Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zdlouhavé načítání PC

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
tomX
Návštěvník
Návštěvník
Příspěvky: 50
Registrován: 23 říj 2006 17:02

Zdlouhavé načítání PC

#1 Příspěvek od tomX »

Dobrý den,
rád bych vás požádal o radu. Vždy, když po delší době (např. po hodině) zapínám počítač, tak načítání win 10 trvá neúměrně dlouho (5 minut). Během načítání se PC několikrát restartuje. BIOS najede v klidu, ale pak je jen černá obrazovka, dioda zapínání monitoru slabě problikává a nic. Po samovolných restartech se WIN načte, ale, jak píši, trvá mu to. Poté vše jede bez problémů. Nemohu najít nikde radu co s tím.
Zde přikládám log z FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-07-2021
Ran by tompson (administrator) on DESKTOP-B8557MG (15-07-2021 13:06:20)
Running from D:\nove
Loaded Profiles: tompson
Platform: Windows 10 Home Version 2004 19041.1110 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <50>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12105.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.6282.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.6282.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21061.10121.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Spotify AB -> Spotify Ltd) C:\Users\kubec\AppData\Roaming\Spotify\Spotify.exe <6>
(WellWeWeb) [File not signed] C:\Program Files (x86)\WellWeWeb\CheVolume\CheVolume.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9246656 2018-01-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319544 2019-02-26] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [330280 2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3519096 2021-06-15] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1729368 2021-07-04] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\Run: [Spotify] => C:\Users\kubec\AppData\Roaming\Spotify\Spotify.exe [24155776 2021-07-09] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2647824122-2969461199-3588900344-1002\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\marke\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-2647824122-2969461199-3588900344-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\marke\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-2647824122-2969461199-3588900344-1002\...\RunOnce: [Uninstall 21.062.0328.0001\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\marke\AppData\Local\Microsoft\OneDrive\21.062.0328.0001\amd64"
HKU\S-1-5-21-2647824122-2969461199-3588900344-1002\...\RunOnce: [Uninstall 21.062.0328.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\marke\AppData\Local\Microsoft\OneDrive\21.062.0328.0001"
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3519096 2021-06-15] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HPLJ1020LM: C:\Windows\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\PDF-XChange5-ABBYY: C:\WINDOWS\system32\pxc50pma.dll [58936 2014-11-13] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe [2021-07-02] (Google LLC -> Google LLC)
Startup: C:\Users\kubec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CheVolume.lnk [2020-06-10]
ShortcutTarget: CheVolume.lnk -> C:\Users\kubec\AppData\Roaming\Microsoft\Installer\{EF2B6047-07B9-4D62-BD1E-7A8698BDE01C}\_CD23FCF4A62C8802B55F5B.exe () [File not signed]
Startup: C:\Users\kubec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2019-11-22]
ShortcutTarget: Twitch.lnk -> C:\Users\kubec\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04759541-175F-4A37-95FE-D1F2687544D9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {19EBAF6F-510C-4390-87F2-BAD1D47EE5D0} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1AED448E-8CC3-48B2-877A-A0BF097F989C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147304 2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {1C09EB0A-F261-4A02-8C96-095112689E9F} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2029640D-63C8-447A-B29F-3A31678E2709} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2BB27E4B-8BF8-4923-BD93-C97C2E50C614} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [29757392 2021-02-04] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {348F7E36-9EBF-4C6D-BCF7-8254D2D1D565} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2651216 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {3CD46FF8-6B0C-4897-B4FD-D0A4767B7839} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [267080 2021-07-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {58576D20-A8DE-4720-AF1D-1FFD097A0196} - System32\Tasks\Opera scheduled Autoupdate 1556966806 => C:\Users\kubec\AppData\Local\Programs\Opera\launcher.exe
Task: {59EBD205-F38C-47E8-8C7F-A898D21A6932} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5311432 2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {6529A986-386B-415D-B638-B3A976CB899C} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {73416CEA-BECD-4FAC-8790-DE18B6082B67} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {7E079764-19A0-4D61-A492-6DAF676B0FBE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5311432 2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {7F8AE12E-3F19-4DB2-9F17-C9A3CEA09DCC} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {85FEB762-254C-4B32-A6B1-23E66DFE3324} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23180168 2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {87B8EFCD-FDAB-48B5-8499-F1D0178ACECB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9C0C3BE7-6B0F-46F9-BA0D-B090D3D6533E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AF3BBA7A-195B-4719-86AA-30D76D3C9FA6} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2476376 2021-07-04] (Overwolf Ltd -> Overwolf LTD)
Task: {B4392E72-41B8-479A-99B0-00E3812F1DB4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-27] (Google LLC -> Google LLC)
Task: {B5D8456F-8A17-488B-88E3-74C0D0058D6E} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1628464 2021-07-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {BB4DE69A-2727-4FDE-B211-5581A6A07CF0} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [330280 2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {BE0B6865-EE56-436B-8B48-BAC9B00AB97C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23180168 2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {C022D8F9-9296-4172-B291-000481AAA4BA} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C45C110D-6004-4FB5-B817-AC8E6A5F3805} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-27] (Google LLC -> Google LLC)
Task: {CD538556-4C30-4CD3-BE31-367FB6756AF7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147304 2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {D03C3E84-9182-4AA2-ABA6-31A76C668C62} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {D71A7272-C8C7-45C6-B685-E3D2B6F19D24} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [248552 2021-07-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {E73ADCA9-A28B-42D1-98F5-66075263E7E3} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{55d45ec7-bb4e-42fc-b0d9-76c0041f5fbf}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a5f07f0a-77cf-41fd-81ce-d05bb85f37a7}: [DhcpNameServer] 192.168.42.129

Edge:
=======
DownloadDir: F:\sber
Edge Notifications: HKU\S-1-5-21-2647824122-2969461199-3588900344-1001 -> hxxps://www.ufreegames.com
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\kubec\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-14]
Edge DownloadDir: Default -> F:\sber
Edge Notifications: Default -> hxxps://www.ufreegames.com
Edge HomePage: Default -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF ProfilePath: C:\Users\kubec\AppData\Roaming\Mozilla\Firefox\Profiles\bBIdqqE1.default [2019-05-03]
FF Extension: (Avira Browser Safety) - C:\Users\kubec\AppData\Roaming\Mozilla\Firefox\Profiles\bBIdqqE1.default\Extensions\abs@avira.com [2019-05-03]
FF Extension: (Avira Password Manager) - C:\Users\kubec\AppData\Roaming\Mozilla\Firefox\Profiles\bBIdqqE1.default\Extensions\passwordmanager@avira.com [2019-05-03]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-06-24] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default [2021-07-15]
CHR DownloadDir: G:\sber
CHR Notifications: Default -> hxxps://aternos.org; hxxps://calendar.google.com; hxxps://cs.verdauung-info.com; hxxps://hoopgame.net; hxxps://kolagames.com; hxxps://mail.google.com; hxxps://meet.google.com; hxxps://www.gamesbs.com; hxxps://www.gamezhero.com; hxxps://www.gogy.com; hxxps://www.h5gamestreet.com; hxxps://www.knihcentrum.cz; hxxps://www.megaknihy.cz; hxxps://www.ufreegames.com
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR NewTab: Default -> Not-active:"chrome-extension://ipmkfpcnmccejididiaagpgchgjfajgp/html/newtab.html"
CHR Extension: (Prezentace) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-03]
CHR Extension: (Titulky plus) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\abgigldmglfimgechooinbdblfmipabb [2019-05-03]
CHR Extension: (Dokumenty) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-03]
CHR Extension: (Disk Google) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-03]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-19]
CHR Extension: (Tabulky) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-03]
CHR Extension: (Avira Browser Safety) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2021-07-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-24]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-07-09]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2020-09-22]
CHR Extension: (EPUBReader) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhhclmfgfllimlhabjkgkeebkbiadflb [2020-06-23]
CHR Extension: (Google Meet Breakout Rooms by Robert Hudek) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\kogfdlbehkaeoafmgaecphlnhohpabig [2021-06-25]
CHR Extension: (Meet Plus for Google Meet) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfjgknkjfjmnjdgdhbbmmbkoddgpdoc [2021-06-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Flat for Education - Music notation editor) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\nomkpimaohgaamiipecibpchogmfhgba [2021-01-18]
CHR Extension: (Gmail) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-26]
CHR Profile: C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-03-30]
CHR Extension: (Prezentace) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-03-30]
CHR Extension: (Dokumenty) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-03-30]
CHR Extension: (Disk Google) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-30]
CHR Extension: (YouTube) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-03-30]
CHR Extension: (Avira Password Manager) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-03-30]
CHR Extension: (Tabulky) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-03-30]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-03-30]
CHR Extension: (Avira Browser Safety) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2021-03-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-30]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-03-30]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2021-03-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-30]
CHR Extension: (Gmail) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-30]
CHR Profile: C:\Users\kubec\AppData\Local\Google\Chrome\User Data\System Profile [2021-03-29]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]

Opera:
=======
OPR Profile: C:\Users\kubec\AppData\Roaming\Opera Software\Opera Stable [2020-09-21]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 ABBYY.Licensing.PDFTransformer.Classic.4.0; C:\Program Files (x86)\ABBYY PDF Transformer+\NetworkLicenseServer.exe [962256 2014-12-02] (ABBYY Production LLC -> ABBYY Production LLC)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1208432 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [537472 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484904 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484904 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [575776 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-05-08] (ASUSTeK Computer Inc. -> )
S4 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] (ASUSTeK Computer Inc. -> ) [File not signed]
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [383976 2021-05-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [264880 2021-07-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [159080 2021-04-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9056656 2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
S4 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1874272 2021-04-18] (GOG Sp. z o.o. -> GOG.com)
S4 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-04-18] (GOG Sp. z o.o. -> GOG.com)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7462200 2021-07-12] (Malwarebytes Inc -> Malwarebytes)
S4 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [974168 2021-06-24] (McAfee, LLC -> McAfee, LLC)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2519864 2020-09-28] (Electronic Arts, Inc. -> Electronic Arts)
S4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3473216 2020-09-28] (Electronic Arts, Inc. -> Electronic Arts)
S4 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2476376 2021-07-04] (Overwolf Ltd -> Overwolf LTD)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-03-22] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294520 2021-06-10] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533808 2021-01-29] (Razer USA Ltd. -> Razer Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-05-08] (ASUSTeK Computer Inc. -> )
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [209744 2021-03-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-05] (Bluestack Systems, Inc -> Bluestack System Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-04-05] (Malwarebytes Inc -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-07-12] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-07-15] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69016 2021-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-25] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156880 2021-07-15] (Malwarebytes Inc -> Malwarebytes)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2020-03-18] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [54632 2021-03-30] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_006e; C:\WINDOWS\System32\drivers\RzDev_006e.sys [56152 2021-03-22] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0306; C:\WINDOWS\System32\drivers\RzDev_0306.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
U3 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-07-15 13:03 - 2021-07-15 13:06 - 000000000 ____D C:\FRST
2021-07-15 11:56 - 2021-07-15 11:56 - 000000000 ____D C:\WINDOWS\LastGood
2021-07-15 11:53 - 2021-07-15 11:53 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-07-15 11:53 - 2021-07-15 11:53 - 000156880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-07-15 11:53 - 2021-07-15 11:53 - 000069016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-07-14 14:21 - 2021-07-14 14:21 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-14 14:21 - 2021-07-14 14:21 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-14 14:21 - 2021-07-14 14:21 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-14 14:21 - 2021-07-14 14:21 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-14 14:20 - 2021-07-14 14:20 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-14 14:20 - 2021-07-14 14:20 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-14 08:22 - 2021-06-21 10:43 - 000037664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-07-14 08:21 - 2021-06-22 03:25 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-07-14 08:21 - 2021-06-22 03:25 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-07-14 08:21 - 2021-06-22 03:25 - 001474336 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-07-14 08:21 - 2021-06-22 03:25 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-07-14 08:21 - 2021-06-22 03:25 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-07-14 08:21 - 2021-06-22 03:25 - 001212192 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-07-14 08:21 - 2021-06-22 03:25 - 001097832 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-07-14 08:21 - 2021-06-22 03:25 - 001097832 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-07-14 08:21 - 2021-06-22 03:25 - 000951912 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-07-14 08:21 - 2021-06-22 03:25 - 000951912 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-07-14 08:21 - 2021-06-22 03:21 - 001519384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-07-14 08:21 - 2021-06-22 03:21 - 001170224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-07-14 08:21 - 2021-06-22 03:21 - 000715568 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-07-14 08:21 - 2021-06-22 03:21 - 000675088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-07-14 08:21 - 2021-06-22 03:21 - 000641328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-07-14 08:21 - 2021-06-22 03:21 - 000575792 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-07-14 08:21 - 2021-06-22 03:21 - 000563992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-07-14 08:21 - 2021-06-22 03:20 - 002111264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-07-14 08:21 - 2021-06-22 03:20 - 001594656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-07-14 08:21 - 2021-06-22 03:20 - 000917280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-07-14 08:21 - 2021-06-22 03:20 - 000748832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-07-14 08:21 - 2021-06-22 03:20 - 000704792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-07-14 08:21 - 2021-06-21 10:43 - 000082968 _____ C:\WINDOWS\system32\nvinfo.pb
2021-07-14 08:20 - 2021-06-22 03:19 - 008852760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-07-14 08:20 - 2021-06-22 03:19 - 007918872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-07-14 08:20 - 2021-06-22 03:19 - 004986648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-07-14 08:20 - 2021-06-22 03:19 - 002924304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-07-14 08:20 - 2021-06-22 03:19 - 000446744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-07-14 08:20 - 2021-06-22 03:18 - 000848672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-07-14 08:20 - 2021-06-22 03:17 - 006215312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-07-14 08:18 - 2021-05-04 09:49 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2021-07-12 19:06 - 2021-07-12 19:06 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-07-12 18:15 - 2021-07-12 18:15 - 000000000 ____D C:\WINDOWS\pss
2021-07-12 17:44 - 2021-07-12 17:44 - 000000112 ___SH C:\bootTel.dat
2021-07-08 18:46 - 2021-07-11 14:43 - 000002026 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray
2021-07-07 16:02 - 2021-07-07 16:02 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-07-07 16:02 - 2021-07-07 16:02 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-07-07 16:02 - 2021-07-07 16:02 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-07-07 16:02 - 2021-07-07 16:02 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-07-07 16:01 - 2021-07-07 16:01 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-07-07 16:01 - 2021-07-07 16:01 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-07-07 16:01 - 2021-07-07 16:01 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-07-07 16:01 - 2021-07-07 16:01 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-07-07 16:01 - 2021-07-07 16:01 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-07-07 16:01 - 2021-07-07 16:01 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-06-23 15:42 - 2021-07-11 14:43 - 000002814 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2021-06-15 08:17 - 2021-07-14 22:22 - 000000000 ____D C:\Users\kubec\AppData\Local\Spotify
2021-06-15 08:17 - 2021-06-15 08:17 - 000001836 _____ C:\Users\kubec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-07-15 13:06 - 2020-10-24 09:32 - 000000000 ____D C:\Users\marke
2021-07-15 13:03 - 2020-05-24 12:56 - 000000000 ____D C:\Users\kubec\AppData\Roaming\Spotify
2021-07-15 12:58 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-15 12:25 - 2019-05-03 17:21 - 000000000 ____D C:\ProgramData\NVIDIA
2021-07-15 12:06 - 2020-08-09 14:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-07-15 12:01 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-15 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-07-15 12:00 - 2020-08-09 14:50 - 001620048 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-15 12:00 - 2019-12-07 16:41 - 000690262 _____ C:\WINDOWS\system32\perfh005.dat
2021-07-15 12:00 - 2019-12-07 16:41 - 000134838 _____ C:\WINDOWS\system32\perfc005.dat
2021-07-15 12:00 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-07-15 11:53 - 2020-08-09 14:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-07-15 11:53 - 2020-08-09 14:47 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-15 11:53 - 2019-05-03 18:44 - 000000000 ____D C:\Users\Public\Speedup Sessions
2021-07-14 23:17 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-07-14 17:21 - 2020-08-09 14:48 - 000367232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-14 14:22 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-14 14:16 - 2019-05-03 17:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-14 14:14 - 2019-05-03 17:41 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-07-14 08:24 - 2019-05-03 17:30 - 000000000 ____D C:\Users\kubec\AppData\Local\NVIDIA
2021-07-14 08:18 - 2020-08-09 14:55 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2019-05-03 17:21 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-07-14 08:18 - 2019-05-03 17:21 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-07-14 08:18 - 2019-05-03 17:21 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-07-14 08:17 - 2020-12-13 22:23 - 000001476 _____ C:\Users\kubec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NVIDIA GeForce NOW.lnk
2021-07-14 08:17 - 2019-05-03 17:30 - 000000000 ____D C:\Users\kubec\AppData\Local\NVIDIA Corporation
2021-07-13 22:51 - 2020-08-09 14:48 - 000000000 ____D C:\Users\kubec
2021-07-13 17:59 - 2020-07-01 06:36 - 000000000 ____D C:\Users\kubec\AppData\Roaming\.minecraft
2021-07-12 19:06 - 2020-08-10 19:18 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-07-12 18:41 - 2019-05-29 12:32 - 000000000 ____D C:\Program Files (x86)\Steam
2021-07-12 18:17 - 2020-03-05 22:18 - 000000000 ____D C:\ProgramData\AVAST Software
2021-07-12 18:17 - 2019-05-03 18:38 - 000000000 ____D C:\Users\kubec\AppData\Roaming\Twitch
2021-07-12 17:52 - 2021-01-10 20:51 - 000000000 ____D C:\Users\kubec\AppData\Local\Overwolf
2021-07-11 14:43 - 2021-05-09 09:17 - 000002966 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper
2021-07-11 14:43 - 2021-01-10 20:52 - 000003244 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2021-07-11 14:43 - 2020-10-24 09:33 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2647824122-2969461199-3588900344-1002
2021-07-11 14:43 - 2020-08-09 14:55 - 000003604 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1556966806
2021-07-11 14:43 - 2020-08-09 14:55 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-11 14:43 - 2020-08-09 14:55 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-07-11 14:43 - 2020-08-09 14:55 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-07-11 14:43 - 2020-08-09 14:55 - 000003220 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2021-07-11 14:43 - 2020-08-09 14:55 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-07-11 14:43 - 2020-08-09 14:55 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2647824122-2969461199-3588900344-1001
2021-07-11 14:43 - 2020-08-09 14:55 - 000002862 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupUpdate
2021-07-11 14:43 - 2020-08-09 14:55 - 000002790 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2021-07-11 14:43 - 2020-08-09 14:55 - 000002566 _____ C:\WINDOWS\system32\Tasks\Avira_Antivirus_Systray
2021-07-11 09:58 - 2019-10-12 11:42 - 000000000 ____D C:\Users\kubec\AppData\Local\CrashDumps
2021-07-11 09:58 - 2019-05-03 17:19 - 000000000 ___RD C:\Users\kubec\OneDrive
2021-07-11 09:57 - 2020-08-09 14:48 - 000002381 _____ C:\Users\kubec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-07-11 09:55 - 2020-06-10 11:08 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-10 11:07 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-07-10 11:06 - 2020-08-18 17:01 - 000000000 _____ C:\end
2021-07-08 18:46 - 2020-11-26 17:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-07-08 18:46 - 2019-05-03 18:08 - 000000000 ____D C:\ProgramData\Avira
2021-07-08 18:46 - 2019-05-03 18:08 - 000000000 ____D C:\Program Files (x86)\Avira
2021-07-08 18:46 - 2019-05-03 17:29 - 000000000 ____D C:\ProgramData\Package Cache
2021-07-07 20:33 - 2019-05-06 09:53 - 000000000 ____D C:\Program Files\Microsoft Office
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-07-07 08:29 - 2021-01-10 20:52 - 000000000 ____D C:\Program Files (x86)\Overwolf
2021-07-02 07:27 - 2020-10-24 09:33 - 000000000 ___RD C:\Users\marke\OneDrive
2021-07-02 07:27 - 2020-10-24 09:32 - 000002365 _____ C:\Users\marke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-07-02 07:27 - 2020-10-24 09:32 - 000000000 ____D C:\Users\marke\AppData\Local\Packages
2021-07-02 07:06 - 2020-01-27 08:34 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-28 15:12 - 2019-11-28 15:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2021-06-27 10:36 - 2019-05-03 17:17 - 000000000 ____D C:\Users\kubec\AppData\Local\Packages
2021-06-25 18:22 - 2019-05-06 08:04 - 000000000 ____D C:\Users\kubec\AppData\Roaming\GHISLER
2021-06-25 14:36 - 2021-04-05 12:43 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-06-23 19:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-06-22 03:17 - 2020-07-17 14:51 - 007279232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-06-21 10:43 - 2020-07-17 14:51 - 000136472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-06-20 10:51 - 2021-01-24 08:42 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-15 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF

==================== Files in the root of some directories ========

2020-02-03 17:51 - 2020-03-29 18:38 - 000005120 _____ () C:\Users\kubec\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-11-11 20:03 - 2019-11-11 20:03 - 000005539 _____ () C:\Users\kubec\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-07-2021
Ran by tompson (15-07-2021 13:07:20)
Running from D:\nove
Windows 10 Home Version 2004 19041.1110 (X64) (2020-08-09 12:55:36)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2647824122-2969461199-3588900344-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2647824122-2969461199-3588900344-503 - Limited - Disabled)
Guest (S-1-5-21-2647824122-2969461199-3588900344-501 - Limited - Disabled)
marke (S-1-5-21-2647824122-2969461199-3588900344-1002 - Limited - Enabled) => C:\Users\marke
tompson (S-1-5-21-2647824122-2969461199-3588900344-1001 - Administrator - Enabled) => C:\Users\kubec
WDAGUtilityAccount (S-1-5-21-2647824122-2969461199-3588900344-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY PDF Transformer+ (HKLM\...\{FA400000-0001-6400-0000-074957833700}) (Version: 4.2.186 - ABBYY Production LLC)
Advanced Combat Tracker (remove only) (HKLM-x32\...\Advanced Combat Tracker) (Version: - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2104.2083 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.37.4.17510 - Avira Operations GmbH & Co. KG) Hidden
Avira Privacy Pal (HKLM-x32\...\{F2BC8305-DFBE-4C02-A906-9BBD8EE299A3}_is1) (Version: 2.4.0.1962 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.51.20724 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG;)
Avira Software Updater (HKLM-x32\...\{5FFF909D-D88F-42B9-9A85-328A1290611C}) (Version: 2.0.6.48309 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.10.0.11063 - Avira Operations GmbH & Co. KG) Hidden
Balíček ovladače systému Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.)
Battle Chasers Nightwar (HKLM-x32\...\1345854066_is1) (Version: v.22997 - GOG.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bloody7 (HKLM-x32\...\Bloody3) (Version: 19.09.0012 - Bloody)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.280.1.1002 - BlueStack Systems, Inc.)
Citra (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\{18cc945c-4224-43c6-816f-bfa84edfa023}) (Version: 1.0.0 - Citra Team)
CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.)
CurseForge (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.177.1.5 - Overwolf app)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Divinity: Original Sin 2 (HKLM-x32\...\1584823040_is1) (Version: 3.6.69.4648(a) - GOG.com)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Epic Battle Fantasy 5 version 1.2 (HKLM-x32\...\{6C18D3AF-52C5-4530-A64E-5359153BA9AB}_is1) (Version: 1.2 - DELiGHT 2018)
FastStone Image Viewer 7.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.5 - FastStone Soft)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.5.0.20723 - Foxit Software Inc.)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.66.5330 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.124 - Google LLC)
Cheat Engine 7.0 (HKLM\...\Cheat Engine 7.0_is1) (Version: - Cheat Engine)
CheVolume (HKLM-x32\...\{EF2B6047-07B9-4D62-BD1E-7A8698BDE01C}) (Version: 1.6.05 - WellWeWeb)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.2.0.1009 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{F4F771E2-6E23-4F27-93E1-27C22C71B7E2}) (Version: 17.2.0.1009 - Intel Corporation)
Java 8 Update 291 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Java 8 Update 291 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Malwarebytes version 4.4.2.123 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.2.123 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.67 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.14131.20278 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\OneDriveSetup.exe) (Version: 21.119.0613.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2647824122-2969461199-3588900344-1002\...\OneDriveSetup.exe) (Version: 21.109.0530.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{733C3ACB-432D-4880-B0E1-660000D7974D}) (Version: 1.0.0.0 - Mojang)
Moorhuhn 2 V1.1 (HKLM-x32\...\Moorhuhn 2 V1.1) (Version: - )
Neverwinter Nights: Enhanced Edition (HKLM-x32\...\1097893768_is1) (Version: 82.8193.20.1 - GOG.com)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA GeForce NOW 2.0.27.147 (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.27.147 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 471.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.11 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.84.43868 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.174.0.10 - Overwolf Ltd.)
Path of Building Community (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\Path of Building Community) (Version: 1.4.170.16 - Path of Building Community)
PDF Converter V2.2.2.2 (HKLM-x32\...\{70098260-60F4-468D-B598-C410B616B4DF}_is1) (Version: 2.2.2.2 - Apowersoft LIMITED)
Plants vs. Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PlayDance verze 1.0.980 (HKLM-x32\...\{EC8642E4-7CE3-4379-9114-6E34DEF98D58}_is1) (Version: 1.0.980 - VISO SPORT s.r.o.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.6.0624.061513 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.31.828.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8339 - Realtek Semiconductor Corp.)
Roblox Player for tompson (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for tompson (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\roblox-studio) (Version: - Roblox Corporation)
Spotify (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\Spotify) (Version: 1.1.63.568.gda8cb5ac - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StepMania (remove only) (HKLM-x32\...\StepMania) (Version: - )
The Incredible Adventures of Van Helsing - Final Cut (HKLM-x32\...\1448013298_is1) (Version: 1.1.0b (B) - GOG.com)
The Incredible Adventures of Van Helsing Final Cut - Textures DLC (HKLM-x32\...\1378339771_is1) (Version: 1.1.0b (B) - GOG.com)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
TQ Defiler.NET (HKLM-x32\...\{F4CB0C1E-A88F-46D7-AC9A-03B349A8D64F}) (Version: 1.3.7 - Soul's Software)
Tukui Client (HKLM-x32\...\{6F0A95E2-F08C-4E11-9BA3-287B3609AFC1}) (Version: 3.1.8 - Tukui)
Twitch (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Ulož.to FileManager 2.71 (64-bit) (HKLM\...\3f2e2cd28b0e4e4396c2402fbc85a0f0_is1) (Version: 2.71 - Uloz.to cloud a.s.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 38.2 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WanezGD_Tools 0.5.4 (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\116f95da-adc1-5db0-b937-03c8e4a18506) (Version: 0.5.4 - WareBare)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.605 - McAfee, LLC)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Zoom (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\ZoomUMX) (Version: 5.4.1 (58698.1027) - Zoom Video Communications, Inc.)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-16] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-03] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-07-02] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-07-14] (NVIDIA Corp.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-12] () [File not signed] [File is in use]
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [Transformer4ContextMenu] -> {558BA64F-C7A8-4B96-BCDD-B46E9D00756A} => C:\Program Files (x86)\ABBYY PDF Transformer+\x64\TRIntegration.x64.dll [2015-01-28] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-05] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-12] () [File not signed] [File is in use]
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\nvshext.dll [2021-06-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-05] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [Transformer4ContextMenu] -> {558BA64F-C7A8-4B96-BCDD-B46E9D00756A} => C:\Program Files (x86)\ABBYY PDF Transformer+\x64\TRIntegration.x64.dll [2015-01-28] (ABBYY Production LLC -> ABBYY Production LLC.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\kubec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StepMania\Go To StepMania web site.lnk -> hxxp://www.stepmania.com
ShortcutWithArgument: C:\Users\kubec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&aff_sub2=nLM2WZ6xTCipawzZenMRKUoCzOAnOvmwJzuY2Ccipza0eftThbgLfipJgAAAKyHD2sie&click_id=3609fb26e7c0dd494b86064a330f10766549e7c9 --app-window-size=1920,1200

==================== Loaded Modules (Whitelisted) =============

2019-02-12 15:10 - 2019-02-12 15:10 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2021-07-13 19:15 - 2021-07-13 19:15 - 000913920 _____ (ServiceStack) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ServiceStack.Text\02be6f4737cf4f4fdbbac7847e7e1efc\ServiceStack.Text.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_291\bin\ssv.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-06-24] (McAfee, LLC -> McAfee, LLC)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\ssv.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-06-24] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2015-07-10 13:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Users\kubec\AppData\Local\Microsoft\WindowsApps;C:\adb
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\kubec\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
HKU\S-1-5-21-2647824122-2969461199-3588900344-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\marke\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\B3-EU419_201908_GR_20190822110317.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: ABBYY.Licensing.PDFTransformer.Classic.4.0 => 2
MSCONFIG\Services: asComSvc => 2
MSCONFIG\Services: AsSysCtrlService => 2
MSCONFIG\Services: avast! Tools => 2
MSCONFIG\Services: FvSvc => 3
MSCONFIG\Services: GalaxyClientService => 3
MSCONFIG\Services: GalaxyCommunication => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) TPM Provisioning Service => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: McAfee WebAdvisor => 2
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: Origin Web Helper Service => 2
MSCONFIG\Services: OverwolfUpdater => 3
MSCONFIG\Services: Steam Client Service => 3
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\StartupApproved\Run: => "Overwolf"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{5D08E3EE-5002-42A6-B474-5E940F9F5D4E}C:\users\kubec\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kubec\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{EB5E2BBB-DB44-4F70-9BE5-DFD2F9DDC098}C:\users\kubec\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kubec\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4AF1D8F9-D4E2-462D-B11F-BF5DC2EE39EF}] => (Allow) D:\games\steamapps\common\Mass Effect 2\MassEffect2Launcher.exe (BioWare -> BioWare)
FirewallRules: [{3C350ADD-9121-49F3-8AF2-B07BA32BEA0B}] => (Allow) D:\games\steamapps\common\Mass Effect 2\MassEffect2Launcher.exe (BioWare -> BioWare)
FirewallRules: [{C4A9F1B4-B365-42D3-ACA8-3EE6DF4FBD59}] => (Allow) D:\games\steamapps\common\Mass Effect 2\Binaries\MassEffect2.exe (BioWare -> BioWare)
FirewallRules: [{FADC3BC4-2E96-4F0C-8607-84BAB07AB636}] => (Allow) D:\games\steamapps\common\Mass Effect 2\Binaries\MassEffect2.exe (BioWare -> BioWare)
FirewallRules: [{0469797D-3E23-481C-AEBA-B41A9026E7CB}] => (Allow) D:\games\pvz\PlantsVsZombies.exe (PopCap Games -> )
FirewallRules: [{E3713DF2-5110-4D53-B330-61FF77DAB2C2}] => (Allow) D:\games\pvz\PlantsVsZombies.exe (PopCap Games -> )
FirewallRules: [{58A60E48-27C8-4264-9F2A-EFAB0FEB7774}] => (Allow) C:\Program Files (x86)\Advanced Combat Tracker\Advanced Combat Tracker.exe (EQAditu) [File not signed]
FirewallRules: [{E250C465-2FA9-49F8-B596-4A8D6ADDAADF}] => (Allow) C:\Program Files (x86)\Advanced Combat Tracker\Advanced Combat Tracker.exe (EQAditu) [File not signed]
FirewallRules: [{C4922408-C790-438C-BE49-568662FB993D}] => (Allow) C:\Program Files (x86)\Advanced Combat Tracker\Advanced Combat Tracker.exe (EQAditu) [File not signed]
FirewallRules: [{1CFE089C-32BB-4FDE-B177-345D9354135F}] => (Allow) C:\Program Files (x86)\Advanced Combat Tracker\Advanced Combat Tracker.exe (EQAditu) [File not signed]
FirewallRules: [UDP Query User{27F31026-C33B-41B7-BE23-048FA6DB8ACE}D:\games\divinity - original sin 2\divinity - original sin 2\classic\eocapp.exe] => (Allow) D:\games\divinity - original sin 2\divinity - original sin 2\classic\eocapp.exe (Larian Studios -> )
FirewallRules: [TCP Query User{16EB6A13-5F92-40D6-A5AB-3F9FD6CF2920}D:\games\divinity - original sin 2\divinity - original sin 2\classic\eocapp.exe] => (Allow) D:\games\divinity - original sin 2\divinity - original sin 2\classic\eocapp.exe (Larian Studios -> )
FirewallRules: [{30324906-B306-4CD7-8D05-1D726043116B}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft PDF Converter\Apowersoft PDF Converter.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{C6BAC5FF-B315-49F2-A88A-7BB77E47983A}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft PDF Converter\Apowersoft PDF Converter.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{3E538BBA-4787-49A0-8412-6059DEE3AEA0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4EC8ACBE-B186-44FF-A5ED-FBE55FC7E3AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{CD47FD1F-F344-4078-B288-92BBC8C3751A}D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{206E021E-CDDA-4FB6-950E-BCFF04365090}D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{C640C16F-E851-408D-8BBD-178F89B58748}D:\games\diablo iii\x64\diablo iii64.exe] => (Allow) D:\games\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{F7BF3426-BF31-4393-9D58-7617F9423DF3}D:\games\diablo iii\x64\diablo iii64.exe] => (Allow) D:\games\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{F5DA3498-EF43-4A8E-AA26-3E59D01F3ED0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BFAA7608-B2FD-4B27-A59D-B3210C38A17F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{12BC2AF7-73A3-4FC9-9C34-1B5303A3C679}D:\games\battle chasers nightwar\bc.exe] => (Block) D:\games\battle chasers nightwar\bc.exe () [File not signed]
FirewallRules: [UDP Query User{5B8B6133-BCDB-4134-9E39-72C1F78F9226}D:\games\battle chasers nightwar\bc.exe] => (Block) D:\games\battle chasers nightwar\bc.exe () [File not signed]
FirewallRules: [{CABE9F6F-7AAC-47E3-BF66-98A9DCA33593}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{EBB3EB19-D96A-4D63-B6E2-46A5C269A766}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{04EE950B-0531-489D-A804-31BE55CA0E18}F:\sber\nove\programy\files\bin\kmss.exe] => (Allow) F:\sber\nove\programy\files\bin\kmss.exe => No File
FirewallRules: [UDP Query User{B1A74471-4642-498B-915F-63E941FF286C}F:\sber\nove\programy\files\bin\kmss.exe] => (Allow) F:\sber\nove\programy\files\bin\kmss.exe => No File
FirewallRules: [TCP Query User{125A0FE1-3028-47EE-BE41-B84938E5A93D}C:\program files\citra emulator\nightly-mingw\citra-qt.exe] => (Allow) C:\program files\citra emulator\nightly-mingw\citra-qt.exe () [File not signed]
FirewallRules: [UDP Query User{63A58723-42D8-4013-85EF-55D72A6D9696}C:\program files\citra emulator\nightly-mingw\citra-qt.exe] => (Allow) C:\program files\citra emulator\nightly-mingw\citra-qt.exe () [File not signed]
FirewallRules: [{A57DCFCB-FE0A-4F2E-81AC-7016B7D2B040}] => (Allow) D:\games\Dragon Age Inquisition\DragonAgeInquisition.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{8DE71E50-1000-4F00-B0C8-E638E61EA5C4}] => (Allow) D:\games\Dragon Age Inquisition\DragonAgeInquisition.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [TCP Query User{9E00C742-5011-42E0-B980-69EFFE0CF7FC}D:\games\van helsing\the incredible adventures of van helsing - final cut\vanhelsing_x64_win10.exe] => (Block) D:\games\van helsing\the incredible adventures of van helsing - final cut\vanhelsing_x64_win10.exe (NeoCore Games) [File not signed]
FirewallRules: [UDP Query User{8C625256-822C-48A9-BE28-1947711D84DF}D:\games\van helsing\the incredible adventures of van helsing - final cut\vanhelsing_x64_win10.exe] => (Block) D:\games\van helsing\the incredible adventures of van helsing - final cut\vanhelsing_x64_win10.exe (NeoCore Games) [File not signed]
FirewallRules: [{B690A6FD-C344-4A5C-AABA-7055CF633869}] => (Allow) D:\games\steamapps\common\Titan Quest Anniversary Edition\TQ.exe () [File not signed]
FirewallRules: [{6FD3D4AC-3898-4C82-B764-6467EA906E14}] => (Allow) D:\games\steamapps\common\Titan Quest Anniversary Edition\TQ.exe () [File not signed]
FirewallRules: [{D9201623-0BC1-4A39-9162-496D5F2BB8C9}] => (Allow) D:\games\steamapps\common\Titan Quest Anniversary Edition\WorkshopTool\TQWorkshopTool.exe (Nordic Games) [File not signed]
FirewallRules: [{121C246A-237A-4730-92E0-DD10308A2FD0}] => (Allow) D:\games\steamapps\common\Titan Quest Anniversary Edition\WorkshopTool\TQWorkshopTool.exe (Nordic Games) [File not signed]
FirewallRules: [{D2DA7910-F781-4171-BD11-3B94CC4C6DC9}] => (Allow) D:\games\steamapps\common\Grim Dawn\Grim Dawn.exe (Crate Entertainment, LLC) [File not signed]
FirewallRules: [{AEEA6BDB-4C80-43F6-8AA0-99658F26E30F}] => (Allow) D:\games\steamapps\common\Grim Dawn\Grim Dawn.exe (Crate Entertainment, LLC) [File not signed]
FirewallRules: [{148117B1-4655-46FA-9FAE-08C6C3E7C1B7}] => (Allow) C:\Users\kubec\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{F52ED7F7-40BD-4B15-89EA-70D9F937A24B}D:\games\divinity - original sin 2\divinity - original sin 2\defed\bin\eocapp.exe] => (Allow) D:\games\divinity - original sin 2\divinity - original sin 2\defed\bin\eocapp.exe () [File not signed]
FirewallRules: [UDP Query User{3DCB1B60-E1C9-445A-94FE-92FC4868DCCB}D:\games\divinity - original sin 2\divinity - original sin 2\defed\bin\eocapp.exe] => (Allow) D:\games\divinity - original sin 2\divinity - original sin 2\defed\bin\eocapp.exe () [File not signed]
FirewallRules: [{AD89F761-613B-4F22-8C1B-88D506C82884}] => (Allow) D:\games\steamapps\common\Kingdoms of Amalur Re-Reckoning\koa.exe () [File not signed]
FirewallRules: [{9A9BA4AA-6FE3-46B0-97F4-070F86531F92}] => (Allow) D:\games\steamapps\common\Kingdoms of Amalur Re-Reckoning\koa.exe () [File not signed]
FirewallRules: [{F6BD02E1-603B-4CBD-9A2F-668B49C1E7A5}] => (Allow) D:\games\steamapps\common\Dishonored RHCP\Binaries\Win32\Dishonored.exe (Bethesda Softworks -> ZeniMax Media Inc.)
FirewallRules: [{8C26BC4A-69C5-48BE-8245-5B196B2A6C4D}] => (Allow) D:\games\steamapps\common\Dishonored RHCP\Binaries\Win32\Dishonored.exe (Bethesda Softworks -> ZeniMax Media Inc.)
FirewallRules: [{86CC1389-E05A-4AAE-9317-B4E94682F27A}] => (Allow) D:\games\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{E8E4B291-3663-4A2C-AE31-D6F92889BD33}] => (Allow) D:\games\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{4115E062-B48E-485B-9DE4-7698B174B1C2}] => (Allow) D:\games\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Take-Two Interactive Software, Inc. -> Gearbox Software) [File not signed]
FirewallRules: [{DCD440D9-4035-431F-85DD-E2541A4A4ADB}] => (Allow) D:\games\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Take-Two Interactive Software, Inc. -> Gearbox Software) [File not signed]
FirewallRules: [{89D1FA3D-CF55-4431-A2DC-4EBF58FA954A}] => (Allow) D:\games\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [{A327F79E-7858-4D1F-8F0E-5CAB19D04315}] => (Allow) D:\games\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [{F27520A0-14E5-4CE0-A8E6-719DF9EAF730}] => (Allow) D:\games\steamapps\common\FINAL FANTASY XIV Online\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{86334CC4-A902-4C27-B992-4E00C876E31B}] => (Allow) D:\games\steamapps\common\FINAL FANTASY XIV Online\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{8D2109E4-472A-44AA-881B-9B80D562E403}] => (Allow) D:\games\steamapps\common\Monster Train\MonsterTrain.exe () [File not signed]
FirewallRules: [{21F09EFE-A5F3-456F-8451-59CA49C2FCB6}] => (Allow) D:\games\steamapps\common\Monster Train\MonsterTrain.exe () [File not signed]
FirewallRules: [{18836B7A-A00D-4BDF-80F7-7F59D237FEBA}] => (Allow) D:\games\steamapps\common\Metro 2033\metro2033.exe (THQ, Inc. -> 4A Games)
FirewallRules: [{33C8E280-D1FA-436D-BA75-B134B70C9FC2}] => (Allow) D:\games\steamapps\common\Metro 2033\metro2033.exe (THQ, Inc. -> 4A Games)
FirewallRules: [TCP Query User{4B795619-294D-4DEF-8680-42B927BB18CA}C:\users\kubec\appdata\local\vysor\app-3.1.4\vysor.exe] => (Allow) C:\users\kubec\appdata\local\vysor\app-3.1.4\vysor.exe (Vysor Inc.) [File not signed]
FirewallRules: [UDP Query User{E5779B1D-6124-4222-82BD-276015C2F70F}C:\users\kubec\appdata\local\vysor\app-3.1.4\vysor.exe] => (Allow) C:\users\kubec\appdata\local\vysor\app-3.1.4\vysor.exe (Vysor Inc.) [File not signed]
FirewallRules: [{C7211A0A-8F5E-41D0-BA17-897115D46C2A}] => (Allow) D:\games\steamapps\common\Grim Dawn\x64\Grim Dawn.exe (Crate Entertainment, LLC) [File not signed]
FirewallRules: [{2BCEA1FC-2D44-4F5F-A7BF-05459555D43F}] => (Allow) D:\games\steamapps\common\Grim Dawn\x64\Grim Dawn.exe (Crate Entertainment, LLC) [File not signed]
FirewallRules: [{48664137-17ED-4062-84CF-6DB9F382E9A2}] => (Allow) D:\games\steamapps\common\Bit Heroes\Bit Heroes.exe () [File not signed]
FirewallRules: [{DD00D445-F6F7-4751-90B3-9F03A2779C6C}] => (Allow) D:\games\steamapps\common\Bit Heroes\Bit Heroes.exe () [File not signed]
FirewallRules: [{B86EBDA8-1A42-427C-B2B4-1D9EBF7D610D}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [TCP Query User{539E967B-F31C-458F-9DAD-D621992CABF2}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{516B5FF2-27F5-4847-86FC-BBAF75C99B91}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{032DC7D4-0FE3-42AB-B99D-46DB74D702AB}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{166FE3F4-9C5B-4F87-ACA1-57D30B48785D}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{95F8CEBE-05C2-45BD-900B-15F530EEFB8E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{436D4BF6-0EC1-4BE2-BE58-9B9CABF1DB77}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DCF6DDDF-785F-4EF5-9C92-014698E4C526}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B71A4080-9EC4-4784-A151-784070174188}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{647518C2-56FF-4393-9942-67E2A0C2E994}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{603CB4FF-551B-48D1-AACA-83980243BF04}] => (Allow) C:\Program Files (x86)\Overwolf\0.174.0.10\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{C90F95C3-5FC2-4F6D-8A4E-D0CC4696DD07}] => (Allow) C:\Program Files (x86)\Overwolf\0.174.0.10\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{377258F7-FB9C-4C72-9EEF-B74291D325BC}] => (Block) C:\Program Files (x86)\Overwolf\0.174.0.10\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{FA5A998A-B2D9-46C4-9E72-3DA00C3D572C}] => (Block) C:\Program Files (x86)\Overwolf\0.174.0.10\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{D9331DFD-EF19-4543-AE85-A4269FB333D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BED68357-DE7D-4CB5-BE45-CD90BE2A3D2E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5BBE44A5-93C7-431D-95F5-A3825DC1681C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BF4165DE-8320-49C5-BFE9-C4AC139A34B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{643A1EC5-083D-4BAA-B2CD-00FC31588E6A}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{CC06585A-90E7-4D36-BE5B-CC8D5D0FCF0C}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{D5F37CC9-BB8C-4AB7-8162-4E0ADA64FDE9}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{8FE7016B-3C5F-4634-87C3-AF3B0CAFA1BC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D47E0CCD-2F19-4F05-8EA0-A57D9C8629F5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{435BB392-1E41-4360-9090-A9F5F9F0F2C7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BD8CCB68-63DA-4E9B-A84E-2665F14B83E9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

06-07-2021 21:16:23 Naplánovaný kontrolní bod
12-07-2021 21:38:17 Instalační služba modulů systému Windows
14-07-2021 14:16:18 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (07/15/2021 11:53:36 AM) (Source: usbperf) (EventID: 2001) (User: )
Description: Nelze přečíst hodnotu First Counter v klíči usbperf\Performance. Kódy stavu byly vráceny v rámci dat.

Error: (07/15/2021 11:53:31 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).

Error: (07/15/2021 11:53:31 AM) (Source: usbperf) (EventID: 2001) (User: )
Description: Nelze přečíst hodnotu First Counter v klíči usbperf\Performance. Kódy stavu byly vráceny v rámci dat.

Error: (07/15/2021 11:53:18 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Nelze načíst informace registru o čítači výkonu pro WSearchIdxPi pro instanci z důvodu následující chyby: Operace byla dokončena úspěšně. 0x0.

Error: (07/15/2021 11:53:18 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Sledování výkonu objektu indexovacího modulu nebylo inicializováno, protože nejsou načteny čítače nebo nebyl otevřen sdílený objekt paměti. Tato skutečnost má vliv pouze na dostupnost čítačů výkonu. Restartujte počítač.

Kontext: aplikace , katalog SystemIndex

Error: (07/15/2021 11:53:18 AM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Sledování výkonu služby indexovacího modulu nebylo inicializováno, protože nejsou načteny čítače nebo nebyl otevřen sdílený objekt paměti. Tato skutečnost má vliv pouze na dostupnost čítačů výkonu. Restartujte počítač.

Error: (07/14/2021 10:22:07 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Nelze přečíst hodnotu First Counter v klíči usbperf\Performance. Kódy stavu byly vráceny v rámci dat.

Error: (07/14/2021 10:15:28 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Nelze přečíst hodnotu First Counter v klíči usbperf\Performance. Kódy stavu byly vráceny v rámci dat.


System errors:
=============
Error: (07/14/2021 05:21:54 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (07/14/2021 08:24:09 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (07/14/2021 08:24:09 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.

Error: (07/13/2021 10:51:21 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-B8557MG)
Description: Služba DCOM zjistila chybu 1053 při pokusu o spuštění služby BcastDVRUserService_9a606 s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Media.Capture.Internal.AppCaptureShell

Error: (07/13/2021 10:51:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba BcastDVRUserService_9a606 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (07/13/2021 10:51:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby BcastDVRUserService_9a606 bylo dosaženo časového limitu (30000 ms).

Error: (07/13/2021 03:29:30 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (15:25:48, ‎13.‎07.‎2021) bylo neočekávané.

Error: (07/13/2021 03:25:48 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (15:21:13, ‎13.‎07.‎2021) bylo neočekávané.


CodeIntegrity:
===============
Date: 2021-07-12 18:11:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-07-12 17:49:45
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1402 04/03/2019
Motherboard: ASUSTeK COMPUTER INC. PRIME B360-PLUS
Processor: Intel(R) Core(TM) i5-9400F CPU @ 2.90GHz
Percentage of memory in use: 50%
Total physical RAM: 16306.59 MB
Available physical RAM: 8086.68 MB
Total Virtual: 18738.59 MB
Available Virtual: 7909.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.21 GB) (Free:108 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:465.76 GB) (Free:24.88 GB) NTFS

\\?\Volume{0a03630f-0343-4858-8334-9ca09d672284}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{ec3e820e-d363-4565-9829-e5be1dad7923}\ () (Fixed) (Total:0.81 GB) (Free:0.37 GB) NTFS
\\?\Volume{2f124f43-86f5-4a86-8ba5-36a7bb481e08}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 1CF38A4F)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 65894539)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================


Předem děkuji za pomoc

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zdlouhavé načítání PC

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

tomX
Návštěvník
Návštěvník
Příspěvky: 50
Registrován: 23 říj 2006 17:02

Re: Zdlouhavé načítání PC

#3 Příspěvek od tomX »

čistění adwcleanerem provedeno. Přikládám log:




# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-06-29.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-15-2021
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 5
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted C:\END

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\hp.myway.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\hp.myway.com

***** [ Chromium (and derivatives) ] *****

Deleted Avira SafeSearch Plus - ipmkfpcnmccejididiaagpgchgjfajgp
Deleted Avira SafeSearch Plus - ipmkfpcnmccejididiaagpgchgjfajgp

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1603 octets] - [05/04/2020 17:43:39]
AdwCleaner[C00].txt - [1715 octets] - [05/04/2020 17:43:48]
AdwCleaner[S01].txt - [2100 octets] - [15/07/2021 16:47:19]
AdwCleaner[S02].txt - [2161 octets] - [15/07/2021 16:50:20]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zdlouhavé načítání PC

#4 Příspěvek od Rudy »

Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

tomX
Návštěvník
Návštěvník
Příspěvky: 50
Registrován: 23 říj 2006 17:02

Re: Zdlouhavé načítání PC

#5 Příspěvek od tomX »

Přikládám logy:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-07-2021
Ran by tompson (administrator) on DESKTOP-B8557MG (15-07-2021 17:10:02)
Running from D:\nove
Loaded Profiles: tompson
Platform: Windows 10 Home Version 2004 19041.1110 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <17>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12105.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Spotify AB -> Spotify Ltd) C:\Users\kubec\AppData\Roaming\Spotify\Spotify.exe <6>
(WellWeWeb) [File not signed] C:\Program Files (x86)\WellWeWeb\CheVolume\CheVolume.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9246656 2018-01-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319544 2019-02-26] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [330280 2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3519096 2021-06-15] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1729368 2021-07-04] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\Run: [Spotify] => C:\Users\kubec\AppData\Roaming\Spotify\Spotify.exe [24155776 2021-07-09] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2647824122-2969461199-3588900344-1002\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\marke\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-2647824122-2969461199-3588900344-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\marke\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-2647824122-2969461199-3588900344-1002\...\RunOnce: [Uninstall 21.062.0328.0001\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\marke\AppData\Local\Microsoft\OneDrive\21.062.0328.0001\amd64"
HKU\S-1-5-21-2647824122-2969461199-3588900344-1002\...\RunOnce: [Uninstall 21.062.0328.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\marke\AppData\Local\Microsoft\OneDrive\21.062.0328.0001"
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3519096 2021-06-15] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HPLJ1020LM: C:\Windows\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\PDF-XChange5-ABBYY: C:\WINDOWS\system32\pxc50pma.dll [58936 2014-11-13] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe [2021-07-02] (Google LLC -> Google LLC)
Startup: C:\Users\kubec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CheVolume.lnk [2020-06-10]
ShortcutTarget: CheVolume.lnk -> C:\Users\kubec\AppData\Roaming\Microsoft\Installer\{EF2B6047-07B9-4D62-BD1E-7A8698BDE01C}\_CD23FCF4A62C8802B55F5B.exe () [File not signed]
Startup: C:\Users\kubec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2019-11-22]
ShortcutTarget: Twitch.lnk -> C:\Users\kubec\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04759541-175F-4A37-95FE-D1F2687544D9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {19EBAF6F-510C-4390-87F2-BAD1D47EE5D0} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1AED448E-8CC3-48B2-877A-A0BF097F989C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147304 2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {1C09EB0A-F261-4A02-8C96-095112689E9F} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2029640D-63C8-447A-B29F-3A31678E2709} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2BB27E4B-8BF8-4923-BD93-C97C2E50C614} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [29757392 2021-02-04] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {348F7E36-9EBF-4C6D-BCF7-8254D2D1D565} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2651216 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {3CD46FF8-6B0C-4897-B4FD-D0A4767B7839} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [267080 2021-07-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {58576D20-A8DE-4720-AF1D-1FFD097A0196} - System32\Tasks\Opera scheduled Autoupdate 1556966806 => C:\Users\kubec\AppData\Local\Programs\Opera\launcher.exe
Task: {59EBD205-F38C-47E8-8C7F-A898D21A6932} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5311432 2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {6529A986-386B-415D-B638-B3A976CB899C} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {73416CEA-BECD-4FAC-8790-DE18B6082B67} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {7E079764-19A0-4D61-A492-6DAF676B0FBE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5311432 2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {7F8AE12E-3F19-4DB2-9F17-C9A3CEA09DCC} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {85FEB762-254C-4B32-A6B1-23E66DFE3324} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23180168 2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {87B8EFCD-FDAB-48B5-8499-F1D0178ACECB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9C0C3BE7-6B0F-46F9-BA0D-B090D3D6533E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AF3BBA7A-195B-4719-86AA-30D76D3C9FA6} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2476376 2021-07-04] (Overwolf Ltd -> Overwolf LTD)
Task: {B4392E72-41B8-479A-99B0-00E3812F1DB4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-27] (Google LLC -> Google LLC)
Task: {B5D8456F-8A17-488B-88E3-74C0D0058D6E} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1628464 2021-07-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {BB4DE69A-2727-4FDE-B211-5581A6A07CF0} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [330280 2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {BE0B6865-EE56-436B-8B48-BAC9B00AB97C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23180168 2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {C022D8F9-9296-4172-B291-000481AAA4BA} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C45C110D-6004-4FB5-B817-AC8E6A5F3805} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-27] (Google LLC -> Google LLC)
Task: {CD538556-4C30-4CD3-BE31-367FB6756AF7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147304 2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {D03C3E84-9182-4AA2-ABA6-31A76C668C62} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {D71A7272-C8C7-45C6-B685-E3D2B6F19D24} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [248552 2021-07-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {E73ADCA9-A28B-42D1-98F5-66075263E7E3} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{55d45ec7-bb4e-42fc-b0d9-76c0041f5fbf}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a5f07f0a-77cf-41fd-81ce-d05bb85f37a7}: [DhcpNameServer] 192.168.42.129

Edge:
=======
DownloadDir: F:\sber
Edge Notifications: HKU\S-1-5-21-2647824122-2969461199-3588900344-1001 -> hxxps://www.ufreegames.com
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\kubec\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-14]
Edge DownloadDir: Default -> F:\sber
Edge Notifications: Default -> hxxps://www.ufreegames.com
Edge HomePage: Default -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF ProfilePath: C:\Users\kubec\AppData\Roaming\Mozilla\Firefox\Profiles\bBIdqqE1.default [2019-05-03]
FF Extension: (Avira Browser Safety) - C:\Users\kubec\AppData\Roaming\Mozilla\Firefox\Profiles\bBIdqqE1.default\Extensions\abs@avira.com [2019-05-03]
FF Extension: (Avira Password Manager) - C:\Users\kubec\AppData\Roaming\Mozilla\Firefox\Profiles\bBIdqqE1.default\Extensions\passwordmanager@avira.com [2019-05-03]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-06-24] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default [2021-07-15]
CHR DownloadDir: G:\sber
CHR Notifications: Default -> hxxps://aternos.org; hxxps://calendar.google.com; hxxps://cs.verdauung-info.com; hxxps://hoopgame.net; hxxps://kolagames.com; hxxps://mail.google.com; hxxps://meet.google.com; hxxps://www.gamesbs.com; hxxps://www.gamezhero.com; hxxps://www.gogy.com; hxxps://www.h5gamestreet.com; hxxps://www.knihcentrum.cz; hxxps://www.megaknihy.cz; hxxps://www.ufreegames.com
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Prezentace) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-03]
CHR Extension: (Titulky plus) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\abgigldmglfimgechooinbdblfmipabb [2019-05-03]
CHR Extension: (Dokumenty) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-03]
CHR Extension: (Disk Google) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-03]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-19]
CHR Extension: (Tabulky) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-03]
CHR Extension: (Avira Browser Safety) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2021-07-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-24]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-07-09]
CHR Extension: (EPUBReader) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhhclmfgfllimlhabjkgkeebkbiadflb [2020-06-23]
CHR Extension: (Google Meet Breakout Rooms by Robert Hudek) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\kogfdlbehkaeoafmgaecphlnhohpabig [2021-06-25]
CHR Extension: (Meet Plus for Google Meet) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfjgknkjfjmnjdgdhbbmmbkoddgpdoc [2021-06-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Flat for Education - Music notation editor) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\nomkpimaohgaamiipecibpchogmfhgba [2021-01-18]
CHR Extension: (Gmail) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-26]
CHR Profile: C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-03-30]
CHR Extension: (Prezentace) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-03-30]
CHR Extension: (Dokumenty) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-03-30]
CHR Extension: (Disk Google) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-30]
CHR Extension: (YouTube) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-03-30]
CHR Extension: (Avira Password Manager) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-03-30]
CHR Extension: (Tabulky) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-03-30]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-03-30]
CHR Extension: (Avira Browser Safety) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2021-03-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-30]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-03-30]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2021-03-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-30]
CHR Extension: (Gmail) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-30]
CHR Profile: C:\Users\kubec\AppData\Local\Google\Chrome\User Data\System Profile [2021-03-29]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]

Opera:
=======
OPR Profile: C:\Users\kubec\AppData\Roaming\Opera Software\Opera Stable [2020-09-21]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 ABBYY.Licensing.PDFTransformer.Classic.4.0; C:\Program Files (x86)\ABBYY PDF Transformer+\NetworkLicenseServer.exe [962256 2014-12-02] (ABBYY Production LLC -> ABBYY Production LLC)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1208432 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [537472 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484904 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484904 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [575776 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-05-08] (ASUSTeK Computer Inc. -> )
S4 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] (ASUSTeK Computer Inc. -> ) [File not signed]
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [383976 2021-05-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [264880 2021-07-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [159080 2021-04-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9056656 2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
S4 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1874272 2021-04-18] (GOG Sp. z o.o. -> GOG.com)
S4 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-04-18] (GOG Sp. z o.o. -> GOG.com)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7462200 2021-07-12] (Malwarebytes Inc -> Malwarebytes)
S4 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [974168 2021-06-24] (McAfee, LLC -> McAfee, LLC)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2519864 2020-09-28] (Electronic Arts, Inc. -> Electronic Arts)
S4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3473216 2020-09-28] (Electronic Arts, Inc. -> Electronic Arts)
S4 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2476376 2021-07-04] (Overwolf Ltd -> Overwolf LTD)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-03-22] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294520 2021-06-10] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533808 2021-01-29] (Razer USA Ltd. -> Razer Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-05-08] (ASUSTeK Computer Inc. -> )
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [209744 2021-03-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-05] (Bluestack Systems, Inc -> Bluestack System Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-04-05] (Malwarebytes Inc -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-07-12] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-07-15] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69016 2021-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-25] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156880 2021-07-15] (Malwarebytes Inc -> Malwarebytes)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2020-03-18] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [54632 2021-03-30] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_006e; C:\WINDOWS\System32\drivers\RzDev_006e.sys [56152 2021-03-22] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0306; C:\WINDOWS\System32\drivers\RzDev_0306.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
U3 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-07-15 17:06 - 2021-07-15 17:06 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-07-15 17:06 - 2021-07-15 17:06 - 000156880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-07-15 17:06 - 2021-07-15 17:06 - 000069016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-07-15 17:06 - 2021-07-15 17:06 - 000000000 ____D C:\Users\kubec\AppData\LocalLow\IGDump
2021-07-15 13:03 - 2021-07-15 17:10 - 000000000 ____D C:\FRST
2021-07-15 11:56 - 2021-07-15 11:56 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-07-14 14:21 - 2021-07-14 14:21 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-14 14:21 - 2021-07-14 14:21 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-14 14:21 - 2021-07-14 14:21 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-14 14:21 - 2021-07-14 14:21 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-14 14:20 - 2021-07-14 14:20 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-14 14:20 - 2021-07-14 14:20 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-14 08:22 - 2021-06-21 10:43 - 000037664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-07-14 08:21 - 2021-06-22 03:25 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-07-14 08:21 - 2021-06-22 03:25 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-07-14 08:21 - 2021-06-22 03:25 - 001474336 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-07-14 08:21 - 2021-06-22 03:25 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-07-14 08:21 - 2021-06-22 03:25 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-07-14 08:21 - 2021-06-22 03:25 - 001212192 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-07-14 08:21 - 2021-06-22 03:25 - 001097832 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-07-14 08:21 - 2021-06-22 03:25 - 001097832 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-07-14 08:21 - 2021-06-22 03:25 - 000951912 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-07-14 08:21 - 2021-06-22 03:25 - 000951912 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-07-14 08:21 - 2021-06-22 03:21 - 001519384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-07-14 08:21 - 2021-06-22 03:21 - 001170224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-07-14 08:21 - 2021-06-22 03:21 - 000715568 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-07-14 08:21 - 2021-06-22 03:21 - 000675088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-07-14 08:21 - 2021-06-22 03:21 - 000641328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-07-14 08:21 - 2021-06-22 03:21 - 000575792 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-07-14 08:21 - 2021-06-22 03:21 - 000563992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-07-14 08:21 - 2021-06-22 03:20 - 002111264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-07-14 08:21 - 2021-06-22 03:20 - 001594656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-07-14 08:21 - 2021-06-22 03:20 - 000917280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-07-14 08:21 - 2021-06-22 03:20 - 000748832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-07-14 08:21 - 2021-06-22 03:20 - 000704792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-07-14 08:21 - 2021-06-21 10:43 - 000082968 _____ C:\WINDOWS\system32\nvinfo.pb
2021-07-14 08:20 - 2021-06-22 03:19 - 008852760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-07-14 08:20 - 2021-06-22 03:19 - 007918872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-07-14 08:20 - 2021-06-22 03:19 - 004986648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-07-14 08:20 - 2021-06-22 03:19 - 002924304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-07-14 08:20 - 2021-06-22 03:19 - 000446744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-07-14 08:20 - 2021-06-22 03:18 - 000848672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-07-14 08:20 - 2021-06-22 03:17 - 006215312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-07-14 08:18 - 2021-05-04 09:49 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2021-07-12 19:06 - 2021-07-12 19:06 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-07-12 18:15 - 2021-07-12 18:15 - 000000000 ____D C:\WINDOWS\pss
2021-07-12 17:44 - 2021-07-12 17:44 - 000000112 ___SH C:\bootTel.dat
2021-07-08 18:46 - 2021-07-11 14:43 - 000002026 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray
2021-07-07 16:02 - 2021-07-07 16:02 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-07-07 16:02 - 2021-07-07 16:02 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-07-07 16:02 - 2021-07-07 16:02 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-07-07 16:02 - 2021-07-07 16:02 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-07-07 16:01 - 2021-07-07 16:01 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-07-07 16:01 - 2021-07-07 16:01 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-07-07 16:01 - 2021-07-07 16:01 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-07-07 16:01 - 2021-07-07 16:01 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-07-07 16:01 - 2021-07-07 16:01 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-07-07 16:01 - 2021-07-07 16:01 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-06-23 15:42 - 2021-07-11 14:43 - 000002814 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2021-06-15 08:17 - 2021-07-15 17:06 - 000000000 ____D C:\Users\kubec\AppData\Local\Spotify
2021-06-15 08:17 - 2021-06-15 08:17 - 000001836 _____ C:\Users\kubec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-07-15 17:08 - 2019-05-03 17:21 - 000000000 ____D C:\ProgramData\NVIDIA
2021-07-15 17:06 - 2020-08-09 14:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-07-15 17:06 - 2020-08-09 14:47 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-15 17:06 - 2020-05-24 12:56 - 000000000 ____D C:\Users\kubec\AppData\Roaming\Spotify
2021-07-15 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-15 17:06 - 2019-05-03 18:44 - 000000000 ____D C:\Users\Public\Speedup Sessions
2021-07-15 16:53 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-07-15 15:06 - 2020-08-09 14:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-07-15 13:06 - 2020-10-24 09:32 - 000000000 ____D C:\Users\marke
2021-07-15 12:01 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-15 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-07-15 12:00 - 2020-08-09 14:50 - 001620048 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-15 12:00 - 2019-12-07 16:41 - 000690262 _____ C:\WINDOWS\system32\perfh005.dat
2021-07-15 12:00 - 2019-12-07 16:41 - 000134838 _____ C:\WINDOWS\system32\perfc005.dat
2021-07-15 12:00 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-07-14 17:21 - 2020-08-09 14:48 - 000367232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-14 14:22 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-14 14:16 - 2019-05-03 17:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-14 14:14 - 2019-05-03 17:41 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-07-14 08:24 - 2019-05-03 17:30 - 000000000 ____D C:\Users\kubec\AppData\Local\NVIDIA
2021-07-14 08:18 - 2020-08-09 14:55 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2019-05-03 17:21 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-07-14 08:18 - 2019-05-03 17:21 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-07-14 08:18 - 2019-05-03 17:21 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-07-14 08:17 - 2020-12-13 22:23 - 000001476 _____ C:\Users\kubec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NVIDIA GeForce NOW.lnk
2021-07-14 08:17 - 2019-05-03 17:30 - 000000000 ____D C:\Users\kubec\AppData\Local\NVIDIA Corporation
2021-07-13 22:51 - 2020-08-09 14:48 - 000000000 ____D C:\Users\kubec
2021-07-13 17:59 - 2020-07-01 06:36 - 000000000 ____D C:\Users\kubec\AppData\Roaming\.minecraft
2021-07-12 19:06 - 2020-08-10 19:18 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-07-12 18:41 - 2019-05-29 12:32 - 000000000 ____D C:\Program Files (x86)\Steam
2021-07-12 18:17 - 2020-03-05 22:18 - 000000000 ____D C:\ProgramData\AVAST Software
2021-07-12 18:17 - 2019-05-03 18:38 - 000000000 ____D C:\Users\kubec\AppData\Roaming\Twitch
2021-07-12 17:52 - 2021-01-10 20:51 - 000000000 ____D C:\Users\kubec\AppData\Local\Overwolf
2021-07-11 14:43 - 2021-05-09 09:17 - 000002966 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper
2021-07-11 14:43 - 2021-01-10 20:52 - 000003244 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2021-07-11 14:43 - 2020-10-24 09:33 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2647824122-2969461199-3588900344-1002
2021-07-11 14:43 - 2020-08-09 14:55 - 000003604 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1556966806
2021-07-11 14:43 - 2020-08-09 14:55 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-11 14:43 - 2020-08-09 14:55 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-07-11 14:43 - 2020-08-09 14:55 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-07-11 14:43 - 2020-08-09 14:55 - 000003220 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2021-07-11 14:43 - 2020-08-09 14:55 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-07-11 14:43 - 2020-08-09 14:55 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2647824122-2969461199-3588900344-1001
2021-07-11 14:43 - 2020-08-09 14:55 - 000002862 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupUpdate
2021-07-11 14:43 - 2020-08-09 14:55 - 000002790 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2021-07-11 14:43 - 2020-08-09 14:55 - 000002566 _____ C:\WINDOWS\system32\Tasks\Avira_Antivirus_Systray
2021-07-11 09:58 - 2019-10-12 11:42 - 000000000 ____D C:\Users\kubec\AppData\Local\CrashDumps
2021-07-11 09:58 - 2019-05-03 17:19 - 000000000 ___RD C:\Users\kubec\OneDrive
2021-07-11 09:57 - 2020-08-09 14:48 - 000002381 _____ C:\Users\kubec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-07-11 09:55 - 2020-06-10 11:08 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-10 11:07 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-07-08 18:46 - 2020-11-26 17:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-07-08 18:46 - 2019-05-03 18:08 - 000000000 ____D C:\ProgramData\Avira
2021-07-08 18:46 - 2019-05-03 18:08 - 000000000 ____D C:\Program Files (x86)\Avira
2021-07-08 18:46 - 2019-05-03 17:29 - 000000000 ____D C:\ProgramData\Package Cache
2021-07-07 20:33 - 2019-05-06 09:53 - 000000000 ____D C:\Program Files\Microsoft Office
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-07-07 08:29 - 2021-01-10 20:52 - 000000000 ____D C:\Program Files (x86)\Overwolf
2021-07-02 07:27 - 2020-10-24 09:33 - 000000000 ___RD C:\Users\marke\OneDrive
2021-07-02 07:27 - 2020-10-24 09:32 - 000002365 _____ C:\Users\marke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-07-02 07:27 - 2020-10-24 09:32 - 000000000 ____D C:\Users\marke\AppData\Local\Packages
2021-07-02 07:06 - 2020-01-27 08:34 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-28 15:12 - 2019-11-28 15:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2021-06-27 10:36 - 2019-05-03 17:17 - 000000000 ____D C:\Users\kubec\AppData\Local\Packages
2021-06-25 18:22 - 2019-05-06 08:04 - 000000000 ____D C:\Users\kubec\AppData\Roaming\GHISLER
2021-06-25 14:36 - 2021-04-05 12:43 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-06-23 19:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-06-22 03:17 - 2020-07-17 14:51 - 007279232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-06-21 10:43 - 2020-07-17 14:51 - 000136472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-06-20 10:51 - 2021-01-24 08:42 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-15 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF

==================== Files in the root of some directories ========

2020-02-03 17:51 - 2020-03-29 18:38 - 000005120 _____ () C:\Users\kubec\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-11-11 20:03 - 2019-11-11 20:03 - 000005539 _____ () C:\Users\kubec\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-07-2021
Ran by tompson (15-07-2021 17:11:14)
Running from D:\nove
Windows 10 Home Version 2004 19041.1110 (X64) (2020-08-09 12:55:36)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2647824122-2969461199-3588900344-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2647824122-2969461199-3588900344-503 - Limited - Disabled)
Guest (S-1-5-21-2647824122-2969461199-3588900344-501 - Limited - Disabled)
marke (S-1-5-21-2647824122-2969461199-3588900344-1002 - Limited - Enabled) => C:\Users\marke
tompson (S-1-5-21-2647824122-2969461199-3588900344-1001 - Administrator - Enabled) => C:\Users\kubec
WDAGUtilityAccount (S-1-5-21-2647824122-2969461199-3588900344-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY PDF Transformer+ (HKLM\...\{FA400000-0001-6400-0000-074957833700}) (Version: 4.2.186 - ABBYY Production LLC)
Advanced Combat Tracker (remove only) (HKLM-x32\...\Advanced Combat Tracker) (Version: - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2104.2083 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.37.4.17510 - Avira Operations GmbH & Co. KG) Hidden
Avira Privacy Pal (HKLM-x32\...\{F2BC8305-DFBE-4C02-A906-9BBD8EE299A3}_is1) (Version: 2.4.0.1962 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.51.20724 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG;)
Avira Software Updater (HKLM-x32\...\{5FFF909D-D88F-42B9-9A85-328A1290611C}) (Version: 2.0.6.48309 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.10.0.11063 - Avira Operations GmbH & Co. KG) Hidden
Balíček ovladače systému Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.)
Battle Chasers Nightwar (HKLM-x32\...\1345854066_is1) (Version: v.22997 - GOG.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bloody7 (HKLM-x32\...\Bloody3) (Version: 19.09.0012 - Bloody)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.280.1.1002 - BlueStack Systems, Inc.)
Citra (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\{18cc945c-4224-43c6-816f-bfa84edfa023}) (Version: 1.0.0 - Citra Team)
CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.)
CurseForge (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.177.1.5 - Overwolf app)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Divinity: Original Sin 2 (HKLM-x32\...\1584823040_is1) (Version: 3.6.69.4648(a) - GOG.com)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Epic Battle Fantasy 5 version 1.2 (HKLM-x32\...\{6C18D3AF-52C5-4530-A64E-5359153BA9AB}_is1) (Version: 1.2 - DELiGHT 2018)
FastStone Image Viewer 7.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.5 - FastStone Soft)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.5.0.20723 - Foxit Software Inc.)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.66.5330 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.124 - Google LLC)
Cheat Engine 7.0 (HKLM\...\Cheat Engine 7.0_is1) (Version: - Cheat Engine)
CheVolume (HKLM-x32\...\{EF2B6047-07B9-4D62-BD1E-7A8698BDE01C}) (Version: 1.6.05 - WellWeWeb)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.2.0.1009 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{F4F771E2-6E23-4F27-93E1-27C22C71B7E2}) (Version: 17.2.0.1009 - Intel Corporation)
Java 8 Update 291 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Java 8 Update 291 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Malwarebytes version 4.4.2.123 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.2.123 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.67 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.14131.20278 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\OneDriveSetup.exe) (Version: 21.119.0613.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2647824122-2969461199-3588900344-1002\...\OneDriveSetup.exe) (Version: 21.109.0530.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{733C3ACB-432D-4880-B0E1-660000D7974D}) (Version: 1.0.0.0 - Mojang)
Moorhuhn 2 V1.1 (HKLM-x32\...\Moorhuhn 2 V1.1) (Version: - )
Neverwinter Nights: Enhanced Edition (HKLM-x32\...\1097893768_is1) (Version: 82.8193.20.1 - GOG.com)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA GeForce NOW 2.0.27.147 (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.27.147 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 471.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.11 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.84.43868 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.174.0.10 - Overwolf Ltd.)
Path of Building Community (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\Path of Building Community) (Version: 1.4.170.16 - Path of Building Community)
PDF Converter V2.2.2.2 (HKLM-x32\...\{70098260-60F4-468D-B598-C410B616B4DF}_is1) (Version: 2.2.2.2 - Apowersoft LIMITED)
Plants vs. Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PlayDance verze 1.0.980 (HKLM-x32\...\{EC8642E4-7CE3-4379-9114-6E34DEF98D58}_is1) (Version: 1.0.980 - VISO SPORT s.r.o.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.6.0624.061513 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.31.828.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8339 - Realtek Semiconductor Corp.)
Roblox Player for tompson (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for tompson (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\roblox-studio) (Version: - Roblox Corporation)
Spotify (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\Spotify) (Version: 1.1.63.568.gda8cb5ac - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StepMania (remove only) (HKLM-x32\...\StepMania) (Version: - )
The Incredible Adventures of Van Helsing - Final Cut (HKLM-x32\...\1448013298_is1) (Version: 1.1.0b (B) - GOG.com)
The Incredible Adventures of Van Helsing Final Cut - Textures DLC (HKLM-x32\...\1378339771_is1) (Version: 1.1.0b (B) - GOG.com)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
TQ Defiler.NET (HKLM-x32\...\{F4CB0C1E-A88F-46D7-AC9A-03B349A8D64F}) (Version: 1.3.7 - Soul's Software)
Tukui Client (HKLM-x32\...\{6F0A95E2-F08C-4E11-9BA3-287B3609AFC1}) (Version: 3.1.8 - Tukui)
Twitch (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Ulož.to FileManager 2.71 (64-bit) (HKLM\...\3f2e2cd28b0e4e4396c2402fbc85a0f0_is1) (Version: 2.71 - Uloz.to cloud a.s.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 38.2 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WanezGD_Tools 0.5.4 (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\116f95da-adc1-5db0-b937-03c8e4a18506) (Version: 0.5.4 - WareBare)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.605 - McAfee, LLC)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Zoom (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\ZoomUMX) (Version: 5.4.1 (58698.1027) - Zoom Video Communications, Inc.)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-16] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-03] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-07-02] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-07-14] (NVIDIA Corp.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-12] () [File not signed] [File is in use]
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [Transformer4ContextMenu] -> {558BA64F-C7A8-4B96-BCDD-B46E9D00756A} => C:\Program Files (x86)\ABBYY PDF Transformer+\x64\TRIntegration.x64.dll [2015-01-28] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-05] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-12] () [File not signed] [File is in use]
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\nvshext.dll [2021-06-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-05] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [Transformer4ContextMenu] -> {558BA64F-C7A8-4B96-BCDD-B46E9D00756A} => C:\Program Files (x86)\ABBYY PDF Transformer+\x64\TRIntegration.x64.dll [2015-01-28] (ABBYY Production LLC -> ABBYY Production LLC.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\kubec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StepMania\Go To StepMania web site.lnk -> hxxp://www.stepmania.com
ShortcutWithArgument: C:\Users\kubec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&aff_sub2=nLM2WZ6xTCipawzZenMRKUoCzOAnOvmwJzuY2Ccipza0eftThbgLfipJgAAAKyHD2sie&click_id=3609fb26e7c0dd494b86064a330f10766549e7c9 --app-window-size=1920,1200

==================== Loaded Modules (Whitelisted) =============

2019-02-12 15:10 - 2019-02-12 15:10 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2021-07-13 19:15 - 2021-07-13 19:15 - 000913920 _____ (ServiceStack) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ServiceStack.Text\02be6f4737cf4f4fdbbac7847e7e1efc\ServiceStack.Text.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_291\bin\ssv.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-06-24] (McAfee, LLC -> McAfee, LLC)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\ssv.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-06-24] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2015-07-10 13:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Users\kubec\AppData\Local\Microsoft\WindowsApps;C:\adb
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\kubec\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
HKU\S-1-5-21-2647824122-2969461199-3588900344-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\marke\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\B3-EU419_201908_GR_20190822110317.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: ABBYY.Licensing.PDFTransformer.Classic.4.0 => 2
MSCONFIG\Services: asComSvc => 2
MSCONFIG\Services: AsSysCtrlService => 2
MSCONFIG\Services: avast! Tools => 2
MSCONFIG\Services: FvSvc => 3
MSCONFIG\Services: GalaxyClientService => 3
MSCONFIG\Services: GalaxyCommunication => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) TPM Provisioning Service => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: McAfee WebAdvisor => 2
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: Origin Web Helper Service => 2
MSCONFIG\Services: OverwolfUpdater => 3
MSCONFIG\Services: Steam Client Service => 3
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\StartupApproved\Run: => "Overwolf"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{5D08E3EE-5002-42A6-B474-5E940F9F5D4E}C:\users\kubec\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kubec\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{EB5E2BBB-DB44-4F70-9BE5-DFD2F9DDC098}C:\users\kubec\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kubec\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4AF1D8F9-D4E2-462D-B11F-BF5DC2EE39EF}] => (Allow) D:\games\steamapps\common\Mass Effect 2\MassEffect2Launcher.exe (BioWare -> BioWare)
FirewallRules: [{3C350ADD-9121-49F3-8AF2-B07BA32BEA0B}] => (Allow) D:\games\steamapps\common\Mass Effect 2\MassEffect2Launcher.exe (BioWare -> BioWare)
FirewallRules: [{C4A9F1B4-B365-42D3-ACA8-3EE6DF4FBD59}] => (Allow) D:\games\steamapps\common\Mass Effect 2\Binaries\MassEffect2.exe (BioWare -> BioWare)
FirewallRules: [{FADC3BC4-2E96-4F0C-8607-84BAB07AB636}] => (Allow) D:\games\steamapps\common\Mass Effect 2\Binaries\MassEffect2.exe (BioWare -> BioWare)
FirewallRules: [{0469797D-3E23-481C-AEBA-B41A9026E7CB}] => (Allow) D:\games\pvz\PlantsVsZombies.exe (PopCap Games -> )
FirewallRules: [{E3713DF2-5110-4D53-B330-61FF77DAB2C2}] => (Allow) D:\games\pvz\PlantsVsZombies.exe (PopCap Games -> )
FirewallRules: [{58A60E48-27C8-4264-9F2A-EFAB0FEB7774}] => (Allow) C:\Program Files (x86)\Advanced Combat Tracker\Advanced Combat Tracker.exe (EQAditu) [File not signed]
FirewallRules: [{E250C465-2FA9-49F8-B596-4A8D6ADDAADF}] => (Allow) C:\Program Files (x86)\Advanced Combat Tracker\Advanced Combat Tracker.exe (EQAditu) [File not signed]
FirewallRules: [{C4922408-C790-438C-BE49-568662FB993D}] => (Allow) C:\Program Files (x86)\Advanced Combat Tracker\Advanced Combat Tracker.exe (EQAditu) [File not signed]
FirewallRules: [{1CFE089C-32BB-4FDE-B177-345D9354135F}] => (Allow) C:\Program Files (x86)\Advanced Combat Tracker\Advanced Combat Tracker.exe (EQAditu) [File not signed]
FirewallRules: [UDP Query User{27F31026-C33B-41B7-BE23-048FA6DB8ACE}D:\games\divinity - original sin 2\divinity - original sin 2\classic\eocapp.exe] => (Allow) D:\games\divinity - original sin 2\divinity - original sin 2\classic\eocapp.exe (Larian Studios -> )
FirewallRules: [TCP Query User{16EB6A13-5F92-40D6-A5AB-3F9FD6CF2920}D:\games\divinity - original sin 2\divinity - original sin 2\classic\eocapp.exe] => (Allow) D:\games\divinity - original sin 2\divinity - original sin 2\classic\eocapp.exe (Larian Studios -> )
FirewallRules: [{30324906-B306-4CD7-8D05-1D726043116B}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft PDF Converter\Apowersoft PDF Converter.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{C6BAC5FF-B315-49F2-A88A-7BB77E47983A}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft PDF Converter\Apowersoft PDF Converter.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{3E538BBA-4787-49A0-8412-6059DEE3AEA0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4EC8ACBE-B186-44FF-A5ED-FBE55FC7E3AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{CD47FD1F-F344-4078-B288-92BBC8C3751A}D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{206E021E-CDDA-4FB6-950E-BCFF04365090}D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{C640C16F-E851-408D-8BBD-178F89B58748}D:\games\diablo iii\x64\diablo iii64.exe] => (Allow) D:\games\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{F7BF3426-BF31-4393-9D58-7617F9423DF3}D:\games\diablo iii\x64\diablo iii64.exe] => (Allow) D:\games\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{F5DA3498-EF43-4A8E-AA26-3E59D01F3ED0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BFAA7608-B2FD-4B27-A59D-B3210C38A17F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{12BC2AF7-73A3-4FC9-9C34-1B5303A3C679}D:\games\battle chasers nightwar\bc.exe] => (Block) D:\games\battle chasers nightwar\bc.exe () [File not signed]
FirewallRules: [UDP Query User{5B8B6133-BCDB-4134-9E39-72C1F78F9226}D:\games\battle chasers nightwar\bc.exe] => (Block) D:\games\battle chasers nightwar\bc.exe () [File not signed]
FirewallRules: [{CABE9F6F-7AAC-47E3-BF66-98A9DCA33593}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{EBB3EB19-D96A-4D63-B6E2-46A5C269A766}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{04EE950B-0531-489D-A804-31BE55CA0E18}F:\sber\nove\programy\files\bin\kmss.exe] => (Allow) F:\sber\nove\programy\files\bin\kmss.exe => No File
FirewallRules: [UDP Query User{B1A74471-4642-498B-915F-63E941FF286C}F:\sber\nove\programy\files\bin\kmss.exe] => (Allow) F:\sber\nove\programy\files\bin\kmss.exe => No File
FirewallRules: [TCP Query User{125A0FE1-3028-47EE-BE41-B84938E5A93D}C:\program files\citra emulator\nightly-mingw\citra-qt.exe] => (Allow) C:\program files\citra emulator\nightly-mingw\citra-qt.exe () [File not signed]
FirewallRules: [UDP Query User{63A58723-42D8-4013-85EF-55D72A6D9696}C:\program files\citra emulator\nightly-mingw\citra-qt.exe] => (Allow) C:\program files\citra emulator\nightly-mingw\citra-qt.exe () [File not signed]
FirewallRules: [{A57DCFCB-FE0A-4F2E-81AC-7016B7D2B040}] => (Allow) D:\games\Dragon Age Inquisition\DragonAgeInquisition.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{8DE71E50-1000-4F00-B0C8-E638E61EA5C4}] => (Allow) D:\games\Dragon Age Inquisition\DragonAgeInquisition.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [TCP Query User{9E00C742-5011-42E0-B980-69EFFE0CF7FC}D:\games\van helsing\the incredible adventures of van helsing - final cut\vanhelsing_x64_win10.exe] => (Block) D:\games\van helsing\the incredible adventures of van helsing - final cut\vanhelsing_x64_win10.exe (NeoCore Games) [File not signed]
FirewallRules: [UDP Query User{8C625256-822C-48A9-BE28-1947711D84DF}D:\games\van helsing\the incredible adventures of van helsing - final cut\vanhelsing_x64_win10.exe] => (Block) D:\games\van helsing\the incredible adventures of van helsing - final cut\vanhelsing_x64_win10.exe (NeoCore Games) [File not signed]
FirewallRules: [{B690A6FD-C344-4A5C-AABA-7055CF633869}] => (Allow) D:\games\steamapps\common\Titan Quest Anniversary Edition\TQ.exe () [File not signed]
FirewallRules: [{6FD3D4AC-3898-4C82-B764-6467EA906E14}] => (Allow) D:\games\steamapps\common\Titan Quest Anniversary Edition\TQ.exe () [File not signed]
FirewallRules: [{D9201623-0BC1-4A39-9162-496D5F2BB8C9}] => (Allow) D:\games\steamapps\common\Titan Quest Anniversary Edition\WorkshopTool\TQWorkshopTool.exe (Nordic Games) [File not signed]
FirewallRules: [{121C246A-237A-4730-92E0-DD10308A2FD0}] => (Allow) D:\games\steamapps\common\Titan Quest Anniversary Edition\WorkshopTool\TQWorkshopTool.exe (Nordic Games) [File not signed]
FirewallRules: [{D2DA7910-F781-4171-BD11-3B94CC4C6DC9}] => (Allow) D:\games\steamapps\common\Grim Dawn\Grim Dawn.exe (Crate Entertainment, LLC) [File not signed]
FirewallRules: [{AEEA6BDB-4C80-43F6-8AA0-99658F26E30F}] => (Allow) D:\games\steamapps\common\Grim Dawn\Grim Dawn.exe (Crate Entertainment, LLC) [File not signed]
FirewallRules: [{148117B1-4655-46FA-9FAE-08C6C3E7C1B7}] => (Allow) C:\Users\kubec\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{F52ED7F7-40BD-4B15-89EA-70D9F937A24B}D:\games\divinity - original sin 2\divinity - original sin 2\defed\bin\eocapp.exe] => (Allow) D:\games\divinity - original sin 2\divinity - original sin 2\defed\bin\eocapp.exe () [File not signed]
FirewallRules: [UDP Query User{3DCB1B60-E1C9-445A-94FE-92FC4868DCCB}D:\games\divinity - original sin 2\divinity - original sin 2\defed\bin\eocapp.exe] => (Allow) D:\games\divinity - original sin 2\divinity - original sin 2\defed\bin\eocapp.exe () [File not signed]
FirewallRules: [{AD89F761-613B-4F22-8C1B-88D506C82884}] => (Allow) D:\games\steamapps\common\Kingdoms of Amalur Re-Reckoning\koa.exe () [File not signed]
FirewallRules: [{9A9BA4AA-6FE3-46B0-97F4-070F86531F92}] => (Allow) D:\games\steamapps\common\Kingdoms of Amalur Re-Reckoning\koa.exe () [File not signed]
FirewallRules: [{F6BD02E1-603B-4CBD-9A2F-668B49C1E7A5}] => (Allow) D:\games\steamapps\common\Dishonored RHCP\Binaries\Win32\Dishonored.exe (Bethesda Softworks -> ZeniMax Media Inc.)
FirewallRules: [{8C26BC4A-69C5-48BE-8245-5B196B2A6C4D}] => (Allow) D:\games\steamapps\common\Dishonored RHCP\Binaries\Win32\Dishonored.exe (Bethesda Softworks -> ZeniMax Media Inc.)
FirewallRules: [{86CC1389-E05A-4AAE-9317-B4E94682F27A}] => (Allow) D:\games\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{E8E4B291-3663-4A2C-AE31-D6F92889BD33}] => (Allow) D:\games\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{4115E062-B48E-485B-9DE4-7698B174B1C2}] => (Allow) D:\games\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Take-Two Interactive Software, Inc. -> Gearbox Software) [File not signed]
FirewallRules: [{DCD440D9-4035-431F-85DD-E2541A4A4ADB}] => (Allow) D:\games\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Take-Two Interactive Software, Inc. -> Gearbox Software) [File not signed]
FirewallRules: [{89D1FA3D-CF55-4431-A2DC-4EBF58FA954A}] => (Allow) D:\games\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [{A327F79E-7858-4D1F-8F0E-5CAB19D04315}] => (Allow) D:\games\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [{F27520A0-14E5-4CE0-A8E6-719DF9EAF730}] => (Allow) D:\games\steamapps\common\FINAL FANTASY XIV Online\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{86334CC4-A902-4C27-B992-4E00C876E31B}] => (Allow) D:\games\steamapps\common\FINAL FANTASY XIV Online\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{8D2109E4-472A-44AA-881B-9B80D562E403}] => (Allow) D:\games\steamapps\common\Monster Train\MonsterTrain.exe () [File not signed]
FirewallRules: [{21F09EFE-A5F3-456F-8451-59CA49C2FCB6}] => (Allow) D:\games\steamapps\common\Monster Train\MonsterTrain.exe () [File not signed]
FirewallRules: [{18836B7A-A00D-4BDF-80F7-7F59D237FEBA}] => (Allow) D:\games\steamapps\common\Metro 2033\metro2033.exe (THQ, Inc. -> 4A Games)
FirewallRules: [{33C8E280-D1FA-436D-BA75-B134B70C9FC2}] => (Allow) D:\games\steamapps\common\Metro 2033\metro2033.exe (THQ, Inc. -> 4A Games)
FirewallRules: [TCP Query User{4B795619-294D-4DEF-8680-42B927BB18CA}C:\users\kubec\appdata\local\vysor\app-3.1.4\vysor.exe] => (Allow) C:\users\kubec\appdata\local\vysor\app-3.1.4\vysor.exe (Vysor Inc.) [File not signed]
FirewallRules: [UDP Query User{E5779B1D-6124-4222-82BD-276015C2F70F}C:\users\kubec\appdata\local\vysor\app-3.1.4\vysor.exe] => (Allow) C:\users\kubec\appdata\local\vysor\app-3.1.4\vysor.exe (Vysor Inc.) [File not signed]
FirewallRules: [{C7211A0A-8F5E-41D0-BA17-897115D46C2A}] => (Allow) D:\games\steamapps\common\Grim Dawn\x64\Grim Dawn.exe (Crate Entertainment, LLC) [File not signed]
FirewallRules: [{2BCEA1FC-2D44-4F5F-A7BF-05459555D43F}] => (Allow) D:\games\steamapps\common\Grim Dawn\x64\Grim Dawn.exe (Crate Entertainment, LLC) [File not signed]
FirewallRules: [{48664137-17ED-4062-84CF-6DB9F382E9A2}] => (Allow) D:\games\steamapps\common\Bit Heroes\Bit Heroes.exe () [File not signed]
FirewallRules: [{DD00D445-F6F7-4751-90B3-9F03A2779C6C}] => (Allow) D:\games\steamapps\common\Bit Heroes\Bit Heroes.exe () [File not signed]
FirewallRules: [{B86EBDA8-1A42-427C-B2B4-1D9EBF7D610D}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [TCP Query User{539E967B-F31C-458F-9DAD-D621992CABF2}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{516B5FF2-27F5-4847-86FC-BBAF75C99B91}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{032DC7D4-0FE3-42AB-B99D-46DB74D702AB}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{166FE3F4-9C5B-4F87-ACA1-57D30B48785D}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{95F8CEBE-05C2-45BD-900B-15F530EEFB8E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{436D4BF6-0EC1-4BE2-BE58-9B9CABF1DB77}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DCF6DDDF-785F-4EF5-9C92-014698E4C526}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B71A4080-9EC4-4784-A151-784070174188}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{647518C2-56FF-4393-9942-67E2A0C2E994}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{603CB4FF-551B-48D1-AACA-83980243BF04}] => (Allow) C:\Program Files (x86)\Overwolf\0.174.0.10\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{C90F95C3-5FC2-4F6D-8A4E-D0CC4696DD07}] => (Allow) C:\Program Files (x86)\Overwolf\0.174.0.10\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{377258F7-FB9C-4C72-9EEF-B74291D325BC}] => (Block) C:\Program Files (x86)\Overwolf\0.174.0.10\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{FA5A998A-B2D9-46C4-9E72-3DA00C3D572C}] => (Block) C:\Program Files (x86)\Overwolf\0.174.0.10\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{D9331DFD-EF19-4543-AE85-A4269FB333D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BED68357-DE7D-4CB5-BE45-CD90BE2A3D2E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5BBE44A5-93C7-431D-95F5-A3825DC1681C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BF4165DE-8320-49C5-BFE9-C4AC139A34B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8FE7016B-3C5F-4634-87C3-AF3B0CAFA1BC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D47E0CCD-2F19-4F05-8EA0-A57D9C8629F5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{435BB392-1E41-4360-9090-A9F5F9F0F2C7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BD8CCB68-63DA-4E9B-A84E-2665F14B83E9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{09D2A113-FCD2-4082-B71C-CF0F1F6A47F5}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{47B4EE07-AFB9-482C-B6B0-6536E71A973A}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{E9D89E81-A0B5-432E-98AD-3DA2250F0389}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

==================== Restore Points =========================

06-07-2021 21:16:23 Naplánovaný kontrolní bod
12-07-2021 21:38:17 Instalační služba modulů systému Windows
14-07-2021 14:16:18 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (07/15/2021 05:07:06 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Nelze přečíst hodnotu First Counter v klíči usbperf\Performance. Kódy stavu byly vráceny v rámci dat.

Error: (07/15/2021 05:07:04 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Nelze přečíst hodnotu First Counter v klíči usbperf\Performance. Kódy stavu byly vráceny v rámci dat.

Error: (07/15/2021 05:06:53 PM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Nelze načíst informace registru o čítači výkonu pro WSearchIdxPi pro instanci z důvodu následující chyby: Operace byla dokončena úspěšně. 0x0.

Error: (07/15/2021 05:06:53 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Sledování výkonu objektu indexovacího modulu nebylo inicializováno, protože nejsou načteny čítače nebo nebyl otevřen sdílený objekt paměti. Tato skutečnost má vliv pouze na dostupnost čítačů výkonu. Restartujte počítač.

Kontext: aplikace , katalog SystemIndex

Error: (07/15/2021 05:06:52 PM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Sledování výkonu služby indexovacího modulu nebylo inicializováno, protože nejsou načteny čítače nebo nebyl otevřen sdílený objekt paměti. Tato skutečnost má vliv pouze na dostupnost čítačů výkonu. Restartujte počítač.

Error: (07/15/2021 04:52:15 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Nelze přečíst hodnotu First Counter v klíči usbperf\Performance. Kódy stavu byly vráceny v rámci dat.

Error: (07/15/2021 11:53:36 AM) (Source: usbperf) (EventID: 2001) (User: )
Description: Nelze přečíst hodnotu First Counter v klíči usbperf\Performance. Kódy stavu byly vráceny v rámci dat.

Error: (07/15/2021 11:53:31 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).


System errors:
=============
Error: (07/15/2021 04:51:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (07/15/2021 04:51:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Razer Synapse Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Spustit nakonfigurovaný program pro obnovení.

Error: (07/15/2021 04:51:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Razer Central Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/15/2021 04:51:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avira Updater Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (07/15/2021 04:51:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Avira Optimizer Host byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/15/2021 04:51:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (07/15/2021 04:51:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Razer Game Manager byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/15/2021 04:51:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avira Security byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.


CodeIntegrity:
===============
Date: 2021-07-12 18:11:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-07-12 17:49:45
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1402 04/03/2019
Motherboard: ASUSTeK COMPUTER INC. PRIME B360-PLUS
Processor: Intel(R) Core(TM) i5-9400F CPU @ 2.90GHz
Percentage of memory in use: 35%
Total physical RAM: 16306.59 MB
Available physical RAM: 10484.2 MB
Total Virtual: 18738.59 MB
Available Virtual: 11509.19 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.21 GB) (Free:106.96 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:465.76 GB) (Free:24.86 GB) NTFS

\\?\Volume{0a03630f-0343-4858-8334-9ca09d672284}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{ec3e820e-d363-4565-9829-e5be1dad7923}\ () (Fixed) (Total:0.81 GB) (Free:0.37 GB) NTFS
\\?\Volume{2f124f43-86f5-4a86-8ba5-36a7bb481e08}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 1CF38A4F)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 65894539)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zdlouhavé načítání PC

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {B4392E72-41B8-479A-99B0-00E3812F1DB4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-27] (Google LLC -> Google LLC)
Task: {C45C110D-6004-4FB5-B817-AC8E6A5F3805} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-27] (Google LLC -> Google LLC)
U3 aswbdisk; no ImagePath
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\kubec\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
FirewallRules: [TCP Query User{04EE950B-0531-489D-A804-31BE55CA0E18}F:\sber\nove\programy\files\bin\kmss.exe] => (Allow) F:\sber\nove\programy\files\bin\kmss.exe => No File
FirewallRules: [UDP Query User{B1A74471-4642-498B-915F-63E941FF286C}F:\sber\nove\programy\files\bin\kmss.exe] => (Allow) F:\sber\nove\programy\files\bin\kmss.exe => No File

EmptyTemp:
End
Uložte do D:\nove jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

tomX
Návštěvník
Návštěvník
Příspěvky: 50
Registrován: 23 říj 2006 17:02

Re: Zdlouhavé načítání PC

#7 Příspěvek od tomX »

Zde přikládám log z FIXu:


Fix result of Farbar Recovery Scan Tool (x64) Version: 14-07-2021
Ran by tompson (15-07-2021 19:08:23) Run:1
Running from D:\nove
Loaded Profiles: tompson & marke
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {B4392E72-41B8-479A-99B0-00E3812F1DB4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-27] (Google LLC -> Google LLC)
Task: {C45C110D-6004-4FB5-B817-AC8E6A5F3805} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-27] (Google LLC -> Google LLC)
U3 aswbdisk; no ImagePath
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\kubec\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
FirewallRules: [TCP Query User{04EE950B-0531-489D-A804-31BE55CA0E18}F:\sber\nove\programy\files\bin\kmss.exe] => (Allow) F:\sber\nove\programy\files\bin\kmss.exe => No File
FirewallRules: [UDP Query User{B1A74471-4642-498B-915F-63E941FF286C}F:\sber\nove\programy\files\bin\kmss.exe] => (Allow) F:\sber\nove\programy\files\bin\kmss.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B4392E72-41B8-479A-99B0-00E3812F1DB4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4392E72-41B8-479A-99B0-00E3812F1DB4}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C45C110D-6004-4FB5-B817-AC8E6A5F3805}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C45C110D-6004-4FB5-B817-AC8E6A5F3805}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => removed successfully
aswbdisk => service removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\kubec\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{04EE950B-0531-489D-A804-31BE55CA0E18}F:\sber\nove\programy\files\bin\kmss.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B1A74471-4642-498B-915F-63E941FF286C}F:\sber\nove\programy\files\bin\kmss.exe" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14918876 B
Java, Flash, Steam htmlcache => 294267445 B
Windows/system/drivers => 15840123 B
Edge => 12637091 B
Chrome => 2022353964 B
Firefox => 0 B
Opera => 13405068 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 343870 B
NetworkService => 343870 B
kubec => 30072936 B
marke => 149765497 B

RecycleBin => 106048268 B
EmptyTemp: => 2.5 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 15-07-2021 19:15:03)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 19:15:03 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zdlouhavé načítání PC

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

tomX
Návštěvník
Návštěvník
Příspěvky: 50
Registrován: 23 říj 2006 17:02

Re: Zdlouhavé načítání PC

#9 Příspěvek od tomX »

Děkuji prozatím za rady, vypínám PC a později dám vědět...

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zdlouhavé načítání PC

#10 Příspěvek od Rudy »

OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

tomX
Návštěvník
Návštěvník
Příspěvky: 50
Registrován: 23 říj 2006 17:02

Re: Zdlouhavé načítání PC

#11 Příspěvek od tomX »

Bohužel problém přetrvává. Dnes ráno při zapnutí PC zas stejný problém pět minut jsem koukal na problikávající diodu, pak jsem resetoval a už to načetlo windowsy během 5 sekund. Nejde mi do hlavy proč to dělá jen když windowsy zapínám po delší nečinnosti (v řádech hodin). Protože když se potom načtou, mohu je restartovat, vypínat jak chci a problém žádný nenastane...

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zdlouhavé načítání PC

#12 Příspěvek od Rudy »

Jek velký máte adresář windows\>uživatel<\plocha?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

tomX
Návštěvník
Návštěvník
Příspěvky: 50
Registrován: 23 říj 2006 17:02

Re: Zdlouhavé načítání PC

#13 Příspěvek od tomX »

27,3 MB

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zdlouhavé načítání PC

#14 Příspěvek od Rudy »

To je OK. Do příkazového řádku napište:
msconfig
a odentrujte.

V otevřeném okně na záložkách "Po spuštění" a "Služby" odstraňte zatržítko u všech ne-mocrosoftích položek (s vyjímkou ovladačů a antiviru). Nastavení uložte a restartujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

tomX
Návštěvník
Návštěvník
Příspěvky: 50
Registrován: 23 říj 2006 17:02

Re: Zdlouhavé načítání PC

#15 Příspěvek od tomX »

To jsem už provedl jako první věc (ještě před napsáním na toto forum), zapnuté mám jen vše od MSoftu, razer - myš, AVir, MWbytes a realtek HD - zvuk

Zamčeno