Dobrý den, prosím o kontrolu. Ntb zpomalený, někdy mi zamrzá např. Chrome. Předem moc děkuji. Petr
Log z FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-06-2020
Ran by Petr (administrator) on PETR-PC (Dell Inc. Inspiron N5110) (21-06-2020 14:14:09)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Huawei Software Technologies Co., LTD. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Sony Mobile Communications AB -> Sony) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [238568 2020-05-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1058970019-565625320-836684419-1000\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [1687392 2019-10-22] (Sony Mobile Communications AB -> Sony)
HKU\S-1-5-21-1058970019-565625320-836684419-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-11] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-1058970019-565625320-836684419-1000\...\Policies\system: [shell] explorer.exe <==== ATTENTION
HKU\S-1-5-21-1058970019-565625320-836684419-1000\Software\Policies\...\system: [disablecmd] 0
HKLM\...\Windows x64\Print Processors\Canon MG2900 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCB.DLL [30208 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2900 series: C:\Windows\system32\CNMLMCB.DLL [406016 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\chrmstp.exe [2020-06-17] (Google LLC -> Google LLC)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [171384 2017-08-22] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [149040 2017-08-22] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0AA59378-8E4D-4F6C-837A-A262F646EB2D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {0AA59378-8E4D-4F6C-837A-A262F646EB2D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {0AA59378-8E4D-4F6C-837A-A262F646EB2D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [354816 [354816 2015-12-08]] (Microsoft Windows -> Microsoft Corporation)
Task: {10BA1B50-159A-4A75-B0D3-F182097494F6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {334AE7FB-C1CE-4D07-ADB3-B2C49B9E911B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [651200 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3DCF888D-567E-452E-81B0-21CE6ED1A146} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {3DCF888D-567E-452E-81B0-21CE6ED1A146} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [354816 [354816 2015-12-08]] (Microsoft Windows -> Microsoft Corporation)
Task: {4562A2DA-D242-4F10-A52D-66461AFAFD19} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {4562A2DA-D242-4F10-A52D-66461AFAFD19} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [354816 [354816 2015-12-08]] (Microsoft Windows -> Microsoft Corporation)
Task: {5234B889-D5D4-4A2A-81E5-129F9F86646F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {576E0E56-4675-4098-BD33-9D9ACC831405} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {58837616-ABB4-4DB3-9BD1-CB89FB860DCF} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [65440 2020-06-14] (Microsoft Corporation -> Microsoft)
Task: {71E36E3E-C061-4E18-AACB-782294DBC7CB} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [722880 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8A309B55-75F7-4C60-9A3F-550BCC6B2B0A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\Overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {957BBFB0-9218-4AE0-91C5-4BDFFC6DC3EF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [7456984 2017-04-11] (Piriform Ltd -> Piriform Ltd)
Task: {9A67CED2-EF19-41E9-ACDE-28DEB4DE71B5} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [228040 2020-05-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {A9F0E36A-1975-4626-8413-5B21FD4E5494} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [651200 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B1DC51DB-2A2F-4E3B-8AE5-F3B7472590E2} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2759632 2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {BC48D3B9-8EA2-49EE-AB01-729DEFFAA3C3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [947136 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C56B0DDD-11C8-42C3-9F5C-E27CE5166E70} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [722880 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D316999D-9CBA-49E6-98B8-3F7CF8932F83} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1540544 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EA8FDEB2-0D2A-4190-A15F-6427DAB4BF36} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {EA8FDEB2-0D2A-4190-A15F-6427DAB4BF36} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [354816 [354816 2015-12-08]] (Microsoft Windows -> Microsoft Corporation)
Task: {EB568A6B-0CF6-4A7F-8F35-ADA97A85FEA2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {F70B998E-7872-4DE5-A250-5FBE04DBCF4E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.2.255.1 10.2.255.2
Tcpip\..\Interfaces\{7030C5F5-979D-4C60-B08B-702443876251}: [DhcpNameServer] 10.2.255.1 10.2.255.2
Tcpip\..\Interfaces\{B069BC75-0289-4330-A53D-C2F47DA8E3C2}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1058970019-565625320-836684419-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1058970019-565625320-836684419-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FireFox:
========
FF DefaultProfile: nSab0Dcv.default
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\nSab0Dcv.default [2020-06-21]
FF Homepage: Mozilla\Firefox\Profiles\nSab0Dcv.default -> www.google.com
FF Session Restore: Mozilla\Firefox\Profiles\nSab0Dcv.default -> is enabled.
FF Extension: (Avira Browser Safety) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\nSab0Dcv.default\Extensions\abs@avira.com.xpi [2020-06-02]
FF Extension: (Video Blocker) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\nSab0Dcv.default\Extensions\jid1-3OQ5HY7YsLBV7Q@jetpack.xpi [2018-03-02]
FF Extension: (No Name) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\nSab0Dcv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-06-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-14] (Adobe Systems Incorporated -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-14] (Adobe Systems Incorporated -> )
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-08-22] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-08-22] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2020-06-21]
CHR Notifications: Default -> hxxps://www.bombuj.eu
CHR HomePage: Default -> hxxps://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-09]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-09]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Avira Browser Safety) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2020-04-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-28]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1208664 2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [483832 2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [483832 2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [573256 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [636264 2020-05-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [383240 2020-05-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [243856 2020-05-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [161552 2020-04-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] (Huawei Software Technologies Co., LTD. -> )
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-02-08] (Intel Corporation-Mobile Wireless Group -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-08-22] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3386608 2013-02-08] (Intel Corporation-Mobile Wireless Group -> Intel® Corporation)
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [163808 2013-02-13] (Intel Corporation-Mobile Wireless Group -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [163808 2013-02-13] (Intel Corporation-Mobile Wireless Group -> Windows (R) Win 7 DDK provider)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [68152 2019-06-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [222168 2020-05-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [178720 2020-05-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36072 2019-02-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2018-06-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [35376 2019-02-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-01-27] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-01-27] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [32384 2018-03-14] (Sony Mobile Communications AB -> Sony Mobile Communications)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-18] (Malwarebytes Corporation -> Malwarebytes)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [306112 2017-08-22] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48064 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-04-26] (NVIDIA Corporation -> NVIDIA Corporation)
S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfdx64.sys [26112 2012-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [35664 2020-01-08] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [42600 2015-10-15] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [23200 2015-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-21 14:14 - 2020-06-21 14:15 - 000024145 _____ C:\Users\Petr\Desktop\FRST.txt
2020-06-21 14:13 - 2020-06-21 14:15 - 000000000 ____D C:\FRST
2020-06-21 14:11 - 2020-06-21 14:12 - 002290176 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2020-06-18 09:47 - 2020-06-18 12:42 - 2886159855 _____ C:\Users\Petr\Downloads\Záhrobní Komando The Monster Squad 1080p x264 AC3 Cz dab 1987.mkv
2020-06-14 11:48 - 2020-06-14 11:48 - 000001615 _____ C:\Users\Petr\Desktop\EvoScan – zástupce.lnk
2020-06-14 11:40 - 2020-06-14 11:40 - 000000000 ____D C:\Users\Petr\source
2020-06-14 11:38 - 2020-06-14 11:40 - 000000000 ____D C:\Users\Petr\Documents\Visual Studio 2019
2020-06-14 11:25 - 2020-06-14 11:45 - 000000000 ____D C:\Users\Petr\AppData\Local\.IdentityService
2020-06-14 11:25 - 2020-06-14 11:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019
2020-06-14 11:23 - 2020-06-14 11:23 - 000001710 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019.lnk
2020-06-14 10:54 - 2020-06-14 10:54 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-14 10:51 - 2020-06-14 11:29 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Visual Studio Setup
2020-06-14 10:51 - 2020-06-14 10:51 - 000001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
2020-06-14 10:51 - 2020-06-14 10:51 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vstelemetry
2020-06-14 10:51 - 2020-06-14 10:51 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vs_installershell
2020-06-14 10:51 - 2020-06-14 10:51 - 000000000 ____D C:\Users\Petr\AppData\Local\ServiceHub
2020-06-14 10:50 - 2020-06-14 10:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2020-06-14 10:46 - 2020-06-14 10:46 - 000000000 ____D C:\ProgramData\Microsoft Visual Studio
2020-06-14 10:35 - 2020-06-14 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EvoScan Vehicle Diagnostics
2020-06-14 10:27 - 2020-06-14 10:35 - 000000000 ____D C:\Users\Petr\Documents\EvoScan v2.9
2020-06-14 10:27 - 2020-06-14 10:27 - 000000000 ____D C:\Program Files (x86)\EvoScan
2020-06-14 10:24 - 2020-06-14 10:27 - 000000000 ____D C:\Users\Petr\Carisma
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-21 12:36 - 2009-07-14 06:45 - 000015328 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-06-21 12:36 - 2009-07-14 06:45 - 000015328 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-06-21 12:25 - 2016-01-26 20:21 - 000000000 ____D C:\ProgramData\NVIDIA
2020-06-20 19:45 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-06-18 10:24 - 2016-06-28 20:36 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2020-06-17 21:09 - 2016-03-04 19:11 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-17 21:09 - 2016-03-04 19:11 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-17 21:09 - 2016-03-04 19:11 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-15 06:11 - 2009-07-14 17:18 - 000668792 _____ C:\Windows\system32\perfh005.dat
2020-06-15 06:11 - 2009-07-14 17:18 - 000141420 _____ C:\Windows\system32\perfc005.dat
2020-06-15 06:11 - 2009-07-14 07:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2020-06-15 06:11 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-06-14 11:40 - 2016-01-26 19:45 - 000000000 ____D C:\Users\Petr
2020-06-14 11:25 - 2009-07-14 07:32 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-06-14 11:22 - 2016-01-29 12:15 - 001558876 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2020-06-13 19:29 - 2016-03-19 18:03 - 000000000 ____D C:\Users\Petr\Filmy
2020-06-09 19:00 - 2020-01-30 19:54 - 000003454 _____ C:\Windows\system32\Tasks\Avira_Security_Update
2020-06-05 17:14 - 2018-07-19 09:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-06-04 03:43 - 2020-04-25 09:06 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-02 16:00 - 2018-07-19 09:28 - 000003292 _____ C:\Windows\system32\Tasks\Avira_Antivirus_Systray
2020-06-02 15:44 - 2017-03-19 08:39 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Mozilla
2020-05-23 21:55 - 2017-05-25 17:37 - 000000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
==================== Files in the root of some directories ========
2020-03-27 07:52 - 2020-03-27 07:52 - 000003584 _____ () C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-01-26 20:24 - 2016-01-26 20:24 - 000001695 _____ () C:\Users\Petr\AppData\Local\FastClean.20160126.192416.txt
2020-04-05 16:14 - 2020-04-05 16:18 - 082469728 _____ (Sony) C:\Users\Petr\AppData\Local\pcc.exe
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-07-22 08:25
==================== End of FRST.txt ========================
ADDITIONAL:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-06-2020
Ran by Petr (21-06-2020 14:18:21)
Running from C:\Users\Petr\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2016-01-26 17:45:39)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1058970019-565625320-836684419-500 - Administrator - Disabled)
Guest (S-1-5-21-1058970019-565625320-836684419-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1058970019-565625320-836684419-1003 - Limited - Enabled)
Petr (S-1-5-21-1058970019-565625320-836684419-1000 - Administrator - Enabled) => C:\Users\Petr
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {8EAC8D5C-B3AA-95AA-3DF1-2845CDD09CBE}
AS: Avira Antivirus (Enabled - Up to date) {35CD6CB8-9590-9A24-0741-1337B657D603}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
AIDA64 Extreme v5.60 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.60 - FinalWire Ltd.)
Aktualizace NVIDIA 28.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 28.0.0.0 - NVIDIA Corporation) Hidden
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.41 - NVIDIA Corporation) Hidden
Avira (HKLM-x32\...\{4BC31208-EC3B-453B-8819-6B81AE3EC153}) (Version: 1.2.146.25871 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{caade1ea-26aa-4e8f-a4f0-59cf0c0e91a5}) (Version: 1.2.146.25871 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2006.1895 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.33.5.26382 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.30.9723 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{6BAE2CD1-EFB3-48A0-9DC4-7720086B4B65}) (Version: 2.0.6.31130 - Avira Operations GmbH & Co. KG)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Balíček ovladače systému Windows - Sony Mobile Communications (ggsomc) SOMCFlashDevice (12/06/2017 3.2.0.0) (HKLM\...\7AA77B236196DB9A6C04257060560ACDBB626F30) (Version: 12/06/2017 3.2.0.0 - Sony Mobile Communications)
Call Of Duty(R) 2 (HKLM-x32\...\{DBECFA83-42DC-4585-A970-A764AB01A956}) (Version: 1.0 - )
CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)
Dell Custom Help (HKLM\...\{E01EEE45-7768-4984-BDB2-76F5C5A823BE}) (Version: 15.06.1000.0142 - Intel Corporation) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.)
EvoScan v2.9 (HKLM-x32\...\{5325FF15-C342-440F-B573-860068258620}) (Version: 2.9.0017 - EvoScan)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.106 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
GWX Control Panel (HKLM-x32\...\UltimateOutsider_GwxControlPanel) (Version: - UltimateOutsider)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{3015F546-6C3E-4E6A-B564-BCDF88C0BA2A}) (Version: 2.1.1.0153 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.6.2035.522 - Microsoft Corporation)
Mozilla Firefox 70.0 (x64 cs) (HKLM\...\Mozilla Firefox 70.0 (x64 cs)) (Version: 70.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 70.0.0.7228 - Mozilla)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MTP Porting Kit (HKLM-x32\...\{353B1E6D-7073-4450-8C80-699BD8FCFB49}) (Version: 12.0.0 - Microsoft Corp)
Netwaiting (HKLM-x32\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.59 - BVRP Software, Inc)
NVIDIA GeForce Experience 3.9.0.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.61 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.41 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.2.22.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.22.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.41 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
Ovládací panel NVIDIA 385.41 (HKLM\...\{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 385.41 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Sony Mobile Software Update Drivers (HKLM\...\{4872001F-F67C-4C54-BC92-281C6A165251}) (Version: 3.2.0.3 - Sony Mobile Communications)
Sony Mobile Update Engine (HKU\S-1-5-21-1058970019-565625320-836684419-1000\...\Update Engine) (Version: 2.19.2.201902081434 - Sony Mobile Communications Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.1.1 - Krzysztof Kowalczyk)
TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F}) (Version: 1.12.14.0 - Texas Instruments Inc.)
TI USB3 Host Driver (HKLM-x32\...\{B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F}) (Version: 1.12.14.0 - Texas Instruments Inc.) Hidden
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Visual Studio Community 2019 (HKLM-x32\...\ea263fb2) (Version: 16.6.30204.135 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.10 - VideoLAN)
vs_filehandler_amd64 (HKLM-x32\...\{7A991159-9069-471D-B85F-89B1E4E66822}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{16E73A5A-339C-4177-A0BD-04278C06625C}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{C8E7C1FC-925C-4163-BAB3-769E6C7961D2}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{DA7AB063-D1A3-4D5A-8221-598ACF4574B4}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{DA2B1838-3B2E-4220-8B2E-796F4624D463}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsi (HKLM-x32\...\{5F2E2347-2042-4340-BBDD-262BB1791EC7}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsires (HKLM-x32\...\{79FC4FC1-3101-4FFF-8A11-079688A7BDEE}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Xperia Companion (HKLM-x32\...\{5b7c1b25-5fb6-442c-a1b5-cb8dfc2267bf}) (Version: 2.8.3.0 - Sony)
Xperia Companion (HKLM-x32\...\{66EABD35-6233-4926-9AB1-AB31CC6BC7D9}) (Version: 2.8.3.0 - Sony) Hidden
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-08-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2016-01-26 20:14 - 2010-11-06 00:50 - 000058880 _____ ( () [File not signed]) [File is in use ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2016-01-26 20:14 - 2010-11-06 00:50 - 000006656 _____ ( (Intel Corporation) [File not signed]) [File is in use ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IAStorDataMgr.resources.dll
2019-03-27 23:48 - 2019-03-27 23:48 - 000115200 _____ ( (Microsoft Corporation) [File not signed]) [File is in use ] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2016-05-25 16:39 - 2016-05-25 16:39 - 000225280 _____ ( (Microsoft Corporation) [File not signed]) [File is in use ] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2017-04-11 00:57 - 2017-04-11 00:57 - 000065536 _____ () [File not signed] C:\Program Files\CCleaner\lang\lang-1029.dll
2017-09-14 06:04 - 2017-09-14 06:04 - 000169984 _____ () [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\8b04b1d1cb7f3e67a492a668b93ccf04\IsdiInterop.ni.dll
2017-09-14 06:04 - 2017-09-14 06:04 - 000014336 _____ (Intel Corp.) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\9429e1568234c3e5a00543b7596551d7\IAStorCommon.ni.dll
2016-01-26 20:14 - 2010-11-06 00:46 - 000275456 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI.dll
2017-09-14 06:04 - 2017-09-14 06:04 - 000219136 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\385433c71c6ed684d20b623319bbc6f6\IAStorDataMgr.ni.dll
2017-09-14 06:04 - 2017-09-14 06:04 - 000475648 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\c524bada9626f129ee94ae7e50c99be1\IAStorUtil.ni.dll
2017-08-24 18:29 - 2017-08-22 00:33 - 000339256 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\_nvstapisvr64.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:15B79D44 [133]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-1058970019-565625320-836684419-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice => Applications\notepad.exe
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1058970019-565625320-836684419-1000\...\dell.com -> dell.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2017-05-17 01:50 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files\Intel\WiFi\bin;C:\Program Files\Common Files\Intel\WirelessCommon;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-1058970019-565625320-836684419-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.2.255.1 - 10.2.255.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{E17455E4-4880-4EB5-A391-10948061BD51}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [{94582EAD-060D-4C43-A030-23C0C1E9D1DA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{335653A3-5B2E-41F8-A63A-6CCFF72DC6BB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{5F3D1F62-35D0-4844-979C-F950082670D0}C:\program files (x86)\call of duty - world at war\codwaw.exe] => (Block) C:\program files (x86)\call of duty - world at war\codwaw.exe (Activision Blizzard, Inc.) [File not signed]
FirewallRules: [UDP Query User{4018C8FE-3A59-4F7B-B0C8-E566B16877C0}C:\program files (x86)\call of duty - world at war\codwaw.exe] => (Block) C:\program files (x86)\call of duty - world at war\codwaw.exe (Activision Blizzard, Inc.) [File not signed]
FirewallRules: [{4DF6EEAB-6B14-4477-8BD2-043AB0124DBD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{88C2FA86-9E83-441B-99EE-43FF4CC5CF11}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1F62CF0A-2C8F-4471-9440-3DA573F79D1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{1C352FBA-BD15-45EC-A02C-98EB7710155E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{91C316C3-6F3F-4B9C-B27A-CB052E806A43}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{886DB9F3-532E-4D9C-AF0E-E04E4BEEBA69}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0AC1998F-FE31-4434-8EF9-F4B8968FD695}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{89D96AE5-2F04-4560-B869-E530B98C048B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{38C88D66-DCA5-48B5-A8E5-5CC674B68065}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FF9DE4C5-6C6A-4E52-81E9-CC387DD5DB8C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7CB7B5DB-6D04-45C9-ABB1-75E9F6306E3B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EBAAEA0F-02D6-4018-836E-5B826F856645}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3272CD5D-BE0F-4A00-974F-4704B9D97E75}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1076C8FC-9184-4485-8E58-8C36BAD7704B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{97E5FA16-5870-4A2C-B060-3F66D588C310}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3ADCDBA3-DA4A-4C79-A9DC-CD7316B0466B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ECAD6D2F-4B22-443C-9A8A-C7230B9B609E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{922A5D73-74CD-4703-9267-01FDA7BBBD37}C:\programdata\sony mobile\update engine\{37543791-4d38-4944-a3be-73c943856fdf}\sony mobile update engine.exe] => (Allow) C:\programdata\sony mobile\update engine\{37543791-4d38-4944-a3be-73c943856fdf}\sony mobile update engine.exe (Sony Mobile Communications AB -> )
FirewallRules: [UDP Query User{19F83985-3364-4FF0-9C60-41AD68564D05}C:\programdata\sony mobile\update engine\{37543791-4d38-4944-a3be-73c943856fdf}\sony mobile update engine.exe] => (Allow) C:\programdata\sony mobile\update engine\{37543791-4d38-4944-a3be-73c943856fdf}\sony mobile update engine.exe (Sony Mobile Communications AB -> )
FirewallRules: [{46AB534A-25BC-4E81-9688-CB4292F5CAD9}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe (Sony Mobile Communications AB -> Sony)
FirewallRules: [{BBE8405C-079B-4D7D-8146-BF2650DF02BE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A9D50C77-DBA0-44F0-BF3B-603B79E22246}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{A0AFFC1B-B70B-4EFE-8D41-5E880F5E4ABB}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{39EACC89-A837-4292-B8CA-5CADE7C6905A}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
==================== Restore Points =========================
28-04-2020 16:49:24 Removed Samsung Kies
28-04-2020 16:53:40 Odstraněno Smart Switch
14-06-2020 10:25:47 Installed EvoScan v2.9
14-06-2020 10:31:57 Removed EvoScan v2.9
14-06-2020 10:35:20 Installed EvoScan v2.9
14-06-2020 10:53:51 Instaluje se Visual Studio Community 2019.
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (06/14/2020 01:05:04 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\Common7\IDE\VSWebLauncher.exe because of the following error: The module was expected to contain an assembly manifest. (Exception from HRESULT: 0x80131018).
Error: (06/14/2020 10:32:41 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Petr-PC)
Description: Aplikaci nebo službu EvoScan nelze ukončit.
Error: (04/27/2020 05:27:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Avira.SystemSpeedup.Maintenance.exe, verze: 6.4.1.10871, časové razítko: 0x5e32ea26
Název chybujícího modulu: clr.dll, verze: 4.6.1590.0, časové razítko: 0x5787ee4f
Kód výjimky: 0xc0000409
Posun chyby: 0x002fcc3f
ID chybujícího procesu: 0x17dc
Čas spuštění chybující aplikace: 0x01d61ca85274813e
Cesta k chybující aplikaci: C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta k chybujícímu modulu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
ID zprávy: 95f1d754-889b-11ea-8f25-4c80939450a1
Error: (04/26/2020 05:27:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Avira.SystemSpeedup.Maintenance.exe, verze: 6.4.1.10871, časové razítko: 0x5e32ea26
Název chybujícího modulu: clr.dll, verze: 4.6.1590.0, časové razítko: 0x5787ee4f
Kód výjimky: 0xc0000409
Posun chyby: 0x002fcc3f
ID chybujícího procesu: 0x1ad8
Čas spuštění chybující aplikace: 0x01d61bdf27aea90e
Cesta k chybující aplikaci: C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta k chybujícímu modulu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
ID zprávy: 69e9b66c-87d2-11ea-8769-4c80939450a1
Error: (04/25/2020 04:27:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Avira.SystemSpeedup.Maintenance.exe, verze: 6.4.1.10871, časové razítko: 0x5e32ea26
Název chybujícího modulu: clr.dll, verze: 4.6.1590.0, časové razítko: 0x5787ee4f
Kód výjimky: 0xc0000409
Posun chyby: 0x002fcc3f
ID chybujícího procesu: 0x1da0
Čas spuštění chybující aplikace: 0x01d61b0d9bca78bc
Cesta k chybující aplikaci: C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta k chybujícímu modulu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
ID zprávy: e0a80039-8700-11ea-86a1-4c80939450a1
Error: (04/24/2020 03:27:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Avira.SystemSpeedup.Maintenance.exe, verze: 6.4.1.10871, časové razítko: 0x5e32ea26
Název chybujícího modulu: clr.dll, verze: 4.6.1590.0, časové razítko: 0x5787ee4f
Kód výjimky: 0xc0000409
Posun chyby: 0x002fcc3f
ID chybujícího procesu: 0x1518
Čas spuštění chybující aplikace: 0x01d61a3c0fbf6855
Cesta k chybující aplikaci: C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta k chybujícímu modulu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
ID zprávy: 507b17ef-862f-11ea-86a1-4c80939450a1
Error: (04/23/2020 03:27:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Avira.SystemSpeedup.Maintenance.exe, verze: 6.4.1.10871, časové razítko: 0x5e32ea26
Název chybujícího modulu: clr.dll, verze: 4.6.1590.0, časové razítko: 0x5787ee4f
Kód výjimky: 0xc0000409
Posun chyby: 0x002fcc3f
ID chybujícího procesu: 0x1994
Čas spuštění chybující aplikace: 0x01d61972e54da1c1
Cesta k chybující aplikaci: C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta k chybujícímu modulu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
ID zprávy: 2676d0a8-8566-11ea-8a56-4c80939450a1
Error: (04/22/2020 03:27:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Avira.SystemSpeedup.Maintenance.exe, verze: 6.4.1.10871, časové razítko: 0x5e32ea26
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000409
Posun chyby: 0x03ac8628
ID chybujícího procesu: 0x17e8
Čas spuštění chybující aplikace: 0x01d618a9bacf26ab
Cesta k chybující aplikaci: C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: fb5d9c20-849c-11ea-9ab8-4c80939450a1
System errors:
=============
Error: (06/21/2020 11:51:39 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (06/21/2020 11:51:39 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (06/21/2020 06:37:53 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (06/20/2020 11:24:50 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (06/20/2020 11:24:50 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (06/20/2020 07:44:42 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {995C996E-D918-4A8C-A302-45719A6F4EA7} se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/20/2020 11:14:54 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (06/20/2020 11:14:54 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
CodeIntegrity:
===================================
Date: 2017-05-17 01:49:54.242
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-17 01:49:54.195
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-30 14:28:01.807
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Petr\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-30 14:28:01.756
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Petr\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-30 14:28:01.585
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-30 14:28:01.538
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-01-29 03:52:15.046
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-01-29 03:52:15.046
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Dell Inc. A11 08/03/2012
Motherboard: Dell Inc. 0FXK2Y
Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 67%
Total physical RAM: 4002.05 MB
Available physical RAM: 1294.36 MB
Total Virtual: 8002.28 MB
Available Virtual: 4619.74 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:33.64 GB) NTFS
\\?\Volume{8df24a6a-c453-11e5-b997-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: F7A9CC4D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zpomalený notebook
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalený notebook
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
chalupavdf
- Návštěvník
- Příspěvky: 33
- Registrován: 02 led 2016 22:29
Re: Zpomalený notebook
# -------------------------------
# Malwarebytes AdwCleaner 8.0.5.0
# -------------------------------
# Build: 05-25-2020
# Database: 2020-06-15.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-21-2020
# Duration: 00:00:12
# OS: Windows 7 Home Premium
# Cleaned: 4
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Driver Identifier
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Identifier
Deleted C:\Users\Petr\AppData\Roaming\driveridentifier
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\Software\Classes\driveruploader
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1717 octets] - [21/06/2020 23:22:37]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 8.0.5.0
# -------------------------------
# Build: 05-25-2020
# Database: 2020-06-15.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-21-2020
# Duration: 00:00:12
# OS: Windows 7 Home Premium
# Cleaned: 4
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Driver Identifier
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Identifier
Deleted C:\Users\Petr\AppData\Roaming\driveridentifier
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\Software\Classes\driveruploader
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1717 octets] - [21/06/2020 23:22:37]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalený notebook
Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
chalupavdf
- Návštěvník
- Příspěvky: 33
- Registrován: 02 led 2016 22:29
Re: Zpomalený notebook
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-06-2020
Ran by Petr (administrator) on PETR-PC (Dell Inc. Inspiron N5110) (22-06-2020 15:52:50)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Huawei Software Technologies Co., LTD. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Sony Mobile Communications AB -> Sony) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [238568 2020-05-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1058970019-565625320-836684419-1000\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [1687392 2019-10-22] (Sony Mobile Communications AB -> Sony)
HKU\S-1-5-21-1058970019-565625320-836684419-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-11] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-1058970019-565625320-836684419-1000\...\Policies\system: [shell] explorer.exe <==== ATTENTION
HKU\S-1-5-21-1058970019-565625320-836684419-1000\Software\Policies\...\system: [disablecmd] 0
HKLM\...\Windows x64\Print Processors\Canon MG2900 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCB.DLL [30208 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2900 series: C:\Windows\system32\CNMLMCB.DLL [406016 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\chrmstp.exe [2020-06-17] (Google LLC -> Google LLC)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [171384 2017-08-22] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [149040 2017-08-22] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0FA1FE59-2A0B-4870-87DA-EE8C679B38DE} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {0FA1FE59-2A0B-4870-87DA-EE8C679B38DE} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {0FA1FE59-2A0B-4870-87DA-EE8C679B38DE} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [354816 [354816 2015-12-08]] (Microsoft Windows -> Microsoft Corporation)
Task: {10BA1B50-159A-4A75-B0D3-F182097494F6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {334AE7FB-C1CE-4D07-ADB3-B2C49B9E911B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [651200 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {357D1E0D-930A-4535-81B5-AF777590D7DC} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {357D1E0D-930A-4535-81B5-AF777590D7DC} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [354816 [354816 2015-12-08]] (Microsoft Windows -> Microsoft Corporation)
Task: {4562A2DA-D242-4F10-A52D-66461AFAFD19} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {4562A2DA-D242-4F10-A52D-66461AFAFD19} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [354816 [354816 2015-12-08]] (Microsoft Windows -> Microsoft Corporation)
Task: {5234B889-D5D4-4A2A-81E5-129F9F86646F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {576E0E56-4675-4098-BD33-9D9ACC831405} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {58837616-ABB4-4DB3-9BD1-CB89FB860DCF} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [65440 2020-06-14] (Microsoft Corporation -> Microsoft)
Task: {71E36E3E-C061-4E18-AACB-782294DBC7CB} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [722880 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8A309B55-75F7-4C60-9A3F-550BCC6B2B0A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\Overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {957BBFB0-9218-4AE0-91C5-4BDFFC6DC3EF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [7456984 2017-04-11] (Piriform Ltd -> Piriform Ltd)
Task: {9A67CED2-EF19-41E9-ACDE-28DEB4DE71B5} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [228040 2020-05-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {A9F0E36A-1975-4626-8413-5B21FD4E5494} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [651200 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B1DC51DB-2A2F-4E3B-8AE5-F3B7472590E2} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2759632 2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {BC48D3B9-8EA2-49EE-AB01-729DEFFAA3C3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [947136 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C56B0DDD-11C8-42C3-9F5C-E27CE5166E70} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [722880 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D316999D-9CBA-49E6-98B8-3F7CF8932F83} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1540544 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EA8FDEB2-0D2A-4190-A15F-6427DAB4BF36} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {EA8FDEB2-0D2A-4190-A15F-6427DAB4BF36} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [354816 [354816 2015-12-08]] (Microsoft Windows -> Microsoft Corporation)
Task: {EB568A6B-0CF6-4A7F-8F35-ADA97A85FEA2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {F70B998E-7872-4DE5-A250-5FBE04DBCF4E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.2.255.1 10.2.255.2
Tcpip\..\Interfaces\{7030C5F5-979D-4C60-B08B-702443876251}: [DhcpNameServer] 10.2.255.1 10.2.255.2
Tcpip\..\Interfaces\{B069BC75-0289-4330-A53D-C2F47DA8E3C2}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1058970019-565625320-836684419-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1058970019-565625320-836684419-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FireFox:
========
FF DefaultProfile: nSab0Dcv.default
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\nSab0Dcv.default [2020-06-22]
FF Homepage: Mozilla\Firefox\Profiles\nSab0Dcv.default -> www.google.com
FF Session Restore: Mozilla\Firefox\Profiles\nSab0Dcv.default -> is enabled.
FF Extension: (Avira Browser Safety) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\nSab0Dcv.default\Extensions\abs@avira.com.xpi [2020-06-02]
FF Extension: (Video Blocker) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\nSab0Dcv.default\Extensions\jid1-3OQ5HY7YsLBV7Q@jetpack.xpi [2018-03-02]
FF Extension: (No Name) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\nSab0Dcv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-06-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-14] (Adobe Systems Incorporated -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-14] (Adobe Systems Incorporated -> )
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-08-22] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-08-22] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2020-06-22]
CHR Notifications: Default -> hxxps://www.bombuj.eu
CHR HomePage: Default -> hxxps://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-09]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-09]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Avira Browser Safety) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2020-04-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-28]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1208664 2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [483832 2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [483832 2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [573256 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [636264 2020-05-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [383240 2020-05-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [243856 2020-05-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [161552 2020-04-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] (Huawei Software Technologies Co., LTD. -> )
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-02-08] (Intel Corporation-Mobile Wireless Group -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-08-22] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3386608 2013-02-08] (Intel Corporation-Mobile Wireless Group -> Intel® Corporation)
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [163808 2013-02-13] (Intel Corporation-Mobile Wireless Group -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [163808 2013-02-13] (Intel Corporation-Mobile Wireless Group -> Windows (R) Win 7 DDK provider)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [68152 2019-06-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [222168 2020-05-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [178720 2020-05-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36072 2019-02-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2018-06-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [35376 2019-02-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-01-27] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-01-27] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [32384 2018-03-14] (Sony Mobile Communications AB -> Sony Mobile Communications)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-18] (Malwarebytes Corporation -> Malwarebytes)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [306112 2017-08-22] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48064 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-04-26] (NVIDIA Corporation -> NVIDIA Corporation)
S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfdx64.sys [26112 2012-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [35664 2020-01-08] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [42600 2015-10-15] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [23200 2015-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-22 15:52 - 2020-06-22 15:54 - 000024141 _____ C:\Users\Petr\Desktop\FRST.txt
2020-06-21 23:19 - 2020-06-21 23:19 - 008402608 _____ (Malwarebytes) C:\Users\Petr\Desktop\adwcleaner_8.0.5.exe
2020-06-21 14:13 - 2020-06-22 15:53 - 000000000 ____D C:\FRST
2020-06-21 14:11 - 2020-06-21 14:12 - 002290176 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2020-06-18 09:47 - 2020-06-18 12:42 - 2886159855 _____ C:\Users\Petr\Downloads\Záhrobní Komando The Monster Squad 1080p x264 AC3 Cz dab 1987.mkv
2020-06-14 11:48 - 2020-06-14 11:48 - 000001615 _____ C:\Users\Petr\Desktop\EvoScan – zástupce.lnk
2020-06-14 11:40 - 2020-06-14 11:40 - 000000000 ____D C:\Users\Petr\source
2020-06-14 11:38 - 2020-06-14 11:40 - 000000000 ____D C:\Users\Petr\Documents\Visual Studio 2019
2020-06-14 11:25 - 2020-06-14 11:45 - 000000000 ____D C:\Users\Petr\AppData\Local\.IdentityService
2020-06-14 11:25 - 2020-06-14 11:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019
2020-06-14 11:23 - 2020-06-14 11:23 - 000001710 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019.lnk
2020-06-14 10:54 - 2020-06-14 10:54 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-14 10:51 - 2020-06-14 11:29 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Visual Studio Setup
2020-06-14 10:51 - 2020-06-14 10:51 - 000001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
2020-06-14 10:51 - 2020-06-14 10:51 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vstelemetry
2020-06-14 10:51 - 2020-06-14 10:51 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vs_installershell
2020-06-14 10:51 - 2020-06-14 10:51 - 000000000 ____D C:\Users\Petr\AppData\Local\ServiceHub
2020-06-14 10:50 - 2020-06-14 10:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2020-06-14 10:46 - 2020-06-14 10:46 - 000000000 ____D C:\ProgramData\Microsoft Visual Studio
2020-06-14 10:35 - 2020-06-14 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EvoScan Vehicle Diagnostics
2020-06-14 10:27 - 2020-06-14 10:35 - 000000000 ____D C:\Users\Petr\Documents\EvoScan v2.9
2020-06-14 10:27 - 2020-06-14 10:27 - 000000000 ____D C:\Program Files (x86)\EvoScan
2020-06-14 10:24 - 2020-06-14 10:27 - 000000000 ____D C:\Users\Petr\Carisma
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-22 15:23 - 2016-01-26 20:21 - 000000000 ____D C:\ProgramData\NVIDIA
2020-06-22 15:19 - 2009-07-14 06:45 - 000015328 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-06-22 15:19 - 2009-07-14 06:45 - 000015328 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-06-22 15:12 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-06-21 23:32 - 2009-07-14 17:18 - 000668792 _____ C:\Windows\system32\perfh005.dat
2020-06-21 23:32 - 2009-07-14 17:18 - 000141420 _____ C:\Windows\system32\perfc005.dat
2020-06-21 23:32 - 2009-07-14 07:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2020-06-21 23:32 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-06-21 23:22 - 2017-09-26 18:41 - 000000000 ____D C:\AdwCleaner
2020-06-18 10:24 - 2016-06-28 20:36 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2020-06-17 21:09 - 2016-03-04 19:11 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-17 21:09 - 2016-03-04 19:11 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-17 21:09 - 2016-03-04 19:11 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-14 11:40 - 2016-01-26 19:45 - 000000000 ____D C:\Users\Petr
2020-06-14 11:25 - 2009-07-14 07:32 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-06-14 11:22 - 2016-01-29 12:15 - 001558876 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2020-06-13 19:29 - 2016-03-19 18:03 - 000000000 ____D C:\Users\Petr\Filmy
2020-06-09 19:00 - 2020-01-30 19:54 - 000003454 _____ C:\Windows\system32\Tasks\Avira_Security_Update
2020-06-05 17:14 - 2018-07-19 09:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-06-04 03:43 - 2020-04-25 09:06 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-02 16:00 - 2018-07-19 09:28 - 000003292 _____ C:\Windows\system32\Tasks\Avira_Antivirus_Systray
2020-06-02 15:44 - 2017-03-19 08:39 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Mozilla
2020-05-23 21:55 - 2017-05-25 17:37 - 000000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
==================== Files in the root of some directories ========
2020-03-27 07:52 - 2020-03-27 07:52 - 000003584 _____ () C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-01-26 20:24 - 2016-01-26 20:24 - 000001695 _____ () C:\Users\Petr\AppData\Local\FastClean.20160126.192416.txt
2020-04-05 16:14 - 2020-04-05 16:18 - 082469728 _____ (Sony) C:\Users\Petr\AppData\Local\pcc.exe
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-07-22 08:25
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-06-2020
Ran by Petr (22-06-2020 15:55:26)
Running from C:\Users\Petr\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2016-01-26 17:45:39)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1058970019-565625320-836684419-500 - Administrator - Disabled)
Guest (S-1-5-21-1058970019-565625320-836684419-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1058970019-565625320-836684419-1003 - Limited - Enabled)
Petr (S-1-5-21-1058970019-565625320-836684419-1000 - Administrator - Enabled) => C:\Users\Petr
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {8EAC8D5C-B3AA-95AA-3DF1-2845CDD09CBE}
AS: Avira Antivirus (Enabled - Up to date) {35CD6CB8-9590-9A24-0741-1337B657D603}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
AIDA64 Extreme v5.60 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.60 - FinalWire Ltd.)
Aktualizace NVIDIA 28.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 28.0.0.0 - NVIDIA Corporation) Hidden
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.41 - NVIDIA Corporation) Hidden
Avira (HKLM-x32\...\{4BC31208-EC3B-453B-8819-6B81AE3EC153}) (Version: 1.2.146.25871 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{caade1ea-26aa-4e8f-a4f0-59cf0c0e91a5}) (Version: 1.2.146.25871 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2006.1895 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.33.5.26382 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.30.9723 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{6BAE2CD1-EFB3-48A0-9DC4-7720086B4B65}) (Version: 2.0.6.31130 - Avira Operations GmbH & Co. KG)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Balíček ovladače systému Windows - Sony Mobile Communications (ggsomc) SOMCFlashDevice (12/06/2017 3.2.0.0) (HKLM\...\7AA77B236196DB9A6C04257060560ACDBB626F30) (Version: 12/06/2017 3.2.0.0 - Sony Mobile Communications)
Call Of Duty(R) 2 (HKLM-x32\...\{DBECFA83-42DC-4585-A970-A764AB01A956}) (Version: 1.0 - )
CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)
Dell Custom Help (HKLM\...\{E01EEE45-7768-4984-BDB2-76F5C5A823BE}) (Version: 15.06.1000.0142 - Intel Corporation) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.)
EvoScan v2.9 (HKLM-x32\...\{5325FF15-C342-440F-B573-860068258620}) (Version: 2.9.0017 - EvoScan)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.106 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
GWX Control Panel (HKLM-x32\...\UltimateOutsider_GwxControlPanel) (Version: - UltimateOutsider)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{3015F546-6C3E-4E6A-B564-BCDF88C0BA2A}) (Version: 2.1.1.0153 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.6.2035.522 - Microsoft Corporation)
Mozilla Firefox 70.0 (x64 cs) (HKLM\...\Mozilla Firefox 70.0 (x64 cs)) (Version: 70.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 70.0.0.7228 - Mozilla)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MTP Porting Kit (HKLM-x32\...\{353B1E6D-7073-4450-8C80-699BD8FCFB49}) (Version: 12.0.0 - Microsoft Corp)
Netwaiting (HKLM-x32\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.59 - BVRP Software, Inc)
NVIDIA GeForce Experience 3.9.0.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.61 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.41 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.2.22.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.22.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.41 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
Ovládací panel NVIDIA 385.41 (HKLM\...\{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 385.41 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Sony Mobile Software Update Drivers (HKLM\...\{4872001F-F67C-4C54-BC92-281C6A165251}) (Version: 3.2.0.3 - Sony Mobile Communications)
Sony Mobile Update Engine (HKU\S-1-5-21-1058970019-565625320-836684419-1000\...\Update Engine) (Version: 2.19.2.201902081434 - Sony Mobile Communications Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.1.1 - Krzysztof Kowalczyk)
TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F}) (Version: 1.12.14.0 - Texas Instruments Inc.)
TI USB3 Host Driver (HKLM-x32\...\{B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F}) (Version: 1.12.14.0 - Texas Instruments Inc.) Hidden
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Visual Studio Community 2019 (HKLM-x32\...\ea263fb2) (Version: 16.6.30204.135 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.10 - VideoLAN)
vs_filehandler_amd64 (HKLM-x32\...\{7A991159-9069-471D-B85F-89B1E4E66822}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{16E73A5A-339C-4177-A0BD-04278C06625C}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{C8E7C1FC-925C-4163-BAB3-769E6C7961D2}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{DA7AB063-D1A3-4D5A-8221-598ACF4574B4}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{DA2B1838-3B2E-4220-8B2E-796F4624D463}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsi (HKLM-x32\...\{5F2E2347-2042-4340-BBDD-262BB1791EC7}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsires (HKLM-x32\...\{79FC4FC1-3101-4FFF-8A11-079688A7BDEE}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Xperia Companion (HKLM-x32\...\{5b7c1b25-5fb6-442c-a1b5-cb8dfc2267bf}) (Version: 2.8.3.0 - Sony)
Xperia Companion (HKLM-x32\...\{66EABD35-6233-4926-9AB1-AB31CC6BC7D9}) (Version: 2.8.3.0 - Sony) Hidden
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-08-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2016-01-26 20:14 - 2010-11-06 00:50 - 000058880 _____ ( () [File not signed]) [File is in use ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2016-01-26 20:14 - 2010-11-06 00:50 - 000006656 _____ ( (Intel Corporation) [File not signed]) [File is in use ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IAStorDataMgr.resources.dll
2019-03-27 23:48 - 2019-03-27 23:48 - 000115200 _____ ( (Microsoft Corporation) [File not signed]) [File is in use ] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2016-05-25 16:39 - 2016-05-25 16:39 - 000225280 _____ ( (Microsoft Corporation) [File not signed]) [File is in use ] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2017-04-11 00:57 - 2017-04-11 00:57 - 000065536 _____ () [File not signed] C:\Program Files\CCleaner\lang\lang-1029.dll
2017-09-14 06:04 - 2017-09-14 06:04 - 000169984 _____ () [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\8b04b1d1cb7f3e67a492a668b93ccf04\IsdiInterop.ni.dll
2017-09-14 06:04 - 2017-09-14 06:04 - 000014336 _____ (Intel Corp.) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\9429e1568234c3e5a00543b7596551d7\IAStorCommon.ni.dll
2016-01-26 20:14 - 2010-11-06 00:46 - 000275456 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI.dll
2017-09-14 06:04 - 2017-09-14 06:04 - 000219136 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\385433c71c6ed684d20b623319bbc6f6\IAStorDataMgr.ni.dll
2017-09-14 06:04 - 2017-09-14 06:04 - 000475648 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\c524bada9626f129ee94ae7e50c99be1\IAStorUtil.ni.dll
2017-08-24 18:29 - 2017-08-22 00:33 - 000339256 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\_nvstapisvr64.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:15B79D44 [133]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-1058970019-565625320-836684419-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice => Applications\notepad.exe
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1058970019-565625320-836684419-1000\...\dell.com -> dell.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2017-05-17 01:50 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files\Intel\WiFi\bin;C:\Program Files\Common Files\Intel\WirelessCommon;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-1058970019-565625320-836684419-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.2.255.1 - 10.2.255.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{E17455E4-4880-4EB5-A391-10948061BD51}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [{94582EAD-060D-4C43-A030-23C0C1E9D1DA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{335653A3-5B2E-41F8-A63A-6CCFF72DC6BB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{5F3D1F62-35D0-4844-979C-F950082670D0}C:\program files (x86)\call of duty - world at war\codwaw.exe] => (Block) C:\program files (x86)\call of duty - world at war\codwaw.exe (Activision Blizzard, Inc.) [File not signed]
FirewallRules: [UDP Query User{4018C8FE-3A59-4F7B-B0C8-E566B16877C0}C:\program files (x86)\call of duty - world at war\codwaw.exe] => (Block) C:\program files (x86)\call of duty - world at war\codwaw.exe (Activision Blizzard, Inc.) [File not signed]
FirewallRules: [{4DF6EEAB-6B14-4477-8BD2-043AB0124DBD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{88C2FA86-9E83-441B-99EE-43FF4CC5CF11}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1F62CF0A-2C8F-4471-9440-3DA573F79D1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{1C352FBA-BD15-45EC-A02C-98EB7710155E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{91C316C3-6F3F-4B9C-B27A-CB052E806A43}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{886DB9F3-532E-4D9C-AF0E-E04E4BEEBA69}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0AC1998F-FE31-4434-8EF9-F4B8968FD695}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{89D96AE5-2F04-4560-B869-E530B98C048B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{38C88D66-DCA5-48B5-A8E5-5CC674B68065}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FF9DE4C5-6C6A-4E52-81E9-CC387DD5DB8C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7CB7B5DB-6D04-45C9-ABB1-75E9F6306E3B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EBAAEA0F-02D6-4018-836E-5B826F856645}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3272CD5D-BE0F-4A00-974F-4704B9D97E75}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1076C8FC-9184-4485-8E58-8C36BAD7704B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{97E5FA16-5870-4A2C-B060-3F66D588C310}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3ADCDBA3-DA4A-4C79-A9DC-CD7316B0466B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ECAD6D2F-4B22-443C-9A8A-C7230B9B609E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{922A5D73-74CD-4703-9267-01FDA7BBBD37}C:\programdata\sony mobile\update engine\{37543791-4d38-4944-a3be-73c943856fdf}\sony mobile update engine.exe] => (Allow) C:\programdata\sony mobile\update engine\{37543791-4d38-4944-a3be-73c943856fdf}\sony mobile update engine.exe (Sony Mobile Communications AB -> )
FirewallRules: [UDP Query User{19F83985-3364-4FF0-9C60-41AD68564D05}C:\programdata\sony mobile\update engine\{37543791-4d38-4944-a3be-73c943856fdf}\sony mobile update engine.exe] => (Allow) C:\programdata\sony mobile\update engine\{37543791-4d38-4944-a3be-73c943856fdf}\sony mobile update engine.exe (Sony Mobile Communications AB -> )
FirewallRules: [{46AB534A-25BC-4E81-9688-CB4292F5CAD9}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe (Sony Mobile Communications AB -> Sony)
FirewallRules: [{BBE8405C-079B-4D7D-8146-BF2650DF02BE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{6A9E9A62-4746-4915-86D3-5DB925D5A7E5}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{5F26A314-5143-487A-A5B3-B00D6F002492}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{EB9F5EF1-29EB-4847-89AD-EF8CD0C5BD66}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
==================== Restore Points =========================
28-04-2020 16:49:24 Removed Samsung Kies
28-04-2020 16:53:40 Odstraněno Smart Switch
14-06-2020 10:25:47 Installed EvoScan v2.9
14-06-2020 10:31:57 Removed EvoScan v2.9
14-06-2020 10:35:20 Installed EvoScan v2.9
14-06-2020 10:53:51 Instaluje se Visual Studio Community 2019.
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (06/14/2020 01:05:04 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\Common7\IDE\VSWebLauncher.exe because of the following error: The module was expected to contain an assembly manifest. (Exception from HRESULT: 0x80131018).
Error: (06/14/2020 10:32:41 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Petr-PC)
Description: Aplikaci nebo službu EvoScan nelze ukončit.
Error: (04/27/2020 05:27:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Avira.SystemSpeedup.Maintenance.exe, verze: 6.4.1.10871, časové razítko: 0x5e32ea26
Název chybujícího modulu: clr.dll, verze: 4.6.1590.0, časové razítko: 0x5787ee4f
Kód výjimky: 0xc0000409
Posun chyby: 0x002fcc3f
ID chybujícího procesu: 0x17dc
Čas spuštění chybující aplikace: 0x01d61ca85274813e
Cesta k chybující aplikaci: C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta k chybujícímu modulu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
ID zprávy: 95f1d754-889b-11ea-8f25-4c80939450a1
Error: (04/26/2020 05:27:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Avira.SystemSpeedup.Maintenance.exe, verze: 6.4.1.10871, časové razítko: 0x5e32ea26
Název chybujícího modulu: clr.dll, verze: 4.6.1590.0, časové razítko: 0x5787ee4f
Kód výjimky: 0xc0000409
Posun chyby: 0x002fcc3f
ID chybujícího procesu: 0x1ad8
Čas spuštění chybující aplikace: 0x01d61bdf27aea90e
Cesta k chybující aplikaci: C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta k chybujícímu modulu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
ID zprávy: 69e9b66c-87d2-11ea-8769-4c80939450a1
Error: (04/25/2020 04:27:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Avira.SystemSpeedup.Maintenance.exe, verze: 6.4.1.10871, časové razítko: 0x5e32ea26
Název chybujícího modulu: clr.dll, verze: 4.6.1590.0, časové razítko: 0x5787ee4f
Kód výjimky: 0xc0000409
Posun chyby: 0x002fcc3f
ID chybujícího procesu: 0x1da0
Čas spuštění chybující aplikace: 0x01d61b0d9bca78bc
Cesta k chybující aplikaci: C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta k chybujícímu modulu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
ID zprávy: e0a80039-8700-11ea-86a1-4c80939450a1
Error: (04/24/2020 03:27:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Avira.SystemSpeedup.Maintenance.exe, verze: 6.4.1.10871, časové razítko: 0x5e32ea26
Název chybujícího modulu: clr.dll, verze: 4.6.1590.0, časové razítko: 0x5787ee4f
Kód výjimky: 0xc0000409
Posun chyby: 0x002fcc3f
ID chybujícího procesu: 0x1518
Čas spuštění chybující aplikace: 0x01d61a3c0fbf6855
Cesta k chybující aplikaci: C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta k chybujícímu modulu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
ID zprávy: 507b17ef-862f-11ea-86a1-4c80939450a1
Error: (04/23/2020 03:27:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Avira.SystemSpeedup.Maintenance.exe, verze: 6.4.1.10871, časové razítko: 0x5e32ea26
Název chybujícího modulu: clr.dll, verze: 4.6.1590.0, časové razítko: 0x5787ee4f
Kód výjimky: 0xc0000409
Posun chyby: 0x002fcc3f
ID chybujícího procesu: 0x1994
Čas spuštění chybující aplikace: 0x01d61972e54da1c1
Cesta k chybující aplikaci: C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta k chybujícímu modulu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
ID zprávy: 2676d0a8-8566-11ea-8a56-4c80939450a1
Error: (04/22/2020 03:27:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Avira.SystemSpeedup.Maintenance.exe, verze: 6.4.1.10871, časové razítko: 0x5e32ea26
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000409
Posun chyby: 0x03ac8628
ID chybujícího procesu: 0x17e8
Čas spuštění chybující aplikace: 0x01d618a9bacf26ab
Cesta k chybující aplikaci: C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: fb5d9c20-849c-11ea-9ab8-4c80939450a1
System errors:
=============
Error: (06/22/2020 03:12:26 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (9:31:53, 22.6.2020) bylo neočekávané.
Error: (06/22/2020 12:11:03 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (06/22/2020 12:11:03 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (06/21/2020 11:24:41 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\IWMSSvc.dll
Error: (06/21/2020 11:24:41 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\IWMSSvc.dll
Error: (06/21/2020 11:24:41 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\IWMSSvc.dll
Error: (06/21/2020 11:24:11 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\IWMSSvc.dll
Error: (06/21/2020 11:23:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Bluetooth OBEX Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===================================
Date: 2017-05-17 01:49:54.242
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-17 01:49:54.195
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-30 14:28:01.807
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Petr\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-30 14:28:01.756
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Petr\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-30 14:28:01.585
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-30 14:28:01.538
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-01-29 03:52:15.046
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-01-29 03:52:15.046
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Dell Inc. A11 08/03/2012
Motherboard: Dell Inc. 0FXK2Y
Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 73%
Total physical RAM: 4002.05 MB
Available physical RAM: 1071.95 MB
Total Virtual: 8002.28 MB
Available Virtual: 4700.18 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:35.24 GB) NTFS
\\?\Volume{8df24a6a-c453-11e5-b997-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: F7A9CC4D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Ran by Petr (administrator) on PETR-PC (Dell Inc. Inspiron N5110) (22-06-2020 15:52:50)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Huawei Software Technologies Co., LTD. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Sony Mobile Communications AB -> Sony) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [238568 2020-05-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1058970019-565625320-836684419-1000\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [1687392 2019-10-22] (Sony Mobile Communications AB -> Sony)
HKU\S-1-5-21-1058970019-565625320-836684419-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-11] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-1058970019-565625320-836684419-1000\...\Policies\system: [shell] explorer.exe <==== ATTENTION
HKU\S-1-5-21-1058970019-565625320-836684419-1000\Software\Policies\...\system: [disablecmd] 0
HKLM\...\Windows x64\Print Processors\Canon MG2900 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCB.DLL [30208 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2900 series: C:\Windows\system32\CNMLMCB.DLL [406016 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\chrmstp.exe [2020-06-17] (Google LLC -> Google LLC)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [171384 2017-08-22] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [149040 2017-08-22] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0FA1FE59-2A0B-4870-87DA-EE8C679B38DE} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {0FA1FE59-2A0B-4870-87DA-EE8C679B38DE} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {0FA1FE59-2A0B-4870-87DA-EE8C679B38DE} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [354816 [354816 2015-12-08]] (Microsoft Windows -> Microsoft Corporation)
Task: {10BA1B50-159A-4A75-B0D3-F182097494F6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {334AE7FB-C1CE-4D07-ADB3-B2C49B9E911B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [651200 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {357D1E0D-930A-4535-81B5-AF777590D7DC} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {357D1E0D-930A-4535-81B5-AF777590D7DC} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [354816 [354816 2015-12-08]] (Microsoft Windows -> Microsoft Corporation)
Task: {4562A2DA-D242-4F10-A52D-66461AFAFD19} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {4562A2DA-D242-4F10-A52D-66461AFAFD19} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [354816 [354816 2015-12-08]] (Microsoft Windows -> Microsoft Corporation)
Task: {5234B889-D5D4-4A2A-81E5-129F9F86646F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {576E0E56-4675-4098-BD33-9D9ACC831405} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {58837616-ABB4-4DB3-9BD1-CB89FB860DCF} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [65440 2020-06-14] (Microsoft Corporation -> Microsoft)
Task: {71E36E3E-C061-4E18-AACB-782294DBC7CB} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [722880 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8A309B55-75F7-4C60-9A3F-550BCC6B2B0A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\Overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {957BBFB0-9218-4AE0-91C5-4BDFFC6DC3EF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [7456984 2017-04-11] (Piriform Ltd -> Piriform Ltd)
Task: {9A67CED2-EF19-41E9-ACDE-28DEB4DE71B5} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [228040 2020-05-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {A9F0E36A-1975-4626-8413-5B21FD4E5494} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [651200 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B1DC51DB-2A2F-4E3B-8AE5-F3B7472590E2} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2759632 2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {BC48D3B9-8EA2-49EE-AB01-729DEFFAA3C3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [947136 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C56B0DDD-11C8-42C3-9F5C-E27CE5166E70} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [722880 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D316999D-9CBA-49E6-98B8-3F7CF8932F83} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1540544 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EA8FDEB2-0D2A-4190-A15F-6427DAB4BF36} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {EA8FDEB2-0D2A-4190-A15F-6427DAB4BF36} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [354816 [354816 2015-12-08]] (Microsoft Windows -> Microsoft Corporation)
Task: {EB568A6B-0CF6-4A7F-8F35-ADA97A85FEA2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {F70B998E-7872-4DE5-A250-5FBE04DBCF4E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.2.255.1 10.2.255.2
Tcpip\..\Interfaces\{7030C5F5-979D-4C60-B08B-702443876251}: [DhcpNameServer] 10.2.255.1 10.2.255.2
Tcpip\..\Interfaces\{B069BC75-0289-4330-A53D-C2F47DA8E3C2}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1058970019-565625320-836684419-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1058970019-565625320-836684419-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FireFox:
========
FF DefaultProfile: nSab0Dcv.default
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\nSab0Dcv.default [2020-06-22]
FF Homepage: Mozilla\Firefox\Profiles\nSab0Dcv.default -> www.google.com
FF Session Restore: Mozilla\Firefox\Profiles\nSab0Dcv.default -> is enabled.
FF Extension: (Avira Browser Safety) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\nSab0Dcv.default\Extensions\abs@avira.com.xpi [2020-06-02]
FF Extension: (Video Blocker) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\nSab0Dcv.default\Extensions\jid1-3OQ5HY7YsLBV7Q@jetpack.xpi [2018-03-02]
FF Extension: (No Name) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\nSab0Dcv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-06-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-14] (Adobe Systems Incorporated -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-14] (Adobe Systems Incorporated -> )
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-08-22] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-08-22] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2020-06-22]
CHR Notifications: Default -> hxxps://www.bombuj.eu
CHR HomePage: Default -> hxxps://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-09]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-09]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Avira Browser Safety) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2020-04-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-28]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1208664 2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [483832 2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [483832 2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [573256 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [636264 2020-05-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [383240 2020-05-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [243856 2020-05-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [161552 2020-04-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] (Huawei Software Technologies Co., LTD. -> )
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-02-08] (Intel Corporation-Mobile Wireless Group -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-08-22] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3386608 2013-02-08] (Intel Corporation-Mobile Wireless Group -> Intel® Corporation)
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [163808 2013-02-13] (Intel Corporation-Mobile Wireless Group -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [163808 2013-02-13] (Intel Corporation-Mobile Wireless Group -> Windows (R) Win 7 DDK provider)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [68152 2019-06-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [222168 2020-05-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [178720 2020-05-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36072 2019-02-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2018-06-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [35376 2019-02-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-01-27] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-01-27] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [32384 2018-03-14] (Sony Mobile Communications AB -> Sony Mobile Communications)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-18] (Malwarebytes Corporation -> Malwarebytes)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [306112 2017-08-22] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48064 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-04-26] (NVIDIA Corporation -> NVIDIA Corporation)
S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfdx64.sys [26112 2012-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [35664 2020-01-08] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [42600 2015-10-15] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [23200 2015-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-22 15:52 - 2020-06-22 15:54 - 000024141 _____ C:\Users\Petr\Desktop\FRST.txt
2020-06-21 23:19 - 2020-06-21 23:19 - 008402608 _____ (Malwarebytes) C:\Users\Petr\Desktop\adwcleaner_8.0.5.exe
2020-06-21 14:13 - 2020-06-22 15:53 - 000000000 ____D C:\FRST
2020-06-21 14:11 - 2020-06-21 14:12 - 002290176 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2020-06-18 09:47 - 2020-06-18 12:42 - 2886159855 _____ C:\Users\Petr\Downloads\Záhrobní Komando The Monster Squad 1080p x264 AC3 Cz dab 1987.mkv
2020-06-14 11:48 - 2020-06-14 11:48 - 000001615 _____ C:\Users\Petr\Desktop\EvoScan – zástupce.lnk
2020-06-14 11:40 - 2020-06-14 11:40 - 000000000 ____D C:\Users\Petr\source
2020-06-14 11:38 - 2020-06-14 11:40 - 000000000 ____D C:\Users\Petr\Documents\Visual Studio 2019
2020-06-14 11:25 - 2020-06-14 11:45 - 000000000 ____D C:\Users\Petr\AppData\Local\.IdentityService
2020-06-14 11:25 - 2020-06-14 11:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019
2020-06-14 11:23 - 2020-06-14 11:23 - 000001710 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019.lnk
2020-06-14 10:54 - 2020-06-14 10:54 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-14 10:51 - 2020-06-14 11:29 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Visual Studio Setup
2020-06-14 10:51 - 2020-06-14 10:51 - 000001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
2020-06-14 10:51 - 2020-06-14 10:51 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vstelemetry
2020-06-14 10:51 - 2020-06-14 10:51 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vs_installershell
2020-06-14 10:51 - 2020-06-14 10:51 - 000000000 ____D C:\Users\Petr\AppData\Local\ServiceHub
2020-06-14 10:50 - 2020-06-14 10:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2020-06-14 10:46 - 2020-06-14 10:46 - 000000000 ____D C:\ProgramData\Microsoft Visual Studio
2020-06-14 10:35 - 2020-06-14 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EvoScan Vehicle Diagnostics
2020-06-14 10:27 - 2020-06-14 10:35 - 000000000 ____D C:\Users\Petr\Documents\EvoScan v2.9
2020-06-14 10:27 - 2020-06-14 10:27 - 000000000 ____D C:\Program Files (x86)\EvoScan
2020-06-14 10:24 - 2020-06-14 10:27 - 000000000 ____D C:\Users\Petr\Carisma
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-22 15:23 - 2016-01-26 20:21 - 000000000 ____D C:\ProgramData\NVIDIA
2020-06-22 15:19 - 2009-07-14 06:45 - 000015328 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-06-22 15:19 - 2009-07-14 06:45 - 000015328 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-06-22 15:12 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-06-21 23:32 - 2009-07-14 17:18 - 000668792 _____ C:\Windows\system32\perfh005.dat
2020-06-21 23:32 - 2009-07-14 17:18 - 000141420 _____ C:\Windows\system32\perfc005.dat
2020-06-21 23:32 - 2009-07-14 07:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2020-06-21 23:32 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-06-21 23:22 - 2017-09-26 18:41 - 000000000 ____D C:\AdwCleaner
2020-06-18 10:24 - 2016-06-28 20:36 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2020-06-17 21:09 - 2016-03-04 19:11 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-17 21:09 - 2016-03-04 19:11 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-17 21:09 - 2016-03-04 19:11 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-14 11:40 - 2016-01-26 19:45 - 000000000 ____D C:\Users\Petr
2020-06-14 11:25 - 2009-07-14 07:32 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-06-14 11:22 - 2016-01-29 12:15 - 001558876 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2020-06-13 19:29 - 2016-03-19 18:03 - 000000000 ____D C:\Users\Petr\Filmy
2020-06-09 19:00 - 2020-01-30 19:54 - 000003454 _____ C:\Windows\system32\Tasks\Avira_Security_Update
2020-06-05 17:14 - 2018-07-19 09:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-06-04 03:43 - 2020-04-25 09:06 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-02 16:00 - 2018-07-19 09:28 - 000003292 _____ C:\Windows\system32\Tasks\Avira_Antivirus_Systray
2020-06-02 15:44 - 2017-03-19 08:39 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Mozilla
2020-05-23 21:55 - 2017-05-25 17:37 - 000000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
==================== Files in the root of some directories ========
2020-03-27 07:52 - 2020-03-27 07:52 - 000003584 _____ () C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-01-26 20:24 - 2016-01-26 20:24 - 000001695 _____ () C:\Users\Petr\AppData\Local\FastClean.20160126.192416.txt
2020-04-05 16:14 - 2020-04-05 16:18 - 082469728 _____ (Sony) C:\Users\Petr\AppData\Local\pcc.exe
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-07-22 08:25
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-06-2020
Ran by Petr (22-06-2020 15:55:26)
Running from C:\Users\Petr\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2016-01-26 17:45:39)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1058970019-565625320-836684419-500 - Administrator - Disabled)
Guest (S-1-5-21-1058970019-565625320-836684419-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1058970019-565625320-836684419-1003 - Limited - Enabled)
Petr (S-1-5-21-1058970019-565625320-836684419-1000 - Administrator - Enabled) => C:\Users\Petr
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {8EAC8D5C-B3AA-95AA-3DF1-2845CDD09CBE}
AS: Avira Antivirus (Enabled - Up to date) {35CD6CB8-9590-9A24-0741-1337B657D603}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
AIDA64 Extreme v5.60 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.60 - FinalWire Ltd.)
Aktualizace NVIDIA 28.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 28.0.0.0 - NVIDIA Corporation) Hidden
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.41 - NVIDIA Corporation) Hidden
Avira (HKLM-x32\...\{4BC31208-EC3B-453B-8819-6B81AE3EC153}) (Version: 1.2.146.25871 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{caade1ea-26aa-4e8f-a4f0-59cf0c0e91a5}) (Version: 1.2.146.25871 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2006.1895 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.33.5.26382 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.30.9723 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{6BAE2CD1-EFB3-48A0-9DC4-7720086B4B65}) (Version: 2.0.6.31130 - Avira Operations GmbH & Co. KG)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Balíček ovladače systému Windows - Sony Mobile Communications (ggsomc) SOMCFlashDevice (12/06/2017 3.2.0.0) (HKLM\...\7AA77B236196DB9A6C04257060560ACDBB626F30) (Version: 12/06/2017 3.2.0.0 - Sony Mobile Communications)
Call Of Duty(R) 2 (HKLM-x32\...\{DBECFA83-42DC-4585-A970-A764AB01A956}) (Version: 1.0 - )
CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)
Dell Custom Help (HKLM\...\{E01EEE45-7768-4984-BDB2-76F5C5A823BE}) (Version: 15.06.1000.0142 - Intel Corporation) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.)
EvoScan v2.9 (HKLM-x32\...\{5325FF15-C342-440F-B573-860068258620}) (Version: 2.9.0017 - EvoScan)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.106 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
GWX Control Panel (HKLM-x32\...\UltimateOutsider_GwxControlPanel) (Version: - UltimateOutsider)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{3015F546-6C3E-4E6A-B564-BCDF88C0BA2A}) (Version: 2.1.1.0153 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.6.2035.522 - Microsoft Corporation)
Mozilla Firefox 70.0 (x64 cs) (HKLM\...\Mozilla Firefox 70.0 (x64 cs)) (Version: 70.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 70.0.0.7228 - Mozilla)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MTP Porting Kit (HKLM-x32\...\{353B1E6D-7073-4450-8C80-699BD8FCFB49}) (Version: 12.0.0 - Microsoft Corp)
Netwaiting (HKLM-x32\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.59 - BVRP Software, Inc)
NVIDIA GeForce Experience 3.9.0.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.61 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.41 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.2.22.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.22.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.41 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
Ovládací panel NVIDIA 385.41 (HKLM\...\{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 385.41 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Sony Mobile Software Update Drivers (HKLM\...\{4872001F-F67C-4C54-BC92-281C6A165251}) (Version: 3.2.0.3 - Sony Mobile Communications)
Sony Mobile Update Engine (HKU\S-1-5-21-1058970019-565625320-836684419-1000\...\Update Engine) (Version: 2.19.2.201902081434 - Sony Mobile Communications Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.1.1 - Krzysztof Kowalczyk)
TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F}) (Version: 1.12.14.0 - Texas Instruments Inc.)
TI USB3 Host Driver (HKLM-x32\...\{B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F}) (Version: 1.12.14.0 - Texas Instruments Inc.) Hidden
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Visual Studio Community 2019 (HKLM-x32\...\ea263fb2) (Version: 16.6.30204.135 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.10 - VideoLAN)
vs_filehandler_amd64 (HKLM-x32\...\{7A991159-9069-471D-B85F-89B1E4E66822}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{16E73A5A-339C-4177-A0BD-04278C06625C}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{C8E7C1FC-925C-4163-BAB3-769E6C7961D2}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{DA7AB063-D1A3-4D5A-8221-598ACF4574B4}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{DA2B1838-3B2E-4220-8B2E-796F4624D463}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsi (HKLM-x32\...\{5F2E2347-2042-4340-BBDD-262BB1791EC7}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsires (HKLM-x32\...\{79FC4FC1-3101-4FFF-8A11-079688A7BDEE}) (Version: 16.6.30014 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Xperia Companion (HKLM-x32\...\{5b7c1b25-5fb6-442c-a1b5-cb8dfc2267bf}) (Version: 2.8.3.0 - Sony)
Xperia Companion (HKLM-x32\...\{66EABD35-6233-4926-9AB1-AB31CC6BC7D9}) (Version: 2.8.3.0 - Sony) Hidden
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-08-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2016-01-26 20:14 - 2010-11-06 00:50 - 000058880 _____ ( () [File not signed]) [File is in use ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2016-01-26 20:14 - 2010-11-06 00:50 - 000006656 _____ ( (Intel Corporation) [File not signed]) [File is in use ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IAStorDataMgr.resources.dll
2019-03-27 23:48 - 2019-03-27 23:48 - 000115200 _____ ( (Microsoft Corporation) [File not signed]) [File is in use ] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2016-05-25 16:39 - 2016-05-25 16:39 - 000225280 _____ ( (Microsoft Corporation) [File not signed]) [File is in use ] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2017-04-11 00:57 - 2017-04-11 00:57 - 000065536 _____ () [File not signed] C:\Program Files\CCleaner\lang\lang-1029.dll
2017-09-14 06:04 - 2017-09-14 06:04 - 000169984 _____ () [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\8b04b1d1cb7f3e67a492a668b93ccf04\IsdiInterop.ni.dll
2017-09-14 06:04 - 2017-09-14 06:04 - 000014336 _____ (Intel Corp.) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\9429e1568234c3e5a00543b7596551d7\IAStorCommon.ni.dll
2016-01-26 20:14 - 2010-11-06 00:46 - 000275456 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI.dll
2017-09-14 06:04 - 2017-09-14 06:04 - 000219136 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\385433c71c6ed684d20b623319bbc6f6\IAStorDataMgr.ni.dll
2017-09-14 06:04 - 2017-09-14 06:04 - 000475648 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\c524bada9626f129ee94ae7e50c99be1\IAStorUtil.ni.dll
2017-08-24 18:29 - 2017-08-22 00:33 - 000339256 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\_nvstapisvr64.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:15B79D44 [133]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-1058970019-565625320-836684419-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice => Applications\notepad.exe
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1058970019-565625320-836684419-1000\...\dell.com -> dell.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2017-05-17 01:50 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files\Intel\WiFi\bin;C:\Program Files\Common Files\Intel\WirelessCommon;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-1058970019-565625320-836684419-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.2.255.1 - 10.2.255.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{E17455E4-4880-4EB5-A391-10948061BD51}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [{94582EAD-060D-4C43-A030-23C0C1E9D1DA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{335653A3-5B2E-41F8-A63A-6CCFF72DC6BB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{5F3D1F62-35D0-4844-979C-F950082670D0}C:\program files (x86)\call of duty - world at war\codwaw.exe] => (Block) C:\program files (x86)\call of duty - world at war\codwaw.exe (Activision Blizzard, Inc.) [File not signed]
FirewallRules: [UDP Query User{4018C8FE-3A59-4F7B-B0C8-E566B16877C0}C:\program files (x86)\call of duty - world at war\codwaw.exe] => (Block) C:\program files (x86)\call of duty - world at war\codwaw.exe (Activision Blizzard, Inc.) [File not signed]
FirewallRules: [{4DF6EEAB-6B14-4477-8BD2-043AB0124DBD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{88C2FA86-9E83-441B-99EE-43FF4CC5CF11}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1F62CF0A-2C8F-4471-9440-3DA573F79D1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{1C352FBA-BD15-45EC-A02C-98EB7710155E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{91C316C3-6F3F-4B9C-B27A-CB052E806A43}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{886DB9F3-532E-4D9C-AF0E-E04E4BEEBA69}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0AC1998F-FE31-4434-8EF9-F4B8968FD695}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{89D96AE5-2F04-4560-B869-E530B98C048B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{38C88D66-DCA5-48B5-A8E5-5CC674B68065}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FF9DE4C5-6C6A-4E52-81E9-CC387DD5DB8C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7CB7B5DB-6D04-45C9-ABB1-75E9F6306E3B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EBAAEA0F-02D6-4018-836E-5B826F856645}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3272CD5D-BE0F-4A00-974F-4704B9D97E75}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1076C8FC-9184-4485-8E58-8C36BAD7704B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{97E5FA16-5870-4A2C-B060-3F66D588C310}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3ADCDBA3-DA4A-4C79-A9DC-CD7316B0466B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ECAD6D2F-4B22-443C-9A8A-C7230B9B609E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{922A5D73-74CD-4703-9267-01FDA7BBBD37}C:\programdata\sony mobile\update engine\{37543791-4d38-4944-a3be-73c943856fdf}\sony mobile update engine.exe] => (Allow) C:\programdata\sony mobile\update engine\{37543791-4d38-4944-a3be-73c943856fdf}\sony mobile update engine.exe (Sony Mobile Communications AB -> )
FirewallRules: [UDP Query User{19F83985-3364-4FF0-9C60-41AD68564D05}C:\programdata\sony mobile\update engine\{37543791-4d38-4944-a3be-73c943856fdf}\sony mobile update engine.exe] => (Allow) C:\programdata\sony mobile\update engine\{37543791-4d38-4944-a3be-73c943856fdf}\sony mobile update engine.exe (Sony Mobile Communications AB -> )
FirewallRules: [{46AB534A-25BC-4E81-9688-CB4292F5CAD9}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe (Sony Mobile Communications AB -> Sony)
FirewallRules: [{BBE8405C-079B-4D7D-8146-BF2650DF02BE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{6A9E9A62-4746-4915-86D3-5DB925D5A7E5}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{5F26A314-5143-487A-A5B3-B00D6F002492}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{EB9F5EF1-29EB-4847-89AD-EF8CD0C5BD66}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
==================== Restore Points =========================
28-04-2020 16:49:24 Removed Samsung Kies
28-04-2020 16:53:40 Odstraněno Smart Switch
14-06-2020 10:25:47 Installed EvoScan v2.9
14-06-2020 10:31:57 Removed EvoScan v2.9
14-06-2020 10:35:20 Installed EvoScan v2.9
14-06-2020 10:53:51 Instaluje se Visual Studio Community 2019.
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (06/14/2020 01:05:04 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\Common7\IDE\VSWebLauncher.exe because of the following error: The module was expected to contain an assembly manifest. (Exception from HRESULT: 0x80131018).
Error: (06/14/2020 10:32:41 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Petr-PC)
Description: Aplikaci nebo službu EvoScan nelze ukončit.
Error: (04/27/2020 05:27:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Avira.SystemSpeedup.Maintenance.exe, verze: 6.4.1.10871, časové razítko: 0x5e32ea26
Název chybujícího modulu: clr.dll, verze: 4.6.1590.0, časové razítko: 0x5787ee4f
Kód výjimky: 0xc0000409
Posun chyby: 0x002fcc3f
ID chybujícího procesu: 0x17dc
Čas spuštění chybující aplikace: 0x01d61ca85274813e
Cesta k chybující aplikaci: C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta k chybujícímu modulu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
ID zprávy: 95f1d754-889b-11ea-8f25-4c80939450a1
Error: (04/26/2020 05:27:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Avira.SystemSpeedup.Maintenance.exe, verze: 6.4.1.10871, časové razítko: 0x5e32ea26
Název chybujícího modulu: clr.dll, verze: 4.6.1590.0, časové razítko: 0x5787ee4f
Kód výjimky: 0xc0000409
Posun chyby: 0x002fcc3f
ID chybujícího procesu: 0x1ad8
Čas spuštění chybující aplikace: 0x01d61bdf27aea90e
Cesta k chybující aplikaci: C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta k chybujícímu modulu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
ID zprávy: 69e9b66c-87d2-11ea-8769-4c80939450a1
Error: (04/25/2020 04:27:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Avira.SystemSpeedup.Maintenance.exe, verze: 6.4.1.10871, časové razítko: 0x5e32ea26
Název chybujícího modulu: clr.dll, verze: 4.6.1590.0, časové razítko: 0x5787ee4f
Kód výjimky: 0xc0000409
Posun chyby: 0x002fcc3f
ID chybujícího procesu: 0x1da0
Čas spuštění chybující aplikace: 0x01d61b0d9bca78bc
Cesta k chybující aplikaci: C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta k chybujícímu modulu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
ID zprávy: e0a80039-8700-11ea-86a1-4c80939450a1
Error: (04/24/2020 03:27:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Avira.SystemSpeedup.Maintenance.exe, verze: 6.4.1.10871, časové razítko: 0x5e32ea26
Název chybujícího modulu: clr.dll, verze: 4.6.1590.0, časové razítko: 0x5787ee4f
Kód výjimky: 0xc0000409
Posun chyby: 0x002fcc3f
ID chybujícího procesu: 0x1518
Čas spuštění chybující aplikace: 0x01d61a3c0fbf6855
Cesta k chybující aplikaci: C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta k chybujícímu modulu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
ID zprávy: 507b17ef-862f-11ea-86a1-4c80939450a1
Error: (04/23/2020 03:27:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Avira.SystemSpeedup.Maintenance.exe, verze: 6.4.1.10871, časové razítko: 0x5e32ea26
Název chybujícího modulu: clr.dll, verze: 4.6.1590.0, časové razítko: 0x5787ee4f
Kód výjimky: 0xc0000409
Posun chyby: 0x002fcc3f
ID chybujícího procesu: 0x1994
Čas spuštění chybující aplikace: 0x01d61972e54da1c1
Cesta k chybující aplikaci: C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta k chybujícímu modulu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
ID zprávy: 2676d0a8-8566-11ea-8a56-4c80939450a1
Error: (04/22/2020 03:27:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Avira.SystemSpeedup.Maintenance.exe, verze: 6.4.1.10871, časové razítko: 0x5e32ea26
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000409
Posun chyby: 0x03ac8628
ID chybujícího procesu: 0x17e8
Čas spuštění chybující aplikace: 0x01d618a9bacf26ab
Cesta k chybující aplikaci: C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: fb5d9c20-849c-11ea-9ab8-4c80939450a1
System errors:
=============
Error: (06/22/2020 03:12:26 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (9:31:53, 22.6.2020) bylo neočekávané.
Error: (06/22/2020 12:11:03 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (06/22/2020 12:11:03 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (06/21/2020 11:24:41 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\IWMSSvc.dll
Error: (06/21/2020 11:24:41 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\IWMSSvc.dll
Error: (06/21/2020 11:24:41 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\IWMSSvc.dll
Error: (06/21/2020 11:24:11 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\IWMSSvc.dll
Error: (06/21/2020 11:23:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Bluetooth OBEX Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===================================
Date: 2017-05-17 01:49:54.242
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-17 01:49:54.195
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-30 14:28:01.807
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Petr\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-30 14:28:01.756
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Petr\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-30 14:28:01.585
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-30 14:28:01.538
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-01-29 03:52:15.046
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-01-29 03:52:15.046
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Dell Inc. A11 08/03/2012
Motherboard: Dell Inc. 0FXK2Y
Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 73%
Total physical RAM: 4002.05 MB
Available physical RAM: 1071.95 MB
Total Virtual: 8002.28 MB
Available Virtual: 4700.18 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:35.24 GB) NTFS
\\?\Volume{8df24a6a-c453-11e5-b997-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: F7A9CC4D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalený notebook
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKU\S-1-5-21-1058970019-565625320-836684419-1000\...\Policies\system: [shell] explorer.exe <==== ATTENTION
Task: {10BA1B50-159A-4A75-B0D3-F182097494F6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {576E0E56-4675-4098-BD33-9D9ACC831405} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
AlternateDataStreams: C:\ProgramData\TEMP:15B79D44 [133]
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
chalupavdf
- Návštěvník
- Příspěvky: 33
- Registrován: 02 led 2016 22:29
Re: Zpomalený notebook
Fix result of Farbar Recovery Scan Tool (x64) Version: 21-06-2020
Ran by Petr (22-06-2020 17:13:16) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-1058970019-565625320-836684419-1000\...\Policies\system: [shell] explorer.exe <==== ATTENTION
Task: {10BA1B50-159A-4A75-B0D3-F182097494F6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {576E0E56-4675-4098-BD33-9D9ACC831405} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
AlternateDataStreams: C:\ProgramData\TEMP:15B79D44 [133]
EmptyTemp:
End
*****************
Processes closed successfully.
"HKU\S-1-5-21-1058970019-565625320-836684419-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\shell" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10BA1B50-159A-4A75-B0D3-F182097494F6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10BA1B50-159A-4A75-B0D3-F182097494F6}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{576E0E56-4675-4098-BD33-9D9ACC831405}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{576E0E56-4675-4098-BD33-9D9ACC831405}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avast => removed successfully
C:\ProgramData\TEMP => ":15B79D44" ADS removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6611900 B
Java, Flash, Steam htmlcache => 288514151 B
Windows/system/drivers => 2682225 B
Edge => 0 B
Chrome => 104387859 B
Firefox => 95947416 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 33058 B
Public => 33058 B
ProgramData => 33058 B
systemprofile => 66116 B
systemprofile32 => 99302 B
LocalService => 132427 B
NetworkService => 165552 B
Petr => 81038159 B
UpdatusUser => 81038159 B
RecycleBin => 0 B
EmptyTemp: => 638.2 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 17:14:49 ====
Ran by Petr (22-06-2020 17:13:16) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-1058970019-565625320-836684419-1000\...\Policies\system: [shell] explorer.exe <==== ATTENTION
Task: {10BA1B50-159A-4A75-B0D3-F182097494F6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {576E0E56-4675-4098-BD33-9D9ACC831405} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
AlternateDataStreams: C:\ProgramData\TEMP:15B79D44 [133]
EmptyTemp:
End
*****************
Processes closed successfully.
"HKU\S-1-5-21-1058970019-565625320-836684419-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\shell" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10BA1B50-159A-4A75-B0D3-F182097494F6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10BA1B50-159A-4A75-B0D3-F182097494F6}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{576E0E56-4675-4098-BD33-9D9ACC831405}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{576E0E56-4675-4098-BD33-9D9ACC831405}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avast => removed successfully
C:\ProgramData\TEMP => ":15B79D44" ADS removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6611900 B
Java, Flash, Steam htmlcache => 288514151 B
Windows/system/drivers => 2682225 B
Edge => 0 B
Chrome => 104387859 B
Firefox => 95947416 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 33058 B
Public => 33058 B
ProgramData => 33058 B
systemprofile => 66116 B
systemprofile32 => 99302 B
LocalService => 132427 B
NetworkService => 165552 B
Petr => 81038159 B
UpdatusUser => 81038159 B
RecycleBin => 0 B
EmptyTemp: => 638.2 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 17:14:49 ====
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalený notebook
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
chalupavdf
- Návštěvník
- Příspěvky: 33
- Registrován: 02 led 2016 22:29
Re: Zpomalený notebook
Ano, NTB je podstatně rychlejší, nová okna v chromu se načítají daleko rychleji. 
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalený notebook
Tak to jsem rád.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
chalupavdf
- Návštěvník
- Příspěvky: 33
- Registrován: 02 led 2016 22:29
Re: Zpomalený notebook
To i já. Mockrát děkuji a přeji Příjemný zbytek dne. 
S pozdravem Petr.
S pozdravem Petr.
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalený notebook
Rádo se stalo!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?