Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-03-2021
Ran by Mimic (administrator) on DESKTOP-0G63EDE (Gigabyte Technology Co., Ltd. AB350-Gaming 3) (20-04-2021 10:43:07)
Running from D:\staženéé
Loaded Profiles: Mimic & Administrator
Platform: Windows 10 Pro Version 1903 18362.778 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc. -> Apple Inc.) C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.220.4152.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) D:\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-11-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [116960 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [4StoryPrePatch] => D:\4secret\4SecretPrePatch.exe
HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\...\Run: [btweb] => "C:\Users\Mimic\AppData\Roaming\BitTorrent Web\btweb.exe" /MINIMIZED
HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8520168 2021-02-28] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3518016 2021-03-16] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-1235492812-2151765122-4279266773-1002\...\Policies\system: [DisableLockWorkstation] 0
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.128\Installer\chrmstp.exe [2021-04-14] (Google LLC -> Google LLC)
Startup: C:\Users\Mimic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2019-12-06]
ShortcutTarget: Twitch.lnk -> C:\Users\Mimic\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07C19DA9-9809-4E3C-A0EF-71A9A73AC8A9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {0B0DB705-37EA-4968-946C-030378D84EBF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {10FE5B53-9E7D-4ADE-BF14-F16A405BAE2B} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1122F02D-E2F3-4BFC-8ECF-C37F95D5BB7F} - System32\Tasks\Outbyte\PC Repair\Start PC Repair оn logon => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe [8287552 2021-02-05] (Outbyte Computing Pty Ltd -> Outbyte) <==== ATTENTION
Task: {1BD676E1-AA73-4FED-A03C-8417BAE84505} - System32\Tasks\Apple Diagnostics => C:\Users\Mimic\AppData\Local\Microsoft\WindowsApps\eReporter-AppX.exe [0 2020-04-10] ()
Task: {29354060-62E1-4282-8B37-A77EC565D331} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {297E0AEE-4D81-4A0E-BE3F-B57D62E94A13} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {49332DF1-7BB7-43E1-9BB3-D0453BB0EAFC} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {4F46DDDF-FB8A-4686-ABFB-0D0793CD9EFB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5F840A11-67B3-48C6-8341-2D01E58AE617} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {71175C86-518C-44C7-B01B-827AA95F1810} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {857BF743-6CB9-4AE7-BEE6-59A3D03F1504} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-21] (Adobe Inc. -> Adobe)
Task: {8891E9FD-4515-4B4E-9B5D-81A18A4697C8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {98AD43E8-36DF-4981-A1A1-AEFD90354284} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_pepper.exe [1454648 2020-06-21] (Adobe Inc. -> Adobe)
Task: {C3C945C1-9ADA-459C-8EAA-1302C641C29A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E15CC287-61C8-46C7-9FC9-54B3C06153DA} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4686560 2021-04-08] (Avast Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 81.27.195.6
Tcpip\..\Interfaces\{5582edf2-6605-4509-9265-68cb85011cfc}: [DhcpNameServer] 81.27.195.6

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-04-15] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-12-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-12-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-12-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-12-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default [2021-04-20]
CHR Notifications: Default -> hxxps://manius.cz
CHR HomePage: Default -> hxxp://www.google.com
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee&type=E210US91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://us.search.yahoo.com/sugg/gossip/gossip-us-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (Prezentace) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-26]
CHR Extension: (Dokumenty) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-26]
CHR Extension: (Disk Google) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (YouTube) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-26]
CHR Extension: (Aliexpress SuperStar česky, Historie cen a koruny) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciclollkolafellcaolgccmfjldgpolo [2021-04-05]
CHR Extension: (Tabulky) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-26]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-04-07]
CHR Extension: (Záložky na iCloudu) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2020-05-01]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-12-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-14]
CHR Extension: (Vysor) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2020-09-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Extension: (Gmail) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-17]
CHR Profile: C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-03-17]
CHR Profile: C:\Users\Mimic\AppData\Local\Google\Chrome\User Data\System Profile [2021-03-17]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

Opera: 
=======
OPR Profile: C:\Users\Mimic\AppData\Roaming\Opera Software\Opera Stable [2021-03-17]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.cz/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-21] (Adobe Inc. -> Adobe)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7878680 2021-03-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621608 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [352480 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56904 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R2 Bonjour Service; C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe [390504 2020-12-29] (Apple Inc. -> Apple Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [810928 2021-02-22] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [410864 2021-01-25] (NVIDIA Corporation -> NVIDIA)
S3 GameforgeClientService; C:\Program Files (x86)\GameforgeClient\gfservice.exe [568480 2021-01-11] (Gameforge 4D GmbH -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-05-23] (Malwarebytes Inc -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [952992 2021-04-15] (McAfee, LLC -> McAfee, LLC)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2523448 2020-12-02] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3478336 2020-12-02] (Electronic Arts, Inc. -> Electronic Arts)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1123336 2021-03-03] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [321544 2021-03-03] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2020-12-01] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294464 2021-03-16] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533808 2021-01-29] (Razer USA Ltd. -> Razer Inc.)
S3 TNTClientDaemonMS2; C:\Program Files (x86)\GameforgeLoginMS2\daemon.exe [406184 2019-02-28] (Gameforge 4D GmbH -> )
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [28136 2021-02-28] (LAVASOFT SOFTWARE CANADA INC -> )
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35680 2021-04-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208552 2021-04-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365520 2021-04-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250328 2021-04-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99288 2021-04-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2021-01-15] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41304 2021-04-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [177872 2021-04-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [524416 2021-04-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107808 2021-04-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83368 2021-04-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850120 2021-04-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [466696 2021-04-08] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215328 2021-02-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-04-08] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-10-16] (Microsoft Corporation) [File not signed]
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1214752 2018-10-15] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216056 2020-08-09] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-06-02] (Malwarebytes Inc -> Malwarebytes)
R3 ObDrvMonPCRSrv; C:\Program Files (x86)\Outbyte\PC Repair\DrvMonX64.sys [186544 2021-01-12] (Outbyte Computing Pty Ltd -> Outbyte)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [54168 2020-11-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_025a; C:\WINDOWS\System32\drivers\RzDev_025a.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0306; C:\WINDOWS\System32\drivers\RzDev_0306.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46688 2019-10-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-10-17] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [2719256 2021-02-23] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-08 21:35 - 2021-04-08 21:35 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-04-08 21:35 - 2021-04-08 21:35 - 000216376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd94e682e5b962504.tmp
2021-04-08 10:54 - 2021-04-08 10:54 - 000189112 _____ (Razer Inc.) C:\WINDOWS\system32\RzChromaBroadcastAPI64.dll
2021-04-08 10:54 - 2021-04-08 10:54 - 000165056 _____ (Razer Inc.) C:\WINDOWS\system32\RzChromaBroadcastManager64.dll
2021-04-08 10:54 - 2021-04-08 10:54 - 000154808 _____ (Razer Inc.) C:\WINDOWS\SysWOW64\RzChromaBroadcastAPI.dll
2021-04-08 10:54 - 2021-04-08 10:54 - 000134848 _____ (Razer Inc.) C:\WINDOWS\SysWOW64\RzChromaBroadcastManager.dll
2021-04-05 21:37 - 2021-04-19 22:39 - 000000000 ___DC C:\Users\Mimic\AppData\LocalLow\uTorrent
2021-03-26 13:50 - 2021-03-26 14:21 - 000000000 ____D C:\Users\Mimic\AppData\Roaming\coc2electron
2021-03-26 13:50 - 2021-03-26 13:50 - 000000000 ____D C:\Users\Mimic\AppData\Roaming\CoC II
2021-03-23 14:40 - 2021-03-23 15:02 - 000000000 ____D C:\Users\Mimic\AppData\Local\Razer
2021-03-23 14:40 - 2021-03-23 14:40 - 000000000 ____D C:\Users\Mimic\AppData\Roaming\Synapse3
2021-03-23 14:40 - 2021-03-23 14:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2021-03-23 14:39 - 2021-04-19 11:57 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2021-03-23 14:39 - 2021-03-23 14:39 - 000000000 ____D C:\Program Files\Razer Chroma SDK
2021-03-23 14:39 - 2021-03-23 14:39 - 000000000 ____D C:\Program Files\Razer
2021-03-23 14:37 - 2021-03-23 14:39 - 000000000 ____D C:\Program Files (x86)\Razer
2021-03-23 14:12 - 2021-03-23 15:02 - 000000000 ____D C:\ProgramData\Razer
2021-03-23 09:49 - 2021-03-23 09:49 - 000000000 ____D C:\Users\Mimic\AppData\Local\ali213GameLauncher

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-20 10:43 - 2020-05-09 01:17 - 000000000 ____D C:\FRST
2021-04-20 10:42 - 2021-02-23 15:44 - 000003354 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{445A50B5-41A2-4C37-9686-B5F8F8E539DB}
2021-04-20 10:42 - 2020-05-31 00:23 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1235492812-2151765122-4279266773-500
2021-04-20 10:42 - 2019-10-16 09:52 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-20 10:42 - 2019-10-16 09:52 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-20 10:42 - 2019-10-16 09:52 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-20 10:42 - 2019-10-16 09:52 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-20 10:42 - 2019-10-16 09:52 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-20 10:42 - 2019-10-16 09:52 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-20 10:42 - 2019-10-16 09:52 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-20 10:42 - 2019-10-16 09:52 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-20 10:42 - 2019-10-16 09:52 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-20 10:42 - 2019-10-16 09:52 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-04-20 10:37 - 2019-10-16 09:52 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-04-20 10:26 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-04-20 10:21 - 2018-12-24 16:57 - 000000000 ____D C:\ProgramData\NVIDIA
2021-04-20 10:20 - 2020-06-21 22:18 - 000000000 ____D C:\Users\Mimic\AppData\Roaming\uTorrent
2021-04-20 10:20 - 2020-05-01 13:08 - 000000000 ____D C:\Users\Mimic\AppData\Roaming\discord
2021-04-20 10:20 - 2019-09-14 07:23 - 000000000 ___DC C:\Users\Mimic\AppData\Roaming\Twitch
2021-04-20 10:17 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-20 09:44 - 2019-10-16 09:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-20 03:29 - 2020-05-01 13:08 - 000000000 ____D C:\Users\Mimic\AppData\Local\Discord
2021-04-20 02:07 - 2019-10-16 09:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-04-20 01:17 - 2019-01-02 16:02 - 000000000 ___DC C:\Users\Mimic\AppData\Roaming\vlc
2021-04-19 14:06 - 2018-12-24 23:24 - 000000000 ___DC C:\Users\Mimic\AppData\Local\D3DSCache
2021-04-19 13:48 - 2020-06-04 23:14 - 000000000 ____D C:\Users\Mimic\AppData\Local\UnrealEngine
2021-04-19 11:56 - 2020-04-11 12:54 - 000000000 ____D C:\Users\Mimic\AppData\Local\BitTorrentHelper
2021-04-16 15:14 - 2019-11-17 08:14 - 000000000 ____D C:\Users\Mimic\AppData\Local\User Data
2021-04-16 12:01 - 2018-12-25 12:26 - 000000000 ___DC C:\Users\Mimic\AppData\Local\CrashDumps
2021-04-14 22:54 - 2020-06-21 22:28 - 000001018 _____ C:\ProgramData\Desktop\PotPlayer 64 bit.lnk
2021-04-14 02:29 - 2018-03-29 22:46 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-14 02:29 - 2018-03-29 22:46 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-04-08 21:35 - 2020-10-27 00:06 - 000177872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-04-08 21:35 - 2020-04-22 02:34 - 000524416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-04-08 21:35 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-08 21:35 - 2019-01-14 23:20 - 000365520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-04-08 21:35 - 2019-01-08 16:39 - 000250328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-04-08 21:35 - 2019-01-08 16:39 - 000099288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-04-08 21:35 - 2019-01-08 16:39 - 000035680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-04-08 21:35 - 2018-12-26 02:15 - 000850120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-04-08 21:35 - 2018-12-26 02:15 - 000466696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-04-08 21:35 - 2018-12-26 02:15 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-04-08 21:35 - 2018-12-26 02:15 - 000208552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-04-08 21:35 - 2018-12-26 02:15 - 000107808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-04-08 21:35 - 2018-12-26 02:15 - 000083368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-04-08 21:35 - 2018-12-26 02:15 - 000041304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-03-28 10:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-03-23 15:16 - 2018-12-26 02:13 - 000000000 ____D C:\ProgramData\AVAST Software
2021-03-23 14:54 - 2019-10-16 19:25 - 000488808 _____ C:\WINDOWS\system32\perfh011.dat
2021-03-23 14:54 - 2019-10-16 19:25 - 000133986 _____ C:\WINDOWS\system32\perfc011.dat
2021-03-23 14:54 - 2019-10-16 19:23 - 000719846 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-23 14:54 - 2019-10-16 19:23 - 000146332 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-23 14:54 - 2019-10-16 09:54 - 002311632 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-23 14:54 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2021-03-23 14:50 - 2019-10-16 09:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-23 14:49 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-03-23 01:56 - 2021-02-16 02:42 - 000000000 ____D C:\Users\Mimic\AppData\Local\ElevatedDiagnostics

==================== Files in the root of some directories ========

2020-05-09 09:39 - 2020-05-09 09:39 - 000000000 _____ () C:\Users\Mimic\AppData\Roaming\unp201749821.tmp
2019-10-21 19:28 - 2019-10-21 19:28 - 000000033 _____ () C:\Users\Mimic\AppData\Local\Nox_crash.log
2019-10-16 07:54 - 2019-10-16 07:54 - 000000017 ____C () C:\Users\Mimic\AppData\Local\resmon.resmoncfg
2019-11-09 12:15 - 2020-01-26 13:07 - 000000071 _____ () C:\Users\Mimic\AppData\Local\update_progress.txt

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================