda, Inc. -> Bad Panda, Inc.)
HKU\S-1-5-21-1558997955-55845073-2629518697-1002\...\Run: [Discord] => C:\Users\Vlasťule\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\95.0.4638.54\Installer\chrmstp.exe [2021-10-27] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0307D6D5-D21C-41EA-96C8-B255658C50BD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {07986CF8-43D5-4912-9B05-CA6263A7B4AC} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {10D03C8F-FC2E-44CE-AD30-BB4914AA11A7} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1BB60CE9-224F-409B-BA95-77A03E0A6A0F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2B71D620-5732-49CB-A019-94DF02E23DCE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {530A8754-735E-4C7E-AC47-2F93BE9BAC24} - System32\Tasks\Microsoft\Windows\NetFramework\Microsoft .NET Framework => C:\Windows\Microsoft.NET\Framework\v3.5\mscorsvw.exe [7885824 2021-10-30] (Microsoft Corporation) [File not signed]
Task: {55A33193-7971-439E-9762-CB9B4A91CC18} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {60772A8F-335C-4C62-931D-DACF10279E0F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6A8DDA0E-A49A-45AE-BE94-2D2C40982D8E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {905F9ACA-862D-4BDA-B9F4-E2C2FB9E6247} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9E92E098-E8B6-47ED-A810-2F99CEB01A2E} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9EF3C00A-16FB-4CB3-A20B-6E7A87CA783A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B2C6754C-8DE5-4EA1-BFAF-148116685EBD} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C1D63A79-8D77-4E53-A1FC-DAF70970A704} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C748CBC0-8DD3-404A-8BC1-DF8DF3FA76C3} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [834856 2019-04-03] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {CCA7B5D0-DF24-4CBC-B1C0-2BF65EE1D4B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-21] (Google Inc -> Google LLC)
Task: {E9E0E335-410D-4069-9FF0-1F60F33AAAC5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {FE785713-8FA4-4374-8FE3-8B7ECD09C11B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-21] (Google Inc -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{b7f826c6-ea01-4714-a535-4e19bd4e854c}: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{c6197426-c54d-4121-a8e4-ec03077a2b2b}: [DhcpNameServer] 62.129.50.20 85.135.32.100

Edge:
=======
Edge Profile: C:\Users\dbube\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-24]

FireFox:
========
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default [2021-10-31]
CHR DownloadDir: C:\Users\dbube\Desktop
CHR HomePage: Default -> hxxp//www.seznam.cz/
CHR Extension: (Prezentace) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-21]
CHR Extension: (BetterTTV) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2021-10-16]
CHR Extension: (Dokumenty) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-21]
CHR Extension: (Disk Google) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-21]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-09-01]
CHR Extension: (FrankerFaceZ) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2020-09-17]
CHR Extension: (Tabulky) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Profile: C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-08-15]
CHR Profile: C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-08-15]
CHR Extension: (Prezentace) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-07-14]
CHR Extension: (Tabulky) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-07-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-14]
CHR Extension: (Chrome Media Router) - C:\Users\dbube\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-15]
CHR Profile: C:\Users\dbube\AppData\Local\Google\Chrome\User Data\System Profile [2021-08-15]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-02-28] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S4 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2020-04-06] (Even Balance, Inc. -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2020144 2021-09-17] (Rockstar Games, Inc. -> Rockstar Games)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe [2855512 2021-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe [128392 2021-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_44dc4eefedc0d082\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_44dc4eefedc0d082\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 DM150Drv; C:\WINDOWS\System32\drivers\DM150Drv.sys [24312 2010-07-30] (Pitney Bowes -> Pitney Bowes)
R3 MpKslbcd7c2a7; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3A2EA229-EFD4-4B66-BFE9-9CD17B1E3973}\MpKslDrv.sys [130296 2021-10-31] (Microsoft Windows -> Microsoft Corporation)
S3 nvoclk64; C:\WINDOWS\System32\drivers\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corporation -> NVIDIA Corp.)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-09-05] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-10-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-10-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-10-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-31 11:41 - 2021-10-31 11:41 - 000016852 _____ C:\Users\dbube\Desktop\FRST.txt
2021-10-31 11:40 - 2021-10-31 11:40 - 002310656 _____ (Farbar) C:\Users\dbube\Desktop\FRST64.exe
2021-10-30 18:18 - 2021-10-30 18:18 - 000001833 _____ C:\Users\dbube\Desktop\adwcleaner.txt
2021-10-30 18:10 - 2021-10-30 18:10 - 000000000 ____D C:\WINDOWS\LastGood
2021-10-30 18:08 - 2021-10-21 01:48 - 000038016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-10-30 16:29 - 2021-10-21 18:49 - 001874648 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-10-30 16:29 - 2021-10-21 18:49 - 001874648 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-10-30 16:29 - 2021-10-21 18:49 - 001464952 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-10-30 16:29 - 2021-10-21 18:49 - 001450232 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-10-30 16:29 - 2021-10-21 18:49 - 001450232 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-10-30 16:29 - 2021-10-21 18:49 - 001206384 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-10-30 16:29 - 2021-10-21 18:49 - 001111256 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-10-30 16:29 - 2021-10-21 18:49 - 001111256 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-10-30 16:29 - 2021-10-21 18:49 - 000965336 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-10-30 16:29 - 2021-10-21 18:49 - 000965336 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-10-30 16:29 - 2021-10-21 18:45 - 001523336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-10-30 16:29 - 2021-10-21 18:45 - 001172608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-10-30 16:29 - 2021-10-21 18:45 - 000800368 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-10-30 16:29 - 2021-10-21 18:45 - 000707728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-10-30 16:29 - 2021-10-21 18:45 - 000676480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-10-30 16:29 - 2021-10-21 18:45 - 000635000 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-10-30 16:29 - 2021-10-21 18:45 - 000564352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-10-30 16:29 - 2021-10-21 18:44 - 008724080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-10-30 16:29 - 2021-10-21 18:44 - 007843984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-10-30 16:29 - 2021-10-21 18:44 - 004938896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-10-30 16:29 - 2021-10-21 18:44 - 002114688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-10-30 16:29 - 2021-10-21 18:44 - 001597584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-10-30 16:29 - 2021-10-21 18:44 - 000981112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-10-30 16:29 - 2021-10-21 18:44 - 000792208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-10-30 16:29 - 2021-10-21 18:44 - 000452216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-10-30 16:29 - 2021-10-21 18:43 - 005727376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-10-30 16:29 - 2021-10-21 18:43 - 000849016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-10-30 16:29 - 2021-10-21 18:39 - 006430824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-10-30 16:29 - 2021-10-21 01:48 - 000085748 _____ C:\WINDOWS\system32\nvinfo.pb
2021-10-27 15:33 - 2021-10-27 16:13 - 731451392 _____ C:\Users\dbube\Desktop\Může to potkat i vás Romantická Komedia (1994) cz.avi
2021-10-27 15:03 - 2021-10-27 15:03 - 000000043 _____ C:\Users\dbube\Desktop\matesuv podnik.txt
2021-10-27 14:54 - 2021-10-27 14:54 - 000000700 _____ C:\Users\dbube\Desktop\3 statistiky a tabulky v pravidlech.txt
2021-10-27 14:20 - 2021-10-27 14:20 - 000001148 _____ C:\Users\dbube\Desktop\vyhry v pravidlech.txt
2021-10-25 15:50 - 2021-10-25 15:50 - 000000000 _____ C:\Users\dbube\Desktop\Allstars.txt
2021-10-23 16:30 - 2021-10-23 16:30 - 012501351 _____ C:\Users\dbube\Desktop\prilohy_23299.zip
2021-10-22 19:07 - 2021-10-22 19:17 - 000009756 _____ C:\Users\dbube\Desktop\fáze.odt
2021-10-18 18:00 - 2021-10-18 18:00 - 000496505 _____ C:\Users\dbube\Desktop\sken1.jpeg
2021-10-18 17:59 - 2021-10-18 17:59 - 000500771 _____ C:\Users\dbube\Desktop\sken2.jpeg
2021-10-17 10:18 - 2021-10-17 10:43 - 000205248 _____ C:\Users\dbube\Desktop\STM_CZ2606000000000207310081_20210930_2021000009.PDF.pdf
2021-10-17 10:18 - 2021-10-17 10:41 - 000128653 _____ C:\Users\dbube\Desktop\STM_CZ2606000000000207310081_20210831_2021000008.PDF.pdf
2021-10-17 10:18 - 2021-10-17 10:36 - 000684022 _____ C:\Users\dbube\Desktop\STM_CZ2606000000000207310081_20210730_2021000007.PDF.pdf
2021-10-17 10:18 - 2021-10-17 10:32 - 000148875 _____ C:\Users\dbube\Desktop\STM_CZ2606000000000207310081_20210630_2021000006.PDF.pdf
2021-10-13 16:41 - 2021-10-13 16:41 - 000074826 _____ C:\Users\dbube\Desktop\kkop.pdf
2021-10-13 14:42 - 2021-10-13 14:42 - 001823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-10-13 14:42 - 2021-10-13 14:42 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-10-13 14:42 - 2021-10-13 14:42 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll
2021-10-13 14:42 - 2021-10-13 14:42 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-10-13 14:42 - 2021-10-13 14:42 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-10-13 14:42 - 2021-10-13 14:42 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-10-13 14:42 - 2021-10-13 14:42 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-10-13 14:42 - 2021-10-13 14:42 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-10-13 14:42 - 2021-10-13 14:42 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-10-13 14:42 - 2021-10-13 14:42 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-10-13 14:42 - 2021-10-13 14:42 - 000011495 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-10-13 14:42 - 2021-10-13 14:42 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2021-10-13 14:42 - 2021-10-13 14:42 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2021-10-13 14:36 - 2021-10-13 14:36 - 000000000 ___HD C:\$WinREAgent
2021-10-12 15:46 - 2021-10-12 15:46 - 000441135 _____ C:\Users\dbube\Desktop\Dohoda sken.jpeg
2021-10-12 15:45 - 2021-10-12 15:45 - 000432447 _____ C:\Users\dbube\Desktop\Pro soud sken.jpeg
2021-10-12 15:19 - 2021-10-12 15:19 - 000015914 _____ C:\Users\dbube\Desktop\pro Soud.odt
2021-10-12 14:43 - 2021-10-17 11:13 - 000015961 _____ C:\Users\dbube\Desktop\Dohoda.odt
2021-10-02 20:58 - 2021-10-02 20:58 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-02 20:58 - 2021-10-02 20:58 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-10-02 19:54 - 2021-10-16 19:31 - 000000000 ____D C:\Users\dbube\AppData\Local\PokerStars.CZ
2021-10-02 19:54 - 2021-10-02 19:54 - 000000824 _____ C:\Users\dbube\Desktop\PokerStars.cz.lnk
2021-10-02 19:54 - 2021-10-02 19:54 - 000000000 ____D C:\Users\dbube\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.cz

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-31 11:41 - 2021-08-13 20:34 - 000000000 ____D C:\FRST
2021-10-31 11:38 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-31 11:38 - 2019-05-21 14:52 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-31 11:30 - 2019-05-21 14:54 - 000000000 ____D C:\Program Files (x86)\Steam
2021-10-31 11:10 - 2019-05-21 17:27 - 000000000 ____D C:\Users\dbube\AppData\Local\CrashDumps
2021-10-31 11:01 - 2019-05-21 14:43 - 000000000 ____D C:\ProgramData\NVIDIA
2021-10-31 10:59 - 2020-09-06 12:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-31 10:47 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-31 10:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-31 10:38 - 2021-01-18 11:28 - 000000000 ____D C:\Users\dbube\AppData\Roaming\badpanda-react
2021-10-31 10:38 - 2020-04-22 17:20 - 000000000 ____D C:\Users\dbube\AppData\Roaming\discord
2021-10-31 10:36 - 2020-07-15 10:11 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-31 10:35 - 2020-04-22 17:20 - 000000000 ____D C:\Users\dbube\AppData\Local\Discord
2021-10-30 18:18 - 2019-12-26 11:30 - 000000000 ____D C:\Program Files\trend micro
2021-10-30 18:13 - 2020-09-06 12:47 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-30 18:13 - 2019-12-07 15:41 - 000716764 _____ C:\WINDOWS\system32\perfh005.dat
2021-10-30 18:13 - 2019-12-07 15:41 - 000144942 _____ C:\WINDOWS\system32\perfc005.dat
2021-10-30 18:13 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-10-30 18:11 - 2019-05-21 15:24 - 000000000 ____D C:\Users\dbube\AppData\Local\NVIDIA
2021-10-30 16:42 - 2020-09-06 12:45 - 000004208 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{A8E94C42-9C4F-4DEE-9B06-7CDE732D054B}
2021-10-30 14:22 - 2020-09-06 12:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-30 14:22 - 2020-09-06 12:38 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-30 14:21 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-10-30 14:19 - 2019-12-14 22:12 - 000000000 ____D C:\Users\dbube\AppData\Roaming\qBittorrent
2021-10-30 14:13 - 2020-04-12 05:00 - 000000000 ____D C:\Users\dbube\AppData\Local\ElevatedDiagnostics
2021-10-29 21:07 - 2019-05-21 17:41 - 000000000 ____D C:\Users\dbube\AppData\Local\D3DSCache
2021-10-29 21:07 - 2019-05-21 14:50 - 000000000 ____D C:\Users\dbube\AppData\Local\Packages
2021-10-27 14:07 - 2019-05-21 14:52 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-22 14:51 - 2020-09-06 12:45 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1558997955-55845073-2629518697-1001
2021-10-22 14:51 - 2020-09-06 12:39 - 000002377 _____ C:\Users\dbube\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-10-21 18:45 - 2021-08-11 14:34 - 000656512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-10-21 18:44 - 2021-08-11 14:34 - 002850416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-10-21 18:39 - 2021-07-28 18:44 - 007578560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-10-21 01:48 - 2021-07-28 18:45 - 000125568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-10-18 18:00 - 2019-09-07 15:57 - 000000000 ___RD C:\Users\dbube\Documents\Scanned Documents
2021-10-16 17:20 - 2019-06-24 15:21 - 000000000 ____D C:\Users\dbube\AppData\Roaming\TS3Client
2021-10-16 17:06 - 2020-04-20 20:43 - 000000000 ____D C:\Users\dbube\AppData\Local\DigitalEntitlements
2021-10-15 14:22 - 2019-05-22 11:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-10-15 14:20 - 2019-05-22 11:01 - 139806512 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-10-15 13:58 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-10-13 17:37 - 2020-09-06 12:38 - 000774784 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-10-13 17:36 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-10-13 17:36 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-10-13 17:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-10-13 17:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-10-13 17:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-10-13 17:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-10-13 17:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-10-13 17:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-10-13 17:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-10-12 15:23 - 2021-09-18 16:21 - 000000000 ____D C:\Users\dbube\Desktop\klik
2021-10-10 12:53 - 2020-09-06 12:45 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-10 12:53 - 2020-09-06 12:45 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-08 15:55 - 2021-01-22 15:39 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-10-07 19:09 - 2019-05-21 14:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Files in the root of some directories ========

2020-06-09 14:08 - 2020-06-09 14:08 - 000004973 _____ () C:\Users\dbube\AppData\Local\PlariumPlay.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
Task: {CCA7B5D0-DF24-4CBC-B1C0-2BF65EE1D4B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-21] (Google Inc -> Google LLC)
Task: {FE785713-8FA4-4374-8FE3-8B7ECD09C11B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-21] (Google Inc -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
AlternateDataStreams: C:\Users\dbube\Desktop\Dohoda sken.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\Dohoda sken.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\Pro soud sken.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\Pro soud sken.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\sken1.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\sken1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\sken2.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\sken2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Documents\RL - Terezka.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\Vlasťule\Desktop\dpč 2.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\Vlasťule\Desktop\dpč 2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Vlasťule\Desktop\DPČ.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\Vlasťule\Desktop\DPČ.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-1558997955-55845073-2629518697-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
SearchScopes: HKU\S-1-5-21-1558997955-55845073-2629518697-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
FirewallRules: [TCP Query User{0EF78E67-E32C-4B48-AE97-B4C6A8041B7B}D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [UDP Query User{C06FE38F-A0D8-4D84-903D-BBDBC52D8446}D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File

EmptyTemp:
Hosts:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 30-10-2021
Ran by dbube (31-10-2021 15:45:02) Run:2
Running from C:\Users\dbube\Desktop
Loaded Profiles: dbube
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Task: {CCA7B5D0-DF24-4CBC-B1C0-2BF65EE1D4B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-21] (Google Inc -> Google LLC)
Task: {FE785713-8FA4-4374-8FE3-8B7ECD09C11B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-21] (Google Inc -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
AlternateDataStreams: C:\Users\dbube\Desktop\Dohoda sken.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\Dohoda sken.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\Pro soud sken.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\Pro soud sken.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\sken1.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\sken1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Desktop\sken2.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\dbube\Desktop\sken2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\dbube\Documents\RL - Terezka.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\Vlasťule\Desktop\dpč 2.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\Vlasťule\Desktop\dpč 2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Vlasťule\Desktop\DPČ.jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\Vlasťule\Desktop\DPČ.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-1558997955-55845073-2629518697-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
SearchScopes: HKU\S-1-5-21-1558997955-55845073-2629518697-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
FirewallRules: [TCP Query User{0EF78E67-E32C-4B48-AE97-B4C6A8041B7B}D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File
FirewallRules: [UDP Query User{C06FE38F-A0D8-4D84-903D-BBDBC52D8446}D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe => No File

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CCA7B5D0-DF24-4CBC-B1C0-2BF65EE1D4B1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCA7B5D0-DF24-4CBC-B1C0-2BF65EE1D4B1}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FE785713-8FA4-4374-8FE3-8B7ECD09C11B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE785713-8FA4-4374-8FE3-8B7ECD09C11B}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
"C:\Users\dbube\Desktop\Dohoda sken.jpeg" => ":3or4kl4x13tuuug3Byamue2s4b" ADS not found.
"C:\Users\dbube\Desktop\Dohoda sken.jpeg" => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS not found.
"C:\Users\dbube\Desktop\Pro soud sken.jpeg" => ":3or4kl4x13tuuug3Byamue2s4b" ADS not found.
"C:\Users\dbube\Desktop\Pro soud sken.jpeg" => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS not found.
"C:\Users\dbube\Desktop\sken1.jpeg" => ":3or4kl4x13tuuug3Byamue2s4b" ADS not found.
"C:\Users\dbube\Desktop\sken1.jpeg" => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS not found.
"C:\Users\dbube\Desktop\sken2.jpeg" => ":3or4kl4x13tuuug3Byamue2s4b" ADS not found.
"C:\Users\dbube\Desktop\sken2.jpeg" => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS not found.
C:\Users\dbube\Documents\RL - Terezka.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS could not remove.
"C:\Users\Vlasťule\Desktop\dpč 2.jpeg" => ":3or4kl4x13tuuug3Byamue2s4b" ADS not found.
"C:\Users\Vlasťule\Desktop\dpč 2.jpeg" => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS not found.
"C:\Users\Vlasťule\Desktop\DPČ.jpeg" => ":3or4kl4x13tuuug3Byamue2s4b" ADS not found.
"C:\Users\Vlasťule\Desktop\DPČ.jpeg" => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
"HKU\S-1-5-21-1558997955-55845073-2629518697-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-1558997955-55845073-2629518697-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0EF78E67-E32C-4B48-AE97-B4C6A8041B7B}D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C06FE38F-A0D8-4D84-903D-BBDBC52D8446}D:\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 192335527 B
Java, Flash, Steam htmlcache => 325244188 B
Windows/system/drivers => 8307591 B
Edge => 0 B
Chrome => 454565623 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 85158 B
dbube => 10010556 B

RecycleBin => 74778818 B
EmptyTemp: => 1016 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:45:30 ====

Vypadá to, že je po problému. Mohu se zeptat, kde byl problem ?

Jinak moc děkuji.

Log mi to neřekl. ADW bylo v pořádku a FRST smazal jen zbytečnosti. Možná byl problém jen v nějakém updatu.