Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

prosím o kontrolu logu, pomalý pc

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Happygirl.
Návštěvník
Návštěvník
Příspěvky: 60
Registrován: 01 srp 2006 11:54

prosím o kontrolu logu, pomalý pc

#1 Příspěvek od Happygirl. »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-05-2021
Ran by happy (administrator) on DESKTOP-VN3NLC3 (Dell Inc. Inspiron 7559) (28-05-2021 14:31:38)
Running from C:\Users\happy\Downloads
Loaded Profiles: happy
Platform: Windows 10 Home Version 2004 19041.985 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell) C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
(Discord Inc. -> Discord Inc.) C:\Users\happy\AppData\Local\Discord\app-0.0.307\Discord.exe <3>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki132538.inf_amd64_a34b1de6c28c3534\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki132538.inf_amd64_a34b1de6c28c3534\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki132538.inf_amd64_a34b1de6c28c3534\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki132538.inf_amd64_a34b1de6c28c3534\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\happy\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Rivet Networks LLC -> CloudBees, Inc.) C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RNDBWM.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9278152 2018-11-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322120 2016-04-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [Registry Crawler] => C:\Program Files (x86)\RCrawler\rcrawler.exe [454656 2003-02-10] (4Developers LLC) [File not signed]
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Run: [Gaijin.Net Agent] => C:\Users\happy\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2128968 2018-06-14] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33770112 2021-05-20] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Run: [Discord] => C:\Users\happy\AppData\Local\Discord\app-0.0.307\Discord.exe [91023672 2020-08-04] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3412696 2021-02-13] (Valve -> Valve Corporation)
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2142544 2021-05-13] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Run: [EpicGamesLauncher] => C:\Lucka a Vojta\Hry\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32350096 2020-07-01] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14916448 2021-05-13] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\MountPoints2: {d15213aa-908e-11eb-9ff3-20474779c9e7} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\MountPoints2: {e69e809a-8b5c-11e8-9f89-ac2b6e046621} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [809472 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-13] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2016-11-12]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Startup: C:\Users\happy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MediaProSoft Free MP3 Cutter Update.lnk [2020-01-26]
ShortcutTarget: MediaProSoft Free MP3 Cutter Update.lnk -> C:\Program Files (x86)\MediaProSoft Free MP3 Cutter\MediaProSoft Free MP3 Cutter Update.exe () [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C98BAF9-989C-4E0D-89EF-8E0DEFA31102} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {105C7031-96EB-45A5-8F78-345D6BEC0A0D} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1698000 2015-06-05] (Intel(R) Software -> Intel Corporation)
Task: {13ED99FB-29D8-4273-91AF-0B8A698E920E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653864 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {17452703-A9F8-4E35-BD3D-E0572AAF18AE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-04-22] (Piriform Software Ltd -> Piriform)
Task: {17767234-39B8-4E82-AE39-B517646164D2} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2208E281-AC5B-4EDB-8877-1F8D8D2D79FD} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114032 2021-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {34926837-3D74-4A36-88AA-A9C6428FB20C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114032 2021-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {35D56363-D1B3-4E42-A2C0-104691DE7B57} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {3A7F6C54-DE50-4FA5-A6DD-2FBA1D3BC639} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4272A81E-5642-49BB-80B9-AF0FDCDDA14F} - System32\Tasks\GoogleUpdateTaskMachineUA1d57d445a3fc117 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-09] (Google Inc -> Google LLC)
Task: {479A3317-93DA-44E4-AE8B-5936030E3317} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [696304 2021-05-08] (Mozilla Corporation -> Mozilla Foundation)
Task: {4B6F06A2-CF92-4F75-857E-9F4723C42E9E} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {4BD5A9CF-F695-4F53-8880-6830A59C1D9D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4E99D361-55EE-476C-B19B-41B100F8137A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {5786F9CC-BE9B-420E-9AFC-8457029C37DF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {58568838-A68B-4754-B5C1-6889E72CA314} - System32\Tasks\{F86B0FE1-88B0-498B-AE28-5D6B11938544} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\LucasArts\Star Wars Empire at War Forces of Corruption\EAWXLauncher.exe" -d "C:\Program Files (x86)\LucasArts\Star Wars Empire at War Forces of Corruption"
Task: {5F6C40D3-AEE6-4A74-B2CE-36E1C027C7BA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28158080 2021-05-20] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {63D9E64F-4E06-448E-A7CD-5BCC302A1D4D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {64BDB339-4211-442F-AAAF-EA40A1928102} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {67730D5E-4E4A-4AA3-859A-4CCD67BBBC71} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
Task: {688FA1A2-37AE-4D6B-96F8-9310861814E7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {805F7E0A-7498-4A03-BCD4-773600F17BA8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {843518C5-1741-40FF-B9AF-F90129826387} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-23] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {88563C28-5429-4166-B035-882C8629DC8E} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {B4165B2F-311D-4928-A504-9185C8FFDEF8} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-23] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {B42B5836-1C16-44DB-B064-DA31F0848E4E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C3392D09-A7FE-4F90-B93D-289B17239D7B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {D158911F-1D56-44BF-823A-D11FC0DAC24B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E20652D7-60C9-4273-B4FA-E08DE061942D} - System32\Tasks\GoogleUpdateTaskMachineCore1d57d445a31b005 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-09] (Google Inc -> Google LLC)
Task: {E6B79FA3-BB39-495A-BF56-326E4D31490B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3310688 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EC4534B4-7E15-44A6-B06F-ACF2EA6B968F} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EC74BD92-21C8-4679-AD52-B450A2ECA4AA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F30A3D78-8464-4ADC-99BB-66106088A42F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f40245d1-e6c2-44c7-b78b-0d94a75330c3}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fe213b89-97a3-46d9-93f8-974e5d0c1b3c}: [DhcpNameServer] 192.168.1.1 52.102.23.208

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\happy\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-28]

FireFox:
========
FF DefaultProfile: 5siqylig.default
FF ProfilePath: C:\Users\happy\AppData\Roaming\Mozilla\Firefox\Profiles\5siqylig.default [2021-05-28]
FF user.js: detected! => C:\Users\happy\AppData\Roaming\Mozilla\Firefox\Profiles\5siqylig.default\user.js [2019-10-24]
FF Homepage: Mozilla\Firefox\Profiles\5siqylig.default -> www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\5siqylig.default -> hxxps://www.emimino.cz; hxxps://www.freefilm.to
FF NewTabOverride: Mozilla\Firefox\Profiles\5siqylig.default -> Disabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF NewTabOverride: Mozilla\Firefox\Profiles\5siqylig.default -> Enabled: wikipedia@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\5siqylig.default -> Enabled: google@search.mozilla.org
FF Extension: (Seznam doplněk - Esko) - C:\Users\happy\AppData\Roaming\Mozilla\Firefox\Profiles\5siqylig.default\Extensions\sko-extension@firma.seznam.cz.xpi [2020-04-28]
FF Extension: (Seznam doplněk - Email) - C:\Users\happy\AppData\Roaming\Mozilla\Firefox\Profiles\5siqylig.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2020-06-02]
FF Extension: (No Name) - C:\Users\happy\AppData\Roaming\Mozilla\Firefox\Profiles\5siqylig.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3194984547-3803563659-1041652947-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\happy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-10-26] (Unity Technologies SF -> Unity Technologies ApS)

Chrome:
=======
CHR Profile: C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default [2021-05-28]
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://cz.pinterest.com; hxxps://firstclass.cz; hxxps://www.dobre-knihy.cz; hxxps://www.eva.cz; hxxps://www.exasoft.cz; hxxps://www.facebook.com; hxxps://www.feedo.cz; hxxps://www.kupi.cz; hxxps://www.megaknihy.cz; hxxps://www.reddit.com; hxxps://www.viry.cz
CHR Extension: (Prezentace) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-09]
CHR Extension: (Dokumenty) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-09]
CHR Extension: (Disk Google) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (YouTube) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-09]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-19]
CHR Extension: (Adobe Acrobat) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-11]
CHR Extension: (Tabulky) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-27]
CHR Extension: (Chrome Media Router) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-22]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5745672 2018-04-25] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8798600 2021-04-28] (Microsoft Corporation -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38600 2021-05-10] (Dell Inc -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [779392 2018-05-22] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1874272 2021-05-13] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-05-13] (GOG Sp. z o.o. -> GOG.com)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-23] (Intel(R) Software Asset Manager -> Intel Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-06] (Dell Inc -> Dell)
R2 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64184 2018-12-04] (Rivet Networks LLC -> CloudBees, Inc.)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2114248 2018-12-04] (Rivet Networks LLC -> Rivet Networks)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13109264 2020-06-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24968 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2016-10-27] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)
R3 MpKsl62283098; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B4A53BE6-7B38-42B8-ADD4-118DA179FC59}\MpKslDrv.sys [47336 2021-05-28] (Microsoft Windows -> Microsoft Corporation)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [120008 2018-12-04] (Rivet Networks LLC -> Rivet Networks, LLC.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-05-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-14] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-28 14:29 - 2021-05-28 14:29 - 002299904 _____ (Farbar) C:\Users\happy\Downloads\FRST64 (1).exe
2021-05-28 14:17 - 2021-05-28 14:17 - 000000068 __RSH C:\WINDOWS\system32\Drivers\WpdUpFltr.winsecurity
2021-05-28 14:15 - 2021-05-28 14:15 - 000000068 __RSH C:\WINDOWS\system32\Drivers\WppRecorder.winsecurity
2021-05-28 11:40 - 2021-05-28 11:40 - 000024968 _____ (Dell) C:\WINDOWS\system32\Drivers\DBUtilDrv2.sys
2021-05-28 11:39 - 2021-05-28 11:39 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-05-27 20:46 - 2021-05-27 21:03 - 1566179328 _____ C:\Users\happy\Downloads\Pro par dolaru na vic.avi
2021-05-27 20:43 - 2021-05-27 20:51 - 1520955392 _____ C:\Users\happy\Downloads\Rychlejší než smrt - 1995 - western, dobrodružný, akční.avi
2021-05-26 18:28 - 2021-05-26 21:18 - 368641681 _____ C:\Users\happy\Downloads\Pomstitel - The Punisher BRrip FullHD CZ-EN 1989 PHDTeam.mkv
2021-05-26 18:26 - 2021-05-26 18:49 - 2905510491 _____ C:\Users\happy\Downloads\Hartova válka.mkv
2021-05-26 18:24 - 2021-05-26 18:26 - 000000000 ____D C:\Users\happy\Downloads\Helloween - Skyfall (2021)[FLAC]
2021-05-26 00:35 - 2021-05-26 11:54 - 000000000 ____D C:\Users\happy\Downloads\The.Unholy.2021.1080p.AMZN.WEBRip.DDP5.1.x264-CM
2021-05-25 21:14 - 2021-05-25 21:15 - 000000000 ____D C:\Users\happy\Downloads\Odkaz-mrtveho-kata-SE
2021-05-24 11:52 - 2021-05-24 11:52 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3194984547-3803563659-1041652947-1001
2021-05-24 11:52 - 2021-05-24 11:52 - 000002367 _____ C:\Users\happy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-23 13:11 - 2021-05-23 13:11 - 000002561 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-05-23 13:11 - 2021-05-23 13:11 - 000002555 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-05-23 13:11 - 2021-05-23 13:11 - 000002532 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-05-23 13:11 - 2021-05-23 13:11 - 000002527 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-05-23 13:11 - 2021-05-23 13:11 - 000002488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-05-23 13:11 - 2021-05-23 13:11 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-05-23 13:11 - 2021-05-23 13:11 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-05-23 13:11 - 2021-05-23 13:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2021-05-21 18:32 - 2021-05-21 22:15 - 4036675189 _____ C:\Users\happy\Downloads\Sociálni.dilema-The.Social.Dilemma.2020.1080p.WEB-DL.H264.DDP5.1.CZ.TITULKY-FCKR.mkv
2021-05-19 18:52 - 2021-05-19 18:52 - 000000000 ____D C:\WINDOWS\{EA4B87AA-8175-432D-971B-FC98C34C9AA2}
2021-05-15 12:50 - 2021-05-15 13:35 - 829592668 _____ C:\Users\happy\Downloads\Čas vlků - drama (2003) slov.titulky.avi
2021-05-13 20:19 - 2021-05-13 20:19 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-05-13 04:33 - 2021-05-13 04:33 - 000001434 _____ C:\Users\Public\Desktop\Gwent.lnk
2021-05-13 04:11 - 2021-05-28 11:39 - 000000004 ____H C:\ProgramData\cm-lock
2021-05-12 06:27 - 2021-05-12 06:27 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-12 06:27 - 2021-05-12 06:27 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-12 06:27 - 2021-05-12 06:27 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-12 06:27 - 2021-05-12 06:27 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-12 06:27 - 2021-05-12 06:27 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-12 06:27 - 2021-05-12 06:27 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-12 06:26 - 2021-05-12 06:26 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-12 06:26 - 2021-05-12 06:26 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-12 06:26 - 2021-05-12 06:26 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-12 06:26 - 2021-05-12 06:26 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-12 06:26 - 2021-05-12 06:26 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-12 06:25 - 2021-05-12 06:25 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-11 00:36 - 2021-05-11 00:37 - 000000000 ____D C:\Users\happy\Downloads\Warcraft.2016.BDRip.XviD.AC3.CZ.H96
2021-05-08 23:15 - 2021-05-08 23:30 - 4196000978 _____ C:\Users\happy\Downloads\Vikingové ∕ The 13th Warrior (1999)(CZ∕EN)[1080p].mkv
2021-05-08 12:40 - 2021-05-08 12:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-05-07 15:52 - 2021-05-07 15:54 - 000000000 ____D C:\Users\happy\Downloads\Kouzla a nebezpeci skandinavske zimy

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-28 14:33 - 2020-01-16 09:35 - 000027273 _____ C:\Users\happy\Downloads\FRST.txt
2021-05-28 14:32 - 2020-01-16 09:34 - 000000000 ____D C:\FRST
2021-05-28 14:20 - 2020-06-25 02:37 - 000004212 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{C1844AD1-73FA-4795-BF6E-7E2C7A7A5AED}
2021-05-28 14:20 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-28 14:18 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-28 14:17 - 2017-10-09 11:58 - 000000000 ____D C:\ProgramData\NVIDIA
2021-05-28 14:15 - 2018-04-20 20:08 - 000000000 ____D C:\Program Files\CCleaner
2021-05-28 14:14 - 2020-06-25 02:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-28 11:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-28 11:44 - 2019-09-16 14:39 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2021-05-28 11:43 - 2020-06-25 02:21 - 001693350 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-28 11:43 - 2019-12-07 16:41 - 000719496 _____ C:\WINDOWS\system32\perfh005.dat
2021-05-28 11:43 - 2019-12-07 16:41 - 000145622 _____ C:\WINDOWS\system32\perfc005.dat
2021-05-28 11:43 - 2016-05-07 16:16 - 000000000 ____D C:\ProgramData\Package Cache
2021-05-28 11:38 - 2019-09-15 10:45 - 000000000 ____D C:\Program Files (x86)\Steam
2021-05-28 11:36 - 2020-06-25 02:10 - 000000000 ____D C:\Users\happy
2021-05-28 11:36 - 2019-06-21 10:19 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-05-28 11:36 - 2016-11-08 18:24 - 000000000 __SHD C:\Users\happy\IntelGraphicsProfiles
2021-05-28 11:35 - 2020-06-25 02:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-28 11:35 - 2020-06-25 02:04 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-28 11:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-05-27 21:33 - 2016-11-08 18:47 - 000000000 ____D C:\Users\happy\AppData\Roaming\uTorrent
2021-05-27 20:49 - 2019-02-05 20:44 - 000000000 ____D C:\ProgramData\Mozilla
2021-05-27 20:49 - 2016-11-18 11:30 - 000000000 ____D C:\Users\happy\AppData\LocalLow\Mozilla
2021-05-27 09:05 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-25 23:18 - 2016-11-08 18:43 - 000000000 ____D C:\Users\happy\AppData\Local\Battle.net
2021-05-24 11:52 - 2016-11-08 18:27 - 000000000 ___RD C:\Users\happy\OneDrive
2021-05-23 13:11 - 2016-05-07 16:36 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-05-23 12:09 - 2020-06-04 23:50 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-23 12:09 - 2020-06-04 23:50 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-05-15 21:56 - 2019-07-10 13:12 - 000000000 ____D C:\Users\happy\AppData\Roaming\DominiGames
2021-05-14 21:28 - 2018-02-14 23:07 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-05-14 13:03 - 2016-11-08 18:43 - 000000000 ____D C:\Program Files (x86)\Battle.net
2021-05-13 04:33 - 2019-09-16 14:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gwent [GOG.com]
2021-05-13 04:19 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-13 04:08 - 2020-06-25 02:04 - 000445000 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-13 04:08 - 2018-07-07 08:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-05-13 04:08 - 2016-11-08 18:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-05-13 04:07 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-05-13 04:05 - 2019-12-07 16:42 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-13 04:05 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-13 04:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-13 04:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-13 04:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-13 04:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-13 04:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-13 04:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-13 04:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-13 04:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-13 04:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-13 04:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-13 04:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-13 04:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-13 04:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-13 04:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-13 04:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-13 04:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-13 00:46 - 2019-06-09 08:55 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-13 00:46 - 2019-06-09 08:55 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-05-12 06:33 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-12 05:53 - 2016-11-09 22:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-12 05:50 - 2016-11-09 22:04 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-08 12:39 - 2016-11-08 18:38 - 000001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2021
Ran by happy (28-05-2021 14:35:19)
Running from C:\Users\happy\Downloads
Windows 10 Home Version 2004 19041.985 (X64) (2020-06-25 00:38:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3194984547-3803563659-1041652947-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3194984547-3803563659-1041652947-503 - Limited - Disabled)
Guest (S-1-5-21-3194984547-3803563659-1041652947-501 - Limited - Disabled)
happy (S-1-5-21-3194984547-3803563659-1041652947-1001 - Administrator - Enabled) => C:\Users\happy
WDAGUtilityAccount (S-1-5-21-3194984547-3803563659-1041652947-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{5a64c890-83f9-4399-b0c9-5e9a80890fdd}) (Version: 21.40.1 - Intel Corporation)
Banished (HKLM-x32\...\1207660783_is1) (Version: 2.5.0.9 - GOG.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
Bulk Image Downloader v5.76.0.0 (HKLM-x32\...\Bulk Image Downloader_is1) (Version: 5.76 - Antibody Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.80 - Piriform)
Command and ConquerTM Generals Zero Hour (HKLM-x32\...\InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts)
Company of Heroes 2 Master Collection (HKLM-x32\...\Company of Heroes 2 Master Collection_is1) (Version: - )
Dell Digital Delivery (HKLM-x32\...\{4B38FF9D-7308-411D-93BF-CCF259B476ED}) (Version: 3.5.2013.0 - Dell Products, LP)
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{1dbe752f-b00e-4567-9276-141812b20d28}) (Version: 4.0.1.5857 - Dell Inc.)
Dell Update (HKLM-x32\...\{944FB5B0-9588-45FD-ABE8-73FC879801ED}) (Version: 4.2.0 - Dell Inc.)
Destiny 2 (HKLM-x32\...\Destiny 2) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Emperor: Battle For Dune (HKLM-x32\...\Emperor) (Version: - )
Epic Games Launcher (HKLM-x32\...\{DCE27B29-200D-491A-BBC5-98ECEFEC0843}) (Version: 1.1.257.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
Gwent (HKLM-x32\...\1971477531_is1) (Version: 8.5 - GOG.com)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
inst (HKLM-x32\...\{92FADD51-71F3-4B70-BD12-823CA7B124FC}) (Version: 1.0.0.0 - Creative Software Solutions GmbH)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.10900.330 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1914.12.0.1255 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.6859 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.9.1053 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) WiDi (HKLM\...\{5DD8D7E4-87F1-4134-AD28-4228FB1A03BA}) (Version: 6.0.44.0 - Intel Corporation)
Intel(R) WiDi Software Asset Manager (HKLM-x32\...\{86905E62-645F-482E-A417-82C812ABD787}) (Version: 1.1.383 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00001010-0210-1029-84C8-B8D95FA3C8C3}) (Version: 21.10.1.1 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
KMPlayer (HKLM\...\The KMPlayer) (Version: 4.2.2.36 - PandoraTV)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.51 - PandoraTV)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden
MediaProSoft Free MP3 Cutter 8.8.2.4 (HKLM-x32\...\MediaProSoft Free MP3 Cutter_is1) (Version: - MediaProSoft Co., Ltd.)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.13929.20386 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.66 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 90.0.818.66 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\OneDriveSetup.exe) (Version: 21.083.0425.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation)
Mozilla Firefox 88.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 88.0.1 (x64 cs)) (Version: 88.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 88.0.1.7794 - Mozilla)
NVIDIA GeForce Experience 3.20.0.118 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.118 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 441.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.08 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Quake Ultimate Complete Collection (HKLM-x32\...\{2B2FBD25-F0E0-412B-8DA8-ECCA2DA53673}_is1) (Version: 1.0 - RAF)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21289 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8578 - Realtek Semiconductor Corp.)
Registrace produktu (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Název společnosti:) Hidden
Registrace produktu Dell (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Název společnosti:)
Registry Crawler (HKLM-x32\...\Registry Crawler) (Version: - )
SketchUp 2017 (HKLM\...\{E59BD84C-169B-4F3F-AC5D-85127CF67051}) (Version: 17.2.2555 - Trimble, Inc.)
SpeechRedist (HKLM-x32\...\{8795CBED-55E2-4693-9F14-84EC446935BE}) (Version: 1.0.0 - Epic Games Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.7.6 - TeamViewer)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1495134320_is1) (Version: 2.0.0.51 - GOG.com)
Unity Web Player (HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\UnityWebPlayer) (Version: 5.3.7f1 - Unity Technologies ApS)
Unreal Tournament 2004 (HKLM-x32\...\UT2004) (Version: - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - Intel Corporation Inc.)
Wargaming.net Game Center (HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Wargaming.net Game Center) (Version: 21.2.2.4998 - Wargaming.net)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
XPort 360 (HKLM-x32\...\XPort 360_is1) (Version: - )

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.193.200.0_x86__kgqvnymyfvs32 [2021-05-16] (king.com)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.4.8.0_x64__htrsf667h5kn2 [2020-02-07] (Dell Inc)
Doc Viewer -> C:\Program Files\WindowsApps\BallardAppCraftery.DocViewer_1.2.8.0_x64__epyrqhfctk40t [2020-03-10] (Ballard App Craftery)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5170.0_x64__8wekyb3d8bbwe [2021-05-25] (Microsoft Studios) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki132538.inf_amd64_a34b1de6c28c3534\igfxDTCM.dll [2019-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-10-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [9216 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2018-12-04 13:10 - 2018-12-04 13:10 - 000100864 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData:gs5sys [2304]
AlternateDataStreams: C:\Windows:CM_36faabd924501fcd2f743302621d89eb425ec11f74fef19a5e0fe69c3f0b5201 [74]
AlternateDataStreams: C:\Windows:CM_e0501b65315a77c6cde279a3a8d62a1a6c48bf2c2e353a3654218165115f1673 [74]
AlternateDataStreams: C:\Users\All Users:gs5sys [2304]
AlternateDataStreams: C:\Users\happy:gs5sys [2816]
AlternateDataStreams: C:\ProgramData\Data aplikací:gs5sys [2304]
AlternateDataStreams: C:\Users\happy\Data aplikací:gs5sys [2816]
AlternateDataStreams: C:\Users\happy\Local Settings:gs5sys [2816]
AlternateDataStreams: C:\Users\happy\Soubory cookie:gs5sys [2816]
AlternateDataStreams: C:\Users\happy\Šablony:gs5sys [2816]
AlternateDataStreams: C:\Users\happy\Desktop\desktop.ini:gs5sys [2816]
AlternateDataStreams: C:\Users\happy\AppData\Local:gs5sys [2816]
AlternateDataStreams: C:\Users\happy\AppData\Roaming:gs5sys [2816]
AlternateDataStreams: C:\Users\happy\AppData\Local\Data aplikací:gs5sys [2816]
AlternateDataStreams: C:\Users\happy\AppData\Local\History:gs5sys [2816]
AlternateDataStreams: C:\Users\happy\Documents\desktop.ini:gs5sys [2816]
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys [2816]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=37180
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {5AD4EAF7-ADB4-4990-9C8B-B6E656861392} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {6A5F57E3-6833-4AA9-A2A1-1B3865842FD6} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_37180
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {6DDEEB81-301A-40EF-8F81-42E42F7FDF6D} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {872204F4-C541-4B21-8C99-EFED63809935} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_37180
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {A9656854-D882-4EC4-9DB3-4373B88CCAB1} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_37180
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {B27136B1-056E-4D10-B2F5-2C429E99970A} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {c2b8e594-d284-ef0b-2c66-48a9c98914bc} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y1w29&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {DA5854A3-F446-4A92-BB10-FAEEB3DB9264} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_37180
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {EC40C161-62E7-47AB-95EB-446CB09EE24C} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {EFCBF75C-6505-4D99-8ED4-DE4618BEABD8} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_37180
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-04] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2015-10-30 09:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\happy\Downloads\the-mandalorian-season-2-tv-series-2020-3840x2160-2765.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\StartupApproved\Run: => "EpicGamesLauncher"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{C8FDACDF-74F0-4136-A84E-D3706A1E7AB9}C:\program files\epic games\borderlands2\binaries\win32\borderlands2.exe] => (Allow) C:\program files\epic games\borderlands2\binaries\win32\borderlands2.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [TCP Query User{F142519B-D134-498A-B866-440EECF053E1}C:\program files\epic games\borderlands2\binaries\win32\borderlands2.exe] => (Allow) C:\program files\epic games\borderlands2\binaries\win32\borderlands2.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [UDP Query User{3F1C7E5B-C3DD-479E-B2BB-4441D50BCBD5}C:\program files\epic games\borderlandsthepresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files\epic games\borderlandsthepresequel\binaries\win32\borderlandspresequel.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [TCP Query User{722709EF-84B5-4958-A6DF-B9BFFD49265C}C:\program files\epic games\borderlandsthepresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files\epic games\borderlandsthepresequel\binaries\win32\borderlandspresequel.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [UDP Query User{F7E8FAE2-F4E9-4A36-9283-A0B29C15B52F}C:\lucka a vojta\hry\heroes of the storm\versions\base79515\heroesofthestorm_x64.exe] => (Allow) C:\lucka a vojta\hry\heroes of the storm\versions\base79515\heroesofthestorm_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [TCP Query User{5C044088-4841-42F3-BD35-61533BCA4C87}C:\lucka a vojta\hry\heroes of the storm\versions\base79515\heroesofthestorm_x64.exe] => (Allow) C:\lucka a vojta\hry\heroes of the storm\versions\base79515\heroesofthestorm_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{1C784951-DC4C-415B-A9E8-26A023DC29A0}C:\program files (x86)\company of heroes 2 master collection\reliccoh2.exe] => (Allow) C:\program files (x86)\company of heroes 2 master collection\reliccoh2.exe (Relic Entertainment, Inc. -> Relic Entertainment Inc.)
FirewallRules: [TCP Query User{472BA1D0-3796-4201-94D8-02BB7A555E4D}C:\program files (x86)\company of heroes 2 master collection\reliccoh2.exe] => (Allow) C:\program files (x86)\company of heroes 2 master collection\reliccoh2.exe (Relic Entertainment, Inc. -> Relic Entertainment Inc.)
FirewallRules: [UDP Query User{F4824C44-8742-4CE8-A2B2-81893609790D}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{D2295E94-DAC9-4529-A8A5-B1FF51FC43DA}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{41147FCD-04D3-4116-A096-7FEA9E2A0A8F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{3BEEDBC6-208A-448D-9AD1-A9557C5BF5D5}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{8EEFFC11-7C43-4CED-ACFF-F26FD73BD941}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{19E5DCD7-E595-4DA9-B9EF-B0AB94131114}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [UDP Query User{510FF57B-DA67-4469-883B-796340D6C8B3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{2FECB2A2-DE10-452B-8702-3E7778E96413}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{A3F3AEF4-ED41-42BF-8B0C-0EF0BF898510}C:\users\happy\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\happy\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{1E28B447-3A8F-4ECA-8D54-9D1CCABCFE11}C:\users\happy\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\happy\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{828BBD9D-FC9E-4A28-A6FD-BB8348C56DF6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E9883A66-64C2-4716-901D-2418D0D596D1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{02BB1F35-3F03-4EB7-9510-B341B7AF4B73}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{51289B7D-59D1-418A-82A8-EE068BC5694F}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [TCP Query User{3273B63C-247E-48FD-AE02-0E78AD88014C}C:\lucka a vojta\hry\hearthstone\hearthstone.exe] => (Allow) C:\lucka a vojta\hry\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{B4AB33A3-1C33-42E5-8FE1-305855820036}C:\lucka a vojta\hry\hearthstone\hearthstone.exe] => (Allow) C:\lucka a vojta\hry\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{8B53A1E4-0A1E-4888-92CB-10197111D025}C:\users\happy\desktop\nová složka\half-life 1.6\half-life 1.6\hl.exe] => (Allow) C:\users\happy\desktop\nová složka\half-life 1.6\half-life 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{B1E0CA67-2FDC-4F5F-A8BA-DC2136ACF90C}C:\users\happy\desktop\nová složka\half-life 1.6\half-life 1.6\hl.exe] => (Allow) C:\users\happy\desktop\nová složka\half-life 1.6\half-life 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{3D304C28-3B20-419D-AC00-EEF104EB9B28}C:\users\happy\desktop\nová složka\warcraft iii\war3.exe] => (Allow) C:\users\happy\desktop\nová složka\warcraft iii\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [UDP Query User{3C0BC6BF-6D25-4638-B111-582DB6F549C2}C:\users\happy\desktop\nová složka\warcraft iii\war3.exe] => (Allow) C:\users\happy\desktop\nová složka\warcraft iii\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [TCP Query User{D49D5889-CD2B-4F99-9347-1F09C288C91C}C:\users\happy\desktop\nová složka\call of duty 2\cod2mp_s.exe] => (Allow) C:\users\happy\desktop\nová složka\call of duty 2\cod2mp_s.exe () [File not signed]
FirewallRules: [UDP Query User{C79DC3F4-830D-48C3-A4E9-5EC83296D101}C:\users\happy\desktop\nová složka\call of duty 2\cod2mp_s.exe] => (Allow) C:\users\happy\desktop\nová složka\call of duty 2\cod2mp_s.exe () [File not signed]
FirewallRules: [TCP Query User{07BE5AAD-FBF4-4F77-AB2C-100544563E90}C:\users\happy\desktop\nová složka\flatout-2---ondra\flatout 2 - ondra\flatout ii\flatout2.exe] => (Allow) C:\users\happy\desktop\nová složka\flatout-2---ondra\flatout 2 - ondra\flatout ii\flatout2.exe () [File not signed]
FirewallRules: [UDP Query User{C997B72A-68FE-47E7-A1FB-7FF3887D1E96}C:\users\happy\desktop\nová složka\flatout-2---ondra\flatout 2 - ondra\flatout ii\flatout2.exe] => (Allow) C:\users\happy\desktop\nová složka\flatout-2---ondra\flatout 2 - ondra\flatout ii\flatout2.exe () [File not signed]
FirewallRules: [TCP Query User{F65B63BC-C058-460E-A280-4A38CB6DC81E}C:\ut2004\system\ut2004.exe] => (Allow) C:\ut2004\system\ut2004.exe () [File not signed]
FirewallRules: [UDP Query User{43F9D559-F6F0-4A22-B879-F492A3CECAC7}C:\ut2004\system\ut2004.exe] => (Allow) C:\ut2004\system\ut2004.exe () [File not signed]
FirewallRules: [TCP Query User{C5DD5283-F781-4AE8-A4C9-0DA78272C235}C:\lucka a vojta\hry\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\lucka a vojta\hry\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{A36C4D9C-4DDC-4C6B-BF4B-1D43ECC1D201}C:\lucka a vojta\hry\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\lucka a vojta\hry\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{41703056-1397-40F9-9A57-BEA35816FA79}C:\lucka a vojta\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\lucka a vojta\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{807E300A-5E1E-4D3A-A2F1-A73FE10CB57E}C:\lucka a vojta\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\lucka a vojta\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{61C8C291-7432-4E75-A679-22A9DA6E5528}C:\lucka a vojta\hry\quake ultimate complete collection\quake iii complete\quake3.exe] => (Allow) C:\lucka a vojta\hry\quake ultimate complete collection\quake iii complete\quake3.exe () [File not signed]
FirewallRules: [UDP Query User{15F15818-DAA0-4DD5-87E7-E46683AB77AB}C:\lucka a vojta\hry\quake ultimate complete collection\quake iii complete\quake3.exe] => (Allow) C:\lucka a vojta\hry\quake ultimate complete collection\quake iii complete\quake3.exe () [File not signed]
FirewallRules: [{D3302B2A-3BEF-4D96-BBFB-5EE01144ED2C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{70036E8F-72BA-4837-A2CD-BDDA99899E97}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{2DF164F9-B261-452B-852C-4DFEF92D7073}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9651EAC3-C986-46D5-93BB-15F02F4B17D3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0EF66B6F-7A14-461D-8F55-7368DB367E49}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{697999D5-F47F-4B37-BD1B-5F1417787C43}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BB502703-C2DA-439A-9231-2F737578F33E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{48FEDFF2-17EB-4DD3-AEFB-CB4566459111}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{E25AD6C8-C429-4571-9A9E-B75BD34EC2CA}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{7691238E-3212-47B0-86DE-97BCA8693D57}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{AAAAB79A-FD8D-4E8A-883C-FCE0D302D86D}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{32FD88A1-E969-4E98-9CDA-7CCC97CF3B82}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{B52E34CD-AB68-4645-8745-F32D26D7CC58}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{AB373121-36D0-4D11-84A6-36279BCF56E4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5B4BE09F-89C4-41A1-96F2-D50AAF33C9AE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{25153682-9668-4C94-B272-2EA85BBFDB2A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4EB3A9B7-705C-45E8-B30F-642D1A8E23BE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5FE7D6F0-805D-4152-83D5-BF0AC304F47C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7D059A24-47D6-4322-8D0A-1869FDBD0184}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AF1AE512-F7B2-4ECF-AEB1-02A5F3A590B6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1013C1D0-2344-4BA7-912F-DF5F9BED85C3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C1828ECE-2198-43A2-A879-323CD029D6E9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{77E7E37D-B9FC-48BB-AFD5-CD260F6E7911}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

28-05-2021 11:42:24 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/28/2021 11:43:58 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (05/28/2021 11:42:24 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (05/28/2021 11:36:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ZeroConfigService.exe, verze: 21.40.1.0, časové razítko: 0x5d5acacb
Název chybujícího modulu: RPCRT4.dll, verze: 10.0.19041.928, časové razítko: 0x4c237b59
Kód výjimky: 0xc0020043
Posun chyby: 0x00000000000a93c4
ID chybujícího procesu: 0xb9c
Čas spuštění chybující aplikace: 0x01d753a4d7bad103
Cesta k chybující aplikaci: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\RPCRT4.dll
ID zprávy: b90e9aff-50b0-4fc1-ae74-95e8b7650aa9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/28/2021 11:18:22 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.10900.330) TYPE: ERROR MODULE: DPTF TIME 1321865892 ms

DPTF Build Version: 8.2.10900.330
DPTF Build Date: May 16 2016 11:32:37
Source File: ..\..\..\Sources\Manager\WIPolicyActiveRelationshipTableChanged.cpp @ line 52
Executing Function: WIPolicyActiveRelationshipTableChanged::execute
Message: Unhandled exception caught during execution of work item
Framework Event: PolicyActiveRelationshipTableChanged [44]
Policy: Active Policy [0]
Exception Function: Policy::executePolicyActiveRelationshipTableChanged
Exception Text:

DPTF Build Version: 8.2.10900.330
DPTF Build Date: May 16 2016 11:32:37
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
Executing Function: EsifServices::primitiveExecuteGet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: GET_ACTIVE_RELATIONSHIP_TABLE [89]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]

Error: (05/28/2021 11:17:43 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.10900.330) TYPE: ERROR MODULE: DPTF TIME 1321827057 ms

DPTF Build Version: 8.2.10900.330
DPTF Build Date: May 16 2016 11:32:37
Source File: ..\..\..\Sources\Manager\WIPolicyActiveRelationshipTableChanged.cpp @ line 52
Executing Function: WIPolicyActiveRelationshipTableChanged::execute
Message: Unhandled exception caught during execution of work item
Framework Event: PolicyActiveRelationshipTableChanged [44]
Policy: Active Policy [0]
Exception Function: Policy::executePolicyActiveRelationshipTableChanged
Exception Text:

DPTF Build Version: 8.2.10900.330
DPTF Build Date: May 16 2016 11:32:37
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
Executing Function: EsifServices::primitiveExecuteGet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: GET_ACTIVE_RELATIONSHIP_TABLE [89]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]

Error: (05/27/2021 09:33:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.19041.746, časové razítko: 0x1baae673
Kód výjimky: 0xc000041d
Posun chyby: 0x00005d67
ID chybujícího procesu: 0x3a68
Čas spuštění chybující aplikace: 0x01d753282d5c9d73
Cesta k chybující aplikaci: C:\Users\happy\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: c244328a-1976-4bc6-acd0-c04e9b4c0b4b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/27/2021 12:39:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.19041.746, časové razítko: 0x1baae673
Kód výjimky: 0xc000041d
Posun chyby: 0x00005d67
ID chybujícího procesu: 0x2ef8
Čas spuštění chybující aplikace: 0x01d752e253df5f8f
Cesta k chybující aplikaci: C:\Users\happy\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 4b36ae52-8953-4776-8ac4-f13ea306bfbd
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/27/2021 11:41:18 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.10900.330) TYPE: ERROR MODULE: DPTF TIME 1236841547 ms

DPTF Build Version: 8.2.10900.330
DPTF Build Date: May 16 2016 11:32:37
Source File: ..\..\..\Sources\Manager\WIPolicyActiveRelationshipTableChanged.cpp @ line 52
Executing Function: WIPolicyActiveRelationshipTableChanged::execute
Message: Unhandled exception caught during execution of work item
Framework Event: PolicyActiveRelationshipTableChanged [44]
Policy: Active Policy [0]
Exception Function: Policy::executePolicyActiveRelationshipTableChanged
Exception Text:

DPTF Build Version: 8.2.10900.330
DPTF Build Date: May 16 2016 11:32:37
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
Executing Function: EsifServices::primitiveExecuteGet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: GET_ACTIVE_RELATIONSHIP_TABLE [89]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]


System errors:
=============
Error: (05/28/2021 11:36:26 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Zero Configuration Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/28/2021 11:35:33 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (11:18:22, ‎28.‎05.‎2021) bylo neočekávané.

Error: (05/28/2021 01:27:00 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (05/25/2021 09:19:56 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (05/23/2021 12:02:13 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070050): Aktualizace bezpečnostních informací pro produkt Microsoft Defender Antivirus - KB2267602 (verze 1.339.1255.0).

Error: (05/21/2021 03:13:22 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (05/20/2021 09:00:37 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (05/20/2021 01:09:04 PM) (Source: Netwtw04) (EventID: 5005) (User: )
Description: Intel(R) Dual Band Wireless-AC 3165 : Byla zjištěna vnitřní chyba a došlo k selhání.
5005 - Driver internal error


Windows Defender:
================
Date: 2021-05-28 14:28:12
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Program:Win32/Wacapew.C!ml
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\happy\Downloads\FRST.exe; webfile:_C:\Users\happy\Downloads\FRST.exe|https://download.bleepingcomputer.com/d ... 4894352676
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: DESKTOP-VN3NLC3\happy
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.339.1559.0, AS: 1.339.1559.0, NIS: 1.339.1559.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6

Date: 2021-05-28 00:30:19
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1ADA3C53-4A77-42E3-9430-0D00A23844DA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-05-26 22:58:54
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {37309352-A40F-4D61-BE4E-7E3B7162FD60}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-05-26 01:28:38
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {2C77DD5C-CD2B-4DC1-829D-AB4021B5BB8D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-05-25 23:28:38
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5B4AC3FD-BE43-4DB1-8848-1D0A2FC62D92}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-05-23 12:02:13
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.339.1178.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80070050
Popis chyby: Soubor existuje.

Date: 2021-05-06 18:01:14
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.337.684.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18100.5
Kód chyby: 0x80070643
Popis chyby: Při instalaci došlo k závažné chybě.

Date: 2021-05-06 18:01:11
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.339.73.0
Předchozí verze bezpečnostních informací: 1.337.684.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18100.6
Předchozí verze modulu: 1.1.18100.5
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-05-06 18:01:11
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.339.73.0
Předchozí verze bezpečnostních informací: 1.337.684.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18100.6
Předchozí verze modulu: 1.1.18100.5
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-05-06 18:01:11
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18100.6
Předchozí verze modulu: 1.1.18100.5
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

CodeIntegrity:
===============
Date: 2020-07-08 16:32:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\rlls64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. 1.2.9 09/03/2018
Motherboard: Dell Inc. 0H0CC0
Processor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 55%
Total physical RAM: 8051.59 MB
Available physical RAM: 3561.86 MB
Total Virtual: 11891.59 MB
Available Virtual: 6969.06 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:918.84 GB) (Free:23.64 GB) NTFS

\\?\Volume{e24dff12-f291-4d3c-9d2c-391c050a83e9}\ () (Fixed) (Total:0.84 GB) (Free:0.41 GB) NTFS
\\?\Volume{0a582a44-53a5-416e-bcb2-e14c86d6142c}\ (Image) (Fixed) (Total:11.22 GB) (Free:0.66 GB) NTFS
\\?\Volume{ef412d29-5c2a-4a99-b5f8-660915e87131}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.45 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1FB38DFA)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: prosím o kontrolu logu, pomalý pc

#2 Příspěvek od JaRon »

Ahoj
vycisti PC s MBAM
vycisti registre s CCleanerom
skontroluj velkost adresara desktop
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Odpovědět