Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zpomalení notebooaku při staru

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Bucek
Návštěvník
Návštěvník
Příspěvky: 79
Registrován: 18 led 2007 08:53

Zpomalení notebooaku při staru

#1 Příspěvek od Bucek »

Dobrý den
Prosím o kontrolu logu. stává se mi často že se mi notebooak strašně pomalu spouští. Trvá to minuty. Jindy naběhne v celku normálně. Nevím co by to mohlo způsobovat.
Děkuji předem Bucek

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2021
Ran by Karel (24-04-2021 12:43:36)
Running from C:\Users\Karel\Downloads
Windows 10 Pro Version 20H2 19042.928 (X64) (2020-12-15 17:13:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2206319702-2973068575-2851948494-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2206319702-2973068575-2851948494-503 - Limited - Disabled)
Guest (S-1-5-21-2206319702-2973068575-2851948494-501 - Limited - Disabled)
Karel (S-1-5-21-2206319702-2973068575-2851948494-1001 - Administrator - Enabled) => C:\Users\Karel
WDAGUtilityAccount (S-1-5-21-2206319702-2973068575-2851948494-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AdGuard (HKLM-x32\...\{4aba1eab-3222-4eec-b751-fcc490bf0327}) (Version: 7.5.3430.0 - Adguard Software Ltd)
AdGuard (HKLM-x32\...\{685F6AB3-7C61-42D1-AE5B-3864E48D1035}) (Version: 7.5.3430.0 - Adguard Software Ltd) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20149 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Battlefield 4 (HKLM-x32\...\Battlefield 4_is1) (Version: - )
Drive Recorder Player (HKLM-x32\...\{CF01A21A-3EC1-43BE-BD99-4BC36A44BDDA}) (Version: 2.5.3 - Drive Recorder Player)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.85 - Google LLC)
HappyFoto (HKLM-x32\...\{621A70CA-32A5-4F50-A66C-C9C792580415}_is1) (Version: - Happy Foto CZ)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
i-Look 317 (HKLM-x32\...\{D8B883E4-DF64-4A91-B785-08FC9B78923D}) (Version: 1.0.0.14 - KYE)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.46 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4454.1004 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 21.052.0314.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.7 - Power Software Ltd)
Remote Mouse version 3.015 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 3.015 - Remote Mouse)
Rise of the Tomb Raider (HKLM-x32\...\{45F08513-973A-4C18-93FD-8E12B1908390}_is1) (Version: - Square Enix)
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.3.2 - TeamSpeak Systems GmbH)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
V380.1.2.4.767 (HKLM-x32\...\{8C07FBB4-BE5E-4FD7-B34B-80B052D44882}_is1) (Version: 1.2.4.767 - M@cro-video Technologies Co.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\Wargaming.net Game Center) (Version: 21.2.0.4803 - Wargaming.net)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
World of Tanks Common Test (HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\WOT.CT.PRODUCTION) (Version: - Wargaming.net)
World of Tanks EU (HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
World of Tanks Sandbox (HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\WOT.SB.PRODUCTION) (Version: - Wargaming.net)
ZLOrigin (HKLM-x32\...\ZLOrigin_is1) (Version: ZLOrigin - ZLOFENIX)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-06-29] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-20] (Microsoft Corporation)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa [2020-11-20] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-12-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-12-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.4072.0_x64__8wekyb3d8bbwe [2021-04-22] (Microsoft Studios) [MS Ad]
Remote Mouse -> C:\Program Files\WindowsApps\47900RemoteMouseTeam.486280E3D6CF9_3.0.0.0_x86__8nfdqpawkhd26 [2020-08-25] (Remote Mouse Team)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0 [2021-04-22] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2206319702-2973068575-2851948494-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-06-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-06-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-06-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-03-29 16:25 - 2014-09-09 13:30 - 000603648 _____ () [File not signed] C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll
2020-10-13 19:55 - 2019-04-19 17:12 - 001391104 _____ (Remote Mouse) [File not signed] C:\Program Files (x86)\Remote Mouse\windows_api.dll
2017-11-01 22:58 - 2017-11-01 22:58 - 001141248 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Adguard\SQLite.Interop.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://live.retetv.cz/watch-tv
SearchScopes: HKU\S-1-5-21-2206319702-2973068575-2851948494-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2021-04-18 13:04 - 2021-04-18 16:13 - 000000505 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Karel\Downloads\IMG_1766.JPG
DNS Servers: 77.48.254.254 - 77.48.100.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EC1E7945-0749-4545-9E50-680A592E522A}] => (Allow) C:\Users\Karel\AppData\Local\Programs\Opera\67.0.3575.53\opera.exe => No File
FirewallRules: [{A0B9A70F-9615-4AE1-814E-8F489D0F2C65}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{12124292-B3A4-450F-A424-682DE2452ED0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{15F5F6C1-6113-4AB2-ABBA-9C85EABD0D33}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ACFBA099-67B5-49D3-B907-E5B6C70968DC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D229B291-7E3C-4F95-82E1-51C7301C983F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4FEF2751-CAD5-4476-9F60-E2F6B5BD896C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B2A62F4A-8A51-4BA0-B047-287140E12A68}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FE6C11D4-627B-46CF-97C8-96F34951F4C2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ABBA4A50-91BE-435D-9AC8-A765B0936DFD}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [File not signed]
FirewallRules: [{FB0728A7-29A3-4B96-A15F-D17E7E841FC5}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [File not signed]
FirewallRules: [{33011A7C-459E-46CD-A9EA-5A98CCCAE21D}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (remotemouse.net) [File not signed]
FirewallRules: [{58A0A0FB-D502-4D9B-BCDB-16A1D5651D35}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (remotemouse.net) [File not signed]
FirewallRules: [{B535A512-5488-4FA7-AD48-88B92AF8098C}] => (Block) C:\program files (x86)\v380\v380.exe (M@cro-video Technologies Co. -> ) [File not signed]
FirewallRules: [{D709A6DA-F6E4-4E6F-B099-35ACEF4B8BA8}] => (Block) C:\program files (x86)\v380\v380.exe (M@cro-video Technologies Co. -> ) [File not signed]
FirewallRules: [UDP Query User{7654EB22-F107-4781-B96C-A9876C81E877}C:\program files (x86)\v380\v380.exe] => (Allow) C:\program files (x86)\v380\v380.exe (M@cro-video Technologies Co. -> ) [File not signed]
FirewallRules: [TCP Query User{093C971C-DC17-4087-954E-2262BFF5AF95}C:\program files (x86)\v380\v380.exe] => (Allow) C:\program files (x86)\v380\v380.exe (M@cro-video Technologies Co. -> ) [File not signed]
FirewallRules: [{B0BEC8B6-49F2-4A83-BE41-0A5CA31D768F}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [UDP Query User{47FE237B-CA7F-4A56-82BD-644608D54948}C:\program files\windowsapps\47900remotemouseteam.486280e3d6cf9_3.0.0.0_x86__8nfdqpawkhd26\remotemouse\remotemouse.exe] => (Allow) C:\program files\windowsapps\47900remotemouseteam.486280e3d6cf9_3.0.0.0_x86__8nfdqpawkhd26\remotemouse\remotemouse.exe (remotemouse.net) [File not signed]
FirewallRules: [TCP Query User{3356BF5C-16F0-46D6-BFB6-FFD19D5B01AB}C:\program files\windowsapps\47900remotemouseteam.486280e3d6cf9_3.0.0.0_x86__8nfdqpawkhd26\remotemouse\remotemouse.exe] => (Allow) C:\program files\windowsapps\47900remotemouseteam.486280e3d6cf9_3.0.0.0_x86__8nfdqpawkhd26\remotemouse\remotemouse.exe (remotemouse.net) [File not signed]
FirewallRules: [UDP Query User{D4B73EDD-A583-47D2-9423-F9A8D70C015D}C:\games\battlefield 4\bf4_offline.exe] => (Allow) C:\games\battlefield 4\bf4_offline.exe (EA Digital Illusions CE AB) [File not signed]
FirewallRules: [TCP Query User{0BA12D52-809F-4ABF-AA4B-171AEF94C2F1}C:\games\battlefield 4\bf4_offline.exe] => (Allow) C:\games\battlefield 4\bf4_offline.exe (EA Digital Illusions CE AB) [File not signed]
FirewallRules: [{0A7EA1EF-BC60-4715-9760-EFABBF43A43C}] => (Block) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [{D78630BB-5A7F-49A1-82CB-45A4D386FA9B}] => (Block) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [UDP Query User{E7ABEBD2-AFA6-46D1-86DA-2EB3F0C463CF}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [TCP Query User{C0207B04-7F07-495F-A8E1-66EE9A17DC7B}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [{57DA0179-71A9-40AB-9F8F-E69850C61A1B}] => (Block) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{87F777E2-EAB8-4E42-B2CE-3883E1371A0B}] => (Block) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{6C2D337B-7F56-41B1-ADA1-E6E7D13412B1}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{B7D6704A-B7A0-4FA8-9DA7-84FF52CB552A}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{7A4B2D30-3EEF-411C-B8BB-B354F9E15EFF}] => (Block) C:\games\world_of_tanks_ct\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{DAFE3BFC-EA8B-4638-A361-9AD306B29FEC}] => (Block) C:\games\world_of_tanks_ct\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{F3FE886C-AE99-462C-9D08-9DFDF89562D5}C:\games\world_of_tanks_ct\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_ct\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{ACE695EB-3AFD-4096-BA0B-694F0D752B01}C:\games\world_of_tanks_ct\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_ct\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{558FA919-FEF3-4BAF-B1EF-B62C1B955683}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{95612BD8-74F2-4658-8A98-AE72058E1FEC}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{17CCE579-95CB-426C-B781-61C0A4C15059}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4EC38E69-3B81-4E0E-8DF2-13424A0BEDD8}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{80E4B090-B699-4183-AFDB-A54711208580}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8F7FCE55-F582-4C7F-9CF6-B244DF4375C7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{3E9B13E2-37A4-4B98-BB1B-3D8EDBC28A20}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{A62BECC8-ED7F-4604-B71A-2E012F335982}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{0086B9DF-1B61-4700-87A2-16B4F8A7B48C}] => (Allow) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{9A36D37E-708C-4E7A-B241-1A9A33C82175}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{87A76B14-F509-4506-9CD1-ED3B9A0D25D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{AA9A02D9-EDD6-4B5B-824B-D2E68BAA866D}C:\program files (x86)\relevantknowledge\rlvknlg.exe] => (Allow) C:\program files (x86)\relevantknowledge\rlvknlg.exe => No File
FirewallRules: [UDP Query User{9E88B1F7-BC2A-4E5B-953D-9D03C8244641}C:\program files (x86)\relevantknowledge\rlvknlg.exe] => (Allow) C:\program files (x86)\relevantknowledge\rlvknlg.exe => No File
FirewallRules: [TCP Query User{01493225-4413-4111-AAE3-B4DA717FE717}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe => No File
FirewallRules: [UDP Query User{B45CB2CB-25EC-4348-B060-C4A97C074CA4}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe => No File
FirewallRules: [{B932F9A2-16FC-421F-96C1-9C04B000C0FB}] => (Allow) C:\Program Files (x86)\Adguard\AdguardSvc.exe (Adguard Software Limited -> Adguard Software Ltd)
FirewallRules: [TCP Query User{D05BCB2F-3431-46CA-8156-381AFEC420A5}C:\games\world_of_tanks_sandbox\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_sandbox\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{645EA0DA-7A44-4122-9682-7CE394178C8D}C:\games\world_of_tanks_sandbox\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_sandbox\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{1D2F4952-F98C-4993-AA24-BD3093A31B7B}] => (Block) C:\games\world_of_tanks_sandbox\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{40704D35-E765-469D-BC15-FF3448F6AF24}] => (Block) C:\games\world_of_tanks_sandbox\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{28FC7AB5-C068-46CB-A140-9C9954FD070D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8A69B047-1D5D-4975-962B-267A171F25B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8C817D25-6D6B-45CB-A314-2E8A845D4FA6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9BD27152-2517-4CB2-B6EA-B47A0B2AF28E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4D8DADDE-4FF3-4A66-B67B-ABAB4BEF2CEE}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{0FD72681-95E0-4DFF-A77D-585915ECB3D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{378452E0-5377-4021-8F62-43844C1B6492}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4355561D-16B4-4076-A13C-AEE51A35692E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ADFB7704-BF13-444E-B5B0-9571C68D09E8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{79ECC70F-E9F7-4733-8C20-3ACCAAE8C7CE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CED8D8AA-5946-4B9F-87BC-6330B566DBEE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{27B15526-F77C-4D9A-9441-877CECA98449}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BEF943C2-5477-48DC-9CF8-429C2C6B2A22}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A4F21D9B-50DF-495E-9DDD-D5CD355D9442}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

08-04-2021 17:47:13 Naplánovaný kontrolní bod
16-04-2021 19:43:11 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (04/24/2021 01:37:31 AM) (Source: Adguard) (EventID: 0) (User: )
Description: Switching logger to invalid state because of System.ObjectDisposedException: K zavřenému souboru nelze přistupovat.
Source: mscorlib
Stack trace: v System.IO.__Error.FileNotOpen()
v System.IO.FileStream.get_Length()
v Microsoft.VisualBasic.Logging.FileLogTraceListener.ResourcesAvailable(Int64 newEntrySize)
v Microsoft.VisualBasic.Logging.FileLogTraceListener.WriteLine(String message)
v omX9iF1cQtp6TYX8MDA.qYRbCoxd0(Object , String , omX9iF1cQtp6TYX8MDA )
v Adguard.Commons.Utils.Logger.QigljtVYvH(TraceLevel , Object )

Error: (04/23/2021 07:10:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameBar.exe, verze: 5.521.3093.0, časové razítko: 0x6047c0e0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.906, časové razítko: 0x2f2f77bf
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010b2dc
ID chybujícího procesu: 0x28d8
Čas spuštění chybující aplikace: 0x01d7377c3b35e731
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: ab84da0d-35e0-4960-be59-caf8e2054f53
Úplný název chybujícího balíčku: Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App

Error: (04/22/2021 07:42:51 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (04/18/2021 12:55:55 PM) (Source: Adguard) (EventID: 0) (User: )
Description: Switching logger to invalid state because of System.ObjectDisposedException: K zavřenému souboru nelze přistupovat.
Source: mscorlib
Stack trace: v System.IO.__Error.FileNotOpen()
v System.IO.FileStream.get_Length()
v Microsoft.VisualBasic.Logging.FileLogTraceListener.ResourcesAvailable(Int64 newEntrySize)
v Microsoft.VisualBasic.Logging.FileLogTraceListener.WriteLine(String message)
v omX9iF1cQtp6TYX8MDA.qYRbCoxd0(Object , String , omX9iF1cQtp6TYX8MDA )
v Adguard.Commons.Utils.Logger.QigljtVYvH(TraceLevel , Object )

Error: (04/17/2021 03:57:46 AM) (Source: Adguard) (EventID: 0) (User: )
Description: Switching logger to invalid state because of System.NullReferenceException: Odkaz na objekt není nastaven na instanci objektu.
Source: Microsoft.VisualBasic
Stack trace: v Microsoft.VisualBasic.Logging.FileLogTraceListener.ResourcesAvailable(Int64 newEntrySize)
v Microsoft.VisualBasic.Logging.FileLogTraceListener.WriteLine(String message)
v omX9iF1cQtp6TYX8MDA.qYRbCoxd0(Object , String , omX9iF1cQtp6TYX8MDA )
v Adguard.Commons.Utils.Logger.QigljtVYvH(TraceLevel , Object )

Error: (04/16/2021 07:43:06 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (04/09/2021 03:39:43 PM) (Source: Adguard) (EventID: 0) (User: )
Description: Switching logger to invalid state because of System.ObjectDisposedException: K zavřenému souboru nelze přistupovat.
Source: mscorlib
Stack trace: v System.IO.__Error.FileNotOpen()
v System.IO.FileStream.get_Length()
v Microsoft.VisualBasic.Logging.FileLogTraceListener.ResourcesAvailable(Int64 newEntrySize)
v Microsoft.VisualBasic.Logging.FileLogTraceListener.WriteLine(String message)
v omX9iF1cQtp6TYX8MDA.qYRbCoxd0(Object , String , omX9iF1cQtp6TYX8MDA )
v Adguard.Commons.Utils.Logger.QigljtVYvH(TraceLevel , Object )

Error: (04/08/2021 07:37:03 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (04/22/2021 06:26:44 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4BNP6E3)
Description: Server Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/22/2021 03:02:22 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Windows Update se po přijetí pokynu pro vypnutí neukončila správně.

Error: (04/17/2021 04:16:06 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Biometrická služba systému Windows se po přijetí pokynu pro vypnutí neukončila správně.

Error: (04/14/2021 08:07:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240016): Aktualizace bezpečnostních informací pro produkt Microsoft Defender Antivirus - KB2267602 (verze 1.335.854.0).

Error: (04/08/2021 06:43:50 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/05/2021 04:32:54 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/05/2021 04:31:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4BNP6E3)
Description: Server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/31/2021 04:35:58 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4BNP6E3)
Description: Server microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2021-04-16 14:18:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {75C3B5D3-03BC-475A-BDF9-35EC3D7664B7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-13 15:02:31
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B5903105-359A-4F32-9831-AFDB20C62E02}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-11 14:39:55
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {92B960BD-3124-4B3F-9D4E-D8B588690BC6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-08 17:46:01
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0241039E-54B8-41B6-BA42-7747FE05EA64}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-08 12:31:13
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {4DA6C153-793A-4866-9303-F907665CA37C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-16 15:33:07
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.333.472.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17900.7
Kód chyby: 0x8024001e
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2021-03-13 22:03:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\88.0.4324.190\chrome_elf.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-17 21:35:57
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2021-01-17 21:34:15
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: Insyde F.00 05/27/2013
Motherboard: Hewlett-Packard 1967
Processor: Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz
Percentage of memory in use: 62%
Total physical RAM: 7964.03 MB
Available physical RAM: 3012.62 MB
Total Virtual: 9884.03 MB
Available Virtual: 3375.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.27 GB) (Free:539.58 GB) NTFS
Drive f: (NOVÝ SVAZEK) (Fixed) (Total:22.35 GB) (Free:22.34 GB) FAT32

\\?\Volume{ec2999ac-fa58-4d8f-b6b6-826e1bb89603}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{49c84e18-2197-4ed3-bb64-174b03a37ebe}\ () (Fixed) (Total:0.61 GB) (Free:0.08 GB) NTFS
\\?\Volume{f5726e69-c4e7-4999-a74d-dc61a56a07b2}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 373BA8B4)

Partition: GPT.

==========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: 9BD31F4E)

Partition: GPT.

==================== End of Addition.txt =======================


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2021
Ran by Karel (administrator) on DESKTOP-4BNP6E3 (Hewlett-Packard HP ENVY 15 Notebook PC) (24-04-2021 12:36:24)
Running from C:\Users\Karel\Downloads
Loaded Profiles: Karel
Platform: Windows 10 Pro Version 20H2 19042.928 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
() [File not signed] C:\Windows\SysWOW64\UTSCSI.EXE
(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\Adguard.BrowserExtensionHost.exe
(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\Adguard.exe
(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\AdguardSvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <16>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\sttray64.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2103.17603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(Power Software Limited -> Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(remotemouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(RemoteMouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <3>
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\WargamingErrorMonitor.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-16] (IDT, Inc.) [File not signed]
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [455872 2020-06-22] (Power Software Limited -> Power Software Ltd)
HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1941368 2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [5703528 2020-11-20] (Adguard Software Limited -> Adguard Software Ltd)
HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536424 2021-04-14] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software, a.s. -> ZONER software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.85\Installer\chrmstp.exe [2021-04-23] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0BA9EBF8-7B2A-41F0-B963-5555711EE9DD} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2B47DE31-46CD-4316-A103-3863EDE5B5AF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {47F4379E-4696-4E45-A933-FAE49045921A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6477BF9B-9FDB-4FAF-B52F-E33121DBA720} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {849CAA7C-21CA-424C-BBC9-ACCC72DCD567} - System32\Tasks\Opera scheduled Autoupdate 1606832561 => C:\Users\Karel\AppData\Local\Programs\Opera\launcher.exe [1538584 2020-03-03] (Opera Software AS -> Opera Software)
Task: {8CB7E890-7041-436B-9283-5D76823D2E8A} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2884984 2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {907B5A07-54F2-402A-B255-474D08309EEB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-09] (Google LLC -> Google LLC)
Task: {9D34221E-9AC7-4348-B845-73E78BC001EC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {9D822505-C1B4-40A3-843E-6255741B4688} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A1FAE0A4-5B48-4BD4-B7C8-BAE2156B2CC0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AF05E4B6-25C6-4404-8DCF-78CEF1F7EE5A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {B2E13539-25DC-43E8-ABE9-5FFA7DBC8EDB} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B6981BCB-692E-4908-B72E-088385D94346} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {C4C799F6-1C96-41F1-9618-9F3ECB3EB4BE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {C70EC979-D2B6-49F1-98CD-1B6B591C2FCC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D58A0152-43DE-40BF-A21C-F2A202C363B6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\AdobeGCInvoker-1.0" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\Microsoft Office 15 Sync Maintenance for DESKTOP-4BNP6E3-Karel DESKTOP-4BNP6E3" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\OneDrive Per-Machine Standalone Update Task" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\Opera scheduled Autoupdate 1606832561" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(20): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {D980F95D-962E-46E4-9FB4-2E02C2B0241A} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-4BNP6E3-Karel DESKTOP-4BNP6E3 => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {DC4BCEBA-11EC-4679-AE90-304C98B021A8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EEF56F44-7726-40E6-8383-E2C5151EEB5E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-09] (Google LLC -> Google LLC)
Task: {F9546E58-67D7-41AB-92ED-48ABF91A7614} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 77.48.254.254 77.48.100.254
Tcpip\..\Interfaces\{0d693702-71d4-4e64-8029-1d19634f5829}: [DhcpNameServer] 77.48.254.254 77.48.100.254
Tcpip\..\Interfaces\{0f816ee8-97d9-41b9-8ceb-3dd696d625f9}: [DhcpNameServer] 10.100.0.63 10.100.0.65

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Karel\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-14]
Edge HomePage: Default -> hxxps://www.seznam.cz/
Edge Extension: (AdBlock — best ad blocker) - C:\Users\Karel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2021-04-14]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-14] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default [2021-04-24]
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://meet.google.com; hxxps://www.mall.tv; hxxps://www.steersearch.com; hxxps://www17.darenjarvis.pro; hxxps://www1a.delmarmora.pro; hxxps://www1a.moshemartin.pro; hxxps://www1a.rudyvalencia.pro; hxxps://www1a.samcunningham.pro; hxxps://www21.elbaestes.pro; hxxps://www2a.michellehardin.pro; hxxps://www2a.rudyvalencia.pro; hxxps://www35.darenjarvis.pro; hxxps://www3a.samcunningham.pro; hxxps://www44.todhamilton.pro; hxxps://www50.elbaestes.pro; hxxps://www9.darenjarvis.pro
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Extension: (Prezentace) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-09]
CHR Extension: (Dokumenty) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-09]
CHR Extension: (Disk Google) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-27]
CHR Extension: (YouTube) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-09]
CHR Extension: (AdGuard asistent prohlížeče) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbohpolgemkbfphodcfgnpjcmedcjhpn [2021-03-04]
CHR Extension: (Tabulky) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-23]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-04-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Weather Underground) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2020-03-12]
CHR Extension: (Gmail) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-24]
CHR Profile: C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-12-25]
CHR Profile: C:\Users\Karel\AppData\Local\Google\Chrome\User Data\System Profile [2021-03-28]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [177000 2020-11-20] (Adguard Software Limited -> Adguard Software Ltd)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\FileSyncHelper.exe [2218872 2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [410864 2021-01-25] (NVIDIA Corporation -> NVIDIA)
S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2457520 2020-10-29] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-04-17] (Malwarebytes Inc -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\OneDriveUpdaterService.exe [2603368 2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [11264 2020-09-23] () [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5361256 2021-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
R2 UTSCSI; C:\Windows\SysWOW64\UTSCSI.EXE [45056 2020-10-23] () [File not signed]
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [100384 2016-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 adgnetworkwfpdrv; C:\WINDOWS\System32\drivers\adgnetworkwfpdrv.sys [93184 2020-04-07] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 Btcsrusb; C:\WINDOWS\System32\Drivers\btcusb.sys [53488 2020-10-29] (IVT CORPORATION -> IVT Corporation.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BTWDPAN; C:\WINDOWS\System32\drivers\btwdpan.sys [84008 2020-10-29] (Broadcom Corporation -> Broadcom Corporation.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-04-19] (Malwarebytes Inc -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-04-19] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-04-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-04-22] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-04-22] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-19] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [157944 2021-04-22] (Malwarebytes Inc -> Malwarebytes)
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1219200 2015-06-03] (MEDIATEK INC. -> Ralink Technology, Corp.)
S3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [934896 2020-10-29] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [551936 2013-08-16] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [421088 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-24 12:36 - 2021-04-24 12:38 - 000027097 _____ C:\Users\Karel\Downloads\FRST.txt
2021-04-24 12:35 - 2021-04-24 12:37 - 000000000 ____D C:\FRST
2021-04-24 12:33 - 2021-04-24 12:33 - 002298368 _____ (Farbar) C:\Users\Karel\Downloads\FRST64.exe
2021-04-23 19:19 - 2021-04-23 19:19 - 002772210 _____ C:\Users\Karel\Downloads\Photos (15).zip
2021-04-22 15:04 - 2021-04-22 15:04 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-04-22 15:04 - 2021-04-22 15:04 - 000157944 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-04-22 15:04 - 2021-04-22 15:04 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-04-19 15:36 - 2021-04-19 15:36 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-04-19 15:36 - 2021-04-19 15:36 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-04-18 13:04 - 2021-04-18 16:13 - 000000505 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-04-17 11:38 - 2021-04-17 11:38 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-04-17 11:38 - 2021-04-17 11:38 - 000001981 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-04-17 11:37 - 2021-04-19 15:36 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-04-17 11:37 - 2021-04-17 11:36 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-04-17 11:35 - 2021-04-17 11:35 - 000000000 ____D C:\Program Files\Malwarebytes
2021-04-17 11:34 - 2021-04-17 11:35 - 205090224 _____ (Malwarebytes) C:\Users\Karel\Downloads\mb4-setup-consumer-4.3.0.210-1.0.1173-1.0.37263.exe
2021-04-16 20:58 - 2021-04-16 20:58 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-16 20:57 - 2021-04-16 20:57 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-16 20:56 - 2021-04-16 20:56 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-16 11:13 - 2021-04-16 11:13 - 000510026 _____ C:\Users\Karel\Downloads\2203589099.pdf
2021-04-08 19:45 - 2021-04-22 15:02 - 088342528 _____ C:\WINDOWS\system32\config\SOFTWARE
2021-04-02 20:15 - 2021-04-02 20:15 - 008489331 _____ C:\Users\Karel\Downloads\Photos (13).zip
2021-04-02 20:15 - 2021-04-02 20:15 - 004179157 _____ C:\Users\Karel\Downloads\Photos (14).zip
2021-03-30 20:28 - 2021-03-30 20:28 - 000030147 _____ C:\Users\Karel\Downloads\ceník-duben-2021-23.xlsx
2021-03-29 19:06 - 2021-03-29 19:06 - 001241215 _____ C:\Users\Karel\Downloads\prilohy_81872.zip
2021-03-29 16:28 - 2021-03-29 16:28 - 000000000 ____D C:\Users\Karel\AppData\Roaming\Zoner
2021-03-29 16:28 - 2021-03-29 16:28 - 000000000 ____D C:\Users\Karel\AppData\Local\Zoner
2021-03-29 16:27 - 2014-12-26 00:31 - 000000000 ____D C:\Users\Karel\Downloads\ZPS 17 - Proof license key By Bouberri
2021-03-29 16:26 - 2021-03-29 16:26 - 000001991 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Zoner Photo Studio 17.lnk
2021-03-29 16:26 - 2021-03-29 16:26 - 000001985 _____ C:\Users\Public\Desktop\Zoner Photo Studio 17.lnk
2021-03-29 16:26 - 2021-03-29 16:26 - 000000000 ____D C:\ProgramData\Zoner
2021-03-29 16:25 - 2021-03-29 16:28 - 000000000 ____D C:\Program Files\Zoner
2021-03-29 16:24 - 2021-03-29 16:24 - 080570448 _____ (ZONER software ) C:\Users\Karel\Downloads\zps17_cz.exe
2021-03-29 16:23 - 2021-03-29 16:23 - 000195433 _____ C:\Users\Karel\Downloads\ZPS 17 - Proof license key By Bouberri (1).exe
2021-03-28 12:40 - 2021-03-28 12:42 - 028821233 _____ C:\Users\Karel\Downloads\Photos (12).zip
2021-03-28 11:50 - 2021-03-28 11:51 - 011728766 _____ C:\Users\Karel\Downloads\Photos (11).zip
2021-03-28 11:39 - 2021-03-28 11:42 - 117254506 _____ C:\Users\Karel\Downloads\Photos (10).zip
2021-03-27 20:45 - 2021-03-27 20:45 - 000098842 _____ C:\Users\Karel\Downloads\812835-jaz-solaya-ex-sol-y-mar (1).webp
2021-03-27 20:43 - 2021-03-27 20:43 - 000113626 _____ C:\Users\Karel\Downloads\391535-jaz-solaya-ex-sol-y-mar.webp
2021-03-27 20:42 - 2021-03-27 20:42 - 000098842 _____ C:\Users\Karel\Downloads\812835-jaz-solaya-ex-sol-y-mar.webp
2021-03-27 20:39 - 2021-03-27 20:39 - 000530423 _____ C:\Users\Karel\Downloads\jaza.html
2021-03-27 20:39 - 2021-03-27 20:39 - 000000000 ____D C:\Users\Karel\Downloads\jaza_files

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-24 12:39 - 2020-12-01 16:33 - 000000000 ____D C:\ProgramData\Adguard
2021-04-24 12:33 - 2020-06-03 23:51 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-24 12:33 - 2020-06-03 23:51 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-04-24 12:33 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-24 12:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-24 12:28 - 2020-03-09 20:08 - 000000000 ____D C:\ProgramData\NVIDIA
2021-04-24 12:27 - 2020-12-15 18:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-24 01:37 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-23 20:13 - 2020-12-15 19:12 - 000005264 _____ C:\WINDOWS\system32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-4BNP6E3-Karel DESKTOP-4BNP6E3
2021-04-23 19:17 - 2020-03-09 20:02 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-23 19:17 - 2020-03-09 20:02 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-04-23 19:14 - 2020-12-15 18:53 - 000000000 ____D C:\Users\Karel
2021-04-23 19:11 - 2020-03-12 13:35 - 000000000 ____D C:\Users\Karel\AppData\Local\CrashDumps
2021-04-22 15:18 - 2020-05-01 12:56 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-04-22 15:09 - 2020-12-15 19:12 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-22 15:09 - 2020-12-15 19:12 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-22 15:07 - 2020-03-09 20:03 - 000000000 ___RD C:\Users\Karel\OneDrive
2021-04-22 15:06 - 2021-02-03 08:57 - 000000000 ____D C:\Program Files (x86)\Adguard
2021-04-22 15:04 - 2020-03-09 19:56 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-04-22 15:04 - 2020-03-09 19:56 - 000000000 __SHD C:\Users\Karel\IntelGraphicsProfiles
2021-04-22 15:03 - 2020-12-15 19:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-22 15:03 - 2020-12-15 18:46 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-22 15:03 - 2020-03-09 20:12 - 000000000 ____D C:\ProgramData\Synaptics
2021-04-22 15:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-04-22 15:02 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-04-18 13:09 - 2020-12-15 19:03 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-18 13:09 - 2019-12-07 16:43 - 000683540 _____ C:\WINDOWS\system32\perfh005.dat
2021-04-18 13:09 - 2019-12-07 16:43 - 000137320 _____ C:\WINDOWS\system32\perfc005.dat
2021-04-18 13:09 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-17 11:37 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-17 04:18 - 2020-12-15 18:46 - 000442088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-17 04:14 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-16 21:11 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-16 20:55 - 2020-12-15 18:51 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-04-16 20:11 - 2020-03-14 18:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-16 20:08 - 2020-03-14 18:00 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-04-16 19:55 - 2020-03-13 21:14 - 000000000 ____D C:\Users\Karel\AppData\Roaming\vlc
2021-04-13 07:22 - 2021-01-12 10:25 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6d303b1e92f93
2021-04-13 07:22 - 2020-12-15 19:12 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-11 10:13 - 2020-03-09 19:40 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-04-08 19:45 - 2021-01-18 23:20 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2021-04-08 18:46 - 2020-03-12 15:54 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2021-04-08 17:35 - 2020-12-15 19:12 - 000003206 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-04-08 17:35 - 2020-03-12 15:54 - 000002172 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-31 22:23 - 2020-03-09 19:54 - 000000000 ____D C:\Users\Karel\AppData\Local\Packages
2021-03-28 21:43 - 2020-03-09 20:06 - 000000000 ____D C:\Users\Karel\AppData\Local\Comms

==================== Files in the root of some directories ========

2020-11-13 18:05 - 2020-11-13 18:05 - 000000259 _____ () C:\ProgramData\fontcacheev1.dat
2020-03-12 13:42 - 2020-03-12 13:42 - 000000410 _____ () C:\Users\Karel\AppData\Local\oobelibMkey.log
2020-12-01 16:19 - 2020-12-01 16:19 - 000016438 _____ () C:\Users\Karel\AppData\Local\partner.bmp
2020-08-18 21:55 - 2020-08-18 21:55 - 000000017 _____ () C:\Users\Karel\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zpomalení notebooaku při staru

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Bucek
Návštěvník
Návštěvník
Příspěvky: 79
Registrován: 18 led 2007 08:53

Re: Zpomalení notebooaku při staru

#3 Příspěvek od Bucek »

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-03-22.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-24-2021
# Duration: 00:00:12
# OS: Windows 10 Pro
# Cleaned: 8
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Karel\AppData\Local\Walliant

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\csastats
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{AA9A02D9-EDD6-4B5B-824B-D2E68BAA866D}C:\program files (x86)\relevantknowledge\rlvknlg.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{9E88B1F7-BC2A-4E5B-953D-9D03C8244641}C:\program files (x86)\relevantknowledge\rlvknlg.exe
Deleted HKLM\System\Setup\FirstBoot\Services\RelevantKnowledge

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted Crawler hledání
Deleted Crawler hledání
Deleted DAEMON Search

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2123 octets] - [24/04/2021 17:39:01]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zpomalení notebooaku při staru

#4 Příspěvek od Rudy »

Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Bucek
Návštěvník
Návštěvník
Příspěvky: 79
Registrován: 18 led 2007 08:53

Re: Zpomalení notebooaku při staru

#5 Příspěvek od Bucek »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2021
Ran by Karel (24-04-2021 19:47:34)
Running from C:\Users\Karel\Desktop
Windows 10 Pro Version 20H2 19042.928 (X64) (2020-12-15 17:13:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2206319702-2973068575-2851948494-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2206319702-2973068575-2851948494-503 - Limited - Disabled)
Guest (S-1-5-21-2206319702-2973068575-2851948494-501 - Limited - Disabled)
Karel (S-1-5-21-2206319702-2973068575-2851948494-1001 - Administrator - Enabled) => C:\Users\Karel
WDAGUtilityAccount (S-1-5-21-2206319702-2973068575-2851948494-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AdGuard (HKLM-x32\...\{4aba1eab-3222-4eec-b751-fcc490bf0327}) (Version: 7.5.3430.0 - Adguard Software Ltd)
AdGuard (HKLM-x32\...\{685F6AB3-7C61-42D1-AE5B-3864E48D1035}) (Version: 7.5.3430.0 - Adguard Software Ltd) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20149 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Battlefield 4 (HKLM-x32\...\Battlefield 4_is1) (Version: - )
Drive Recorder Player (HKLM-x32\...\{CF01A21A-3EC1-43BE-BD99-4BC36A44BDDA}) (Version: 2.5.3 - Drive Recorder Player)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.85 - Google LLC)
HappyFoto (HKLM-x32\...\{621A70CA-32A5-4F50-A66C-C9C792580415}_is1) (Version: - Happy Foto CZ)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
i-Look 317 (HKLM-x32\...\{D8B883E4-DF64-4A91-B785-08FC9B78923D}) (Version: 1.0.0.14 - KYE)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.46 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4454.1004 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 21.052.0314.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.7 - Power Software Ltd)
Remote Mouse version 3.015 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 3.015 - Remote Mouse)
Rise of the Tomb Raider (HKLM-x32\...\{45F08513-973A-4C18-93FD-8E12B1908390}_is1) (Version: - Square Enix)
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.3.2 - TeamSpeak Systems GmbH)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
V380.1.2.4.767 (HKLM-x32\...\{8C07FBB4-BE5E-4FD7-B34B-80B052D44882}_is1) (Version: 1.2.4.767 - M@cro-video Technologies Co.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\Wargaming.net Game Center) (Version: 21.2.0.4803 - Wargaming.net)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
World of Tanks Common Test (HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\WOT.CT.PRODUCTION) (Version: - Wargaming.net)
World of Tanks EU (HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
World of Tanks Sandbox (HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\WOT.SB.PRODUCTION) (Version: - Wargaming.net)
ZLOrigin (HKLM-x32\...\ZLOrigin_is1) (Version: ZLOrigin - ZLOFENIX)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-06-29] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-20] (Microsoft Corporation)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa [2021-04-24] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-12-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-12-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.4072.0_x64__8wekyb3d8bbwe [2021-04-22] (Microsoft Studios) [MS Ad]
Remote Mouse -> C:\Program Files\WindowsApps\47900RemoteMouseTeam.486280E3D6CF9_3.0.0.0_x86__8nfdqpawkhd26 [2020-08-25] (Remote Mouse Team)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0 [2021-04-22] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2206319702-2973068575-2851948494-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-06-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-06-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-06-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2017-11-01 22:58 - 2017-11-01 22:58 - 001141248 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Adguard\SQLite.Interop.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://live.retetv.cz/watch-tv
SearchScopes: HKU\S-1-5-21-2206319702-2973068575-2851948494-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2021-04-18 13:04 - 2021-04-18 16:13 - 000000505 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Karel\Downloads\IMG_1766.JPG
DNS Servers: 77.48.254.254 - 77.48.100.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EC1E7945-0749-4545-9E50-680A592E522A}] => (Allow) C:\Users\Karel\AppData\Local\Programs\Opera\67.0.3575.53\opera.exe => No File
FirewallRules: [{ABBA4A50-91BE-435D-9AC8-A765B0936DFD}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [File not signed]
FirewallRules: [{FB0728A7-29A3-4B96-A15F-D17E7E841FC5}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [File not signed]
FirewallRules: [{33011A7C-459E-46CD-A9EA-5A98CCCAE21D}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (remotemouse.net) [File not signed]
FirewallRules: [{58A0A0FB-D502-4D9B-BCDB-16A1D5651D35}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (remotemouse.net) [File not signed]
FirewallRules: [{B535A512-5488-4FA7-AD48-88B92AF8098C}] => (Block) C:\program files (x86)\v380\v380.exe (M@cro-video Technologies Co. -> ) [File not signed]
FirewallRules: [{D709A6DA-F6E4-4E6F-B099-35ACEF4B8BA8}] => (Block) C:\program files (x86)\v380\v380.exe (M@cro-video Technologies Co. -> ) [File not signed]
FirewallRules: [UDP Query User{7654EB22-F107-4781-B96C-A9876C81E877}C:\program files (x86)\v380\v380.exe] => (Allow) C:\program files (x86)\v380\v380.exe (M@cro-video Technologies Co. -> ) [File not signed]
FirewallRules: [TCP Query User{093C971C-DC17-4087-954E-2262BFF5AF95}C:\program files (x86)\v380\v380.exe] => (Allow) C:\program files (x86)\v380\v380.exe (M@cro-video Technologies Co. -> ) [File not signed]
FirewallRules: [{B0BEC8B6-49F2-4A83-BE41-0A5CA31D768F}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [UDP Query User{47FE237B-CA7F-4A56-82BD-644608D54948}C:\program files\windowsapps\47900remotemouseteam.486280e3d6cf9_3.0.0.0_x86__8nfdqpawkhd26\remotemouse\remotemouse.exe] => (Allow) C:\program files\windowsapps\47900remotemouseteam.486280e3d6cf9_3.0.0.0_x86__8nfdqpawkhd26\remotemouse\remotemouse.exe (remotemouse.net) [File not signed]
FirewallRules: [TCP Query User{3356BF5C-16F0-46D6-BFB6-FFD19D5B01AB}C:\program files\windowsapps\47900remotemouseteam.486280e3d6cf9_3.0.0.0_x86__8nfdqpawkhd26\remotemouse\remotemouse.exe] => (Allow) C:\program files\windowsapps\47900remotemouseteam.486280e3d6cf9_3.0.0.0_x86__8nfdqpawkhd26\remotemouse\remotemouse.exe (remotemouse.net) [File not signed]
FirewallRules: [UDP Query User{D4B73EDD-A583-47D2-9423-F9A8D70C015D}C:\games\battlefield 4\bf4_offline.exe] => (Allow) C:\games\battlefield 4\bf4_offline.exe (EA Digital Illusions CE AB) [File not signed]
FirewallRules: [TCP Query User{0BA12D52-809F-4ABF-AA4B-171AEF94C2F1}C:\games\battlefield 4\bf4_offline.exe] => (Allow) C:\games\battlefield 4\bf4_offline.exe (EA Digital Illusions CE AB) [File not signed]
FirewallRules: [{0A7EA1EF-BC60-4715-9760-EFABBF43A43C}] => (Block) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [{D78630BB-5A7F-49A1-82CB-45A4D386FA9B}] => (Block) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [UDP Query User{E7ABEBD2-AFA6-46D1-86DA-2EB3F0C463CF}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [TCP Query User{C0207B04-7F07-495F-A8E1-66EE9A17DC7B}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [{57DA0179-71A9-40AB-9F8F-E69850C61A1B}] => (Block) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{87F777E2-EAB8-4E42-B2CE-3883E1371A0B}] => (Block) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{6C2D337B-7F56-41B1-ADA1-E6E7D13412B1}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{B7D6704A-B7A0-4FA8-9DA7-84FF52CB552A}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{7A4B2D30-3EEF-411C-B8BB-B354F9E15EFF}] => (Block) C:\games\world_of_tanks_ct\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{DAFE3BFC-EA8B-4638-A361-9AD306B29FEC}] => (Block) C:\games\world_of_tanks_ct\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{F3FE886C-AE99-462C-9D08-9DFDF89562D5}C:\games\world_of_tanks_ct\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_ct\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{ACE695EB-3AFD-4096-BA0B-694F0D752B01}C:\games\world_of_tanks_ct\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_ct\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{558FA919-FEF3-4BAF-B1EF-B62C1B955683}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{95612BD8-74F2-4658-8A98-AE72058E1FEC}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{17CCE579-95CB-426C-B781-61C0A4C15059}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4EC38E69-3B81-4E0E-8DF2-13424A0BEDD8}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{80E4B090-B699-4183-AFDB-A54711208580}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8F7FCE55-F582-4C7F-9CF6-B244DF4375C7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{3E9B13E2-37A4-4B98-BB1B-3D8EDBC28A20}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{A62BECC8-ED7F-4604-B71A-2E012F335982}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{0086B9DF-1B61-4700-87A2-16B4F8A7B48C}] => (Allow) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{9A36D37E-708C-4E7A-B241-1A9A33C82175}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{87A76B14-F509-4506-9CD1-ED3B9A0D25D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{01493225-4413-4111-AAE3-B4DA717FE717}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe => No File
FirewallRules: [UDP Query User{B45CB2CB-25EC-4348-B060-C4A97C074CA4}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe => No File
FirewallRules: [{B932F9A2-16FC-421F-96C1-9C04B000C0FB}] => (Allow) C:\Program Files (x86)\Adguard\AdguardSvc.exe (Adguard Software Limited -> Adguard Software Ltd)
FirewallRules: [TCP Query User{D05BCB2F-3431-46CA-8156-381AFEC420A5}C:\games\world_of_tanks_sandbox\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_sandbox\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{645EA0DA-7A44-4122-9682-7CE394178C8D}C:\games\world_of_tanks_sandbox\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_sandbox\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{1D2F4952-F98C-4993-AA24-BD3093A31B7B}] => (Block) C:\games\world_of_tanks_sandbox\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{40704D35-E765-469D-BC15-FF3448F6AF24}] => (Block) C:\games\world_of_tanks_sandbox\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{28FC7AB5-C068-46CB-A140-9C9954FD070D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8A69B047-1D5D-4975-962B-267A171F25B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8C817D25-6D6B-45CB-A314-2E8A845D4FA6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9BD27152-2517-4CB2-B6EA-B47A0B2AF28E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4D8DADDE-4FF3-4A66-B67B-ABAB4BEF2CEE}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{0FD72681-95E0-4DFF-A77D-585915ECB3D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{378452E0-5377-4021-8F62-43844C1B6492}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4355561D-16B4-4076-A13C-AEE51A35692E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ADFB7704-BF13-444E-B5B0-9571C68D09E8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{79ECC70F-E9F7-4733-8C20-3ACCAAE8C7CE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CED8D8AA-5946-4B9F-87BC-6330B566DBEE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{27B15526-F77C-4D9A-9441-877CECA98449}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BEF943C2-5477-48DC-9CF8-429C2C6B2A22}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A4F21D9B-50DF-495E-9DDD-D5CD355D9442}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E35BBCE8-3311-4E66-A9EB-A6B7ABE8C138}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D9452C97-C31B-425E-8396-5AB49E316D92}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E804549D-5257-4CF5-A162-0F1722C09EA4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{215706FE-D5A2-4FB2-AEA5-6114DE749986}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9DF0B799-8210-453D-B9DE-D549A408549D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7666DB39-DA5C-417C-99FA-DD726DEABF37}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F04D9927-2797-452F-A54C-3AE0965818F0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4C1287A7-6779-40FD-9721-0F45A2C75690}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)

==================== Restore Points =========================

08-04-2021 17:47:13 Naplánovaný kontrolní bod
16-04-2021 19:43:11 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (04/24/2021 01:37:31 AM) (Source: Adguard) (EventID: 0) (User: )
Description: Switching logger to invalid state because of System.ObjectDisposedException: K zavřenému souboru nelze přistupovat.
Source: mscorlib
Stack trace: v System.IO.__Error.FileNotOpen()
v System.IO.FileStream.get_Length()
v Microsoft.VisualBasic.Logging.FileLogTraceListener.ResourcesAvailable(Int64 newEntrySize)
v Microsoft.VisualBasic.Logging.FileLogTraceListener.WriteLine(String message)
v omX9iF1cQtp6TYX8MDA.qYRbCoxd0(Object , String , omX9iF1cQtp6TYX8MDA )
v Adguard.Commons.Utils.Logger.QigljtVYvH(TraceLevel , Object )

Error: (04/23/2021 07:10:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameBar.exe, verze: 5.521.3093.0, časové razítko: 0x6047c0e0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.906, časové razítko: 0x2f2f77bf
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010b2dc
ID chybujícího procesu: 0x28d8
Čas spuštění chybující aplikace: 0x01d7377c3b35e731
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: ab84da0d-35e0-4960-be59-caf8e2054f53
Úplný název chybujícího balíčku: Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App

Error: (04/22/2021 07:42:51 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (04/18/2021 12:55:55 PM) (Source: Adguard) (EventID: 0) (User: )
Description: Switching logger to invalid state because of System.ObjectDisposedException: K zavřenému souboru nelze přistupovat.
Source: mscorlib
Stack trace: v System.IO.__Error.FileNotOpen()
v System.IO.FileStream.get_Length()
v Microsoft.VisualBasic.Logging.FileLogTraceListener.ResourcesAvailable(Int64 newEntrySize)
v Microsoft.VisualBasic.Logging.FileLogTraceListener.WriteLine(String message)
v omX9iF1cQtp6TYX8MDA.qYRbCoxd0(Object , String , omX9iF1cQtp6TYX8MDA )
v Adguard.Commons.Utils.Logger.QigljtVYvH(TraceLevel , Object )

Error: (04/17/2021 03:57:46 AM) (Source: Adguard) (EventID: 0) (User: )
Description: Switching logger to invalid state because of System.NullReferenceException: Odkaz na objekt není nastaven na instanci objektu.
Source: Microsoft.VisualBasic
Stack trace: v Microsoft.VisualBasic.Logging.FileLogTraceListener.ResourcesAvailable(Int64 newEntrySize)
v Microsoft.VisualBasic.Logging.FileLogTraceListener.WriteLine(String message)
v omX9iF1cQtp6TYX8MDA.qYRbCoxd0(Object , String , omX9iF1cQtp6TYX8MDA )
v Adguard.Commons.Utils.Logger.QigljtVYvH(TraceLevel , Object )

Error: (04/16/2021 07:43:06 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (04/09/2021 03:39:43 PM) (Source: Adguard) (EventID: 0) (User: )
Description: Switching logger to invalid state because of System.ObjectDisposedException: K zavřenému souboru nelze přistupovat.
Source: mscorlib
Stack trace: v System.IO.__Error.FileNotOpen()
v System.IO.FileStream.get_Length()
v Microsoft.VisualBasic.Logging.FileLogTraceListener.ResourcesAvailable(Int64 newEntrySize)
v Microsoft.VisualBasic.Logging.FileLogTraceListener.WriteLine(String message)
v omX9iF1cQtp6TYX8MDA.qYRbCoxd0(Object , String , omX9iF1cQtp6TYX8MDA )
v Adguard.Commons.Utils.Logger.QigljtVYvH(TraceLevel , Object )

Error: (04/08/2021 07:37:03 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (04/24/2021 05:47:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Adguard Service byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (04/24/2021 05:47:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (04/24/2021 05:47:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (04/24/2021 05:40:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Adguard Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (04/24/2021 05:40:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (04/24/2021 05:40:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Audio Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/24/2021 05:40:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Synaptics FP WBF Policy Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/24/2021 05:40:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SynTPEnh Caller Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2021-04-16 14:18:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {75C3B5D3-03BC-475A-BDF9-35EC3D7664B7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-13 15:02:31
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B5903105-359A-4F32-9831-AFDB20C62E02}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-11 14:39:55
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {92B960BD-3124-4B3F-9D4E-D8B588690BC6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-08 17:46:01
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0241039E-54B8-41B6-BA42-7747FE05EA64}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-08 12:31:13
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {4DA6C153-793A-4866-9303-F907665CA37C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-16 15:33:07
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.333.472.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17900.7
Kód chyby: 0x8024001e
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2021-03-13 22:03:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\88.0.4324.190\chrome_elf.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-17 21:35:57
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2021-01-17 21:34:15
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: Insyde F.00 05/27/2013
Motherboard: Hewlett-Packard 1967
Processor: Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz
Percentage of memory in use: 40%
Total physical RAM: 7964.03 MB
Available physical RAM: 4724.5 MB
Total Virtual: 10354.75 MB
Available Virtual: 5939.14 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.27 GB) (Free:537.93 GB) NTFS
Drive f: (NOVÝ SVAZEK) (Fixed) (Total:22.35 GB) (Free:22.34 GB) FAT32

\\?\Volume{ec2999ac-fa58-4d8f-b6b6-826e1bb89603}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{49c84e18-2197-4ed3-bb64-174b03a37ebe}\ () (Fixed) (Total:0.61 GB) (Free:0.08 GB) NTFS
\\?\Volume{f5726e69-c4e7-4999-a74d-dc61a56a07b2}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 373BA8B4)

Partition: GPT.

==========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: 9BD31F4E)

Partition: GPT.

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2021
Ran by Karel (administrator) on DESKTOP-4BNP6E3 (Hewlett-Packard HP ENVY 15 Notebook PC) (24-04-2021 19:44:39)
Running from C:\Users\Karel\Desktop
Loaded Profiles: Karel
Platform: Windows 10 Pro Version 20H2 19042.928 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\AdguardSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-16] (IDT, Inc.) [File not signed]
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [455872 2020-06-22] (Power Software Limited -> Power Software Ltd)
HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1941368 2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [5703528 2020-11-20] (Adguard Software Limited -> Adguard Software Ltd)
HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536424 2021-04-14] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software, a.s. -> ZONER software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.85\Installer\chrmstp.exe [2021-04-23] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0BA9EBF8-7B2A-41F0-B963-5555711EE9DD} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2B47DE31-46CD-4316-A103-3863EDE5B5AF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {47F4379E-4696-4E45-A933-FAE49045921A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6477BF9B-9FDB-4FAF-B52F-E33121DBA720} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {849CAA7C-21CA-424C-BBC9-ACCC72DCD567} - System32\Tasks\Opera scheduled Autoupdate 1606832561 => C:\Users\Karel\AppData\Local\Programs\Opera\launcher.exe [1538584 2020-03-03] (Opera Software AS -> Opera Software)
Task: {8CB7E890-7041-436B-9283-5D76823D2E8A} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2884984 2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {907B5A07-54F2-402A-B255-474D08309EEB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-09] (Google LLC -> Google LLC)
Task: {9D34221E-9AC7-4348-B845-73E78BC001EC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {9D822505-C1B4-40A3-843E-6255741B4688} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A1FAE0A4-5B48-4BD4-B7C8-BAE2156B2CC0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AF05E4B6-25C6-4404-8DCF-78CEF1F7EE5A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {B2E13539-25DC-43E8-ABE9-5FFA7DBC8EDB} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B6981BCB-692E-4908-B72E-088385D94346} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {C4C799F6-1C96-41F1-9618-9F3ECB3EB4BE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {C70EC979-D2B6-49F1-98CD-1B6B591C2FCC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D58A0152-43DE-40BF-A21C-F2A202C363B6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\AdobeGCInvoker-1.0" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\Microsoft Office 15 Sync Maintenance for DESKTOP-4BNP6E3-Karel DESKTOP-4BNP6E3" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\OneDrive Per-Machine Standalone Update Task" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\Opera scheduled Autoupdate 1606832561" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(20): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {D980F95D-962E-46E4-9FB4-2E02C2B0241A} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-4BNP6E3-Karel DESKTOP-4BNP6E3 => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {DC4BCEBA-11EC-4679-AE90-304C98B021A8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EEF56F44-7726-40E6-8383-E2C5151EEB5E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-09] (Google LLC -> Google LLC)
Task: {F9546E58-67D7-41AB-92ED-48ABF91A7614} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 77.48.254.254 77.48.100.254
Tcpip\..\Interfaces\{0d693702-71d4-4e64-8029-1d19634f5829}: [DhcpNameServer] 77.48.254.254 77.48.100.254
Tcpip\..\Interfaces\{0f816ee8-97d9-41b9-8ceb-3dd696d625f9}: [DhcpNameServer] 10.100.0.63 10.100.0.65

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Karel\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-24]
Edge HomePage: Default -> hxxps://www.seznam.cz/
Edge Extension: (AdBlock — best ad blocker) - C:\Users\Karel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2021-04-24]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-14] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default [2021-04-24]
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://meet.google.com; hxxps://www.mall.tv; hxxps://www.steersearch.com; hxxps://www17.darenjarvis.pro; hxxps://www1a.delmarmora.pro; hxxps://www1a.moshemartin.pro; hxxps://www1a.rudyvalencia.pro; hxxps://www1a.samcunningham.pro; hxxps://www21.elbaestes.pro; hxxps://www2a.michellehardin.pro; hxxps://www2a.rudyvalencia.pro; hxxps://www35.darenjarvis.pro; hxxps://www3a.samcunningham.pro; hxxps://www44.todhamilton.pro; hxxps://www50.elbaestes.pro; hxxps://www9.darenjarvis.pro
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Extension: (Prezentace) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-09]
CHR Extension: (Dokumenty) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-09]
CHR Extension: (Disk Google) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-27]
CHR Extension: (YouTube) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-09]
CHR Extension: (AdGuard asistent prohlížeče) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbohpolgemkbfphodcfgnpjcmedcjhpn [2021-03-04]
CHR Extension: (Tabulky) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-23]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-04-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Weather Underground) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2020-03-12]
CHR Extension: (Gmail) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-24]
CHR Profile: C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-12-25]
CHR Profile: C:\Users\Karel\AppData\Local\Google\Chrome\User Data\System Profile [2021-03-28]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [177000 2020-11-20] (Adguard Software Limited -> Adguard Software Ltd)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\FileSyncHelper.exe [2218872 2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [410864 2021-01-25] (NVIDIA Corporation -> NVIDIA)
S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2457520 2020-10-29] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-04-17] (Malwarebytes Inc -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\OneDriveUpdaterService.exe [2603368 2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
S2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [11264 2020-09-23] () [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5361256 2021-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
S2 UTSCSI; C:\Windows\SysWOW64\UTSCSI.EXE [45056 2020-10-23] () [File not signed]
S2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [100384 2016-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 adgnetworkwfpdrv; C:\WINDOWS\System32\drivers\adgnetworkwfpdrv.sys [93184 2020-04-07] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 Btcsrusb; C:\WINDOWS\System32\Drivers\btcusb.sys [53488 2020-10-29] (IVT CORPORATION -> IVT Corporation.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BTWDPAN; C:\WINDOWS\System32\drivers\btwdpan.sys [84008 2020-10-29] (Broadcom Corporation -> Broadcom Corporation.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-04-19] (Malwarebytes Inc -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-04-19] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-04-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-04-22] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-04-22] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-19] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [157944 2021-04-22] (Malwarebytes Inc -> Malwarebytes)
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1219200 2015-06-03] (MEDIATEK INC. -> Ralink Technology, Corp.)
S3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [934896 2020-10-29] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [551936 2013-08-16] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [421088 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-24 19:44 - 2021-04-24 19:46 - 000023623 _____ C:\Users\Karel\Desktop\FRST.txt
2021-04-24 17:36 - 2021-04-24 17:40 - 000000000 ____D C:\AdwCleaner
2021-04-24 17:36 - 2021-04-24 17:36 - 008534696 _____ (Malwarebytes) C:\Users\Karel\Desktop\AdwCleaner.exe
2021-04-24 12:43 - 2021-04-24 12:47 - 000043455 _____ C:\Users\Karel\Downloads\Addition.txt
2021-04-24 12:36 - 2021-04-24 12:47 - 000037763 _____ C:\Users\Karel\Downloads\FRST.txt
2021-04-24 12:35 - 2021-04-24 19:45 - 000000000 ____D C:\FRST
2021-04-24 12:33 - 2021-04-24 12:33 - 002298368 _____ (Farbar) C:\Users\Karel\Desktop\FRST64.exe
2021-04-23 19:19 - 2021-04-23 19:19 - 002772210 _____ C:\Users\Karel\Downloads\Photos (15).zip
2021-04-22 15:04 - 2021-04-22 15:04 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-04-22 15:04 - 2021-04-22 15:04 - 000157944 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-04-22 15:04 - 2021-04-22 15:04 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-04-19 15:36 - 2021-04-19 15:36 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-04-19 15:36 - 2021-04-19 15:36 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-04-18 13:04 - 2021-04-18 16:13 - 000000505 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-04-17 11:38 - 2021-04-17 11:38 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-04-17 11:38 - 2021-04-17 11:38 - 000001981 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-04-17 11:37 - 2021-04-19 15:36 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-04-17 11:37 - 2021-04-17 11:36 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-04-17 11:35 - 2021-04-17 11:35 - 000000000 ____D C:\Program Files\Malwarebytes
2021-04-17 11:34 - 2021-04-17 11:35 - 205090224 _____ (Malwarebytes) C:\Users\Karel\Downloads\mb4-setup-consumer-4.3.0.210-1.0.1173-1.0.37263.exe
2021-04-16 20:58 - 2021-04-16 20:58 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-16 20:57 - 2021-04-16 20:57 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-16 20:56 - 2021-04-16 20:56 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-16 11:13 - 2021-04-16 11:13 - 000510026 _____ C:\Users\Karel\Downloads\2203589099.pdf
2021-04-08 19:45 - 2021-04-22 15:02 - 088342528 _____ C:\WINDOWS\system32\config\SOFTWARE
2021-04-02 20:15 - 2021-04-02 20:15 - 008489331 _____ C:\Users\Karel\Downloads\Photos (13).zip
2021-04-02 20:15 - 2021-04-02 20:15 - 004179157 _____ C:\Users\Karel\Downloads\Photos (14).zip
2021-03-30 20:28 - 2021-03-30 20:28 - 000030147 _____ C:\Users\Karel\Downloads\ceník-duben-2021-23.xlsx
2021-03-29 19:06 - 2021-03-29 19:06 - 001241215 _____ C:\Users\Karel\Downloads\prilohy_81872.zip
2021-03-29 16:28 - 2021-03-29 16:28 - 000000000 ____D C:\Users\Karel\AppData\Roaming\Zoner
2021-03-29 16:28 - 2021-03-29 16:28 - 000000000 ____D C:\Users\Karel\AppData\Local\Zoner
2021-03-29 16:27 - 2014-12-26 00:31 - 000000000 ____D C:\Users\Karel\Downloads\ZPS 17 - Proof license key By Bouberri
2021-03-29 16:26 - 2021-03-29 16:26 - 000001991 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Zoner Photo Studio 17.lnk
2021-03-29 16:26 - 2021-03-29 16:26 - 000001985 _____ C:\Users\Public\Desktop\Zoner Photo Studio 17.lnk
2021-03-29 16:26 - 2021-03-29 16:26 - 000000000 ____D C:\ProgramData\Zoner
2021-03-29 16:25 - 2021-03-29 16:28 - 000000000 ____D C:\Program Files\Zoner
2021-03-29 16:24 - 2021-03-29 16:24 - 080570448 _____ (ZONER software ) C:\Users\Karel\Downloads\zps17_cz.exe
2021-03-29 16:23 - 2021-03-29 16:23 - 000195433 _____ C:\Users\Karel\Downloads\ZPS 17 - Proof license key By Bouberri (1).exe
2021-03-28 12:40 - 2021-03-28 12:42 - 028821233 _____ C:\Users\Karel\Downloads\Photos (12).zip
2021-03-28 11:50 - 2021-03-28 11:51 - 011728766 _____ C:\Users\Karel\Downloads\Photos (11).zip
2021-03-28 11:39 - 2021-03-28 11:42 - 117254506 _____ C:\Users\Karel\Downloads\Photos (10).zip
2021-03-27 20:45 - 2021-03-27 20:45 - 000098842 _____ C:\Users\Karel\Downloads\812835-jaz-solaya-ex-sol-y-mar (1).webp
2021-03-27 20:43 - 2021-03-27 20:43 - 000113626 _____ C:\Users\Karel\Downloads\391535-jaz-solaya-ex-sol-y-mar.webp
2021-03-27 20:42 - 2021-03-27 20:42 - 000098842 _____ C:\Users\Karel\Downloads\812835-jaz-solaya-ex-sol-y-mar.webp
2021-03-27 20:39 - 2021-03-27 20:39 - 000530423 _____ C:\Users\Karel\Downloads\jaza.html
2021-03-27 20:39 - 2021-03-27 20:39 - 000000000 ____D C:\Users\Karel\Downloads\jaza_files

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-24 19:47 - 2020-12-01 16:33 - 000000000 ____D C:\ProgramData\Adguard
2021-04-24 19:46 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-24 19:43 - 2020-12-15 18:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-24 17:49 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-24 17:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-24 17:48 - 2021-02-03 08:57 - 000000000 ____D C:\Program Files (x86)\Adguard
2021-04-24 17:47 - 2020-03-09 20:08 - 000000000 ____D C:\ProgramData\NVIDIA
2021-04-24 15:22 - 2020-12-15 18:53 - 000000000 ____D C:\Users\Karel
2021-04-24 12:47 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-24 12:33 - 2020-06-03 23:51 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-24 12:33 - 2020-06-03 23:51 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-04-23 20:13 - 2020-12-15 19:12 - 000005264 _____ C:\WINDOWS\system32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-4BNP6E3-Karel DESKTOP-4BNP6E3
2021-04-23 19:17 - 2020-03-09 20:02 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-23 19:17 - 2020-03-09 20:02 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-04-23 19:11 - 2020-03-12 13:35 - 000000000 ____D C:\Users\Karel\AppData\Local\CrashDumps
2021-04-22 15:18 - 2020-05-01 12:56 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-04-22 15:09 - 2020-12-15 19:12 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-22 15:09 - 2020-12-15 19:12 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-22 15:07 - 2020-03-09 20:03 - 000000000 ___RD C:\Users\Karel\OneDrive
2021-04-22 15:04 - 2020-03-09 19:56 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-04-22 15:04 - 2020-03-09 19:56 - 000000000 __SHD C:\Users\Karel\IntelGraphicsProfiles
2021-04-22 15:03 - 2020-12-15 19:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-22 15:03 - 2020-12-15 18:46 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-22 15:03 - 2020-03-09 20:12 - 000000000 ____D C:\ProgramData\Synaptics
2021-04-22 15:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-04-22 15:02 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-04-18 13:09 - 2020-12-15 19:03 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-18 13:09 - 2019-12-07 16:43 - 000683540 _____ C:\WINDOWS\system32\perfh005.dat
2021-04-18 13:09 - 2019-12-07 16:43 - 000137320 _____ C:\WINDOWS\system32\perfc005.dat
2021-04-17 11:37 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-17 04:18 - 2020-12-15 18:46 - 000442088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-17 04:14 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-16 21:11 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-16 20:55 - 2020-12-15 18:51 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-04-16 20:11 - 2020-03-14 18:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-16 20:08 - 2020-03-14 18:00 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-04-16 19:55 - 2020-03-13 21:14 - 000000000 ____D C:\Users\Karel\AppData\Roaming\vlc
2021-04-13 07:22 - 2021-01-12 10:25 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6d303b1e92f93
2021-04-13 07:22 - 2020-12-15 19:12 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-11 10:13 - 2020-03-09 19:40 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-04-08 19:45 - 2021-01-18 23:20 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2021-04-08 18:46 - 2020-03-12 15:54 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2021-04-08 17:35 - 2020-12-15 19:12 - 000003206 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-04-08 17:35 - 2020-03-12 15:54 - 000002172 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-31 22:23 - 2020-03-09 19:54 - 000000000 ____D C:\Users\Karel\AppData\Local\Packages
2021-03-28 21:43 - 2020-03-09 20:06 - 000000000 ____D C:\Users\Karel\AppData\Local\Comms

==================== Files in the root of some directories ========

2020-11-13 18:05 - 2020-11-13 18:05 - 000000259 _____ () C:\ProgramData\fontcacheev1.dat
2020-03-12 13:42 - 2020-03-12 13:42 - 000000410 _____ () C:\Users\Karel\AppData\Local\oobelibMkey.log
2020-12-01 16:19 - 2020-12-01 16:19 - 000016438 _____ () C:\Users\Karel\AppData\Local\partner.bmp
2020-08-18 21:55 - 2020-08-18 21:55 - 000000017 _____ () C:\Users\Karel\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zpomalení notebooaku při staru

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
SearchScopes: HKU\S-1-5-21-2206319702-2973068575-2851948494-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FirewallRules: [{EC1E7945-0749-4545-9E50-680A592E522A}] => (Allow) C:\Users\Karel\AppData\Local\Programs\Opera\67.0.3575.53\opera.exe => No File
FirewallRules: [{B0BEC8B6-49F2-4A83-BE41-0A5CA31D768F}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [UDP Query User{E7ABEBD2-AFA6-46D1-86DA-2EB3F0C463CF}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [TCP Query User{C0207B04-7F07-495F-A8E1-66EE9A17DC7B}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [TCP Query User{01493225-4413-4111-AAE3-B4DA717FE717}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe => No File
FirewallRules: [UDP Query User{B45CB2CB-25EC-4348-B060-C4A97C074CA4}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe => No File
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {907B5A07-54F2-402A-B255-474D08309EEB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-09] (Google LLC -> Google LLC)
Task: {EEF56F44-7726-40E6-8383-E2C5151EEB5E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-09] (Google LLC -> Google LLC)

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Bucek
Návštěvník
Návštěvník
Příspěvky: 79
Registrován: 18 led 2007 08:53

Re: Zpomalení notebooaku při staru

#7 Příspěvek od Bucek »

Snad je to ten správný log

Fix result of Farbar Recovery Scan Tool (x64) Version: 17-04-2021
Ran by Karel (24-04-2021 21:05:23) Run:1
Running from C:\Users\Karel\Desktop
Loaded Profiles: Karel
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
SearchScopes: HKU\S-1-5-21-2206319702-2973068575-2851948494-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FirewallRules: [{EC1E7945-0749-4545-9E50-680A592E522A}] => (Allow) C:\Users\Karel\AppData\Local\Programs\Opera\67.0.3575.53\opera.exe => No File
FirewallRules: [{B0BEC8B6-49F2-4A83-BE41-0A5CA31D768F}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [UDP Query User{E7ABEBD2-AFA6-46D1-86DA-2EB3F0C463CF}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [TCP Query User{C0207B04-7F07-495F-A8E1-66EE9A17DC7B}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [TCP Query User{01493225-4413-4111-AAE3-B4DA717FE717}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe => No File
FirewallRules: [UDP Query User{B45CB2CB-25EC-4348-B060-C4A97C074CA4}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe => No File
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {907B5A07-54F2-402A-B255-474D08309EEB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-09] (Google LLC -> Google LLC)
Task: {EEF56F44-7726-40E6-8383-E2C5151EEB5E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-09] (Google LLC -> Google LLC)

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EC1E7945-0749-4545-9E50-680A592E522A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B0BEC8B6-49F2-4A83-BE41-0A5CA31D768F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E7ABEBD2-AFA6-46D1-86DA-2EB3F0C463CF}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C0207B04-7F07-495F-A8E1-66EE9A17DC7B}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{01493225-4413-4111-AAE3-B4DA717FE717}C:\program files\avast software\avast\avastui.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B45CB2CB-25EC-4348-B060-C4A97C074CA4}C:\program files\avast software\avast\avastui.exe" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{907B5A07-54F2-402A-B255-474D08309EEB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{907B5A07-54F2-402A-B255-474D08309EEB}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EEF56F44-7726-40E6-8383-E2C5151EEB5E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EEF56F44-7726-40E6-8383-E2C5151EEB5E}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 951075706 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 11978811 B
Edge => 1401860 B
Chrome => 1133013787 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 180865 B
LocalService => 255251 B
NetworkService => 486089 B
Karel => 10892803 B

RecycleBin => 8725277740 B
EmptyTemp: => 10.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:08:04 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zpomalení notebooaku při staru

#8 Příspěvek od Rudy »

Je to správný log. Bylo smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Bucek
Návštěvník
Návštěvník
Příspěvky: 79
Registrován: 18 led 2007 08:53

Re: Zpomalení notebooaku při staru

#9 Příspěvek od Bucek »

Zdravím
Myslím že je to v cajku. Vypnul jsem a zapl a naběhlo to suprově tak snad je vše OK jen dotaz co tam bylo za sajrajt?
Děkuji a rád pošlu odměnu.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zpomalení notebooaku při staru

#10 Příspěvek od Rudy »

AdWare RelevantKnowledge a jinak samé zbytečnosti, vč. velkého množství dočasných souborů internetu. Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět