Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zpomalené PC - Děkuji za pomoc

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
ave007
2. Stupeň Varování
Příspěvky: 219
Registrován: 17 srp 2012 12:28

Zpomalené PC - Děkuji za pomoc

#1 Příspěvek od ave007 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-01-2021
Ran by PC (administrator) on DESKTOP-3N07L5T (08-01-2021 09:07:09)
Running from D:\Users\akhav\Downloads
Loaded Profiles: PC
Platform: Windows 10 Home Version 1909 18363.1256 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Elaborate Bytes AG -> Elaborate Bytes AG) D:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <27>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(SatoshiLabs, s.r.o. -> ) C:\Program Files (x86)\TREZOR Bridge\trezord.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TEFINCOM S.A. -> ) D:\Program Files (x86)\NordVPN\nordvpn-service.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [175504 2020-11-02] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [97703592 2020-02-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [${_APP_NAME}] => D:\Program Files (x86)\WellWeWeb\CheVolume\CheVolume.exe
HKLM-x32\...\Run: [VirtualCloneDrive] => D:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [105280 2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32762440 2021-01-07] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\Run: [NordVPN] => D:\Program Files (x86)\NordVPN\NordVPN.exe [1844688 2020-05-28] (TEFINCOM S.A. -> NordVPN)
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3411232 2020-12-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\MountPoints2: {0bf88ee0-12c9-11eb-878b-6045cb7226b1} - "E:\setup.exe"
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\MountPoints2: {cd80bf90-1831-11eb-878c-6045cb7226b1} - "E:\setup.exe"
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-08] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CheVolume.lnk [2020-05-02]
ShortcutTarget: CheVolume.lnk -> D:\Program Files (x86)\WellWeWeb\CheVolume\CheVolume.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2020-12-18]
ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs, s.r.o. -> )

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06FFBEB6-4DA5-4F39-8F0B-AAB139E905DB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {20DBED21-5151-4335-B73D-6E1E821680B3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3EA66AC4-9D96-43DC-97F5-788DF6511AE1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {49A25387-5DAC-4927-AC0E-D5D68AAC24EB} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4D3D13E8-81F8-4F07-8BFD-3206DC7D4564} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {4F65E85A-DF52-42CE-BF80-0032F1A2CCE8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-02] (Google LLC -> Google LLC)
Task: {5484845F-D67B-45DE-B013-B04FCACAC304} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5C58382E-E9C8-4458-B7ED-000E3798642A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {615F0DB0-D123-46E1-B889-283DF4C212C5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {624D03F5-6285-491F-A14A-2A82FFB522B0} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {71F4B82E-7A79-41FC-B97D-EC8624FE1D81} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {807E8A7E-041A-45D2-A694-481FBC938881} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A20C42BE-424E-4A51-9705-CE9B6EF2F6AF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A323B995-E4EC-49D8-A1A0-438557D90EB3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {BC3ACC02-D5A0-4715-BE3D-911E40B63F9A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-30] (Adobe Inc. -> Adobe)
Task: {C0150820-0A64-42D2-BFD6-099868C9CFE9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-02] (Google LLC -> Google LLC)
Task: {CD4FAC08-D429-4EC7-950A-034FDBB90A5F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {CF85638D-3A8C-4401-A5F9-53A629A54AFF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D7F25BDC-65CF-449A-800A-15F263C5E640} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {DAF29880-C928-4D8C-B0AA-BE88F8068071} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {F3123CDC-9C8A-4A54-849A-4C141D73842C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F8D29B52-4B9F-49DA-B16F-444E97E63BB5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1532312 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4e133736-f63e-4bf6-b314-b6da0d61e04a}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{d5d71ac8-32bd-4498-9b9c-3912d527cda1}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{d5d71ac8-32bd-4498-9b9c-3912d527cda1}: [DhcpNameServer] 10.0.0.138

Edge:
======
Edge Profile: C:\Users\akhav\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-31]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default [2021-01-08]
CHR Extension: (Překladač Google) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-04-02]
CHR Extension: (Prezentace) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-02]
CHR Extension: (Dokumenty) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-02]
CHR Extension: (Disk Google) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2020-10-15]
CHR Extension: (YouTube) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-02]
CHR Extension: (Zeus - Degiro Portfolio Manager) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckgeffpapoiemciaenjgbelealaekgic [2020-12-16]
CHR Extension: (Tabulky) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-19]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-12-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-02]
CHR Extension: (Gmail) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-10]
CHR Profile: C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-01-02]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-05-20] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-11-02] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-11-02] (ESET, spol. s r.o. -> ESET)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
R2 nordvpn-service; D:\Program Files (x86)\NordVPN\nordvpn-service.exe [244176 2020-05-28] (TEFINCOM S.A. -> )
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2519864 2020-09-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3473216 2020-09-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12757520 2020-12-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 TwitchService; C:\Program Files\Common Files\Twitch\TwitchService.exe [334208 2020-07-11] (Twitch Interactive, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\NisSrv.exe [2169568 2020-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MsMpEng.exe [128376 2020-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AKSUP; C:\WINDOWS\system32\drivers\aksup.sys [44712 2017-08-03] (Aladdin Knowledge Systems Inc. -> Aladdin Knowledge Systems, Ltd.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [160992 2020-10-26] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109360 2020-10-26] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-09-16] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [190464 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43720 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70048 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107784 2020-10-26] (ESET, spol. s r.o. -> ESET)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2020-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2020-04-24] (TEFINCOM S.A. -> WireGuard LLC)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R3 VClone; C:\WINDOWS\System32\drivers\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [78216 2020-08-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [430320 2020-08-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [98520 2020-08-05] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-08 09:06 - 2021-01-08 09:07 - 000000000 ____D C:\FRST
2021-01-07 23:29 - 2021-01-07 23:29 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-01-07 23:28 - 2021-01-04 15:28 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-07 23:28 - 2021-01-04 15:28 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-07 23:28 - 2021-01-04 15:28 - 001454488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-01-07 23:28 - 2021-01-04 15:28 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-07 23:28 - 2021-01-04 15:28 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-07 23:28 - 2021-01-04 15:28 - 001193880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-01-07 23:28 - 2021-01-04 15:28 - 001094880 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-07 23:28 - 2021-01-04 15:28 - 001094880 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-07 23:28 - 2021-01-04 15:28 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-07 23:28 - 2021-01-04 15:28 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 002104216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 001589144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 001512856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 001165720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 000813976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 000680856 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 000673688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 000559000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 000548248 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-01-07 23:28 - 2021-01-04 15:25 - 008262552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-01-07 23:28 - 2021-01-04 15:25 - 007393176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-01-07 23:28 - 2021-01-04 15:25 - 004612504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-01-07 23:28 - 2021-01-04 15:25 - 002731928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-01-07 23:28 - 2021-01-04 15:25 - 001733016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6446109.dll
2021-01-07 23:28 - 2021-01-04 15:25 - 001492376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6446109.dll
2021-01-07 23:28 - 2021-01-04 15:23 - 006071032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-01-07 23:28 - 2020-12-31 15:03 - 000038640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2021-01-03 11:22 - 2021-01-03 11:22 - 000000000 ____D C:\Users\akhav\AppData\Roaming\Macromedia
2020-12-30 20:02 - 2020-12-30 20:02 - 000004608 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-12-30 20:01 - 2020-12-30 20:02 - 000000000 ____D C:\Users\akhav\AppData\Local\Adobe
2020-12-18 16:31 - 2021-01-07 17:55 - 000000000 ____D C:\Users\akhav\AppData\Roaming\TREZOR Bridge
2020-12-18 16:31 - 2020-12-18 16:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TREZOR Bridge
2020-12-18 16:31 - 2020-12-18 16:31 - 000000000 ____D C:\Program Files (x86)\TREZOR Bridge
2020-12-15 17:57 - 2020-12-15 17:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaTrader
2020-12-15 17:57 - 2020-12-15 17:57 - 000000000 ____D C:\Program Files\MetaTrader
2020-12-15 17:50 - 2020-12-15 17:57 - 000000000 ____D C:\Users\akhav\AppData\Roaming\MetaQuotes
2020-12-10 10:29 - 2020-12-10 10:29 - 002045952 _____ C:\WINDOWS\system32\rdpnano.dll
2020-12-10 10:29 - 2020-12-10 10:29 - 000171008 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2020-12-10 10:28 - 2020-12-10 10:28 - 001756600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-10 10:28 - 2020-12-10 10:28 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-10 10:28 - 2020-12-10 10:28 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-10 10:28 - 2020-12-10 10:28 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-10 10:28 - 2020-12-10 10:28 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-10 10:28 - 2020-12-10 10:28 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-10 10:28 - 2020-12-10 10:28 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth14.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth13.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-08 09:00 - 2020-07-26 20:50 - 000000000 ____D C:\Program Files (x86)\Steam
2021-01-08 08:59 - 2020-04-02 18:39 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-08 08:59 - 2020-04-02 17:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-08 00:28 - 2020-04-02 18:39 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-08 00:28 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-07 23:49 - 2020-04-02 18:40 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-07 23:49 - 2020-04-02 18:40 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-07 23:49 - 2020-04-02 18:38 - 000000000 ____D C:\WINDOWS\INF
2021-01-07 23:49 - 2020-04-02 17:56 - 001693704 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-07 23:45 - 2020-04-02 17:46 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-07 23:43 - 2020-04-09 10:01 - 000000000 ____D C:\Users\akhav\AppData\Local\SquirrelTemp
2021-01-07 23:43 - 2020-04-02 18:03 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-07 23:43 - 2020-04-02 17:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-07 23:42 - 2020-04-30 22:07 - 000000000 ____D C:\Users\akhav\AppData\Roaming\discord
2021-01-07 23:42 - 2020-04-02 18:36 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-07 23:42 - 2020-04-02 17:48 - 000000000 ____D C:\Users\akhav
2021-01-07 23:34 - 2020-09-18 18:39 - 000000000 ____D C:\Users\akhav\AppData\Local\CrashDumps
2021-01-07 23:28 - 2020-04-03 17:40 - 000000000 ____D C:\Users\akhav\AppData\Local\Battle.net
2021-01-07 23:21 - 2020-04-03 17:42 - 000000000 ____D C:\Program Files (x86)\Call of Duty Modern Warfare
2021-01-07 17:39 - 2020-04-02 17:59 - 000000000 ____D C:\Users\akhav\Desktop\Věci z plochy 2.4.20
2021-01-06 22:23 - 2020-04-02 17:54 - 000000000 ____D C:\Users\akhav\AppData\Local\Packages
2021-01-06 21:33 - 2020-04-03 17:38 - 000000000 ____D C:\Program Files (x86)\Battle.net
2021-01-04 15:26 - 2020-12-03 18:28 - 000657816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-01-04 15:23 - 2020-03-23 22:09 - 007115280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-12-31 15:03 - 2020-03-23 22:09 - 001682376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2020-12-31 15:03 - 2020-03-23 22:09 - 000135592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2020-12-31 15:03 - 2020-03-23 22:09 - 000060966 _____ C:\WINDOWS\system32\nvinfo.pb
2020-12-31 10:48 - 2020-04-02 17:46 - 005623272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-12-31 10:48 - 2020-04-02 17:46 - 002637800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2020-12-31 10:48 - 2020-04-02 17:46 - 001760232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2020-12-31 10:48 - 2020-04-02 17:46 - 000992232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2020-12-31 10:48 - 2020-04-02 17:46 - 000122344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2020-12-31 10:48 - 2020-04-02 17:46 - 000084456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2020-12-30 20:02 - 2020-04-02 18:40 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-12-30 20:02 - 2020-04-02 18:40 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-12-30 20:02 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-12-30 20:02 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-12-29 00:27 - 2020-04-02 17:46 - 009381947 _____ C:\WINDOWS\system32\nvcoproc.bin
2020-12-28 13:44 - 2020-04-02 19:17 - 000000000 ____D C:\Users\akhav\AppData\Roaming\BitLord
2020-12-28 13:42 - 2020-04-02 19:17 - 000000000 _____ C:\Users\akhav\AppData\Roaming\bitlord_log.txt
2020-12-28 10:59 - 2020-10-06 20:18 - 000001128 _____ C:\Users\akhav\Desktop\RebelBetting.lnk
2020-12-28 10:59 - 2020-08-15 18:16 - 000001878 _____ C:\Users\akhav\Desktop\YMS 3028 Gaming Mouse.lnk
2020-12-28 10:59 - 2020-04-30 22:07 - 000002237 _____ C:\Users\akhav\Desktop\Discord.lnk
2020-12-28 10:59 - 2020-04-02 19:16 - 000002100 _____ C:\Users\akhav\Desktop\BitLord.lnk
2020-12-26 14:58 - 2020-04-02 18:01 - 000000000 ____D C:\Users\akhav\Desktop\faktury
2020-12-25 18:39 - 2020-04-08 11:16 - 000000000 ____D C:\Program Files\Microsoft Office
2020-12-22 23:02 - 2020-04-02 17:57 - 000000000 ____D C:\Users\akhav\AppData\Local\PlaceholderTileLogoFolder
2020-12-19 12:10 - 2020-06-05 09:41 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-18 13:44 - 2020-04-03 08:21 - 000000000 ____D C:\Users\akhav\AppData\Local\D3DSCache
2020-12-17 19:59 - 2020-04-02 17:57 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4158704578-2855211266-1573636166-1001
2020-12-17 19:59 - 2020-04-02 17:55 - 000000000 ___RD C:\Users\akhav\OneDrive
2020-12-17 19:59 - 2020-04-02 17:48 - 000002365 _____ C:\Users\akhav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-10 13:20 - 2020-04-02 17:55 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-12-10 13:20 - 2020-04-02 17:55 - 000000000 ___RD C:\Users\akhav\3D Objects
2020-12-10 13:20 - 2020-04-02 17:45 - 000637560 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-10 10:30 - 2020-04-02 18:36 - 000000000 ____D C:\WINDOWS\CbsTemp

==================== Files in the root of some directories ========

2020-04-02 19:17 - 2020-12-28 13:42 - 000000000 _____ () C:\Users\akhav\AppData\Roaming\bitlord_log.txt
2020-10-12 23:30 - 2020-10-12 23:30 - 000000218 _____ () C:\Users\akhav\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Nahoru
ave007
2. Stupeň Varování
Příspěvky: 219
Registrován: 17 srp 2012 12:28

Re: Zpomalené PC - Děkuji za pomoc

#2 Příspěvek od ave007 »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-01-2021
Ran by PC (08-01-2021 09:07:55)
Running from D:\Users\akhav\Downloads
Windows 10 Home Version 1909 18363.1256 (X64) (2020-04-02 16:54:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4158704578-2855211266-1573636166-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4158704578-2855211266-1573636166-503 - Limited - Disabled)
Guest (S-1-5-21-4158704578-2855211266-1573636166-501 - Limited - Disabled)
PC (S-1-5-21-4158704578-2855211266-1573636166-1001 - Administrator - Enabled) => C:\Users\akhav
WDAGUtilityAccount (S-1-5-21-4158704578-2855211266-1573636166-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{C788AE25-3D4E-4D18-811B-3219F778487E}) (Version: 13.5.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitLord 2.2 (HKLM-x32\...\BitLord) (Version: 2.2.1-151 - House of Life)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
DesktopOK (HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\DesktopOK) (Version: - hxxp://www.softwareok.com/)
Discord (HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
eFootball PES 2021 (HKLM-x32\...\{0A896ED2-FA9C-44BE-875F-559CE4C8780E}_is1) (Version: - KONAMI)
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Security (HKLM\...\{4DC9121F-BA9A-4A87-A6CA-E53B4FBACB5A}) (Version: 14.0.22.0 - ESET, spol. s r.o.)
Forza Horizon 4 Ultimate Edition MULTi16 - ElAmigos verze 1.332.904.2 (HKLM-x32\...\{236DFCEC-29C2-4C1B-8598-32308D2B7BAB}_is1) (Version: 1.332.904.2 - Microsoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 6.4.2.2 (HKLM\...\{366B3DEE-791D-4044-AC14-4FE2265754BA}) (Version: 6.4.2.2 - The Document Foundation)
MetaTrader (HKLM\...\MetaTrader) (Version: 5.00 - MetaQuotes Software Corp.)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
NordVPN (HKLM-x32\...\{11709A5F-F32B-4D68-855A-BDD011BFE57E}) (Version: 6.30.8 - NordVPN) Hidden
NordVPN (HKLM-x32\...\NordVPN 6.30.8) (Version: 6.30.8 - NordVPN)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{77DA107A-7AE4-497D-A84A-B143C3A21676}) (Version: 1.0.0 - NordVPN)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.09 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.84.43868 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 461.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 461.09 - NVIDIA Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{11C4575B-4B32-44D2-A097-D59A00BA60DE}) (Version: 8.5 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{D39B163A-9E12-442C-95E9-33FA5746AB21}) (Version: 8.5 - Apple Inc.)
RebelBetting 6.24 (HKLM-x32\...\RebelBetting) (Version: 6.24 - Clarobet AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.22.3 - General Workings, Inc.)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.4461 - Microsoft Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.13.6 - TeamViewer)
Twitch Studio (HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF372B0}) (Version: 8.0.0 - Twitch Interactive, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.2.0 - Elaborate Bytes)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
YMS 3028 Gaming Mouse v1.1.0 (HKLM-x32\...\{A7642A36-CB25-429B-8D9A-C13AFD75BA45}_is1) (Version: - )

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.1.17.0_x86__kgqvnymyfvs32 [2020-12-18] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.49.2.0_x86__kgqvnymyfvs32 [2020-12-15] (king.com)
Forza Horizon 4 -> D:\Games\Forza Horizon 4 Ultimate Edition\Fh4 [2020-10-29] (Microsoft Studios)
Forza Horizon 4 Fortune Island -> D:\Games\Forza Horizon 4 Ultimate Edition\FH4_FortuneIsland [2020-10-29] (Microsoft Studios)
Forza Horizon 4 LEGO Speed Champions -> D:\Games\Forza Horizon 4 Ultimate Edition\FH4_Lego [2020-10-29] (Microsoft Studios)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.2.0_neutral__8xx8rvfyw5nnt [2020-12-21] (Instagram)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.8.12113.0_x64__8wekyb3d8bbwe [2021-01-08] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0 [2020-12-11] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-02] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => D:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-02] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => D:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-02] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-04-03 08:20 - 2020-04-03 08:20 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-04-03 08:20 - 2020-04-03 08:20 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-04-03 08:20 - 2020-04-03 08:20 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-10-19 19:25 - 2020-04-03 08:20 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-10-19 19:25 - 2020-04-03 08:20 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-10-19 19:25 - 2020-04-03 08:20 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-10-19 19:25 - 2020-04-03 08:20 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-10-19 19:25 - 2020-04-03 08:20 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-10-19 19:25 - 2020-04-03 08:20 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\sharepoint.com -> hxxps://dsfgvx-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-04-02 18:39 - 2020-04-02 18:38 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "CheVolume.lnk"
HKLM\...\StartupApproved\Run32: => "${_APP_NAME}"
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\StartupApproved\Run: => "NordVPN"
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{B4742DD2-ED98-4E28-9793-F1B4C6F75583}C:\program files (x86)\origin games\fifa 20\fifa20.exe] => (Allow) C:\program files (x86)\origin games\fifa 20\fifa20.exe => No File
FirewallRules: [UDP Query User{EFDB17F7-1345-4A53-B769-DF790D7E8CA8}C:\program files (x86)\origin games\fifa 20\fifa20.exe] => (Allow) C:\program files (x86)\origin games\fifa 20\fifa20.exe => No File
FirewallRules: [TCP Query User{84BAF821-77EA-4DC6-BC34-20A71B5DFAD3}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{941E9434-644E-4BF5-A6B6-C25EB5069E7E}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{6C231794-4346-46CD-B931-60F4A86B1EE0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E371B97D-DE76-4E58-848D-BA0B4909AB02}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E89C72EB-899A-4596-BADA-FBCF8EB17D37}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C8BE1F0A-52BE-4F95-857F-9FB560BADEC0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{46A05C56-3EC3-415A-8662-ED7635FAC766}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F7B7C4A1-3B04-45BB-AADF-631BC1426599}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{839005A5-42C9-49D4-877F-B2F771C89119}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 20\FIFASetup\fifaconfig.exe => No File
FirewallRules: [{E94D53E7-D9C6-4128-9834-97ABB648FAFC}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 20\FIFASetup\fifaconfig.exe => No File
FirewallRules: [{A09848DA-97BA-4E81-8DBB-0ACFBA5739C1}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5126286D-8AC8-4BAA-9F18-AFA1BD074AEC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{53739D78-0B3E-4AA2-8094-E04A426A2368}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CD0913A7-F5E8-4446-8520-CD3186146364}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1198F07B-504F-4C74-83D1-C4EF022A6C00}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{4EC302A6-4D7A-4D7A-9169-C4C8BDDB23A3}C:\program files\streamlabs obs\streamlabs obs.exe] => (Allow) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [UDP Query User{5C49E810-1660-49FC-BCD8-247F0A3BF41B}C:\program files\streamlabs obs\streamlabs obs.exe] => (Allow) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [{FF565594-CF64-4BC0-AB98-DFA9E29F75BB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{36708DDA-36DE-41B0-9C70-30BD04673301}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F7D28456-7EED-4BFA-8687-B5E4660A524C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{626D3102-DCCC-429A-B41B-19EFD246E19E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{734E2961-DF5F-400A-9432-59BCEFC2A139}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{FEA5534B-F25C-4CD0-A827-491A7A413E9E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{1CF2829E-4F3C-4C13-BBB5-79929A019EA3}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{E52E3F14-6590-46F3-928A-058D658CC173}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{AF2E3568-12D6-48DE-8552-6DB44A0D56D8}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll => No File
FirewallRules: [{5C8D1195-6401-4465-917C-970EE1802CE9}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll => No File
FirewallRules: [{331BA46D-A71F-48ED-9147-4D21B055B329}] => (Allow) D:\CSko\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
FirewallRules: [{95C2FF12-EB41-4F96-BB13-ED7C2D53165D}] => (Allow) D:\CSko\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
FirewallRules: [TCP Query User{95E08894-693B-4DF4-A635-C1DDB5BE13E7}C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe] => (Allow) C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe (House of Life) [File not signed]
FirewallRules: [UDP Query User{02DA0BFF-3B75-4B7A-9A8D-6CEBA6E0938B}C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe] => (Allow) C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe (House of Life) [File not signed]
FirewallRules: [{CC875B89-4E59-43F5-AE90-84A09EFC47C5}] => (Block) C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe (House of Life) [File not signed]
FirewallRules: [{B72D122D-B33B-4144-8DF5-87519D80C496}] => (Block) C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe (House of Life) [File not signed]
FirewallRules: [{7328F064-77F3-433C-9F53-9BE5B4886B92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\launcher.exe (2K Games) [File not signed]
FirewallRules: [{0294A0BA-5A0E-4221-BD5F-ACCDC3D7E4E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\launcher.exe (2K Games) [File not signed]
FirewallRules: [TCP Query User{55873549-E966-4CD4-AABC-CA589E02A0DD}D:\tennis\tennis.world.tour.2\tennis.world.tour.2\twt2.exe] => (Allow) D:\tennis\tennis.world.tour.2\tennis.world.tour.2\twt2.exe () [File not signed]
FirewallRules: [UDP Query User{36020790-DD8B-4D7E-AE1E-B5565FDA5467}D:\tennis\tennis.world.tour.2\tennis.world.tour.2\twt2.exe] => (Allow) D:\tennis\tennis.world.tour.2\tennis.world.tour.2\twt2.exe () [File not signed]
FirewallRules: [TCP Query User{343DEEFB-9DE3-4A0F-83FF-EBD8188303CD}D:\program files (x86)\efootball pes 2021\pes2021.exe] => (Allow) D:\program files (x86)\efootball pes 2021\pes2021.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [UDP Query User{F40EC23D-CCD6-4973-99E5-F65E8DE0E3BF}D:\program files (x86)\efootball pes 2021\pes2021.exe] => (Allow) D:\program files (x86)\efootball pes 2021\pes2021.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{6869FAB5-F8A7-482E-817E-93BA0ABDF47D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{349D715A-51C3-4A8A-9C05-85750BEB0F71}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3F8C6D21-5A0F-4458-A9EB-6CA9ACE0A83D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{788A08E3-F5EF-468A-8703-E3DDF6F959E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CF8585C3-9365-4A06-9B07-B79DEC0E20CF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1DBCCDA3-C53D-4DBF-94F2-91BE9230B0D4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{4A42693F-533E-4638-BAEB-63E378198B73}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{366FACD9-214E-43A4-8EC8-3BD8A5095544}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{21DD647D-D364-47FB-9857-73ACE5917BBB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{405B4F2D-ADE6-4F11-B30C-78FDFD3A1D69}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{456A3B40-1E87-47C6-AAB6-5D8535F7A4CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{27D3E6D6-FDF7-4A42-94B4-2AD629D7C1BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F248FE6E-9AB0-4032-AB71-CBED9EFB1D0F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F8DBE8BB-9E76-469E-898F-C9B1AA174DD5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FC7A1675-40E4-4DC7-97A3-028DC3653CB3}] => (Allow) C:\Program Files\MetaTrader\metatester64.exe (MetaQuotes Ltd. -> MetaQuotes Software Corp.)
FirewallRules: [{D86D2996-2471-4242-A3F6-46F5FBAD99D0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1ADD04F4-5E1E-48DA-91BE-082BE8D6CE36}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D97AA5E0-AEEF-46AB-A3B7-25100AC820BF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CB3F74D8-1B3F-4829-BA4D-FAEA8E995ADF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3FEC57F5-386A-48F2-BD84-4CFAD60B1AF6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E5893AEC-FFF3-43B5-875E-06E1A871854D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6A03C760-EA9C-460C-8869-B378E0A74D5A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0685F193-87DA-4F53-A9C2-C39D371BA215}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

01-01-2021 13:42:24 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: DAEMON Tools Ultra Virtual USB Bus
Description: DAEMON Tools Ultra Virtual USB Bus
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Disc Soft Ltd
Service: dtultrausbbus
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: DAEMON Tools Ultra Virtual SCSI Bus
Description: DAEMON Tools Ultra Virtual SCSI Bus
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Disc Soft Ltd
Service: dtultrascsibus
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/08/2021 08:39:06 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6432,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/08/2021 12:33:28 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9352,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/08/2021 12:18:07 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6820,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/08/2021 12:08:20 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12348,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/08/2021 12:01:23 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5212,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/07/2021 11:50:17 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3128,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/07/2021 11:34:51 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (20652,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/07/2021 11:34:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: EpicGamesLauncher.exe, verze: 12.0.0.0, časové razítko: 0x5ff5f101
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.18362.1237, časové razítko: 0x71e81044
Kód výjimky: 0xc000041d
Posun chyby: 0x0000000000043b29
ID chybujícího procesu: 0x51a0
Čas spuštění chybující aplikace: 0x01d6e517363a0511
Cesta k chybující aplikaci: C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 61c74d16-5749-4737-9cd9-a67b965c5b37
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (01/08/2021 06:13:02 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3N07L5T)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/08/2021 12:13:05 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3N07L5T)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/07/2021 11:44:42 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3N07L5T)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/07/2021 11:43:21 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3N07L5T)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/07/2021 11:42:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba nordvpn-service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (01/07/2021 11:29:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (01/07/2021 11:29:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.

Error: (01/07/2021 06:12:34 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3N07L5T)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2020-08-13 23:55:29.230
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {A73FAA1C-A140-4B3D-B11C-0AFDC064BE1C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-08-13 23:09:55.203
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D707B9AF-00DD-4725-835D-0CB28B2D207D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-07-03 22:18:29.702
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {8DB71C9B-37FF-4450-82AE-1EAAD1AEDDB3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===================================

Date: 2021-01-08 09:08:11.072
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-08 09:08:11.070
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-08 09:05:18.702
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-08 09:05:18.701
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-08 09:05:16.502
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-08 09:05:16.501
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-08 09:05:16.094
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-08 09:05:16.093
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1205 05/11/2018
Motherboard: ASUSTeK COMPUTER INC. STRIX B250G GAMING
Processor: Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz
Percentage of memory in use: 31%
Total physical RAM: 16329.22 MB
Available physical RAM: 11211.55 MB
Total Virtual: 27081.22 MB
Available Virtual: 19316.76 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.51 GB) (Free:28 GB) NTFS
Drive d: (DATA) (Fixed) (Total:1862.89 GB) (Free:1245.16 GB) NTFS

\\?\Volume{fd269f6a-201e-495f-82c3-31117159c66e}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
\\?\Volume{d229db94-1e56-4b34-942c-c1c3774d32cb}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{1cb4cf22-7f5d-4701-9a31-d6d669e5103a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119316
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zpomalené PC - Děkuji za pomoc

#3 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
ave007
2. Stupeň Varování
Příspěvky: 219
Registrován: 17 srp 2012 12:28

Re: Zpomalené PC - Děkuji za pomoc

#4 Příspěvek od ave007 »

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2021-01-06.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-08-2021
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 4
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{95E08894-693B-4DF4-A635-C1DDB5BE13E7}C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{02DA0BFF-3B75-4B7A-9A8D-6CEBA6E0938B}C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B72D122D-B33B-4144-8DF5-87519D80C496}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{CC875B89-4E59-43F5-AE90-84A09EFC47C5}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2168 octets] - [08/01/2021 11:46:23]
AdwCleaner[S01].txt - [2229 octets] - [08/01/2021 11:47:07]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119316
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zpomalené PC - Děkuji za pomoc

#5 Příspěvek od Rudy »

Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
ave007
2. Stupeň Varování
Příspěvky: 219
Registrován: 17 srp 2012 12:28

Re: Zpomalené PC - Děkuji za pomoc

#6 Příspěvek od ave007 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-01-2021
Ran by PC (administrator) on DESKTOP-3N07L5T (09-01-2021 10:48:32)
Running from D:\Users\akhav\Downloads
Loaded Profiles: PC
Platform: Windows 10 Home Version 1909 18363.1256 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Elaborate Bytes AG -> Elaborate Bytes AG) D:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(SatoshiLabs, s.r.o. -> ) C:\Program Files (x86)\TREZOR Bridge\trezord.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TEFINCOM S.A. -> ) D:\Program Files (x86)\NordVPN\nordvpn-service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [175504 2020-11-02] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [97703592 2020-02-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [${_APP_NAME}] => D:\Program Files (x86)\WellWeWeb\CheVolume\CheVolume.exe
HKLM-x32\...\Run: [VirtualCloneDrive] => D:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [105280 2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32762440 2021-01-07] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\Run: [NordVPN] => D:\Program Files (x86)\NordVPN\NordVPN.exe [1844688 2020-05-28] (TEFINCOM S.A. -> NordVPN)
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3411232 2020-12-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\MountPoints2: {0bf88ee0-12c9-11eb-878b-6045cb7226b1} - "E:\setup.exe"
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\MountPoints2: {cd80bf90-1831-11eb-878c-6045cb7226b1} - "E:\setup.exe"
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-08] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CheVolume.lnk [2020-05-02]
ShortcutTarget: CheVolume.lnk -> D:\Program Files (x86)\WellWeWeb\CheVolume\CheVolume.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2020-12-18]
ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs, s.r.o. -> )

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06FFBEB6-4DA5-4F39-8F0B-AAB139E905DB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {20DBED21-5151-4335-B73D-6E1E821680B3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3EA66AC4-9D96-43DC-97F5-788DF6511AE1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {49A25387-5DAC-4927-AC0E-D5D68AAC24EB} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4D3D13E8-81F8-4F07-8BFD-3206DC7D4564} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {4F65E85A-DF52-42CE-BF80-0032F1A2CCE8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-02] (Google LLC -> Google LLC)
Task: {5484845F-D67B-45DE-B013-B04FCACAC304} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5C58382E-E9C8-4458-B7ED-000E3798642A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {615F0DB0-D123-46E1-B889-283DF4C212C5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {624D03F5-6285-491F-A14A-2A82FFB522B0} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {71F4B82E-7A79-41FC-B97D-EC8624FE1D81} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {807E8A7E-041A-45D2-A694-481FBC938881} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A20C42BE-424E-4A51-9705-CE9B6EF2F6AF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A323B995-E4EC-49D8-A1A0-438557D90EB3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {BC3ACC02-D5A0-4715-BE3D-911E40B63F9A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-30] (Adobe Inc. -> Adobe)
Task: {C0150820-0A64-42D2-BFD6-099868C9CFE9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-02] (Google LLC -> Google LLC)
Task: {CD4FAC08-D429-4EC7-950A-034FDBB90A5F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {CF85638D-3A8C-4401-A5F9-53A629A54AFF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D7F25BDC-65CF-449A-800A-15F263C5E640} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {DAF29880-C928-4D8C-B0AA-BE88F8068071} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {F3123CDC-9C8A-4A54-849A-4C141D73842C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F8D29B52-4B9F-49DA-B16F-444E97E63BB5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1532312 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4e133736-f63e-4bf6-b314-b6da0d61e04a}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{80b3939f-55ee-4601-9bcf-5152596a2137}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{d5d71ac8-32bd-4498-9b9c-3912d527cda1}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{d5d71ac8-32bd-4498-9b9c-3912d527cda1}: [DhcpNameServer] 10.0.0.138

Edge:
======
Edge Profile: C:\Users\akhav\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-31]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default [2021-01-09]
CHR Extension: (Překladač Google) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-04-02]
CHR Extension: (Prezentace) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-02]
CHR Extension: (Dokumenty) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-02]
CHR Extension: (Disk Google) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2020-10-15]
CHR Extension: (YouTube) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-02]
CHR Extension: (Zeus - Degiro Portfolio Manager) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckgeffpapoiemciaenjgbelealaekgic [2020-12-16]
CHR Extension: (Tabulky) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-19]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-12-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-02]
CHR Extension: (Gmail) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-10]
CHR Profile: C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-01-02]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-05-20] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-11-02] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-11-02] (ESET, spol. s r.o. -> ESET)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-08] (Malwarebytes Inc -> Malwarebytes)
R2 nordvpn-service; D:\Program Files (x86)\NordVPN\nordvpn-service.exe [244176 2020-05-28] (TEFINCOM S.A. -> )
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2519864 2020-09-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3473216 2020-09-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12757520 2020-12-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 TwitchService; C:\Program Files\Common Files\Twitch\TwitchService.exe [334208 2020-07-11] (Twitch Interactive, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\NisSrv.exe [2169568 2020-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MsMpEng.exe [128376 2020-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AKSUP; C:\WINDOWS\system32\drivers\aksup.sys [44712 2017-08-03] (Aladdin Knowledge Systems Inc. -> Aladdin Knowledge Systems, Ltd.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [160992 2020-10-26] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109360 2020-10-26] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-09-16] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [190464 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43720 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70048 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107784 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-01-08] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2021-01-08] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197792 2021-01-08] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-01-08] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2021-01-08] (Malwarebytes Inc -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2020-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2020-04-24] (TEFINCOM S.A. -> WireGuard LLC)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R3 VClone; C:\WINDOWS\System32\drivers\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [78216 2020-08-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [430320 2020-08-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [98520 2020-08-05] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-08 17:11 - 2021-01-08 17:20 - 000000107 _____ C:\Users\akhav\Desktop\Nový textový dokument.txt
2021-01-08 11:48 - 2021-01-08 11:48 - 000197792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-01-08 11:48 - 2021-01-08 11:48 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-01-08 11:45 - 2021-01-08 11:47 - 000000000 ____D C:\AdwCleaner
2021-01-08 11:29 - 2021-01-08 11:29 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-01-08 11:29 - 2021-01-08 11:29 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-01-08 11:29 - 2021-01-08 11:29 - 000000000 ____D C:\Users\akhav\AppData\Local\mbam
2021-01-08 11:28 - 2021-01-08 11:28 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-01-08 11:28 - 2021-01-08 11:28 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-01-08 11:28 - 2021-01-08 11:28 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-01-08 11:28 - 2021-01-08 11:28 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-01-08 11:28 - 2021-01-08 11:28 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-01-08 11:28 - 2021-01-08 11:28 - 000000000 ____D C:\Program Files\Malwarebytes
2021-01-08 09:06 - 2021-01-09 10:48 - 000000000 ____D C:\FRST
2021-01-07 23:29 - 2021-01-07 23:29 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-01-07 23:28 - 2021-01-04 15:28 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-07 23:28 - 2021-01-04 15:28 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-07 23:28 - 2021-01-04 15:28 - 001454488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-01-07 23:28 - 2021-01-04 15:28 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-07 23:28 - 2021-01-04 15:28 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-07 23:28 - 2021-01-04 15:28 - 001193880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-01-07 23:28 - 2021-01-04 15:28 - 001094880 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-07 23:28 - 2021-01-04 15:28 - 001094880 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-07 23:28 - 2021-01-04 15:28 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-07 23:28 - 2021-01-04 15:28 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 002104216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 001589144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 001512856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 001165720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 000813976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 000680856 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 000673688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 000559000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 000548248 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-01-07 23:28 - 2021-01-04 15:25 - 008262552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-01-07 23:28 - 2021-01-04 15:25 - 007393176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-01-07 23:28 - 2021-01-04 15:25 - 004612504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-01-07 23:28 - 2021-01-04 15:25 - 002731928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-01-07 23:28 - 2021-01-04 15:25 - 001733016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6446109.dll
2021-01-07 23:28 - 2021-01-04 15:25 - 001492376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6446109.dll
2021-01-07 23:28 - 2021-01-04 15:23 - 006071032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-01-07 23:28 - 2020-12-31 15:03 - 000038640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2021-01-03 11:22 - 2021-01-03 11:22 - 000000000 ____D C:\Users\akhav\AppData\Roaming\Macromedia
2020-12-30 20:02 - 2020-12-30 20:02 - 000004608 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-12-30 20:01 - 2020-12-30 20:02 - 000000000 ____D C:\Users\akhav\AppData\Local\Adobe
2020-12-18 16:31 - 2021-01-08 17:20 - 000000000 ____D C:\Users\akhav\AppData\Roaming\TREZOR Bridge
2020-12-18 16:31 - 2020-12-18 16:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TREZOR Bridge
2020-12-18 16:31 - 2020-12-18 16:31 - 000000000 ____D C:\Program Files (x86)\TREZOR Bridge
2020-12-15 17:57 - 2020-12-15 17:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaTrader
2020-12-15 17:57 - 2020-12-15 17:57 - 000000000 ____D C:\Program Files\MetaTrader
2020-12-15 17:50 - 2020-12-15 17:57 - 000000000 ____D C:\Users\akhav\AppData\Roaming\MetaQuotes
2020-12-10 10:29 - 2020-12-10 10:29 - 002045952 _____ C:\WINDOWS\system32\rdpnano.dll
2020-12-10 10:29 - 2020-12-10 10:29 - 000171008 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2020-12-10 10:28 - 2020-12-10 10:28 - 001756600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-10 10:28 - 2020-12-10 10:28 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-10 10:28 - 2020-12-10 10:28 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-10 10:28 - 2020-12-10 10:28 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-10 10:28 - 2020-12-10 10:28 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-10 10:28 - 2020-12-10 10:28 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-10 10:28 - 2020-12-10 10:28 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth14.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth13.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-09 10:45 - 2020-04-02 18:39 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-09 10:45 - 2020-04-02 17:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-08 21:25 - 2020-04-02 18:38 - 000000000 ____D C:\WINDOWS\INF
2021-01-08 19:45 - 2020-04-02 17:46 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-08 19:43 - 2020-04-09 10:01 - 000000000 ____D C:\Users\akhav\AppData\Local\SquirrelTemp
2021-01-08 15:34 - 2020-04-02 17:59 - 000000000 ____D C:\Users\akhav\Desktop\Věci z plochy 2.4.20
2021-01-08 12:30 - 2020-10-06 20:18 - 000001128 _____ C:\Users\akhav\Desktop\RebelBetting.lnk
2021-01-08 12:30 - 2020-08-15 18:16 - 000001878 _____ C:\Users\akhav\Desktop\YMS 3028 Gaming Mouse.lnk
2021-01-08 12:30 - 2020-04-30 22:07 - 000002237 _____ C:\Users\akhav\Desktop\Discord.lnk
2021-01-08 12:30 - 2020-04-02 19:16 - 000002100 _____ C:\Users\akhav\Desktop\BitLord.lnk
2021-01-08 11:54 - 2020-04-02 18:40 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-08 11:54 - 2020-04-02 18:40 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-08 11:54 - 2020-04-02 17:56 - 001693704 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-08 11:48 - 2020-04-02 18:03 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-08 11:48 - 2020-04-02 17:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-08 11:47 - 2020-04-02 18:36 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-08 11:28 - 2020-04-02 18:39 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-08 09:00 - 2020-07-26 20:50 - 000000000 ____D C:\Program Files (x86)\Steam
2021-01-08 00:28 - 2020-04-02 18:39 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-08 00:28 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-07 23:42 - 2020-04-30 22:07 - 000000000 ____D C:\Users\akhav\AppData\Roaming\discord
2021-01-07 23:42 - 2020-04-02 17:48 - 000000000 ____D C:\Users\akhav
2021-01-07 23:34 - 2020-09-18 18:39 - 000000000 ____D C:\Users\akhav\AppData\Local\CrashDumps
2021-01-07 23:28 - 2020-04-03 17:40 - 000000000 ____D C:\Users\akhav\AppData\Local\Battle.net
2021-01-07 23:21 - 2020-04-03 17:42 - 000000000 ____D C:\Program Files (x86)\Call of Duty Modern Warfare
2021-01-06 22:23 - 2020-04-02 17:54 - 000000000 ____D C:\Users\akhav\AppData\Local\Packages
2021-01-06 21:33 - 2020-04-03 17:38 - 000000000 ____D C:\Program Files (x86)\Battle.net
2021-01-04 15:26 - 2020-12-03 18:28 - 000657816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-01-04 15:23 - 2020-03-23 22:09 - 007115280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-12-31 15:03 - 2020-03-23 22:09 - 001682376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2020-12-31 15:03 - 2020-03-23 22:09 - 000135592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2020-12-31 15:03 - 2020-03-23 22:09 - 000060966 _____ C:\WINDOWS\system32\nvinfo.pb
2020-12-31 10:48 - 2020-04-02 17:46 - 005623272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-12-31 10:48 - 2020-04-02 17:46 - 002637800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2020-12-31 10:48 - 2020-04-02 17:46 - 001760232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2020-12-31 10:48 - 2020-04-02 17:46 - 000992232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2020-12-31 10:48 - 2020-04-02 17:46 - 000122344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2020-12-31 10:48 - 2020-04-02 17:46 - 000084456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2020-12-30 20:02 - 2020-04-02 18:40 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-12-30 20:02 - 2020-04-02 18:40 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-12-30 20:02 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-12-30 20:02 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-12-29 00:27 - 2020-04-02 17:46 - 009381947 _____ C:\WINDOWS\system32\nvcoproc.bin
2020-12-28 13:44 - 2020-04-02 19:17 - 000000000 ____D C:\Users\akhav\AppData\Roaming\BitLord
2020-12-28 13:42 - 2020-04-02 19:17 - 000000000 _____ C:\Users\akhav\AppData\Roaming\bitlord_log.txt
2020-12-26 14:58 - 2020-04-02 18:01 - 000000000 ____D C:\Users\akhav\Desktop\faktury
2020-12-25 18:39 - 2020-04-08 11:16 - 000000000 ____D C:\Program Files\Microsoft Office
2020-12-22 23:02 - 2020-04-02 17:57 - 000000000 ____D C:\Users\akhav\AppData\Local\PlaceholderTileLogoFolder
2020-12-19 12:10 - 2020-06-05 09:41 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-18 13:44 - 2020-04-03 08:21 - 000000000 ____D C:\Users\akhav\AppData\Local\D3DSCache
2020-12-17 19:59 - 2020-04-02 17:57 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4158704578-2855211266-1573636166-1001
2020-12-17 19:59 - 2020-04-02 17:55 - 000000000 ___RD C:\Users\akhav\OneDrive
2020-12-17 19:59 - 2020-04-02 17:48 - 000002365 _____ C:\Users\akhav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-10 13:20 - 2020-04-02 17:55 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-12-10 13:20 - 2020-04-02 17:55 - 000000000 ___RD C:\Users\akhav\3D Objects
2020-12-10 13:20 - 2020-04-02 17:45 - 000637560 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-10 10:30 - 2020-04-02 18:36 - 000000000 ____D C:\WINDOWS\CbsTemp

==================== Files in the root of some directories ========

2020-04-02 19:17 - 2020-12-28 13:42 - 000000000 _____ () C:\Users\akhav\AppData\Roaming\bitlord_log.txt
2020-10-12 23:30 - 2020-10-12 23:30 - 000000218 _____ () C:\Users\akhav\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Nahoru
ave007
2. Stupeň Varování
Příspěvky: 219
Registrován: 17 srp 2012 12:28

Re: Zpomalené PC - Děkuji za pomoc

#7 Příspěvek od ave007 »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-01-2021
Ran by PC (09-01-2021 10:49:20)
Running from D:\Users\akhav\Downloads
Windows 10 Home Version 1909 18363.1256 (X64) (2020-04-02 16:54:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4158704578-2855211266-1573636166-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4158704578-2855211266-1573636166-503 - Limited - Disabled)
Guest (S-1-5-21-4158704578-2855211266-1573636166-501 - Limited - Disabled)
PC (S-1-5-21-4158704578-2855211266-1573636166-1001 - Administrator - Enabled) => C:\Users\akhav
WDAGUtilityAccount (S-1-5-21-4158704578-2855211266-1573636166-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{C788AE25-3D4E-4D18-811B-3219F778487E}) (Version: 13.5.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitLord 2.2 (HKLM-x32\...\BitLord) (Version: 2.2.1-151 - House of Life)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
DesktopOK (HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\DesktopOK) (Version: - hxxp://www.softwareok.com/)
Discord (HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
eFootball PES 2021 (HKLM-x32\...\{0A896ED2-FA9C-44BE-875F-559CE4C8780E}_is1) (Version: - KONAMI)
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Security (HKLM\...\{4DC9121F-BA9A-4A87-A6CA-E53B4FBACB5A}) (Version: 14.0.22.0 - ESET, spol. s r.o.)
Forza Horizon 4 Ultimate Edition MULTi16 - ElAmigos verze 1.332.904.2 (HKLM-x32\...\{236DFCEC-29C2-4C1B-8598-32308D2B7BAB}_is1) (Version: 1.332.904.2 - Microsoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 6.4.2.2 (HKLM\...\{366B3DEE-791D-4044-AC14-4FE2265754BA}) (Version: 6.4.2.2 - The Document Foundation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
MetaTrader (HKLM\...\MetaTrader) (Version: 5.00 - MetaQuotes Software Corp.)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
NordVPN (HKLM-x32\...\{11709A5F-F32B-4D68-855A-BDD011BFE57E}) (Version: 6.30.8 - NordVPN) Hidden
NordVPN (HKLM-x32\...\NordVPN 6.30.8) (Version: 6.30.8 - NordVPN)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{77DA107A-7AE4-497D-A84A-B143C3A21676}) (Version: 1.0.0 - NordVPN)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.09 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.84.43868 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 461.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 461.09 - NVIDIA Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{11C4575B-4B32-44D2-A097-D59A00BA60DE}) (Version: 8.5 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{D39B163A-9E12-442C-95E9-33FA5746AB21}) (Version: 8.5 - Apple Inc.)
RebelBetting 6.24 (HKLM-x32\...\RebelBetting) (Version: 6.24 - Clarobet AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.22.3 - General Workings, Inc.)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.4461 - Microsoft Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.13.6 - TeamViewer)
Twitch Studio (HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF372B0}) (Version: 8.0.0 - Twitch Interactive, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.2.0 - Elaborate Bytes)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
YMS 3028 Gaming Mouse v1.1.0 (HKLM-x32\...\{A7642A36-CB25-429B-8D9A-C13AFD75BA45}_is1) (Version: - )

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.1.17.0_x86__kgqvnymyfvs32 [2020-12-18] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.49.2.0_x86__kgqvnymyfvs32 [2020-12-15] (king.com)
Forza Horizon 4 -> D:\Games\Forza Horizon 4 Ultimate Edition\Fh4 [2020-10-29] (Microsoft Studios)
Forza Horizon 4 Fortune Island -> D:\Games\Forza Horizon 4 Ultimate Edition\FH4_FortuneIsland [2020-10-29] (Microsoft Studios)
Forza Horizon 4 LEGO Speed Champions -> D:\Games\Forza Horizon 4 Ultimate Edition\FH4_Lego [2020-10-29] (Microsoft Studios)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.2.0_neutral__8xx8rvfyw5nnt [2020-12-21] (Instagram)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.8.12113.0_x64__8wekyb3d8bbwe [2021-01-08] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0 [2020-12-11] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-02] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => D:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-02] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => D:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-08] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-02] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-08] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-04-03 08:20 - 2020-04-03 08:20 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-04-03 08:20 - 2020-04-03 08:20 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-04-03 08:20 - 2020-04-03 08:20 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-10-19 19:25 - 2020-04-03 08:20 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-10-19 19:25 - 2020-04-03 08:20 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-10-19 19:25 - 2020-04-03 08:20 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-10-19 19:25 - 2020-04-03 08:20 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-10-19 19:25 - 2020-04-03 08:20 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-10-19 19:25 - 2020-04-03 08:20 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\sharepoint.com -> hxxps://dsfgvx-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-04-02 18:39 - 2020-04-02 18:38 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "CheVolume.lnk"
HKLM\...\StartupApproved\Run32: => "${_APP_NAME}"
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\StartupApproved\Run: => "NordVPN"
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{B4742DD2-ED98-4E28-9793-F1B4C6F75583}C:\program files (x86)\origin games\fifa 20\fifa20.exe] => (Allow) C:\program files (x86)\origin games\fifa 20\fifa20.exe => No File
FirewallRules: [UDP Query User{EFDB17F7-1345-4A53-B769-DF790D7E8CA8}C:\program files (x86)\origin games\fifa 20\fifa20.exe] => (Allow) C:\program files (x86)\origin games\fifa 20\fifa20.exe => No File
FirewallRules: [TCP Query User{84BAF821-77EA-4DC6-BC34-20A71B5DFAD3}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{941E9434-644E-4BF5-A6B6-C25EB5069E7E}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{6C231794-4346-46CD-B931-60F4A86B1EE0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E371B97D-DE76-4E58-848D-BA0B4909AB02}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E89C72EB-899A-4596-BADA-FBCF8EB17D37}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C8BE1F0A-52BE-4F95-857F-9FB560BADEC0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{46A05C56-3EC3-415A-8662-ED7635FAC766}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F7B7C4A1-3B04-45BB-AADF-631BC1426599}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{839005A5-42C9-49D4-877F-B2F771C89119}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 20\FIFASetup\fifaconfig.exe => No File
FirewallRules: [{E94D53E7-D9C6-4128-9834-97ABB648FAFC}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 20\FIFASetup\fifaconfig.exe => No File
FirewallRules: [{A09848DA-97BA-4E81-8DBB-0ACFBA5739C1}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5126286D-8AC8-4BAA-9F18-AFA1BD074AEC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{53739D78-0B3E-4AA2-8094-E04A426A2368}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CD0913A7-F5E8-4446-8520-CD3186146364}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1198F07B-504F-4C74-83D1-C4EF022A6C00}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{4EC302A6-4D7A-4D7A-9169-C4C8BDDB23A3}C:\program files\streamlabs obs\streamlabs obs.exe] => (Allow) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [UDP Query User{5C49E810-1660-49FC-BCD8-247F0A3BF41B}C:\program files\streamlabs obs\streamlabs obs.exe] => (Allow) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [{FF565594-CF64-4BC0-AB98-DFA9E29F75BB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{36708DDA-36DE-41B0-9C70-30BD04673301}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F7D28456-7EED-4BFA-8687-B5E4660A524C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{626D3102-DCCC-429A-B41B-19EFD246E19E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{734E2961-DF5F-400A-9432-59BCEFC2A139}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{FEA5534B-F25C-4CD0-A827-491A7A413E9E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{1CF2829E-4F3C-4C13-BBB5-79929A019EA3}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{E52E3F14-6590-46F3-928A-058D658CC173}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{AF2E3568-12D6-48DE-8552-6DB44A0D56D8}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll => No File
FirewallRules: [{5C8D1195-6401-4465-917C-970EE1802CE9}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll => No File
FirewallRules: [{331BA46D-A71F-48ED-9147-4D21B055B329}] => (Allow) D:\CSko\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
FirewallRules: [{95C2FF12-EB41-4F96-BB13-ED7C2D53165D}] => (Allow) D:\CSko\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
FirewallRules: [{7328F064-77F3-433C-9F53-9BE5B4886B92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\launcher.exe (2K Games) [File not signed]
FirewallRules: [{0294A0BA-5A0E-4221-BD5F-ACCDC3D7E4E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\launcher.exe (2K Games) [File not signed]
FirewallRules: [TCP Query User{55873549-E966-4CD4-AABC-CA589E02A0DD}D:\tennis\tennis.world.tour.2\tennis.world.tour.2\twt2.exe] => (Allow) D:\tennis\tennis.world.tour.2\tennis.world.tour.2\twt2.exe () [File not signed]
FirewallRules: [UDP Query User{36020790-DD8B-4D7E-AE1E-B5565FDA5467}D:\tennis\tennis.world.tour.2\tennis.world.tour.2\twt2.exe] => (Allow) D:\tennis\tennis.world.tour.2\tennis.world.tour.2\twt2.exe () [File not signed]
FirewallRules: [TCP Query User{343DEEFB-9DE3-4A0F-83FF-EBD8188303CD}D:\program files (x86)\efootball pes 2021\pes2021.exe] => (Allow) D:\program files (x86)\efootball pes 2021\pes2021.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [UDP Query User{F40EC23D-CCD6-4973-99E5-F65E8DE0E3BF}D:\program files (x86)\efootball pes 2021\pes2021.exe] => (Allow) D:\program files (x86)\efootball pes 2021\pes2021.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{6869FAB5-F8A7-482E-817E-93BA0ABDF47D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{349D715A-51C3-4A8A-9C05-85750BEB0F71}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3F8C6D21-5A0F-4458-A9EB-6CA9ACE0A83D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{788A08E3-F5EF-468A-8703-E3DDF6F959E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CF8585C3-9365-4A06-9B07-B79DEC0E20CF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1DBCCDA3-C53D-4DBF-94F2-91BE9230B0D4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{4A42693F-533E-4638-BAEB-63E378198B73}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{366FACD9-214E-43A4-8EC8-3BD8A5095544}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{21DD647D-D364-47FB-9857-73ACE5917BBB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{405B4F2D-ADE6-4F11-B30C-78FDFD3A1D69}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{456A3B40-1E87-47C6-AAB6-5D8535F7A4CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{27D3E6D6-FDF7-4A42-94B4-2AD629D7C1BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F248FE6E-9AB0-4032-AB71-CBED9EFB1D0F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F8DBE8BB-9E76-469E-898F-C9B1AA174DD5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FC7A1675-40E4-4DC7-97A3-028DC3653CB3}] => (Allow) C:\Program Files\MetaTrader\metatester64.exe (MetaQuotes Ltd. -> MetaQuotes Software Corp.)
FirewallRules: [{D86D2996-2471-4242-A3F6-46F5FBAD99D0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1ADD04F4-5E1E-48DA-91BE-082BE8D6CE36}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D97AA5E0-AEEF-46AB-A3B7-25100AC820BF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CB3F74D8-1B3F-4829-BA4D-FAEA8E995ADF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3FEC57F5-386A-48F2-BD84-4CFAD60B1AF6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E5893AEC-FFF3-43B5-875E-06E1A871854D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6A03C760-EA9C-460C-8869-B378E0A74D5A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0685F193-87DA-4F53-A9C2-C39D371BA215}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

01-01-2021 13:42:24 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: DAEMON Tools Ultra Virtual USB Bus
Description: DAEMON Tools Ultra Virtual USB Bus
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Disc Soft Ltd
Service: dtultrausbbus
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: DAEMON Tools Ultra Virtual SCSI Bus
Description: DAEMON Tools Ultra Virtual SCSI Bus
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Disc Soft Ltd
Service: dtultrascsibus
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/08/2021 10:30:08 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3744,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/08/2021 09:30:20 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10616,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/08/2021 09:23:34 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11468,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/08/2021 08:00:49 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11588,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/08/2021 07:54:03 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4476,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/08/2021 07:43:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 23 4.F.0.B.9.E.E.A.E.6.D.F.C.8.9.E.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR DESKTOP-3N07L5T.local.

Error: (01/08/2021 07:43:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.1:5353 25 4.F.0.B.9.E.E.A.E.6.D.F.C.8.9.E.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR DESKTOP-3N07L5T-2.local.

Error: (01/08/2021 07:43:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 23 4.F.0.B.9.E.E.A.E.6.D.F.C.8.9.E.6.F.2.6.D.1.D.8.8.2.0.1.0.0.A.2.ip6.arpa. PTR DESKTOP-3N07L5T.local.


System errors:
=============
Error: (01/09/2021 06:12:24 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3N07L5T)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/08/2021 07:44:26 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3N07L5T)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/08/2021 07:43:27 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3N07L5T)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/08/2021 12:27:12 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY)
Description: Na miniportu Apple Mobile Device Ethernet #2, {6d303d7c-0c09-47c9-95e8-b7a6d7db595e}, došlo k události 76.

Error: (01/08/2021 12:18:07 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3N07L5T)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/08/2021 11:49:44 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3N07L5T)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/08/2021 11:48:18 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3N07L5T)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/08/2021 11:47:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2020-08-13 23:55:29.230
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {A73FAA1C-A140-4B3D-B11C-0AFDC064BE1C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-08-13 23:09:55.203
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D707B9AF-00DD-4725-835D-0CB28B2D207D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-07-03 22:18:29.702
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {8DB71C9B-37FF-4450-82AE-1EAAD1AEDDB3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===================================

Date: 2021-01-09 10:48:51.070
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-09 10:48:51.068
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-09 10:48:31.645
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-09 10:48:31.643
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-09 10:48:31.049
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-09 10:48:31.048
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-09 10:48:24.286
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-09 10:48:24.285
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1205 05/11/2018
Motherboard: ASUSTeK COMPUTER INC. STRIX B250G GAMING
Processor: Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz
Percentage of memory in use: 28%
Total physical RAM: 16329.22 MB
Available physical RAM: 11724.72 MB
Total Virtual: 27081.22 MB
Available Virtual: 20028.66 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.51 GB) (Free:27.89 GB) NTFS
Drive d: (DATA) (Fixed) (Total:1862.89 GB) (Free:1243.69 GB) NTFS

\\?\Volume{fd269f6a-201e-495f-82c3-31117159c66e}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
\\?\Volume{d229db94-1e56-4b34-942c-c1c3774d32cb}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{1cb4cf22-7f5d-4701-9a31-d6d669e5103a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119316
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zpomalené PC - Děkuji za pomoc

#8 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
FirewallRules: [TCP Query User{B4742DD2-ED98-4E28-9793-F1B4C6F75583}C:\program files (x86)\origin games\fifa 20\fifa20.exe] => (Allow) C:\program files (x86)\origin games\fifa 20\fifa20.exe => No File
FirewallRules: [UDP Query User{EFDB17F7-1345-4A53-B769-DF790D7E8CA8}C:\program files (x86)\origin games\fifa 20\fifa20.exe] => (Allow) C:\program files (x86)\origin games\fifa 20\fifa20.exe => No File
FirewallRules: [{839005A5-42C9-49D4-877F-B2F771C89119}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 20\FIFASetup\fifaconfig.exe => No File
FirewallRules: [{E94D53E7-D9C6-4128-9834-97ABB648FAFC}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 20\FIFASetup\fifaconfig.exe => No File
FirewallRules: [{AF2E3568-12D6-48DE-8552-6DB44A0D56D8}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll => No File
FirewallRules: [{5C8D1195-6401-4465-917C-970EE1802CE9}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll => No File
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\MountPoints2: {0bf88ee0-12c9-11eb-878b-6045cb7226b1} - "E:\setup.exe"
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\MountPoints2: {cd80bf90-1831-11eb-878c-6045cb7226b1} - "E:\setup.exe"
Task: {4F65E85A-DF52-42CE-BF80-0032F1A2CCE8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-02] (Google LLC -> Google LLC)
Task: {C0150820-0A64-42D2-BFD6-099868C9CFE9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-02] (Google LLC -> Google LLC)

EmptyTemp:
End
Uložte do D:\Users\akhav\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
ave007
2. Stupeň Varování
Příspěvky: 219
Registrován: 17 srp 2012 12:28

Re: Zpomalené PC - Děkuji za pomoc

#9 Příspěvek od ave007 »

Zdravím!
Bohužel po restartu se žádný log nezobrazil
Nahoru
ave007
2. Stupeň Varování
Příspěvky: 219
Registrován: 17 srp 2012 12:28

Re: Zpomalené PC - Děkuji za pomoc

#10 Příspěvek od ave007 »

tak jsem našel ručně :)

Fix result of Farbar Recovery Scan Tool (x64) Version: 09-01-2021
Ran by PC (09-01-2021 21:43:20) Run:1
Running from D:\Users\akhav\Downloads
Loaded Profiles: PC
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
FirewallRules: [TCP Query User{B4742DD2-ED98-4E28-9793-F1B4C6F75583}C:\program files (x86)\origin games\fifa 20\fifa20.exe] => (Allow) C:\program files (x86)\origin games\fifa 20\fifa20.exe => No File
FirewallRules: [UDP Query User{EFDB17F7-1345-4A53-B769-DF790D7E8CA8}C:\program files (x86)\origin games\fifa 20\fifa20.exe] => (Allow) C:\program files (x86)\origin games\fifa 20\fifa20.exe => No File
FirewallRules: [{839005A5-42C9-49D4-877F-B2F771C89119}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 20\FIFASetup\fifaconfig.exe => No File
FirewallRules: [{E94D53E7-D9C6-4128-9834-97ABB648FAFC}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 20\FIFASetup\fifaconfig.exe => No File
FirewallRules: [{AF2E3568-12D6-48DE-8552-6DB44A0D56D8}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll => No File
FirewallRules: [{5C8D1195-6401-4465-917C-970EE1802CE9}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll => No File
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\MountPoints2: {0bf88ee0-12c9-11eb-878b-6045cb7226b1} - "E:\setup.exe"
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\MountPoints2: {cd80bf90-1831-11eb-878c-6045cb7226b1} - "E:\setup.exe"
Task: {4F65E85A-DF52-42CE-BF80-0032F1A2CCE8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-02] (Google LLC -> Google LLC)
Task: {C0150820-0A64-42D2-BFD6-099868C9CFE9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-02] (Google LLC -> Google LLC)

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B4742DD2-ED98-4E28-9793-F1B4C6F75583}C:\program files (x86)\origin games\fifa 20\fifa20.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EFDB17F7-1345-4A53-B769-DF790D7E8CA8}C:\program files (x86)\origin games\fifa 20\fifa20.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{839005A5-42C9-49D4-877F-B2F771C89119}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E94D53E7-D9C6-4128-9834-97ABB648FAFC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AF2E3568-12D6-48DE-8552-6DB44A0D56D8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5C8D1195-6401-4465-917C-970EE1802CE9}" => removed successfully
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0bf88ee0-12c9-11eb-878b-6045cb7226b1} => removed successfully
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cd80bf90-1831-11eb-878c-6045cb7226b1} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4F65E85A-DF52-42CE-BF80-0032F1A2CCE8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F65E85A-DF52-42CE-BF80-0032F1A2CCE8}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C0150820-0A64-42D2-BFD6-099868C9CFE9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0150820-0A64-42D2-BFD6-099868C9CFE9}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 145292870 B
Java, Flash, Steam htmlcache => 31996459 B
Windows/system/drivers => 12827271 B
Edge => 0 B
Chrome => 335679075 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 91956 B
NetworkService => 91956 B
akhav => 36846676 B

RecycleBin => 0 B
EmptyTemp: => 546.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:43:31 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119316
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zpomalené PC - Děkuji za pomoc

#11 Příspěvek od Rudy »

Někdy se to stane. Bylo smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
ave007
2. Stupeň Varování
Příspěvky: 219
Registrován: 17 srp 2012 12:28

Re: Zpomalené PC - Děkuji za pomoc

#12 Příspěvek od ave007 »

Řekl bych, že je to o něco lepší
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119316
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zpomalené PC - Děkuji za pomoc

#13 Příspěvek od Rudy »

Zkuste ještě defragmentovat disk.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
ave007
2. Stupeň Varování
Příspěvky: 219
Registrován: 17 srp 2012 12:28

Re: Zpomalené PC - Děkuji za pomoc

#14 Příspěvek od ave007 »

systémové SSD?
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119316
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zpomalené PC - Děkuji za pomoc

#15 Příspěvek od Rudy »

OK, takže nic. Defragmentujte tedy alespoň registry: https://www.stahuj.cz/utility_a_ostatni ... ry-defrag/ .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“