Windows Defender služba se zastavila

[Rudy]

Smažte (dejte do karantény ) , restartujte a pak dejte nové logy FRST+Addition.

[Reysanger]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2023
Ran by Jirka (18-09-2023 09:55:05)
Running from C:\Users\Jirka\Desktop
Microsoft Windows 10 Home Version 22H2 19045.3448 (X64) (2020-08-21 09:31:44)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2147776618-328994716-1476381886-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2147776618-328994716-1476381886-503 - Limited - Disabled)
Guest (S-1-5-21-2147776618-328994716-1476381886-501 - Limited - Disabled)
Jirka (S-1-5-21-2147776618-328994716-1476381886-1002 - Administrator - Enabled) => C:\Users\Jirka
WDAGUtilityAccount (S-1-5-21-2147776618-328994716-1476381886-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 21.06 (x64) (HKLM\...\7-Zip) (Version: 21.06 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 23.006.20320 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.156 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601052}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.7.0.1725 - Advanced Micro Devices, Inc.)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.6.9.0 - SlySoft)
AstronTycoon2 Ritual (HKU\S-1-5-21-2147776618-328994716-1476381886-1002\...\AstronTycoon2 Ritual) (Version: - HOODLUM)
Avidemux VC++ 64bits (HKU\S-1-5-21-2147776618-328994716-1476381886-1002\...\{563f0c36-f4f1-4965-86fc-3ee560252453}) (Version: 2.7.5 - Mean)
Avidemux VC++ 64bits (HKU\S-1-5-21-2147776618-328994716-1476381886-1002\...\{897780bf-1117-4ce6-b6b5-6855cf4f6bc8}) (Version: 2.7.8 - Mean)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Betaflight Configurator (HKLM\...\e72c90bb-45eb-48dc-9cf3-ac2e8ec52f8c_is1) (Version: 10.8.0 - The Betaflight open source project)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CPUID CPU-Z 1.96 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.96 - CPUID, Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.12.0.1184 - Disc Soft Ltd)
Diablo IV (HKLM-x32\...\Diablo IV) (Version: - Blizzard Entertainment)
DVDFab 12 (x64) (HKLM-x32\...\DVDFab 12 (x64)) (Version: 12.1.0.1 - DVDFab Software Inc.)
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.1.2 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{40941c42-b00c-4b98-900e-941e412fb676}) (Version: 1.0.1.2 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.7.11 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{fd812556-e0bb-4961-ac2b-cf5643484519}) (Version: 1.0.7.11 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FileZilla Client 3.56.2 (HKLM-x32\...\FileZilla Client) (Version: 3.56.2 - Tim Kosse)
Groma v. 8.0 - demonstrační verze (HKLM-x32\...\Groma8-demo_is1) (Version: - Geoline, spol. s r.o.)
Hi-Rez Studios Games (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) Network Connections 21.1.29.0 (HKLM\...\{1E5EDF73-13EC-4211-820D-1900B8BD7951}) (Version: 21.1.29.0 - Intel) Hidden
Intel(R) Network Connections 21.1.29.0 (HKLM\...\PROSetDX) (Version: 21.1.29.0 - Intel)
Java 8 Update 311 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180311F0}) (Version: 8.0.3110.11 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2023.7.448769 - Logitech)
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
Malwarebytes version 4.6.2.281 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.2.281 - Malwarebytes)
MediaInfo 22.09 (HKLM\...\MediaInfo) (Version: 22.09 - MediaArea.net)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.31 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 116.0.1938.81 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31931 (HKLM-x32\...\{6ba9fb5e-8366-4cc4-bf65-25fe9819b2fc}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31931 (HKLM-x32\...\{C2662EFF-06E6-4FD1-9D6D-FDCA91025757}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31931 (HKLM-x32\...\{AB1BDF73-7393-42CE-812D-9A90918814D5}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
MKVToolNix 72.0.0 (32-bit) (HKLM-x32\...\MKVToolNix) (Version: 72.0.0 - Moritz Bunkus)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 117.0.1 (x64 cs)) (Version: 117.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 94.0.2 - Mozilla)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 2.2021.0416.01 - MSI)
MSVCRT Redists (HKLM\...\{C0400FDE-0517-11E7-8E05-C2A106E0D44C}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
NFOPad 1.73 (HKLM-x32\...\NFOPad) (Version: 1.73 - True Human Design)
Northgard CZ (GOG) (HKLM-x32\...\Northgard CZ (GOG)) (Version: 2.6.4.23618 - Blaster550)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation)
NVIDIA GeForce NOW 2.0.30.112 (HKU\S-1-5-21-2147776618-328994716-1476381886-1002\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.30.112 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 537.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 537.34 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project)
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
OpenTX Companion 2.3 (HKLM-x32\...\OpenTX Companion 2.3) (Version: 2.3.15 - OpenTX)
Origin (HKLM-x32\...\Origin) (Version: 10.5.106.49298 - Electronic Arts, Inc.)
Pioneer BD Drive Utility BDR-211 (HKLM-x32\...\{2FBEA021-32AE-4848-BAF2-95D3047DC977}) (Version: 1.2.0.3 - Pioneer Corporation)
PlayerFab (x64) (HKLM-x32\...\PlayerFab (x64)) (Version: 7.0.4.3 - DVDFab Software Inc.)
ProtonVPN (HKLM-x32\...\{FFAFEA09-E7DA-4710-A278-7F0506C96829}) (Version: 1.18.5 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.18.5) (Version: 1.18.5 - Proton Technologies AG)
ProtonVPNTap (HKLM-x32\...\{5DA710E2-1B81-4675-BFC5-76BAF63AE1F6}) (Version: 1.1.3 - Proton Technologies AG)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Skype verze 8.103 (HKLM-x32\...\Skype_is1) (Version: 8.103 - Skype Technologies S.A.)
SopCast 4.2.0 (HKLM-x32\...\SopCast) (Version: 4.2.0 - www.sopcast.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tanki Online 1.255.255 (HKU\S-1-5-21-2147776618-328994716-1476381886-1002\...\c50ff345-e72a-5ce9-90f5-05db394fb064) (Version: 1.255.255 - APL Publishing Ltd.)
Trezor Suite 23.8.1 (HKU\S-1-5-21-2147776618-328994716-1476381886-1002\...\978be57b-9286-5cd7-a60b-54c81352a986) (Version: 23.8.1 - SatoshiLabs)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 38.2 - Ubisoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
VNC Viewer 6.20.529 (HKLM\...\{DCF5BBEA-3BDB-4E03-BF06-03836F320CA6}) (Version: 6.20.529.42646 - RealVNC Ltd)
Wargaming.net Game Center (HKU\S-1-5-21-2147776618-328994716-1476381886-1002\...\Wargaming.net Game Center) (Version: 21.0.0.3580 - Wargaming.net)
Wargaming.net Game Center for Steam (HKU\S-1-5-21-2147776618-328994716-1476381886-1002\...\Wargaming.net Game Center for Steam) (Version: 22.2.1.9342 - Wargaming.net)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WinRAR 6.02 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
WonderFox DVD Video Converter 27.7 (HKLM-x32\...\WonderFox DVD Video Converter) (Version: 27.7 - WonderFox Soft, Inc.)
World of Tanks NA (HKU\S-1-5-21-2147776618-328994716-1476381886-1002\...\WOT.NA.PRODUCTION) (Version: - Wargaming.net)

Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-13] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.18.872.0_x64__rz1tebttyb220 [2023-08-22] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-21] (Microsoft Corporation)
DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p [2021-12-09] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
f.lux -> C:\Program Files\WindowsApps\F.luxSoftwareLLC.f.lux_4.120.0.0_x86__sw1dyjdkns7gt [2021-06-24] (F.lux Software LLC) [Startup Task]
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_149.1.1056.0_x64__v10z8vjag6ke6 [2023-09-12] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-09-14] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.180.0_x64__dt26b99r8h8gj [2019-12-09] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-08-25] (Microsoft Studios) [MS Ad]
Windows Package Manager Source (winget) -> C:\Program Files\WindowsApps\Microsoft.Winget.Source_2023.918.726.409_neutral__8wekyb3d8bbwe [2023-09-18] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2147776618-328994716-1476381886-1002_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2147776618-328994716-1476381886-1002_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-24] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-04-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-04-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-09-18] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-24] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_bdb2eb4088db0b4b\nvshext.dll [2023-09-03] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-24] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-09-18] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2023-02-03 19:28 - 2023-06-10 13:15 - 001331200 _____ () [File not signed] C:\Program Files\DVDFab\PlayerFab\utilities.dll
2023-02-03 19:28 - 2023-01-11 04:22 - 000068096 _____ () [File not signed] C:\Program Files\DVDFab\PlayerFab\VMProtectSDK64.dll
2016-08-24 16:54 - 2016-08-24 16:54 - 000352256 _____ (Intel(R) Corporation) [File not signed] C:\Windows\system32\NCS2Setp.dll
2021-10-06 19:18 - 2021-10-06 19:18 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-10-06 19:18 - 2021-10-06 19:18 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2021-10-06 19:18 - 2021-10-06 19:18 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2021-10-21 09:51 - 2021-10-06 19:18 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2021-10-21 09:51 - 2021-10-06 19:18 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2021-10-21 09:51 - 2021-10-06 19:18 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2021-10-21 09:51 - 2021-10-06 19:18 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2021-10-21 09:51 - 2021-10-06 19:18 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2021-10-21 09:51 - 2021-10-06 19:18 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2023-02-03 19:28 - 2023-01-11 04:22 - 006158456 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files\DVDFab\PlayerFab\Qt5Core.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Jirka\Desktop\FRST64.exe:MBAM.Zone.Identifier [193]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\ssv.dll [2021-12-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\jp2ssv.dll [2021-12-06] (Oracle America, Inc. -> Oracle Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2147776618-328994716-1476381886-1002\...\localhost -> localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-2147776618-328994716-1476381886-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 8.8.8.8 - 208.67.222.222
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
HKU\S-1-5-21-2147776618-328994716-1476381886-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-2147776618-328994716-1476381886-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2147776618-328994716-1476381886-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2147776618-328994716-1476381886-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2147776618-328994716-1476381886-1002\...\StartupApproved\Run: => "EpicGamesLauncher"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{35363163-55EA-4183-9DCC-28D30CB58BA2}C:\program files\lghub\lghub_agent.exe] => (Block) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{C2C732D6-B43B-4012-B749-75035153E698}C:\program files\lghub\lghub_agent.exe] => (Block) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{2333E3D5-B8F2-4F35-96C9-B6D66DD705E5}] => (Allow) D:\Steamp\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6F98E648-5FE1-4E43-925F-3F4578E0DCC5}] => (Allow) D:\Steamp\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8995CDAD-150B-4F64-AE1B-2349AFD3032E}] => (Allow) D:\Steamp\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6BF9A1DE-E979-4250-9331-54E153CA560E}] => (Allow) D:\Steamp\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{AFE00191-6CB3-486B-8ECC-2515F6A772AD}D:\steamp\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\steamp\steamapps\common\counter-strike global offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [UDP Query User{3A8485DA-69D4-41B1-B81B-ADB31F695857}D:\steamp\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\steamp\steamapps\common\counter-strike global offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [TCP Query User{ABF1731A-F68C-420F-BE12-69350164D2A7}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{558F43F7-579A-4D27-ADF1-DC79E6F2DB5E}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{B33AB347-DE37-4B49-8C3A-6EC0DAED453A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E8C14851-1BC1-4494-A703-3502716CE59B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{7A1C8A6F-7E29-4757-A3A4-1FEDFFDAC713}D:\steamp\steamapps\common\for honor\forhonor.exe] => (Allow) D:\steamp\steamapps\common\for honor\forhonor.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [UDP Query User{5639ABA1-47CB-4510-AD12-A5A5EB4DC788}D:\steamp\steamapps\common\for honor\forhonor.exe] => (Allow) D:\steamp\steamapps\common\for honor\forhonor.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{12866477-161B-42F8-AE53-1D359DD4E9D3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3E5EC70B-09D9-4670-8674-E785EDD61499}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2A8BE622-E5E1-44AF-96EA-A9B9D3CD946B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E2C0E993-2CA4-4E60-ABC3-3DD9497BC4DE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{C56F3641-86F0-4E77-B746-2328AC31E146}C:\program files\lghub\lghub_agent.exe] => (Block) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{B121B4E2-D336-4ADA-9FD6-25FF878739EB}C:\program files\lghub\lghub_agent.exe] => (Block) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{BD9B5272-AA7B-481E-9641-8B91BBA8675E}C:\users\jirka\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_farmer.exe] => (Block) C:\users\jirka\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_farmer.exe => No File
FirewallRules: [{B188C9AD-8546-4326-8DBC-C53E81B505A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{DE2CF34E-C2F8-436B-8F88-04644B19BAAB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{8D8FE183-C8E1-494A-AAFA-CFF89A2082ED}D:\steamp\steamapps\common\world of tanks\eu\win64\worldoftanks.exe] => (Allow) D:\steamp\steamapps\common\world of tanks\eu\win64\worldoftanks.exe => No File
FirewallRules: [UDP Query User{3F33CEE0-DD2B-44D8-A899-B3A821D1C314}D:\steamp\steamapps\common\world of tanks\eu\win64\worldoftanks.exe] => (Allow) D:\steamp\steamapps\common\world of tanks\eu\win64\worldoftanks.exe => No File
FirewallRules: [TCP Query User{3E3E813E-010F-405F-B741-0F89769C9DC1}C:\users\jirka\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\jirka\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{904C5486-2473-4497-9029-B42662DFE8B5}C:\users\jirka\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\jirka\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{17822CDB-CEE1-49BE-939D-B9FFB46E6548}] => (Allow) D:\Steamp\steamapps\common\Grim Dawn\Grim Dawn.exe (Crate Entertainment, LLC) [File not signed]
FirewallRules: [{1DAC7648-5EB9-4F4E-9FBD-04573F808315}] => (Allow) D:\Steamp\steamapps\common\Grim Dawn\Grim Dawn.exe (Crate Entertainment, LLC) [File not signed]
FirewallRules: [TCP Query User{256C0A4A-660A-40D1-9EE1-7B37F0A3331A}D:\steamp\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe] => (Allow) D:\steamp\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe (Cryptic Studios Inc. -> )
FirewallRules: [UDP Query User{57F4D855-C43F-4ED6-85F3-446E98D45429}D:\steamp\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe] => (Allow) D:\steamp\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe (Cryptic Studios Inc. -> )
FirewallRules: [TCP Query User{6CCA0621-D97F-4869-BE1F-E3CE3F84FF51}C:\programdata\wargaming.net\gamecenter for steam\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter for steam\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{C2B4389B-A34D-4A9A-92B3-E6842E9D61FE}C:\programdata\wargaming.net\gamecenter for steam\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter for steam\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{619ABB6E-9C34-4B42-BEC5-995D67E8A64E}D:\program files\vlcvideolan\vlc\vlc.exe] => (Block) D:\program files\vlcvideolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{13497CF9-21BA-4029-BB41-0C2DEC3495AE}D:\program files\vlcvideolan\vlc\vlc.exe] => (Block) D:\program files\vlcvideolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{8A3E9F06-D883-4071-9BDA-AB77EEE841D5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{FEF8753F-0A6B-4430-89A9-B28D7E61D884}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{A0FEAC8C-3C8A-463E-BB39-0754172B5E7C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{40FD841F-86E5-4117-9DCE-E5538A73C1B9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{22E08A23-E30B-429D-A32A-F390A90219DA}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{C6C3C57E-3CAB-4285-AF1D-31BF07882D05}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{4F48087D-5170-4DC6-9835-66C42990AF9D}] => (Allow) D:\Steamp\steamapps\common\Orqa FPV.SkyDive\FPV.SkyDive.exe () [File not signed]
FirewallRules: [{3F6B0A63-315A-4538-BA3F-D09B43F5E5F1}] => (Allow) D:\Steamp\steamapps\common\Orqa FPV.SkyDive\FPV.SkyDive.exe () [File not signed]
FirewallRules: [{F5EF4C5D-A7F0-4756-84D2-11579DD683D3}] => (Allow) D:\Steamp\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe (Valve Corp. -> )
FirewallRules: [{EA6E31E8-BF12-4B5C-96A5-417AF52B5433}] => (Allow) D:\Steamp\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe (Valve Corp. -> )
FirewallRules: [TCP Query User{A05A57B1-3A1B-4E8D-966C-BC0C3E74C570}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{2B880CF6-59CB-4D7C-9F56-C83EC92D9E6D}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{A5236DBD-C007-4229-9E5C-F95C063220CA}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe => No File
FirewallRules: [{ABE7535E-E44C-42AF-9D43-38D0534FD6E4}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe => No File
FirewallRules: [TCP Query User{9518EF88-2DED-477A-83D2-69330C8F7031}C:\program files\dvdfab\dvdfab 12\dvdfab64.exe] => (Allow) C:\program files\dvdfab\dvdfab 12\dvdfab64.exe => No File
FirewallRules: [UDP Query User{0C70E994-6D6B-4F49-9BED-8A4DC00F2DF5}C:\program files\dvdfab\dvdfab 12\dvdfab64.exe] => (Allow) C:\program files\dvdfab\dvdfab 12\dvdfab64.exe => No File
FirewallRules: [TCP Query User{30EE7AFB-9F56-44C1-9950-407518660846}C:\users\jirka\appdata\local\programs\trezor suite\trezor suite.exe] => (Allow) C:\users\jirka\appdata\local\programs\trezor suite\trezor suite.exe (SatoshiLabs, s.r.o. -> SatoshiLabs)
FirewallRules: [UDP Query User{7CC3D469-CF7E-41D1-A141-2CCBA6BAD31C}C:\users\jirka\appdata\local\programs\trezor suite\trezor suite.exe] => (Allow) C:\users\jirka\appdata\local\programs\trezor suite\trezor suite.exe (SatoshiLabs, s.r.o. -> SatoshiLabs)
FirewallRules: [{B5D62EE3-332A-4798-8665-10A379BD7749}] => (Allow) D:\Steamp\steamapps\common\Grim Dawn\x64\Grim Dawn.exe (Crate Entertainment, LLC) [File not signed]
FirewallRules: [{66B8556B-974E-4AB8-90A9-2D5D9F116F70}] => (Allow) D:\Steamp\steamapps\common\Grim Dawn\x64\Grim Dawn.exe (Crate Entertainment, LLC) [File not signed]
FirewallRules: [TCP Query User{37A9EB60-A0FB-4FA8-B30E-6A805B4C065C}C:\program files\dvdfab\playerfab\playerfab server.exe] => (Block) C:\program files\dvdfab\playerfab\playerfab server.exe (DVDFab Software Inc. -> PlayerFab Server Inc.)
FirewallRules: [UDP Query User{A3F0EB5D-2190-438F-BAAC-DCD99A775723}C:\program files\dvdfab\playerfab\playerfab server.exe] => (Block) C:\program files\dvdfab\playerfab\playerfab server.exe (DVDFab Software Inc. -> PlayerFab Server Inc.)
FirewallRules: [TCP Query User{3E776975-B69F-4E34-8C9A-C5C12BAD7971}C:\program files\dvdfab\playerfab\playerfab.exe] => (Block) C:\program files\dvdfab\playerfab\playerfab.exe (DVDFab Software Inc. -> )
FirewallRules: [UDP Query User{95ECB60E-50C2-4EAF-A6A2-B8E01F0D7F19}C:\program files\dvdfab\playerfab\playerfab.exe] => (Block) C:\program files\dvdfab\playerfab\playerfab.exe (DVDFab Software Inc. -> )
FirewallRules: [{5FD9092D-3929-4E55-81AC-3DF3F73E5DB6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{AB6C678D-AF69-4852-9779-58ABFF15AA0B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{61E4EF91-F651-4883-AAB1-9E19D1027270}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{293DC941-430F-453C-B3F6-E883ECD4E7AF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{7FCC611D-80BD-4954-B124-101CAC88331A}C:\program files\dvdfab\playerfab\playerfab.exe] => (Allow) C:\program files\dvdfab\playerfab\playerfab.exe (DVDFab Software Inc. -> )
FirewallRules: [UDP Query User{1A31E3FC-0E7A-41A7-9F55-EA999579A036}C:\program files\dvdfab\playerfab\playerfab.exe] => (Allow) C:\program files\dvdfab\playerfab\playerfab.exe (DVDFab Software Inc. -> )
FirewallRules: [TCP Query User{1C942F16-370B-4B78-B6B4-6B635D82956F}C:\program files\dvdfab\playerfab\playerfab server.exe] => (Block) C:\program files\dvdfab\playerfab\playerfab server.exe (DVDFab Software Inc. -> PlayerFab Server Inc.)
FirewallRules: [UDP Query User{89826FA4-1210-4D5F-A05A-8B0D32DAC077}C:\program files\dvdfab\playerfab\playerfab server.exe] => (Block) C:\program files\dvdfab\playerfab\playerfab server.exe (DVDFab Software Inc. -> PlayerFab Server Inc.)
FirewallRules: [{4FF7E0EF-DD6A-4A91-AF2A-B4CF0ECB1A73}] => (Allow) D:\Steamp\steamapps\common\TRYP FPV\TrypFPV.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{654B4501-E19E-4839-9C0A-220946669BF6}] => (Allow) D:\Steamp\steamapps\common\TRYP FPV\TrypFPV.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{AD6DFE5D-6CCE-4BC2-8B0B-9DC353F5CD06}] => (Allow) D:\Steamp\steamapps\common\Isonzo\Isonzo\Isonzo.exe => No File
FirewallRules: [{885E4329-F83F-4148-95B8-6B5FA9FC1C18}] => (Allow) D:\Steamp\steamapps\common\Isonzo\Isonzo\Isonzo.exe => No File
FirewallRules: [{88F6FB35-AA53-4E69-B8AC-8471B1F7DC29}] => (Allow) D:\Steamp\steamapps\common\DCL - The Game\DCGame.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{EE7DDA8D-B6EB-4514-B36F-64EC887FD6B6}] => (Allow) D:\Steamp\steamapps\common\DCL - The Game\DCGame.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{949D4AF2-25BC-44D6-A21E-92BA28B7584B}D:\steamp\steamapps\common\dcl - the game\dcgame\binaries\win64\dcgame-win64-shipping.exe] => (Allow) D:\steamp\steamapps\common\dcl - the game\dcgame\binaries\win64\dcgame-win64-shipping.exe (Drone Champions AG) [File not signed]
FirewallRules: [UDP Query User{9571D019-994C-470A-8753-945D6ABBBF97}D:\steamp\steamapps\common\dcl - the game\dcgame\binaries\win64\dcgame-win64-shipping.exe] => (Allow) D:\steamp\steamapps\common\dcl - the game\dcgame\binaries\win64\dcgame-win64-shipping.exe (Drone Champions AG) [File not signed]
FirewallRules: [{69D61D48-B5FE-42B6-8BCF-7CA65CBA9F8E}] => (Allow) D:\Steamp\steamapps\common\Call of Duty Vanguard\bootstrapper.exe (Activision Publishing Inc -> )
FirewallRules: [{5B1587B0-A9DC-44DE-9053-A645EA44498C}] => (Allow) D:\Steamp\steamapps\common\Call of Duty Vanguard\bootstrapper.exe (Activision Publishing Inc -> )
FirewallRules: [{E1DE23CB-8B26-4E1D-A115-195E8201E639}] => (Allow) D:\Steamp\steamapps\common\Call of Duty Vanguard\Vanguard.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{698E59DF-B9B7-4242-B708-60FBD57E2097}] => (Allow) D:\Steamp\steamapps\common\Call of Duty Vanguard\Vanguard.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{A22D8555-4FA7-48F1-9EE2-AEDC4A3F646E}C:\program files (x86)\diablo iv\diablo iv.exe] => (Allow) C:\program files (x86)\diablo iv\diablo iv.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{7998E2D5-A035-44AF-89E5-D0775BC8F828}C:\program files (x86)\diablo iv\diablo iv.exe] => (Allow) C:\program files (x86)\diablo iv\diablo iv.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{3A70BC65-9E79-4EBF-A285-86D732599CFF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{56377F45-1C84-47B8-8E15-189470C31ECD}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{499AA6ED-A3E0-430E-B604-F06ECA36BA56}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\116.0.1938.81\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A2F86801-045C-41DE-B380-8216EECE746A}] => (Allow) LPort=32682

==================== Restore Points =========================

29-08-2023 12:33:24 Naplánovaný kontrolní bod
04-09-2023 05:20:47 Instalační služba modulů systému Windows
13-09-2023 07:39:50 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/18/2023 09:51:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: VoiceControlEngine.exe, verze: 1.0.0.6, časové razítko: 0xde434485
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3448, časové razítko: 0x743fa6b7
Kód výjimky: 0xe0434352
Posun chyby: 0x0013d902
ID chybujícího procesu: 0x26a0
Čas spuštění chybující aplikace: 0x01d9ea04f8d88f5f
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControlEngine.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: e8298ed2-865a-4bc2-ab91-1d34cd1f837b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/18/2023 09:51:57 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: VoiceControlEngine.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.Net.Sockets.SocketException
na System.Net.Sockets.Socket.DoBind(System.Net.EndPoint, System.Net.SocketAddress)
na System.Net.Sockets.Socket.Bind(System.Net.EndPoint)
na System.Net.Sockets.TcpListener.Start(Int32)
na VoiceControlEngine.WebSocketServer.Start()
na VoiceControlEngine.MainWindow..ctor()

Informace o výjimce: System.Windows.Markup.XamlParseException
na System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri)
na System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri)
na System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean)
na System.Windows.Application.LoadBamlStreamWithSyncInfo(System.IO.Stream, System.Windows.Markup.ParserContext)
na System.Windows.Application.LoadComponent(System.Uri, Boolean)
na System.Windows.Application.DoStartup()
na System.Windows.Application.<.ctor>b__1_0(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.DispatcherOperation.InvokeImpl()
na System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
na MS.Internal.CulturePreservingExecutionContext.CallbackWrapper(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Windows.Threading.DispatcherOperation.Invoke()
na System.Windows.Threading.Dispatcher.ProcessQueue()
na System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
na MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
na System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
na System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
na System.Windows.Application.RunDispatcher(System.Object)
na System.Windows.Application.RunInternal(System.Windows.Window)
na System.Windows.Application.Run(System.Windows.Window)
na VoiceControlEngine.App.Main()

Error: (09/18/2023 09:51:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5e9fe263
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3448, časové razítko: 0x743fa6b7
Kód výjimky: 0xe0434352
Posun chyby: 0x0013d902
ID chybujícího procesu: 0x11a8
Čas spuštění chybující aplikace: 0x01d9ea04f43df508
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 81491b14-fb97-4be1-b927-e87c1142f4dd
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/18/2023 09:51:38 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeUtilsService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na FreemakeUtilsService.Program.Main(System.String[])

Error: (09/18/2023 08:27:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: uTorrent.exe, verze: 2.2.1.25203, časové razítko: 0x4da658c2
Název chybujícího modulu: GDI32.dll, verze: 10.0.19041.3393, časové razítko: 0x0719f324
Kód výjimky: 0xc000041d
Posun chyby: 0x00005f67
ID chybujícího procesu: 0x2074
Čas spuštění chybující aplikace: 0x01d9e9f87242f3d7
Cesta k chybující aplikaci: C:\Program Files (x86)\uTorrent\uTorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 868b21d4-11a6-4145-8472-c466d8a11039
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/18/2023 05:49:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: JPWLCVAVRDDXXTGA.exe, verze: 2.0.0.0, časové razítko: 0x621e795b
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000140003be2
ID chybujícího procesu: 0x18d0
Čas spuštění chybující aplikace: 0x01d9e9dabc13881a
Cesta k chybující aplikaci: C:\Users\Jirka\AppData\Roaming\MAGIX\VEGAS Pro\JPWLCVAVRDDXXTGA.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 67f69e58-266e-486f-9103-73423203e119
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/18/2023 04:49:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: JPWLCVAVRDDXXTGA.exe, verze: 2.0.0.0, časové razítko: 0x621e795b
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000140003be2
ID chybujícího procesu: 0x1490
Čas spuštění chybující aplikace: 0x01d9e9d255de4fda
Cesta k chybující aplikaci: C:\Users\Jirka\AppData\Roaming\MAGIX\VEGAS Pro\JPWLCVAVRDDXXTGA.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: b63bf5c2-eb1c-4164-8e3d-e94127599953
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/18/2023 04:43:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: CompatTelRunner.exe, verze: 10.0.19645.1085, časové razítko: 0x79929fe6
Název chybujícího modulu: aemarebackup.dll, verze: 0.0.0.0, časové razítko: 0x97f039af
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000085258
ID chybujícího procesu: 0x438c
Čas spuštění chybující aplikace: 0x01d9e9d9f2eebb61
Cesta k chybující aplikaci: C:\WINDOWS\system32\CompatTelRunner.exe
Cesta k chybujícímu modulu: C:\WINDOWS\system32\aemarebackup.dll
ID zprávy: af70d572-b17c-46aa-bd7e-5b4933245be8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (09/18/2023 09:51:44 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (09/18/2023 09:51:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (09/18/2023 09:51:41 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Freemake Improver bylo dosaženo časového limitu (45000 ms).

Error: (09/18/2023 09:51:38 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba WinDefend byla ukončena s následující chybou:
Obecná chyba odepření přístupu

Error: (09/18/2023 09:51:37 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (09/18/2023 09:51:12 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba Antivirová ochrana v programu Microsoft Defender byla ukončena s následující chybou:
Obecná chyba odepření přístupu

Error: (09/18/2023 09:51:11 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba Antivirová ochrana v programu Microsoft Defender byla ukončena s následující chybou:
Obecná chyba odepření přístupu

Error: (09/18/2023 09:51:10 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba Antivirová ochrana v programu Microsoft Defender byla ukončena s následující chybou:
Obecná chyba odepření přístupu


Windows Defender:
================
Date: 2023-09-04 05:30:47
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {878C99E4-9517-4F1C-AC56-37E1863230A7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-09-03 08:58:23
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {67196DA1-9B63-4BBA-A2F0-918D1C64BAAC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-09-02 07:23:36
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6C6646E4-41C4-43F5-90DD-4CC1A4B4A8EF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-09-01 09:35:51
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1D4E1958-E856-432C-A135-75C7B7CEF478}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-08-31 14:15:22
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUABundler:Win32/CandyOpen
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_M:\Filmy\Downloads\MediaInfo_GUI_0.7.24_Windows_i386.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel:
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.397.49.0, AS: 1.397.49.0, NIS: 1.397.49.0
Verze modulu: AM: 1.1.23080.2005, NIS: 1.1.23080.2005

CodeIntegrity:
===============
Date: 2023-09-18 09:55:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-09-18 09:54:51
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. F3b 10/04/2018
Motherboard: Gigabyte Technology Co., Ltd. B450 AORUS PRO-CF
Processor: AMD Ryzen 5 2600X Six-Core Processor
Percentage of memory in use: 33%
Total physical RAM: 16332.56 MB
Available physical RAM: 10856.33 MB
Total Virtual: 20684.56 MB
Available Virtual: 10491.13 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.97 GB) (Free:21.55 GB) (Model: XPG GAMMIX S11) NTFS
Drive d: () (Fixed) (Total:931.5 GB) (Free:451.81 GB) (Model: ST1000DM010-2EP102) NTFS
Drive e: (E) (Fixed) (Total:3726.01 GB) (Free:1745.36 GB) (Model: WDC WD4003FFBX-68MU3N0) NTFS

\\?\Volume{bea04c9f-af26-42d9-995d-e26a73ffb427}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
\\?\Volume{423c6468-b74a-4544-9187-272b75b837d7}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 3726 GB) (Disk ID: E814A80B)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

[Reysanger]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2023
Ran by Jirka (administrator) on DESKTOP-HBD88RJ (Gigabyte Technology Co., Ltd. B450 AORUS PRO) (18-09-2023 09:53:44)
Running from C:\Users\Jirka\Desktop\FRST64.exe
Loaded Profiles: Jirka
Platform: Microsoft Windows 10 Home Version 22H2 19045.3448 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\F.luxSoftwareLLC.f.lux_4.120.0.0_x86__sw1dyjdkns7gt\Flux\noshow.exe ->) (7C884E9B-DF9D-4178-B4E5-7948497ADBBA -> f.lux Software LLC) C:\Program Files\WindowsApps\F.luxSoftwareLLC.f.lux_4.120.0.0_x86__sw1dyjdkns7gt\Flux\flux.exe
(explorer.exe ->) (7C884E9B-DF9D-4178-B4E5-7948497ADBBA -> ) C:\Program Files\WindowsApps\F.luxSoftwareLLC.f.lux_4.120.0.0_x86__sw1dyjdkns7gt\Flux\noshow.exe
(explorer.exe ->) (DVDFab Software Inc. -> ) C:\Program Files\DVDFab\PlayerFab\liveUpdate.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (SatoshiLabs, s.r.o. -> ) D:\Program Files\trezor\TREZOR Bridge\trezord.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <31>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(services.exe ->) (Intel(R) Network Platform Group -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_bdb2eb4088db0b4b\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.53.52331.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\True Color\MSI.True Color.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControlEngine.exe
(svchost.exe ->) (NVIDIA Corporation) [File not signed] C:\Users\Jirka\AppData\Roaming\MAGIX\VEGAS Pro\JPWLCVAVRDDXXTGA.exe <4>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.)
HKU\S-1-5-21-2147776618-328994716-1476381886-1002\...\Run: [Steam] => D:\Steamp\steam.exe [4374376 2023-07-28] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2147776618-328994716-1476381886-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365760 2020-04-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-2147776618-328994716-1476381886-1002\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [44161792 2023-09-01] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-2147776618-328994716-1476381886-1002\...\Run: [611dd93a9b5c578be68b17d997792402] => "C:\Program Files\DVDFab\DVDFab 12\LiveUpdate.exe" --run_mode=background_check (No File)
HKU\S-1-5-21-2147776618-328994716-1476381886-1002\...\Run: [PlayerFab] => C:\Program Files\DVDFab\PlayerFab\PlayerFab.exe [23783752 2023-06-27] (DVDFab Software Inc. -> )
HKU\S-1-5-21-2147776618-328994716-1476381886-1002\...\Run: [4f63842c5ef1a9d4ee3c64ea199dba50] => C:\Program Files\DVDFab\PlayerFab\liveUpdate.exe [7590216 2023-06-27] (DVDFab Software Inc. -> )
HKU\S-1-5-21-2147776618-328994716-1476381886-1002\...\Run: [MicrosoftEdgeAutoLaunch_9351DC8C75826C8A9C791E0FFD3CBFF5] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4219448 2023-09-15] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2020-09-29]
ShortcutTarget: TREZOR Bridge.lnk -> D:\Program Files\trezor\TREZOR Bridge\trezord.exe (SatoshiLabs, s.r.o. -> )

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {6d3fd2aa-f83c-4c04-bf03-93df6651834a} - no filepath. <==== ATTENTION
Task: {d5300051-ee82-4328-b426-60c95057cc2e} - no filepath. <==== ATTENTION
Task: {C99AB2A6-8180-4311-AFBE-69AB34E3ED6C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-08-02] (Adobe Inc. -> Adobe Inc.)
Task: {3F5BA140-0684-4FE2-A9C5-48A088B858D1} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2181560 2023-08-02] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {74550FC8-3F87-4274-BF36-EFA252505BFB} - System32\Tasks\JPWLCVAVRDDXXTGA_run => C:\Users\Jirka\AppData\Roaming\MAGIX\VEGAS Pro\JPWLCVAVRDDXXTGA.exe [891368 2022-06-26] (NVIDIA Corporation) [File not signed]
Task: {F996771D-8D36-4413-9684-A169C6A288FA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CF872067-B6B2-4D11-82B0-FAAA38986234} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0EBEEAF1-C7DC-4521-A2FB-C6EC88274A72} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C00F7DD2-AF75-4F5F-846E-28556CFE0569} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C8A6FEB1-2329-4C73-A7D6-E0800C75A669} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [675232 2023-09-13] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {21675527-B305-4AFA-B70B-EC4CD04E2B95} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [722336 2023-09-13] (Mozilla Corporation -> Mozilla Foundation)
Task: {888FBCBE-1748-4895-963C-C1EE62D03A7F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 85F4D821BAA65D0F => C:\Users\Jirka\AppData\Local\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-19] (Mozilla Corporation -> Mozilla Foundation)
Task: {FAB1DFD3-1134-4E20-9C9E-6F9162DC2C36} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [78648 2021-03-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {3B8DAA22-B788-4486-A5E9-1D0637507EBB} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [78648 2021-03-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {9E02C1A5-A205-46AF-8752-6E54CE359413} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe [1674576 2021-03-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {AD687932-A953-46CA-82D4-BB169FF887C7} - System32\Tasks\MSI Task Host - MSI.True Color => C:\Program Files (x86)\MSI\One Dragon Center\True Color\MSI.True Color.exe [47416 2021-03-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {3F36E25F-7F9B-49F0-BAD9-732C9A7CDFF0} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {1CCCFFBD-9346-4AF9-9D43-E96FDBE0F9B2} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B7C48D1E-595C-403E-9957-158E7B37D241} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E21B40A8-B5D9-4D04-AD7A-AD32DE4C3E8A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DC8FB826-A234-4204-AB21-69DBFF0BAE65} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AB4DE027-B36F-4646-AD34-1E7B0AC1AAC4} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {965EA20B-EB90-4689-95B6-BE1A0588BCE0} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ED57E6D3-5AD4-43E5-BD21-A93E0FCC1148} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {02EC2559-6A72-40A1-8D70-D97501834077} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E99A00B4-DC51-4D74-9C93-D86A021ECC92} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2147776618-328994716-1476381886-1002 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.18.1
Tcpip\..\Interfaces\{77e61f90-d511-49c1-a4e6-8b232e0e4137}: [NameServer] 8.8.8.8,208.67.222.222
Tcpip\..\Interfaces\{77e61f90-d511-49c1-a4e6-8b232e0e4137}: [DhcpNameServer] 192.168.18.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge Profile: C:\Users\Jirka\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-18]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Jirka\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-09-18]
Edge Extension: (Dokumenty Google offline) - C:\Users\Jirka\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-14]
Edge Extension: (Edge relevant text changes) - C:\Users\Jirka\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-14]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF DefaultProfile: z47imitc.default
FF ProfilePath: C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\70gl8hsf.default-release [2023-02-04]
FF ProfilePath: C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\z47imitc.default [2023-09-18]
FF DownloadDir: D:\Stažene\Karaga
FF Homepage: Mozilla\Firefox\Profiles\z47imitc.default -> hxxps://www.seznam.cz
FF NewTab: Mozilla\Firefox\Profiles\z47imitc.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10427__190823
FF Notifications: Mozilla\Firefox\Profiles\z47imitc.default -> hxxps://sktorrent.eu; hxxps://forhonor.ubisoft.com; hxxps://gazellegames.net; hxxps://freebitco.in; hxxps://s49-en.gladiatus.gameforge.com; hxxps://www.knizniklub.cz
FF HomepageOverride: Mozilla\Firefox\Profiles\z47imitc.default -> Disabled: _j7Members_@www.convertdocsonline.com
FF NewTabOverride: Mozilla\Firefox\Profiles\z47imitc.default -> Disabled: _j7Members_@www.convertdocsonline.com
FF Extension: (Dark Reader) - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\z47imitc.default\Extensions\addon@darkreader.org.xpi [2023-08-14]
FF Extension: (Browsec VPN - Free VPN for Firefox) - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\z47imitc.default\Extensions\browsec@browsec.com.xpi [2023-09-15]
FF Extension: (MetaMask) - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\z47imitc.default\Extensions\webextension@metamask.io.xpi [2023-09-15]
FF Extension: (Dark Mode) - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\z47imitc.default\Extensions\{174b2d58-b983-4501-ab4b-07e71203cb43}.xpi [2022-07-09]
FF Extension: (Gladiatus Crazy Add On) - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\z47imitc.default\Extensions\{7fb9a47c-8237-47dd-a247-bf2cb7f07e2a}.xpi [2022-09-24]
FF Extension: (Grayfox) - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\z47imitc.default\Extensions\{ceb971ca-37e6-4c49-ab6e-1d1a97a1eb8c}.xpi [2020-10-28]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_156.dll [2019-03-29] (Adobe Systems Incorporated -> )
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-09-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_156.dll [2019-03-29] (Adobe Systems Incorporated -> )
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-12-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-12-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin HKU\S-1-5-21-2147776618-328994716-1476381886-1002: @jlgplayer3.julegame.com -> C:\Users\Jirka\AppData\Local\JuleGame\jlgplayer\npjlgplayer3.dll [2019-10-14] (成都云合互动科技有限公司 -> Jule game technology co.,ltd)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default [2023-02-04]
CHR Extension: (Prezentace) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-06-08]
CHR Extension: (Dokumenty) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-06-08]
CHR Extension: (Disk Google) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-08]
CHR Extension: (YouTube) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-06-08]
CHR Extension: (Cleanflight - Configurator) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\enacoimjcgeinfnnnpajinjgmkahmfgb [2020-06-09]
CHR Extension: (Tabulky) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-06-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-19]
CHR Extension: (Betaflight - Configurator) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdaghagfopacdngbohiknlhcocjccjao [2020-06-08]
CHR Extension: (AVG SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2020-08-20]
CHR Extension: (BLHeli - Configurator) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\mejfjggmbnocnfibbibmoogocnjbcjnk [2020-06-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-06-08]
CHR Extension: (Gmail) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-08]
CHR Extension: (Chrome Media Router) - C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-16]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-08-02] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8923096 2022-05-18] (BattlEye Innovations e.K. -> )
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4507328 2020-04-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [810984 2022-06-13] (EasyAntiCheat Oy -> Epic Games, Inc)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2020-04-22] (Mixbyte Inc -> Freemake)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10676992 2023-09-01] (Logitech Inc -> Logitech, Inc.)
R2 LightKeeperService; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9287960 2023-09-18] (Malwarebytes Inc. -> Malwarebytes)
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [21753376 2021-02-26] (Mail.Ru LLC -> LLC Mail.Ru)
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [147088 2020-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe [131568 2021-01-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe [32752 2021-02-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe [35848 2021-01-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2557656 2021-10-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3476184 2021-10-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2021-10-06] (Even Balance, Inc. -> )
S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [102648 2021-01-29] (Proton Technologies AG -> )
S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [62712 2021-01-29] (Proton Technologies AG -> )
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\UNCHEATER\ucldr_battlegrounds_gl.exe [6973168 2021-06-25] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [7235784 2021-06-25] (PUBG CORPORATION -> PUBG Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_bdb2eb4088db0b4b\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_bdb2eb4088db0b4b\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc. -> SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc. -> SlySoft, Inc.)
S3 atvi-geirdriful_steam; D:\Steamp\steamapps\common\Call of Duty Vanguard\geirdriful.sys [2196736 2023-04-04] (Activision Publishing Inc -> Activision Blizzard, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 DigiartyVirtualCDBus; C:\WINDOWS\System32\drivers\DigiartyVirtualCDBus.sys [276256 2022-11-26] (Digiarty, Inc. -> Digiarty Software, Inc.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-04-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-04-13] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-09-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 eustub; C:\WINDOWS\System32\drivers\eusbstub.sys [43440 2019-12-23] (Electronic Team, Inc -> Electronic Team, Inc.)
S3 gdrv; C:\Windows\gdrv.sys [26792 2018-10-16] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 gdrv2; C:\Windows\gdrv2.sys [32720 2018-10-16] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.)
S3 logi_audio_surround; C:\WINDOWS\system32\drivers\logi_audio_surround.sys [52520 2023-04-16] (Logitech Inc -> Logitech)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2022-09-22] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-22] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2022-09-22] (Logitech Inc -> Logitech)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222272 2023-09-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-09-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [200104 2023-09-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2023-09-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-09-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181984 2023-09-18] (Malwarebytes Inc. -> Malwarebytes)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv1.sys [20986200 2021-02-26] (Mail.Ru LLC -> LLC Mail.Ru)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\One Dragon Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2021-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 VClone; C:\WINDOWS\System32\drivers\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S3 vuhub; C:\WINDOWS\System32\drivers\vuhub.sys [163760 2019-12-23] (Electronic Team, Inc -> Electronic Team, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55872 2023-08-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [574872 2023-08-30] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2023-08-30] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [2729456 2021-06-26] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-09-18 09:53 - 2023-09-18 09:54 - 000033883 _____ C:\Users\Jirka\Desktop\FRST.txt
2023-09-18 09:51 - 2023-09-18 09:51 - 000181984 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-09-18 09:51 - 2023-09-18 09:51 - 000000000 ____D C:\Users\Jirka\AppData\LocalLow\IGDump
2023-09-18 09:50 - 2023-09-18 09:53 - 002382848 _____ (Farbar) C:\Users\Jirka\Desktop\FRST64.exe
2023-09-18 08:28 - 2023-09-18 09:52 - 000000000 ____D C:\Users\Jirka\AppData\Local\Malwarebytes
2023-09-18 08:28 - 2023-09-18 08:28 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-09-18 08:28 - 2023-09-18 08:28 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-09-18 08:28 - 2023-09-18 08:28 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-09-18 08:27 - 2023-09-18 08:28 - 000000000 ____D C:\Program Files\Malwarebytes
2023-09-18 08:22 - 2023-09-18 08:23 - 000000000 ____D C:\Users\Jirka\Desktop\Strays.2023.1080p.WEBRip.1400MB.DD5.1.x264-GalaxyRG
2023-09-18 08:21 - 2023-09-18 08:21 - 002606880 _____ (Malwarebytes) C:\Users\Jirka\Desktop\MBSetup.exe
2023-09-15 08:15 - 2023-09-15 08:15 - 013282410 _____ C:\Users\Jirka\Desktop\377983285_277953668370215_8424198779312549619_n.mp4
2023-09-15 04:15 - 2023-09-15 04:15 - 000000000 ____D C:\Users\Jirka\AppData\Local\Backup
2023-09-14 16:16 - 2023-09-14 16:16 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2023-09-14 16:12 - 2023-09-03 23:47 - 001227400 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-09-14 16:12 - 2023-09-03 23:47 - 000849088 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-09-14 16:12 - 2023-09-03 23:47 - 000849088 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-09-14 16:12 - 2023-09-03 23:47 - 000713920 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-09-14 16:12 - 2023-09-03 23:47 - 000713920 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-09-14 16:12 - 2023-09-03 23:47 - 000653504 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-09-14 16:12 - 2023-09-03 23:47 - 000653504 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-09-14 16:12 - 2023-09-03 23:47 - 000637120 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-09-14 16:12 - 2023-09-03 23:47 - 000637120 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-09-14 16:12 - 2023-09-03 23:45 - 000939144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2023-09-14 16:12 - 2023-09-03 23:45 - 000669320 _____ C:\WINDOWS\system32\nvofapi64.dll
2023-09-14 16:12 - 2023-09-03 23:45 - 000503928 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2023-09-14 16:12 - 2023-09-03 23:44 - 012066424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2023-09-14 16:12 - 2023-09-03 23:44 - 002168456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2023-09-14 16:12 - 2023-09-03 23:44 - 001621624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2023-09-14 16:12 - 2023-09-03 23:44 - 001537656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2023-09-14 16:12 - 2023-09-03 23:44 - 001195128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2023-09-14 16:12 - 2023-09-03 23:44 - 000992376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2023-09-14 16:12 - 2023-09-03 23:44 - 000777336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2023-09-14 16:12 - 2023-09-03 23:44 - 000768120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2023-09-14 16:12 - 2023-09-03 23:44 - 000459384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2023-09-14 16:12 - 2023-09-03 23:43 - 014520440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2023-09-14 16:12 - 2023-09-03 23:43 - 006190728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2023-09-14 16:12 - 2023-09-03 23:43 - 005845640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2023-09-14 16:12 - 2023-09-03 23:43 - 005550728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2023-09-14 16:12 - 2023-09-03 23:43 - 000853112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2023-09-14 16:12 - 2023-09-01 22:26 - 000108122 _____ C:\WINDOWS\system32\nvinfo.pb
2023-09-13 07:40 - 2023-09-13 07:40 - 000000000 ___HD C:\$WinREAgent
2023-09-13 04:04 - 2023-09-13 07:20 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-09-01 22:32 - 2023-09-01 22:32 - 000000000 ____D C:\Users\Jirka\AppData\Roaming\G HUB
2023-09-01 22:32 - 2023-09-01 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2023-09-01 22:32 - 2023-09-01 22:32 - 000000000 ____D C:\Program Files\LGHUB
2023-08-27 16:27 - 2023-08-27 16:27 - 012160512 _____ (Tim Kosse) C:\Users\Jirka\Downloads\FileZilla_3.65.0_win64-setup.exe
2023-08-23 18:23 - 2023-08-23 18:23 - 044615640 _____ C:\Users\Jirka\Desktop\369713561_573383964815400_5786855424785116121_n.mp4
2023-08-19 10:23 - 2023-08-19 10:23 - 016320295 _____ C:\Users\Jirka\Desktop\Chuze lesem_Ernst Jünger (1951).pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-09-18 09:54 - 2019-10-14 11:49 - 000000000 ____D C:\FRST
2023-09-18 09:52 - 2022-11-26 15:35 - 000000000 ____D C:\Users\Jirka\Documents\DVDFab
2023-09-18 09:52 - 2022-11-26 15:17 - 000000000 ____D C:\ProgramData\boost_interprocess
2023-09-18 09:52 - 2021-02-04 21:05 - 000000000 ____D C:\Users\Jirka\AppData\Local\LGHUB
2023-09-18 09:52 - 2018-10-18 16:02 - 000000000 ____D C:\Users\Jirka\AppData\Local\CrashDumps
2023-09-18 09:52 - 2018-10-16 13:00 - 000000000 ____D C:\ProgramData\NVIDIA
2023-09-18 09:51 - 2020-08-21 11:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-09-18 09:51 - 2020-08-21 11:24 - 000008192 ___SH C:\DumpStack.log.tmp
2023-09-18 09:51 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-18 09:51 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-09-18 09:50 - 2022-11-17 20:33 - 000000000 ____D C:\Program Files (x86)\uTorrent
2023-09-18 08:37 - 2018-10-18 16:09 - 000000000 ____D C:\Users\Jirka\AppData\Roaming\vlc
2023-09-18 08:34 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-18 08:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-09-18 08:28 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-09-18 08:27 - 2019-09-10 08:07 - 000000000 ____D C:\Users\Jirka\AppData\Roaming\uTorrent
2023-09-17 20:53 - 2020-05-15 11:57 - 000182576 _____ C:\Users\Jirka\Desktop\zapis.txt
2023-09-17 03:41 - 2020-06-08 20:09 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-16 20:37 - 2022-11-11 18:47 - 000000000 ____D C:\Users\Jirka\AppData\Roaming\Microsoft\Skype for Desktop
2023-09-16 17:57 - 2022-10-11 15:18 - 000000000 ____D C:\Users\Jirka\Desktop\Kabát El Presidento
2023-09-16 13:26 - 2020-08-21 11:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-09-15 07:16 - 2020-08-21 11:34 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-09-15 07:16 - 2019-12-07 16:41 - 000716764 _____ C:\WINDOWS\system32\perfh005.dat
2023-09-15 07:16 - 2019-12-07 16:41 - 000144942 _____ C:\WINDOWS\system32\perfc005.dat
2023-09-15 07:16 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-09-15 07:09 - 2018-10-17 19:13 - 000000000 ____D C:\Users\Jirka\AppData\Roaming\Microsoft\MMC
2023-09-14 16:16 - 2018-11-19 17:31 - 000000000 ____D C:\Users\Jirka\AppData\Local\NVIDIA
2023-09-14 04:12 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-09-13 17:28 - 2022-10-13 15:49 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-09-13 17:28 - 2022-10-13 15:49 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-09-13 17:28 - 2020-08-21 11:31 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-09-13 08:02 - 2018-10-17 18:04 - 000000000 ____D C:\Users\Jirka\AppData\Local\Packages
2023-09-13 07:51 - 2020-08-21 11:24 - 000295552 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-09-13 07:50 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-09-13 07:50 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-09-13 07:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-09-13 07:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-09-13 07:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-09-13 07:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-09-13 07:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-09-13 07:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-09-13 07:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-09-13 07:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-09-13 07:46 - 2020-08-21 11:26 - 003014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-09-13 07:20 - 2021-11-28 12:52 - 000001318 _____ C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-09-13 07:20 - 2019-09-19 10:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-09-13 07:20 - 2018-10-18 11:22 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-09-13 05:35 - 2018-10-18 08:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-09-13 05:32 - 2018-10-18 08:43 - 177941912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-09-09 20:39 - 2022-11-11 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2023-09-03 23:47 - 2022-06-29 09:31 - 001488008 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-09-03 23:43 - 2022-06-29 09:31 - 003483272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2023-09-03 23:42 - 2023-07-11 17:41 - 006738032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2023-09-03 23:42 - 2020-08-17 17:43 - 007858224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2023-09-01 22:32 - 2021-02-04 21:05 - 000000000 ____D C:\Users\Jirka\AppData\Roaming\LGHUB
2023-09-01 16:16 - 2018-11-11 22:18 - 000000000 ____D C:\Users\Jirka\AppData\Roaming\FileZilla
2023-09-01 14:23 - 2020-03-09 23:24 - 000000128 _____ C:\Users\Jirka\AppData\Local\PUTTY.RND
2023-08-31 14:19 - 2020-09-29 17:04 - 000000000 ____D C:\Users\Jirka\AppData\Roaming\TREZOR Bridge
2023-08-30 20:07 - 2018-10-16 12:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-08-30 05:32 - 2021-01-24 09:06 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

==================== Files in the root of some directories ========

2022-03-19 18:08 - 2021-12-26 16:00 - 000215040 _____ (Igor Pavlov) C:\Program Files\7zxa.dll
2022-03-19 18:08 - 2022-03-06 15:20 - 000321536 _____ () C:\Program Files\Default.SFX
2022-03-19 18:08 - 2022-03-06 15:20 - 000371200 _____ () C:\Program Files\Default64.SFX
2022-03-19 18:08 - 2022-01-04 12:35 - 000002534 _____ () C:\Program Files\Descript.ion
2022-03-19 18:08 - 2022-01-02 20:43 - 000006870 _____ () C:\Program Files\License.txt
2022-03-19 18:08 - 2014-05-22 18:31 - 000006880 _____ () C:\Program Files\License_US.txt
2022-03-19 18:08 - 2022-03-07 09:16 - 000004108 _____ () C:\Program Files\Order.htm
2022-03-19 18:08 - 2022-03-03 15:16 - 000627352 _____ (Alexander Roshal) C:\Program Files\Rar.exe
2022-03-19 18:08 - 2022-02-22 12:30 - 000109934 _____ () C:\Program Files\Rar.txt
2022-03-19 18:08 - 2022-03-03 15:16 - 000647832 _____ (Alexander Roshal) C:\Program Files\RarExt.dll
2022-03-19 18:08 - 2022-03-03 15:16 - 000557720 _____ (Alexander Roshal) C:\Program Files\RarExt32.dll
2022-03-19 18:08 - 2022-03-03 15:16 - 000180888 _____ (Alexander Roshal) C:\Program Files\RarExtInstaller.exe
2022-03-19 18:08 - 2021-10-21 18:36 - 000002183 _____ () C:\Program Files\RarExtLogo.altform-unplated_targetsize-32.png
2022-03-19 18:08 - 2021-10-21 18:36 - 000004179 _____ () C:\Program Files\RarExtLogo.altform-unplated_targetsize-48.png
2022-03-19 18:08 - 2021-10-21 19:54 - 000006234 _____ () C:\Program Files\RarExtLogo.altform-unplated_targetsize-64.png
2022-03-19 18:08 - 2022-03-03 15:15 - 000023531 _____ () C:\Program Files\RarExtPackage.msix
2022-03-19 18:08 - 2017-09-07 01:11 - 000001335 _____ () C:\Program Files\RarFiles.lst
2022-03-19 18:08 - 2022-03-07 10:15 - 000993432 _____ () C:\Program Files\rarlng.dll
2022-03-19 18:09 - 2022-03-19 18:09 - 000000024 _____ () C:\Program Files\rarnew.dat
2022-03-19 18:09 - 2022-03-19 18:08 - 000000486 _____ () C:\Program Files\rarreg.key
2022-03-19 18:08 - 2022-01-04 12:36 - 000001642 _____ () C:\Program Files\ReadMe.txt
2022-03-19 18:08 - 2022-03-03 15:16 - 000422552 _____ (Alexander Roshal) C:\Program Files\Uninstall.exe
2022-03-19 18:08 - 2022-01-03 00:06 - 000000826 _____ () C:\Program Files\Uninstall.lst
2022-03-19 18:08 - 2022-03-03 15:16 - 000427160 _____ (Alexander Roshal) C:\Program Files\UnRAR.exe
2022-03-19 18:08 - 2022-03-06 16:09 - 000225808 _____ () C:\Program Files\WhatsNew.txt
2022-03-19 18:08 - 2022-02-22 14:21 - 000097656 _____ () C:\Program Files\WhatsNew_US.txt
2022-03-19 18:08 - 2022-03-06 15:20 - 000292864 _____ (Alexander Roshal) C:\Program Files\WinCon.SFX
2022-03-19 18:08 - 2022-03-06 15:20 - 000344576 _____ (Alexander Roshal) C:\Program Files\WinCon64.SFX
2022-03-19 18:08 - 2022-02-24 12:20 - 000410812 _____ () C:\Program Files\WinRAR.chm
2022-03-19 18:08 - 2022-03-03 15:16 - 002461336 _____ (Alexander Roshal) C:\Program Files\WinRAR.exe
2022-03-19 18:08 - 2022-03-06 15:20 - 000272384 _____ () C:\Program Files\Zip.SFX
2022-03-19 18:08 - 2022-03-06 15:20 - 000307200 _____ () C:\Program Files\Zip64.SFX
2022-03-19 18:09 - 2022-03-19 18:09 - 000000022 _____ () C:\Program Files\zipnew.dat
2023-02-01 13:15 - 2023-02-01 13:15 - 000000171 _____ () C:\Users\Jirka\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f
2023-02-01 13:15 - 2023-02-01 13:15 - 000000304 _____ () C:\Users\Jirka\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf
2022-11-26 15:34 - 2022-11-26 15:34 - 000000171 _____ () C:\Users\Jirka\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2020-04-13 16:34 - 2020-04-13 16:34 - 000040460 _____ () C:\Users\Jirka\AppData\Roaming\edz_0D0A0E0M0O0N0T1F1F1I1B1V0F0StJ1V0A0V0A0S0T.txt
2020-04-13 16:34 - 2020-04-13 16:34 - 000284028 _____ () C:\Users\Jirka\AppData\Roaming\edz_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt
2023-02-01 13:15 - 2023-02-01 13:15 - 000000175 _____ () C:\Users\Jirka\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388
2020-10-07 11:17 - 2023-03-11 18:16 - 000000128 _____ () C:\Users\Jirka\AppData\Roaming\PUTTY.RND
2020-05-11 17:34 - 2021-08-10 15:43 - 000052303 _____ () C:\Users\Jirka\AppData\Local\PlariumPlay.log
2020-03-09 23:24 - 2023-09-01 14:23 - 000000128 _____ () C:\Users\Jirka\AppData\Local\PUTTY.RND
2021-05-19 11:40 - 2021-05-19 11:40 - 000000001 _____ () C:\Users\Jirka\AppData\Local\RawCopy.1.10.agreement
2021-05-19 11:43 - 2021-05-19 11:46 - 000000001 _____ () C:\Users\Jirka\AppData\Local\RawCopy.sourcedisk.index
2021-05-14 19:02 - 2022-12-13 10:33 - 000007603 _____ () C:\Users\Jirka\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-2147776618-328994716-1476381886-1002\...\Run: [611dd93a9b5c578be68b17d997792402] => "C:\Program Files\DVDFab\DVDFab 12\LiveUpdate.exe" --run_mode=background_check (No File)
Task: {6d3fd2aa-f83c-4c04-bf03-93df6651834a} - no filepath. <==== ATTENTION
Task: {d5300051-ee82-4328-b426-60c95057cc2e} - no filepath. <==== ATTENTION
C:\DumpStack.log.tmp
C:\Users\Jirka\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f
C:\Users\Jirka\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
C:\Users\Jirka\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf
C:\Users\Jirka\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388
AlternateDataStreams: C:\Users\Jirka\Desktop\FRST64.exe:MBAM.Zone.Identifier [193]
FirewallRules: [TCP Query User{BD9B5272-AA7B-481E-9641-8B91BBA8675E}C:\users\jirka\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_farmer.exe] => (Block) C:\users\jirka\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_farmer.exe => No File
FirewallRules: [TCP Query User{8D8FE183-C8E1-494A-AAFA-CFF89A2082ED}D:\steamp\steamapps\common\world of tanks\eu\win64\worldoftanks.exe] => (Allow) D:\steamp\steamapps\common\world of tanks\eu\win64\worldoftanks.exe => No File
FirewallRules: [UDP Query User{3F33CEE0-DD2B-44D8-A899-B3A821D1C314}D:\steamp\steamapps\common\world of tanks\eu\win64\worldoftanks.exe] => (Allow) D:\steamp\steamapps\common\world of tanks\eu\win64\worldoftanks.exe => No File
FirewallRules: [{A5236DBD-C007-4229-9E5C-F95C063220CA}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe => No File
FirewallRules: [{ABE7535E-E44C-42AF-9D43-38D0534FD6E4}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe => No File
FirewallRules: [TCP Query User{9518EF88-2DED-477A-83D2-69330C8F7031}C:\program files\dvdfab\dvdfab 12\dvdfab64.exe] => (Allow) C:\program files\dvdfab\dvdfab 12\dvdfab64.exe => No File
FirewallRules: [UDP Query User{0C70E994-6D6B-4F49-9BED-8A4DC00F2DF5}C:\program files\dvdfab\dvdfab 12\dvdfab64.exe] => (Allow) C:\program files\dvdfab\dvdfab 12\dvdfab64.exe => No File
FirewallRules: [{AD6DFE5D-6CCE-4BC2-8B0B-9DC353F5CD06}] => (Allow) D:\Steamp\steamapps\common\Isonzo\Isonzo\Isonzo.exe => No File
FirewallRules: [{885E4329-F83F-4148-95B8-6B5FA9FC1C18}] => (Allow) D:\Steamp\steamapps\common\Isonzo\Isonzo\Isonzo.exe => No File
M:\Filmy\Downloads\MediaInfo_GUI_0.7.24_Windows_i386.exe


EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Reysanger]

Fix result of Farbar Recovery Scan Tool (x64) Version: 16-09-2023
Ran by Jirka (18-09-2023 13:39:02) Run:2
Running from C:\Users\Jirka\Desktop
Loaded Profiles: Jirka
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-2147776618-328994716-1476381886-1002\...\Run: [611dd93a9b5c578be68b17d997792402] => "C:\Program Files\DVDFab\DVDFab 12\LiveUpdate.exe" --run_mode=background_check (No File)
Task: {6d3fd2aa-f83c-4c04-bf03-93df6651834a} - no filepath. <==== ATTENTION
Task: {d5300051-ee82-4328-b426-60c95057cc2e} - no filepath. <==== ATTENTION
C:\DumpStack.log.tmp
C:\Users\Jirka\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f
C:\Users\Jirka\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
C:\Users\Jirka\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf
C:\Users\Jirka\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388
AlternateDataStreams: C:\Users\Jirka\Desktop\FRST64.exe:MBAM.Zone.Identifier [193]
FirewallRules: [TCP Query User{BD9B5272-AA7B-481E-9641-8B91BBA8675E}C:\users\jirka\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_farmer.exe] => (Block) C:\users\jirka\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_farmer.exe => No File
FirewallRules: [TCP Query User{8D8FE183-C8E1-494A-AAFA-CFF89A2082ED}D:\steamp\steamapps\common\world of tanks\eu\win64\worldoftanks.exe] => (Allow) D:\steamp\steamapps\common\world of tanks\eu\win64\worldoftanks.exe => No File
FirewallRules: [UDP Query User{3F33CEE0-DD2B-44D8-A899-B3A821D1C314}D:\steamp\steamapps\common\world of tanks\eu\win64\worldoftanks.exe] => (Allow) D:\steamp\steamapps\common\world of tanks\eu\win64\worldoftanks.exe => No File
FirewallRules: [{A5236DBD-C007-4229-9E5C-F95C063220CA}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe => No File
FirewallRules: [{ABE7535E-E44C-42AF-9D43-38D0534FD6E4}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe => No File
FirewallRules: [TCP Query User{9518EF88-2DED-477A-83D2-69330C8F7031}C:\program files\dvdfab\dvdfab 12\dvdfab64.exe] => (Allow) C:\program files\dvdfab\dvdfab 12\dvdfab64.exe => No File
FirewallRules: [UDP Query User{0C70E994-6D6B-4F49-9BED-8A4DC00F2DF5}C:\program files\dvdfab\dvdfab 12\dvdfab64.exe] => (Allow) C:\program files\dvdfab\dvdfab 12\dvdfab64.exe => No File
FirewallRules: [{AD6DFE5D-6CCE-4BC2-8B0B-9DC353F5CD06}] => (Allow) D:\Steamp\steamapps\common\Isonzo\Isonzo\Isonzo.exe => No File
FirewallRules: [{885E4329-F83F-4148-95B8-6B5FA9FC1C18}] => (Allow) D:\Steamp\steamapps\common\Isonzo\Isonzo\Isonzo.exe => No File
M:\Filmy\Downloads\MediaInfo_GUI_0.7.24_Windows_i386.exe


EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-2147776618-328994716-1476381886-1002\Software\Microsoft\Windows\CurrentVersion\Run\\611dd93a9b5c578be68b17d997792402" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6d3fd2aa-f83c-4c04-bf03-93df6651834a}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{d5300051-ee82-4328-b426-60c95057cc2e}" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\Users\Jirka\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f => moved successfully
C:\Users\Jirka\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0 => moved successfully
C:\Users\Jirka\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf => moved successfully
C:\Users\Jirka\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388 => moved successfully
C:\Users\Jirka\Desktop\FRST64.exe => ":MBAM.Zone.Identifier" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BD9B5272-AA7B-481E-9641-8B91BBA8675E}C:\users\jirka\appdata\local\chia-blockchain\app-1.1.5\resources\app.asar.unpacked\daemon\start_farmer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8D8FE183-C8E1-494A-AAFA-CFF89A2082ED}D:\steamp\steamapps\common\world of tanks\eu\win64\worldoftanks.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3F33CEE0-DD2B-44D8-A899-B3A821D1C314}D:\steamp\steamapps\common\world of tanks\eu\win64\worldoftanks.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A5236DBD-C007-4229-9E5C-F95C063220CA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ABE7535E-E44C-42AF-9D43-38D0534FD6E4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9518EF88-2DED-477A-83D2-69330C8F7031}C:\program files\dvdfab\dvdfab 12\dvdfab64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0C70E994-6D6B-4F49-9BED-8A4DC00F2DF5}C:\program files\dvdfab\dvdfab 12\dvdfab64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AD6DFE5D-6CCE-4BC2-8B0B-9DC353F5CD06}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{885E4329-F83F-4148-95B8-6B5FA9FC1C18}" => removed successfully
"M:\Filmy\Downloads\MediaInfo_GUI_0.7.24_Windows_i386.exe" => not found

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1073061836 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 364582935 B
Windows/system/drivers => 12509684 B
Edge => 0 B
Chrome => 0 B
Firefox => 1861640586 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 56798 B
NetworkService => 349178 B
Jirka => 34945701 B

RecycleBin => 0 B
EmptyTemp: => 3.1 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 18-09-2023 13:41:57)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 13:41:57 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[Reysanger]

No když vypnu Malwarebytes tak


A když je zaplý v poho divný

Jo já ten utorent používám na stahovaní stahnu jinou aplikaci teda
A vyskakuje mě tohle

[Rudy]

Pokud nainstalujete AV od třetí osoby, Windef se automaticky vypíná, takže systém vám vlastně hlásí stav toho nainstalovaného AV. Máte 2 možnosti:

1. Provést obnovu systému k datu, kdy korektně fungova. MBAM samozřejmě musíte odinstalovat.
2. Nainstalovat AV od 3. osoby a ponechat jej v systému.

Osobně bych volil 2. možnost Windef je takový nicmoc AV.

[Reysanger]

CO myslíte AV ? Antvir a který doporučujete

[Rudy]

Co myslím? Že AV je antivir. Mohl by vám vyhovovat Avast free: https://www.avast.com/cs-cz/lp-ppc-free ... c=aw.ds#pc.

[Reysanger]

Tak Premium Security Avast ne

[Reysanger]

Ale když vypnu ten Malwarebytes tak se mě zas ukáže to by přece mělo už být odfajfklé zeleně a ne křížek.

[Rudy]

Proč Avast ne? Nepsal jsem o žádném Premium Security Avast, ale o Avast Free. Normálně MBAM odinstalujte a nic dalšího neřešte. Firewall máte v systému.

[Reysanger]

Ok . Ale co jsem měl teda v PC ten utorent a proč teda pořád chce reset - před hrozbami viry

[Rudy]

Patrně proto, že torrent je semeniště virů a zřejmě jste si přes něj něco stáhl. Nejlepší by bylo ho odinstalovat. Zkuste ho prozatím přeinstalovat, nebo si vyberte jiného klienta a ten nainstalujte. Mmch., některá zahraniční fóra neřeší zavirované systémy s nainstalovaným torrentovým klientem. Berou to jako zámětné zavirování.