VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Zpomalené PC - Děkuji za pomoc

https://forum.viry.cz:443/viewtopic.php?t=157767

Stránka 1 z 2

Zpomalené PC - Děkuji za pomoc

Napsal: 08 led 2021 09:10
od ave007
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-01-2021
Ran by PC (administrator) on DESKTOP-3N07L5T (08-01-2021 09:07:09)
Running from D:\Users\akhav\Downloads
Loaded Profiles: PC
Platform: Windows 10 Home Version 1909 18363.1256 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Elaborate Bytes AG -> Elaborate Bytes AG) D:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <27>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(SatoshiLabs, s.r.o. -> ) C:\Program Files (x86)\TREZOR Bridge\trezord.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TEFINCOM S.A. -> ) D:\Program Files (x86)\NordVPN\nordvpn-service.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [175504 2020-11-02] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [97703592 2020-02-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [${_APP_NAME}] => D:\Program Files (x86)\WellWeWeb\CheVolume\CheVolume.exe
HKLM-x32\...\Run: [VirtualCloneDrive] => D:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [105280 2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32762440 2021-01-07] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\Run: [NordVPN] => D:\Program Files (x86)\NordVPN\NordVPN.exe [1844688 2020-05-28] (TEFINCOM S.A. -> NordVPN)
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3411232 2020-12-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\MountPoints2: {0bf88ee0-12c9-11eb-878b-6045cb7226b1} - "E:\setup.exe"
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\MountPoints2: {cd80bf90-1831-11eb-878c-6045cb7226b1} - "E:\setup.exe"
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-08] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CheVolume.lnk [2020-05-02]
ShortcutTarget: CheVolume.lnk -> D:\Program Files (x86)\WellWeWeb\CheVolume\CheVolume.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2020-12-18]
ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs, s.r.o. -> )

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06FFBEB6-4DA5-4F39-8F0B-AAB139E905DB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {20DBED21-5151-4335-B73D-6E1E821680B3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3EA66AC4-9D96-43DC-97F5-788DF6511AE1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {49A25387-5DAC-4927-AC0E-D5D68AAC24EB} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4D3D13E8-81F8-4F07-8BFD-3206DC7D4564} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {4F65E85A-DF52-42CE-BF80-0032F1A2CCE8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-02] (Google LLC -> Google LLC)
Task: {5484845F-D67B-45DE-B013-B04FCACAC304} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5C58382E-E9C8-4458-B7ED-000E3798642A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {615F0DB0-D123-46E1-B889-283DF4C212C5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {624D03F5-6285-491F-A14A-2A82FFB522B0} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {71F4B82E-7A79-41FC-B97D-EC8624FE1D81} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {807E8A7E-041A-45D2-A694-481FBC938881} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A20C42BE-424E-4A51-9705-CE9B6EF2F6AF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A323B995-E4EC-49D8-A1A0-438557D90EB3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {BC3ACC02-D5A0-4715-BE3D-911E40B63F9A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-30] (Adobe Inc. -> Adobe)
Task: {C0150820-0A64-42D2-BFD6-099868C9CFE9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-02] (Google LLC -> Google LLC)
Task: {CD4FAC08-D429-4EC7-950A-034FDBB90A5F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {CF85638D-3A8C-4401-A5F9-53A629A54AFF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D7F25BDC-65CF-449A-800A-15F263C5E640} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {DAF29880-C928-4D8C-B0AA-BE88F8068071} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {F3123CDC-9C8A-4A54-849A-4C141D73842C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F8D29B52-4B9F-49DA-B16F-444E97E63BB5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1532312 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4e133736-f63e-4bf6-b314-b6da0d61e04a}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{d5d71ac8-32bd-4498-9b9c-3912d527cda1}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{d5d71ac8-32bd-4498-9b9c-3912d527cda1}: [DhcpNameServer] 10.0.0.138

Edge:
======
Edge Profile: C:\Users\akhav\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-31]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default [2021-01-08]
CHR Extension: (Překladač Google) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-04-02]
CHR Extension: (Prezentace) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-02]
CHR Extension: (Dokumenty) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-02]
CHR Extension: (Disk Google) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2020-10-15]
CHR Extension: (YouTube) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-02]
CHR Extension: (Zeus - Degiro Portfolio Manager) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckgeffpapoiemciaenjgbelealaekgic [2020-12-16]
CHR Extension: (Tabulky) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-19]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-12-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-02]
CHR Extension: (Gmail) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-10]
CHR Profile: C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-01-02]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-05-20] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-11-02] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-11-02] (ESET, spol. s r.o. -> ESET)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
R2 nordvpn-service; D:\Program Files (x86)\NordVPN\nordvpn-service.exe [244176 2020-05-28] (TEFINCOM S.A. -> )
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2519864 2020-09-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3473216 2020-09-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12757520 2020-12-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 TwitchService; C:\Program Files\Common Files\Twitch\TwitchService.exe [334208 2020-07-11] (Twitch Interactive, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\NisSrv.exe [2169568 2020-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MsMpEng.exe [128376 2020-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AKSUP; C:\WINDOWS\system32\drivers\aksup.sys [44712 2017-08-03] (Aladdin Knowledge Systems Inc. -> Aladdin Knowledge Systems, Ltd.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [160992 2020-10-26] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109360 2020-10-26] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-09-16] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [190464 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43720 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70048 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107784 2020-10-26] (ESET, spol. s r.o. -> ESET)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2020-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2020-04-24] (TEFINCOM S.A. -> WireGuard LLC)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R3 VClone; C:\WINDOWS\System32\drivers\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [78216 2020-08-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [430320 2020-08-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [98520 2020-08-05] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-08 09:06 - 2021-01-08 09:07 - 000000000 ____D C:\FRST
2021-01-07 23:29 - 2021-01-07 23:29 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-01-07 23:28 - 2021-01-04 15:28 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-07 23:28 - 2021-01-04 15:28 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-07 23:28 - 2021-01-04 15:28 - 001454488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-01-07 23:28 - 2021-01-04 15:28 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-07 23:28 - 2021-01-04 15:28 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-07 23:28 - 2021-01-04 15:28 - 001193880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-01-07 23:28 - 2021-01-04 15:28 - 001094880 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-07 23:28 - 2021-01-04 15:28 - 001094880 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-07 23:28 - 2021-01-04 15:28 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-07 23:28 - 2021-01-04 15:28 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 002104216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 001589144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 001512856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 001165720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 000813976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 000680856 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 000673688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 000559000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 000548248 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-01-07 23:28 - 2021-01-04 15:25 - 008262552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-01-07 23:28 - 2021-01-04 15:25 - 007393176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-01-07 23:28 - 2021-01-04 15:25 - 004612504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-01-07 23:28 - 2021-01-04 15:25 - 002731928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-01-07 23:28 - 2021-01-04 15:25 - 001733016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6446109.dll
2021-01-07 23:28 - 2021-01-04 15:25 - 001492376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6446109.dll
2021-01-07 23:28 - 2021-01-04 15:23 - 006071032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-01-07 23:28 - 2020-12-31 15:03 - 000038640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2021-01-03 11:22 - 2021-01-03 11:22 - 000000000 ____D C:\Users\akhav\AppData\Roaming\Macromedia
2020-12-30 20:02 - 2020-12-30 20:02 - 000004608 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-12-30 20:01 - 2020-12-30 20:02 - 000000000 ____D C:\Users\akhav\AppData\Local\Adobe
2020-12-18 16:31 - 2021-01-07 17:55 - 000000000 ____D C:\Users\akhav\AppData\Roaming\TREZOR Bridge
2020-12-18 16:31 - 2020-12-18 16:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TREZOR Bridge
2020-12-18 16:31 - 2020-12-18 16:31 - 000000000 ____D C:\Program Files (x86)\TREZOR Bridge
2020-12-15 17:57 - 2020-12-15 17:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaTrader
2020-12-15 17:57 - 2020-12-15 17:57 - 000000000 ____D C:\Program Files\MetaTrader
2020-12-15 17:50 - 2020-12-15 17:57 - 000000000 ____D C:\Users\akhav\AppData\Roaming\MetaQuotes
2020-12-10 10:29 - 2020-12-10 10:29 - 002045952 _____ C:\WINDOWS\system32\rdpnano.dll
2020-12-10 10:29 - 2020-12-10 10:29 - 000171008 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2020-12-10 10:28 - 2020-12-10 10:28 - 001756600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-10 10:28 - 2020-12-10 10:28 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-10 10:28 - 2020-12-10 10:28 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-10 10:28 - 2020-12-10 10:28 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-10 10:28 - 2020-12-10 10:28 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-10 10:28 - 2020-12-10 10:28 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-10 10:28 - 2020-12-10 10:28 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth14.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth13.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-08 09:00 - 2020-07-26 20:50 - 000000000 ____D C:\Program Files (x86)\Steam
2021-01-08 08:59 - 2020-04-02 18:39 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-08 08:59 - 2020-04-02 17:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-08 00:28 - 2020-04-02 18:39 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-08 00:28 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-07 23:49 - 2020-04-02 18:40 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-07 23:49 - 2020-04-02 18:40 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-07 23:49 - 2020-04-02 18:38 - 000000000 ____D C:\WINDOWS\INF
2021-01-07 23:49 - 2020-04-02 17:56 - 001693704 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-07 23:45 - 2020-04-02 17:46 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-07 23:43 - 2020-04-09 10:01 - 000000000 ____D C:\Users\akhav\AppData\Local\SquirrelTemp
2021-01-07 23:43 - 2020-04-02 18:03 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-07 23:43 - 2020-04-02 17:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-07 23:42 - 2020-04-30 22:07 - 000000000 ____D C:\Users\akhav\AppData\Roaming\discord
2021-01-07 23:42 - 2020-04-02 18:36 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-07 23:42 - 2020-04-02 17:48 - 000000000 ____D C:\Users\akhav
2021-01-07 23:34 - 2020-09-18 18:39 - 000000000 ____D C:\Users\akhav\AppData\Local\CrashDumps
2021-01-07 23:28 - 2020-04-03 17:40 - 000000000 ____D C:\Users\akhav\AppData\Local\Battle.net
2021-01-07 23:21 - 2020-04-03 17:42 - 000000000 ____D C:\Program Files (x86)\Call of Duty Modern Warfare
2021-01-07 17:39 - 2020-04-02 17:59 - 000000000 ____D C:\Users\akhav\Desktop\Věci z plochy 2.4.20
2021-01-06 22:23 - 2020-04-02 17:54 - 000000000 ____D C:\Users\akhav\AppData\Local\Packages
2021-01-06 21:33 - 2020-04-03 17:38 - 000000000 ____D C:\Program Files (x86)\Battle.net
2021-01-04 15:26 - 2020-12-03 18:28 - 000657816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-01-04 15:23 - 2020-03-23 22:09 - 007115280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-12-31 15:03 - 2020-03-23 22:09 - 001682376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2020-12-31 15:03 - 2020-03-23 22:09 - 000135592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2020-12-31 15:03 - 2020-03-23 22:09 - 000060966 _____ C:\WINDOWS\system32\nvinfo.pb
2020-12-31 10:48 - 2020-04-02 17:46 - 005623272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-12-31 10:48 - 2020-04-02 17:46 - 002637800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2020-12-31 10:48 - 2020-04-02 17:46 - 001760232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2020-12-31 10:48 - 2020-04-02 17:46 - 000992232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2020-12-31 10:48 - 2020-04-02 17:46 - 000122344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2020-12-31 10:48 - 2020-04-02 17:46 - 000084456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2020-12-30 20:02 - 2020-04-02 18:40 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-12-30 20:02 - 2020-04-02 18:40 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-12-30 20:02 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-12-30 20:02 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-12-29 00:27 - 2020-04-02 17:46 - 009381947 _____ C:\WINDOWS\system32\nvcoproc.bin
2020-12-28 13:44 - 2020-04-02 19:17 - 000000000 ____D C:\Users\akhav\AppData\Roaming\BitLord
2020-12-28 13:42 - 2020-04-02 19:17 - 000000000 _____ C:\Users\akhav\AppData\Roaming\bitlord_log.txt
2020-12-28 10:59 - 2020-10-06 20:18 - 000001128 _____ C:\Users\akhav\Desktop\RebelBetting.lnk
2020-12-28 10:59 - 2020-08-15 18:16 - 000001878 _____ C:\Users\akhav\Desktop\YMS 3028 Gaming Mouse.lnk
2020-12-28 10:59 - 2020-04-30 22:07 - 000002237 _____ C:\Users\akhav\Desktop\Discord.lnk
2020-12-28 10:59 - 2020-04-02 19:16 - 000002100 _____ C:\Users\akhav\Desktop\BitLord.lnk
2020-12-26 14:58 - 2020-04-02 18:01 - 000000000 ____D C:\Users\akhav\Desktop\faktury
2020-12-25 18:39 - 2020-04-08 11:16 - 000000000 ____D C:\Program Files\Microsoft Office
2020-12-22 23:02 - 2020-04-02 17:57 - 000000000 ____D C:\Users\akhav\AppData\Local\PlaceholderTileLogoFolder
2020-12-19 12:10 - 2020-06-05 09:41 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-18 13:44 - 2020-04-03 08:21 - 000000000 ____D C:\Users\akhav\AppData\Local\D3DSCache
2020-12-17 19:59 - 2020-04-02 17:57 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4158704578-2855211266-1573636166-1001
2020-12-17 19:59 - 2020-04-02 17:55 - 000000000 ___RD C:\Users\akhav\OneDrive
2020-12-17 19:59 - 2020-04-02 17:48 - 000002365 _____ C:\Users\akhav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-10 13:20 - 2020-04-02 17:55 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-12-10 13:20 - 2020-04-02 17:55 - 000000000 ___RD C:\Users\akhav\3D Objects
2020-12-10 13:20 - 2020-04-02 17:45 - 000637560 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-10 10:30 - 2020-04-02 18:36 - 000000000 ____D C:\WINDOWS\CbsTemp

==================== Files in the root of some directories ========

2020-04-02 19:17 - 2020-12-28 13:42 - 000000000 _____ () C:\Users\akhav\AppData\Roaming\bitlord_log.txt
2020-10-12 23:30 - 2020-10-12 23:30 - 000000218 _____ () C:\Users\akhav\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: Zpomalené PC - Děkuji za pomoc

Napsal: 08 led 2021 09:11
od ave007
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-01-2021
Ran by PC (08-01-2021 09:07:55)
Running from D:\Users\akhav\Downloads
Windows 10 Home Version 1909 18363.1256 (X64) (2020-04-02 16:54:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4158704578-2855211266-1573636166-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4158704578-2855211266-1573636166-503 - Limited - Disabled)
Guest (S-1-5-21-4158704578-2855211266-1573636166-501 - Limited - Disabled)
PC (S-1-5-21-4158704578-2855211266-1573636166-1001 - Administrator - Enabled) => C:\Users\akhav
WDAGUtilityAccount (S-1-5-21-4158704578-2855211266-1573636166-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{C788AE25-3D4E-4D18-811B-3219F778487E}) (Version: 13.5.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitLord 2.2 (HKLM-x32\...\BitLord) (Version: 2.2.1-151 - House of Life)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
DesktopOK (HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\DesktopOK) (Version: - hxxp://www.softwareok.com/)
Discord (HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
eFootball PES 2021 (HKLM-x32\...\{0A896ED2-FA9C-44BE-875F-559CE4C8780E}_is1) (Version: - KONAMI)
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Security (HKLM\...\{4DC9121F-BA9A-4A87-A6CA-E53B4FBACB5A}) (Version: 14.0.22.0 - ESET, spol. s r.o.)
Forza Horizon 4 Ultimate Edition MULTi16 - ElAmigos verze 1.332.904.2 (HKLM-x32\...\{236DFCEC-29C2-4C1B-8598-32308D2B7BAB}_is1) (Version: 1.332.904.2 - Microsoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 6.4.2.2 (HKLM\...\{366B3DEE-791D-4044-AC14-4FE2265754BA}) (Version: 6.4.2.2 - The Document Foundation)
MetaTrader (HKLM\...\MetaTrader) (Version: 5.00 - MetaQuotes Software Corp.)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
NordVPN (HKLM-x32\...\{11709A5F-F32B-4D68-855A-BDD011BFE57E}) (Version: 6.30.8 - NordVPN) Hidden
NordVPN (HKLM-x32\...\NordVPN 6.30.8) (Version: 6.30.8 - NordVPN)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{77DA107A-7AE4-497D-A84A-B143C3A21676}) (Version: 1.0.0 - NordVPN)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.09 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.84.43868 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 461.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 461.09 - NVIDIA Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{11C4575B-4B32-44D2-A097-D59A00BA60DE}) (Version: 8.5 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{D39B163A-9E12-442C-95E9-33FA5746AB21}) (Version: 8.5 - Apple Inc.)
RebelBetting 6.24 (HKLM-x32\...\RebelBetting) (Version: 6.24 - Clarobet AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.22.3 - General Workings, Inc.)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.4461 - Microsoft Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.13.6 - TeamViewer)
Twitch Studio (HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF372B0}) (Version: 8.0.0 - Twitch Interactive, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.2.0 - Elaborate Bytes)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
YMS 3028 Gaming Mouse v1.1.0 (HKLM-x32\...\{A7642A36-CB25-429B-8D9A-C13AFD75BA45}_is1) (Version: - )

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.1.17.0_x86__kgqvnymyfvs32 [2020-12-18] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.49.2.0_x86__kgqvnymyfvs32 [2020-12-15] (king.com)
Forza Horizon 4 -> D:\Games\Forza Horizon 4 Ultimate Edition\Fh4 [2020-10-29] (Microsoft Studios)
Forza Horizon 4 Fortune Island -> D:\Games\Forza Horizon 4 Ultimate Edition\FH4_FortuneIsland [2020-10-29] (Microsoft Studios)
Forza Horizon 4 LEGO Speed Champions -> D:\Games\Forza Horizon 4 Ultimate Edition\FH4_Lego [2020-10-29] (Microsoft Studios)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.2.0_neutral__8xx8rvfyw5nnt [2020-12-21] (Instagram)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.8.12113.0_x64__8wekyb3d8bbwe [2021-01-08] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0 [2020-12-11] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-02] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => D:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-02] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => D:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-02] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-04-03 08:20 - 2020-04-03 08:20 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-04-03 08:20 - 2020-04-03 08:20 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-04-03 08:20 - 2020-04-03 08:20 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-10-19 19:25 - 2020-04-03 08:20 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-10-19 19:25 - 2020-04-03 08:20 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-10-19 19:25 - 2020-04-03 08:20 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-10-19 19:25 - 2020-04-03 08:20 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-10-19 19:25 - 2020-04-03 08:20 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-10-19 19:25 - 2020-04-03 08:20 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\sharepoint.com -> hxxps://dsfgvx-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-04-02 18:39 - 2020-04-02 18:38 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "CheVolume.lnk"
HKLM\...\StartupApproved\Run32: => "${_APP_NAME}"
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\StartupApproved\Run: => "NordVPN"
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{B4742DD2-ED98-4E28-9793-F1B4C6F75583}C:\program files (x86)\origin games\fifa 20\fifa20.exe] => (Allow) C:\program files (x86)\origin games\fifa 20\fifa20.exe => No File
FirewallRules: [UDP Query User{EFDB17F7-1345-4A53-B769-DF790D7E8CA8}C:\program files (x86)\origin games\fifa 20\fifa20.exe] => (Allow) C:\program files (x86)\origin games\fifa 20\fifa20.exe => No File
FirewallRules: [TCP Query User{84BAF821-77EA-4DC6-BC34-20A71B5DFAD3}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{941E9434-644E-4BF5-A6B6-C25EB5069E7E}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{6C231794-4346-46CD-B931-60F4A86B1EE0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E371B97D-DE76-4E58-848D-BA0B4909AB02}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E89C72EB-899A-4596-BADA-FBCF8EB17D37}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C8BE1F0A-52BE-4F95-857F-9FB560BADEC0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{46A05C56-3EC3-415A-8662-ED7635FAC766}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F7B7C4A1-3B04-45BB-AADF-631BC1426599}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{839005A5-42C9-49D4-877F-B2F771C89119}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 20\FIFASetup\fifaconfig.exe => No File
FirewallRules: [{E94D53E7-D9C6-4128-9834-97ABB648FAFC}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 20\FIFASetup\fifaconfig.exe => No File
FirewallRules: [{A09848DA-97BA-4E81-8DBB-0ACFBA5739C1}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5126286D-8AC8-4BAA-9F18-AFA1BD074AEC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{53739D78-0B3E-4AA2-8094-E04A426A2368}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CD0913A7-F5E8-4446-8520-CD3186146364}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1198F07B-504F-4C74-83D1-C4EF022A6C00}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{4EC302A6-4D7A-4D7A-9169-C4C8BDDB23A3}C:\program files\streamlabs obs\streamlabs obs.exe] => (Allow) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [UDP Query User{5C49E810-1660-49FC-BCD8-247F0A3BF41B}C:\program files\streamlabs obs\streamlabs obs.exe] => (Allow) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [{FF565594-CF64-4BC0-AB98-DFA9E29F75BB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{36708DDA-36DE-41B0-9C70-30BD04673301}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F7D28456-7EED-4BFA-8687-B5E4660A524C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{626D3102-DCCC-429A-B41B-19EFD246E19E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{734E2961-DF5F-400A-9432-59BCEFC2A139}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{FEA5534B-F25C-4CD0-A827-491A7A413E9E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{1CF2829E-4F3C-4C13-BBB5-79929A019EA3}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{E52E3F14-6590-46F3-928A-058D658CC173}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{AF2E3568-12D6-48DE-8552-6DB44A0D56D8}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll => No File
FirewallRules: [{5C8D1195-6401-4465-917C-970EE1802CE9}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll => No File
FirewallRules: [{331BA46D-A71F-48ED-9147-4D21B055B329}] => (Allow) D:\CSko\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
FirewallRules: [{95C2FF12-EB41-4F96-BB13-ED7C2D53165D}] => (Allow) D:\CSko\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
FirewallRules: [TCP Query User{95E08894-693B-4DF4-A635-C1DDB5BE13E7}C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe] => (Allow) C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe (House of Life) [File not signed]
FirewallRules: [UDP Query User{02DA0BFF-3B75-4B7A-9A8D-6CEBA6E0938B}C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe] => (Allow) C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe (House of Life) [File not signed]
FirewallRules: [{CC875B89-4E59-43F5-AE90-84A09EFC47C5}] => (Block) C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe (House of Life) [File not signed]
FirewallRules: [{B72D122D-B33B-4144-8DF5-87519D80C496}] => (Block) C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe (House of Life) [File not signed]
FirewallRules: [{7328F064-77F3-433C-9F53-9BE5B4886B92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\launcher.exe (2K Games) [File not signed]
FirewallRules: [{0294A0BA-5A0E-4221-BD5F-ACCDC3D7E4E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\launcher.exe (2K Games) [File not signed]
FirewallRules: [TCP Query User{55873549-E966-4CD4-AABC-CA589E02A0DD}D:\tennis\tennis.world.tour.2\tennis.world.tour.2\twt2.exe] => (Allow) D:\tennis\tennis.world.tour.2\tennis.world.tour.2\twt2.exe () [File not signed]
FirewallRules: [UDP Query User{36020790-DD8B-4D7E-AE1E-B5565FDA5467}D:\tennis\tennis.world.tour.2\tennis.world.tour.2\twt2.exe] => (Allow) D:\tennis\tennis.world.tour.2\tennis.world.tour.2\twt2.exe () [File not signed]
FirewallRules: [TCP Query User{343DEEFB-9DE3-4A0F-83FF-EBD8188303CD}D:\program files (x86)\efootball pes 2021\pes2021.exe] => (Allow) D:\program files (x86)\efootball pes 2021\pes2021.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [UDP Query User{F40EC23D-CCD6-4973-99E5-F65E8DE0E3BF}D:\program files (x86)\efootball pes 2021\pes2021.exe] => (Allow) D:\program files (x86)\efootball pes 2021\pes2021.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{6869FAB5-F8A7-482E-817E-93BA0ABDF47D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{349D715A-51C3-4A8A-9C05-85750BEB0F71}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3F8C6D21-5A0F-4458-A9EB-6CA9ACE0A83D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{788A08E3-F5EF-468A-8703-E3DDF6F959E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CF8585C3-9365-4A06-9B07-B79DEC0E20CF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1DBCCDA3-C53D-4DBF-94F2-91BE9230B0D4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{4A42693F-533E-4638-BAEB-63E378198B73}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{366FACD9-214E-43A4-8EC8-3BD8A5095544}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{21DD647D-D364-47FB-9857-73ACE5917BBB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{405B4F2D-ADE6-4F11-B30C-78FDFD3A1D69}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{456A3B40-1E87-47C6-AAB6-5D8535F7A4CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{27D3E6D6-FDF7-4A42-94B4-2AD629D7C1BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F248FE6E-9AB0-4032-AB71-CBED9EFB1D0F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F8DBE8BB-9E76-469E-898F-C9B1AA174DD5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FC7A1675-40E4-4DC7-97A3-028DC3653CB3}] => (Allow) C:\Program Files\MetaTrader\metatester64.exe (MetaQuotes Ltd. -> MetaQuotes Software Corp.)
FirewallRules: [{D86D2996-2471-4242-A3F6-46F5FBAD99D0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1ADD04F4-5E1E-48DA-91BE-082BE8D6CE36}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D97AA5E0-AEEF-46AB-A3B7-25100AC820BF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CB3F74D8-1B3F-4829-BA4D-FAEA8E995ADF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3FEC57F5-386A-48F2-BD84-4CFAD60B1AF6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E5893AEC-FFF3-43B5-875E-06E1A871854D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6A03C760-EA9C-460C-8869-B378E0A74D5A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0685F193-87DA-4F53-A9C2-C39D371BA215}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

01-01-2021 13:42:24 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: DAEMON Tools Ultra Virtual USB Bus
Description: DAEMON Tools Ultra Virtual USB Bus
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Disc Soft Ltd
Service: dtultrausbbus
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: DAEMON Tools Ultra Virtual SCSI Bus
Description: DAEMON Tools Ultra Virtual SCSI Bus
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Disc Soft Ltd
Service: dtultrascsibus
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/08/2021 08:39:06 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6432,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/08/2021 12:33:28 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9352,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/08/2021 12:18:07 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6820,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/08/2021 12:08:20 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12348,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/08/2021 12:01:23 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5212,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/07/2021 11:50:17 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3128,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/07/2021 11:34:51 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (20652,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/07/2021 11:34:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: EpicGamesLauncher.exe, verze: 12.0.0.0, časové razítko: 0x5ff5f101
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.18362.1237, časové razítko: 0x71e81044
Kód výjimky: 0xc000041d
Posun chyby: 0x0000000000043b29
ID chybujícího procesu: 0x51a0
Čas spuštění chybující aplikace: 0x01d6e517363a0511
Cesta k chybující aplikaci: C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 61c74d16-5749-4737-9cd9-a67b965c5b37
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (01/08/2021 06:13:02 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3N07L5T)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/08/2021 12:13:05 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3N07L5T)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/07/2021 11:44:42 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3N07L5T)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/07/2021 11:43:21 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3N07L5T)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/07/2021 11:42:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba nordvpn-service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (01/07/2021 11:29:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (01/07/2021 11:29:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.

Error: (01/07/2021 06:12:34 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3N07L5T)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2020-08-13 23:55:29.230
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {A73FAA1C-A140-4B3D-B11C-0AFDC064BE1C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-08-13 23:09:55.203
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D707B9AF-00DD-4725-835D-0CB28B2D207D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-07-03 22:18:29.702
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {8DB71C9B-37FF-4450-82AE-1EAAD1AEDDB3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===================================

Date: 2021-01-08 09:08:11.072
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-08 09:08:11.070
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-08 09:05:18.702
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-08 09:05:18.701
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-08 09:05:16.502
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-08 09:05:16.501
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-08 09:05:16.094
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-08 09:05:16.093
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1205 05/11/2018
Motherboard: ASUSTeK COMPUTER INC. STRIX B250G GAMING
Processor: Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz
Percentage of memory in use: 31%
Total physical RAM: 16329.22 MB
Available physical RAM: 11211.55 MB
Total Virtual: 27081.22 MB
Available Virtual: 19316.76 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.51 GB) (Free:28 GB) NTFS
Drive d: (DATA) (Fixed) (Total:1862.89 GB) (Free:1245.16 GB) NTFS

\\?\Volume{fd269f6a-201e-495f-82c3-31117159c66e}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
\\?\Volume{d229db94-1e56-4b34-942c-c1c3774d32cb}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{1cb4cf22-7f5d-4701-9a31-d6d669e5103a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Zpomalené PC - Děkuji za pomoc

Napsal: 08 led 2021 10:37
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Zpomalené PC - Děkuji za pomoc

Napsal: 08 led 2021 11:49
od ave007
# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2021-01-06.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-08-2021
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 4
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{95E08894-693B-4DF4-A635-C1DDB5BE13E7}C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{02DA0BFF-3B75-4B7A-9A8D-6CEBA6E0938B}C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B72D122D-B33B-4144-8DF5-87519D80C496}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{CC875B89-4E59-43F5-AE90-84A09EFC47C5}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2168 octets] - [08/01/2021 11:46:23]
AdwCleaner[S01].txt - [2229 octets] - [08/01/2021 11:47:07]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Re: Zpomalené PC - Děkuji za pomoc

Napsal: 08 led 2021 14:19
od Rudy
Dejte nové logy FRST+Addition.

Re: Zpomalené PC - Děkuji za pomoc

Napsal: 09 led 2021 10:50
od ave007
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-01-2021
Ran by PC (administrator) on DESKTOP-3N07L5T (09-01-2021 10:48:32)
Running from D:\Users\akhav\Downloads
Loaded Profiles: PC
Platform: Windows 10 Home Version 1909 18363.1256 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Elaborate Bytes AG -> Elaborate Bytes AG) D:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(SatoshiLabs, s.r.o. -> ) C:\Program Files (x86)\TREZOR Bridge\trezord.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TEFINCOM S.A. -> ) D:\Program Files (x86)\NordVPN\nordvpn-service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [175504 2020-11-02] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [97703592 2020-02-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [${_APP_NAME}] => D:\Program Files (x86)\WellWeWeb\CheVolume\CheVolume.exe
HKLM-x32\...\Run: [VirtualCloneDrive] => D:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [105280 2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32762440 2021-01-07] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\Run: [NordVPN] => D:\Program Files (x86)\NordVPN\NordVPN.exe [1844688 2020-05-28] (TEFINCOM S.A. -> NordVPN)
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3411232 2020-12-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\MountPoints2: {0bf88ee0-12c9-11eb-878b-6045cb7226b1} - "E:\setup.exe"
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\MountPoints2: {cd80bf90-1831-11eb-878c-6045cb7226b1} - "E:\setup.exe"
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-08] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CheVolume.lnk [2020-05-02]
ShortcutTarget: CheVolume.lnk -> D:\Program Files (x86)\WellWeWeb\CheVolume\CheVolume.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2020-12-18]
ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs, s.r.o. -> )

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06FFBEB6-4DA5-4F39-8F0B-AAB139E905DB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {20DBED21-5151-4335-B73D-6E1E821680B3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3EA66AC4-9D96-43DC-97F5-788DF6511AE1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {49A25387-5DAC-4927-AC0E-D5D68AAC24EB} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4D3D13E8-81F8-4F07-8BFD-3206DC7D4564} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {4F65E85A-DF52-42CE-BF80-0032F1A2CCE8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-02] (Google LLC -> Google LLC)
Task: {5484845F-D67B-45DE-B013-B04FCACAC304} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5C58382E-E9C8-4458-B7ED-000E3798642A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {615F0DB0-D123-46E1-B889-283DF4C212C5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {624D03F5-6285-491F-A14A-2A82FFB522B0} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {71F4B82E-7A79-41FC-B97D-EC8624FE1D81} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {807E8A7E-041A-45D2-A694-481FBC938881} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A20C42BE-424E-4A51-9705-CE9B6EF2F6AF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A323B995-E4EC-49D8-A1A0-438557D90EB3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {BC3ACC02-D5A0-4715-BE3D-911E40B63F9A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-30] (Adobe Inc. -> Adobe)
Task: {C0150820-0A64-42D2-BFD6-099868C9CFE9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-02] (Google LLC -> Google LLC)
Task: {CD4FAC08-D429-4EC7-950A-034FDBB90A5F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {CF85638D-3A8C-4401-A5F9-53A629A54AFF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D7F25BDC-65CF-449A-800A-15F263C5E640} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {DAF29880-C928-4D8C-B0AA-BE88F8068071} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {F3123CDC-9C8A-4A54-849A-4C141D73842C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F8D29B52-4B9F-49DA-B16F-444E97E63BB5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1532312 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4e133736-f63e-4bf6-b314-b6da0d61e04a}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{80b3939f-55ee-4601-9bcf-5152596a2137}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{d5d71ac8-32bd-4498-9b9c-3912d527cda1}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{d5d71ac8-32bd-4498-9b9c-3912d527cda1}: [DhcpNameServer] 10.0.0.138

Edge:
======
Edge Profile: C:\Users\akhav\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-31]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default [2021-01-09]
CHR Extension: (Překladač Google) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-04-02]
CHR Extension: (Prezentace) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-02]
CHR Extension: (Dokumenty) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-02]
CHR Extension: (Disk Google) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2020-10-15]
CHR Extension: (YouTube) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-02]
CHR Extension: (Zeus - Degiro Portfolio Manager) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckgeffpapoiemciaenjgbelealaekgic [2020-12-16]
CHR Extension: (Tabulky) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-19]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-12-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-02]
CHR Extension: (Gmail) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-10]
CHR Profile: C:\Users\akhav\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-01-02]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-05-20] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-11-02] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-11-02] (ESET, spol. s r.o. -> ESET)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-08] (Malwarebytes Inc -> Malwarebytes)
R2 nordvpn-service; D:\Program Files (x86)\NordVPN\nordvpn-service.exe [244176 2020-05-28] (TEFINCOM S.A. -> )
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2519864 2020-09-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3473216 2020-09-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12757520 2020-12-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 TwitchService; C:\Program Files\Common Files\Twitch\TwitchService.exe [334208 2020-07-11] (Twitch Interactive, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\NisSrv.exe [2169568 2020-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MsMpEng.exe [128376 2020-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AKSUP; C:\WINDOWS\system32\drivers\aksup.sys [44712 2017-08-03] (Aladdin Knowledge Systems Inc. -> Aladdin Knowledge Systems, Ltd.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [160992 2020-10-26] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109360 2020-10-26] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-09-16] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [190464 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43720 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70048 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107784 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-01-08] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2021-01-08] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197792 2021-01-08] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-01-08] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2021-01-08] (Malwarebytes Inc -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2020-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2020-04-24] (TEFINCOM S.A. -> WireGuard LLC)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R3 VClone; C:\WINDOWS\System32\drivers\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [78216 2020-08-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [430320 2020-08-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [98520 2020-08-05] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-08 17:11 - 2021-01-08 17:20 - 000000107 _____ C:\Users\akhav\Desktop\Nový textový dokument.txt
2021-01-08 11:48 - 2021-01-08 11:48 - 000197792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-01-08 11:48 - 2021-01-08 11:48 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-01-08 11:45 - 2021-01-08 11:47 - 000000000 ____D C:\AdwCleaner
2021-01-08 11:29 - 2021-01-08 11:29 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-01-08 11:29 - 2021-01-08 11:29 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-01-08 11:29 - 2021-01-08 11:29 - 000000000 ____D C:\Users\akhav\AppData\Local\mbam
2021-01-08 11:28 - 2021-01-08 11:28 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-01-08 11:28 - 2021-01-08 11:28 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-01-08 11:28 - 2021-01-08 11:28 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-01-08 11:28 - 2021-01-08 11:28 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-01-08 11:28 - 2021-01-08 11:28 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-01-08 11:28 - 2021-01-08 11:28 - 000000000 ____D C:\Program Files\Malwarebytes
2021-01-08 09:06 - 2021-01-09 10:48 - 000000000 ____D C:\FRST
2021-01-07 23:29 - 2021-01-07 23:29 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-01-07 23:28 - 2021-01-04 15:28 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-07 23:28 - 2021-01-04 15:28 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-07 23:28 - 2021-01-04 15:28 - 001454488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-01-07 23:28 - 2021-01-04 15:28 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-07 23:28 - 2021-01-04 15:28 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-07 23:28 - 2021-01-04 15:28 - 001193880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-01-07 23:28 - 2021-01-04 15:28 - 001094880 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-07 23:28 - 2021-01-04 15:28 - 001094880 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-07 23:28 - 2021-01-04 15:28 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-07 23:28 - 2021-01-04 15:28 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 002104216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 001589144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 001512856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 001165720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 000813976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 000680856 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 000673688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 000559000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-01-07 23:28 - 2021-01-04 15:26 - 000548248 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-01-07 23:28 - 2021-01-04 15:25 - 008262552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-01-07 23:28 - 2021-01-04 15:25 - 007393176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-01-07 23:28 - 2021-01-04 15:25 - 004612504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-01-07 23:28 - 2021-01-04 15:25 - 002731928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-01-07 23:28 - 2021-01-04 15:25 - 001733016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6446109.dll
2021-01-07 23:28 - 2021-01-04 15:25 - 001492376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6446109.dll
2021-01-07 23:28 - 2021-01-04 15:23 - 006071032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-01-07 23:28 - 2020-12-31 15:03 - 000038640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2021-01-03 11:22 - 2021-01-03 11:22 - 000000000 ____D C:\Users\akhav\AppData\Roaming\Macromedia
2020-12-30 20:02 - 2020-12-30 20:02 - 000004608 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-12-30 20:01 - 2020-12-30 20:02 - 000000000 ____D C:\Users\akhav\AppData\Local\Adobe
2020-12-18 16:31 - 2021-01-08 17:20 - 000000000 ____D C:\Users\akhav\AppData\Roaming\TREZOR Bridge
2020-12-18 16:31 - 2020-12-18 16:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TREZOR Bridge
2020-12-18 16:31 - 2020-12-18 16:31 - 000000000 ____D C:\Program Files (x86)\TREZOR Bridge
2020-12-15 17:57 - 2020-12-15 17:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaTrader
2020-12-15 17:57 - 2020-12-15 17:57 - 000000000 ____D C:\Program Files\MetaTrader
2020-12-15 17:50 - 2020-12-15 17:57 - 000000000 ____D C:\Users\akhav\AppData\Roaming\MetaQuotes
2020-12-10 10:29 - 2020-12-10 10:29 - 002045952 _____ C:\WINDOWS\system32\rdpnano.dll
2020-12-10 10:29 - 2020-12-10 10:29 - 000171008 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2020-12-10 10:28 - 2020-12-10 10:28 - 001756600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-10 10:28 - 2020-12-10 10:28 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-10 10:28 - 2020-12-10 10:28 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-10 10:28 - 2020-12-10 10:28 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-10 10:28 - 2020-12-10 10:28 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-10 10:28 - 2020-12-10 10:28 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-10 10:28 - 2020-12-10 10:28 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth14.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth13.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-12-10 10:28 - 2020-12-10 10:28 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-09 10:45 - 2020-04-02 18:39 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-09 10:45 - 2020-04-02 17:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-08 21:25 - 2020-04-02 18:38 - 000000000 ____D C:\WINDOWS\INF
2021-01-08 19:45 - 2020-04-02 17:46 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-08 19:43 - 2020-04-09 10:01 - 000000000 ____D C:\Users\akhav\AppData\Local\SquirrelTemp
2021-01-08 15:34 - 2020-04-02 17:59 - 000000000 ____D C:\Users\akhav\Desktop\Věci z plochy 2.4.20
2021-01-08 12:30 - 2020-10-06 20:18 - 000001128 _____ C:\Users\akhav\Desktop\RebelBetting.lnk
2021-01-08 12:30 - 2020-08-15 18:16 - 000001878 _____ C:\Users\akhav\Desktop\YMS 3028 Gaming Mouse.lnk
2021-01-08 12:30 - 2020-04-30 22:07 - 000002237 _____ C:\Users\akhav\Desktop\Discord.lnk
2021-01-08 12:30 - 2020-04-02 19:16 - 000002100 _____ C:\Users\akhav\Desktop\BitLord.lnk
2021-01-08 11:54 - 2020-04-02 18:40 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-08 11:54 - 2020-04-02 18:40 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-08 11:54 - 2020-04-02 17:56 - 001693704 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-08 11:48 - 2020-04-02 18:03 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-08 11:48 - 2020-04-02 17:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-08 11:47 - 2020-04-02 18:36 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-08 11:28 - 2020-04-02 18:39 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-08 09:00 - 2020-07-26 20:50 - 000000000 ____D C:\Program Files (x86)\Steam
2021-01-08 00:28 - 2020-04-02 18:39 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-08 00:28 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-07 23:42 - 2020-04-30 22:07 - 000000000 ____D C:\Users\akhav\AppData\Roaming\discord
2021-01-07 23:42 - 2020-04-02 17:48 - 000000000 ____D C:\Users\akhav
2021-01-07 23:34 - 2020-09-18 18:39 - 000000000 ____D C:\Users\akhav\AppData\Local\CrashDumps
2021-01-07 23:28 - 2020-04-03 17:40 - 000000000 ____D C:\Users\akhav\AppData\Local\Battle.net
2021-01-07 23:21 - 2020-04-03 17:42 - 000000000 ____D C:\Program Files (x86)\Call of Duty Modern Warfare
2021-01-06 22:23 - 2020-04-02 17:54 - 000000000 ____D C:\Users\akhav\AppData\Local\Packages
2021-01-06 21:33 - 2020-04-03 17:38 - 000000000 ____D C:\Program Files (x86)\Battle.net
2021-01-04 15:26 - 2020-12-03 18:28 - 000657816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-01-04 15:23 - 2020-03-23 22:09 - 007115280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-12-31 15:03 - 2020-03-23 22:09 - 001682376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2020-12-31 15:03 - 2020-03-23 22:09 - 000135592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2020-12-31 15:03 - 2020-03-23 22:09 - 000060966 _____ C:\WINDOWS\system32\nvinfo.pb
2020-12-31 10:48 - 2020-04-02 17:46 - 005623272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-12-31 10:48 - 2020-04-02 17:46 - 002637800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2020-12-31 10:48 - 2020-04-02 17:46 - 001760232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2020-12-31 10:48 - 2020-04-02 17:46 - 000992232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2020-12-31 10:48 - 2020-04-02 17:46 - 000122344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2020-12-31 10:48 - 2020-04-02 17:46 - 000084456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2020-12-30 20:02 - 2020-04-02 18:40 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-12-30 20:02 - 2020-04-02 18:40 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-12-30 20:02 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-12-30 20:02 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-12-29 00:27 - 2020-04-02 17:46 - 009381947 _____ C:\WINDOWS\system32\nvcoproc.bin
2020-12-28 13:44 - 2020-04-02 19:17 - 000000000 ____D C:\Users\akhav\AppData\Roaming\BitLord
2020-12-28 13:42 - 2020-04-02 19:17 - 000000000 _____ C:\Users\akhav\AppData\Roaming\bitlord_log.txt
2020-12-26 14:58 - 2020-04-02 18:01 - 000000000 ____D C:\Users\akhav\Desktop\faktury
2020-12-25 18:39 - 2020-04-08 11:16 - 000000000 ____D C:\Program Files\Microsoft Office
2020-12-22 23:02 - 2020-04-02 17:57 - 000000000 ____D C:\Users\akhav\AppData\Local\PlaceholderTileLogoFolder
2020-12-19 12:10 - 2020-06-05 09:41 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-18 13:44 - 2020-04-03 08:21 - 000000000 ____D C:\Users\akhav\AppData\Local\D3DSCache
2020-12-17 19:59 - 2020-04-02 17:57 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4158704578-2855211266-1573636166-1001
2020-12-17 19:59 - 2020-04-02 17:55 - 000000000 ___RD C:\Users\akhav\OneDrive
2020-12-17 19:59 - 2020-04-02 17:48 - 000002365 _____ C:\Users\akhav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-10 13:20 - 2020-04-02 17:55 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-12-10 13:20 - 2020-04-02 17:55 - 000000000 ___RD C:\Users\akhav\3D Objects
2020-12-10 13:20 - 2020-04-02 17:45 - 000637560 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-10 13:19 - 2020-04-02 18:39 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-10 10:30 - 2020-04-02 18:36 - 000000000 ____D C:\WINDOWS\CbsTemp

==================== Files in the root of some directories ========

2020-04-02 19:17 - 2020-12-28 13:42 - 000000000 _____ () C:\Users\akhav\AppData\Roaming\bitlord_log.txt
2020-10-12 23:30 - 2020-10-12 23:30 - 000000218 _____ () C:\Users\akhav\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: Zpomalené PC - Děkuji za pomoc

Napsal: 09 led 2021 10:51
od ave007
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-01-2021
Ran by PC (09-01-2021 10:49:20)
Running from D:\Users\akhav\Downloads
Windows 10 Home Version 1909 18363.1256 (X64) (2020-04-02 16:54:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4158704578-2855211266-1573636166-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4158704578-2855211266-1573636166-503 - Limited - Disabled)
Guest (S-1-5-21-4158704578-2855211266-1573636166-501 - Limited - Disabled)
PC (S-1-5-21-4158704578-2855211266-1573636166-1001 - Administrator - Enabled) => C:\Users\akhav
WDAGUtilityAccount (S-1-5-21-4158704578-2855211266-1573636166-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{C788AE25-3D4E-4D18-811B-3219F778487E}) (Version: 13.5.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitLord 2.2 (HKLM-x32\...\BitLord) (Version: 2.2.1-151 - House of Life)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
DesktopOK (HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\DesktopOK) (Version: - hxxp://www.softwareok.com/)
Discord (HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
eFootball PES 2021 (HKLM-x32\...\{0A896ED2-FA9C-44BE-875F-559CE4C8780E}_is1) (Version: - KONAMI)
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Security (HKLM\...\{4DC9121F-BA9A-4A87-A6CA-E53B4FBACB5A}) (Version: 14.0.22.0 - ESET, spol. s r.o.)
Forza Horizon 4 Ultimate Edition MULTi16 - ElAmigos verze 1.332.904.2 (HKLM-x32\...\{236DFCEC-29C2-4C1B-8598-32308D2B7BAB}_is1) (Version: 1.332.904.2 - Microsoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 6.4.2.2 (HKLM\...\{366B3DEE-791D-4044-AC14-4FE2265754BA}) (Version: 6.4.2.2 - The Document Foundation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
MetaTrader (HKLM\...\MetaTrader) (Version: 5.00 - MetaQuotes Software Corp.)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
NordVPN (HKLM-x32\...\{11709A5F-F32B-4D68-855A-BDD011BFE57E}) (Version: 6.30.8 - NordVPN) Hidden
NordVPN (HKLM-x32\...\NordVPN 6.30.8) (Version: 6.30.8 - NordVPN)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{77DA107A-7AE4-497D-A84A-B143C3A21676}) (Version: 1.0.0 - NordVPN)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.09 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.84.43868 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 461.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 461.09 - NVIDIA Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{11C4575B-4B32-44D2-A097-D59A00BA60DE}) (Version: 8.5 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{D39B163A-9E12-442C-95E9-33FA5746AB21}) (Version: 8.5 - Apple Inc.)
RebelBetting 6.24 (HKLM-x32\...\RebelBetting) (Version: 6.24 - Clarobet AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.22.3 - General Workings, Inc.)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.4461 - Microsoft Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.13.6 - TeamViewer)
Twitch Studio (HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF372B0}) (Version: 8.0.0 - Twitch Interactive, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.2.0 - Elaborate Bytes)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
YMS 3028 Gaming Mouse v1.1.0 (HKLM-x32\...\{A7642A36-CB25-429B-8D9A-C13AFD75BA45}_is1) (Version: - )

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.1.17.0_x86__kgqvnymyfvs32 [2020-12-18] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.49.2.0_x86__kgqvnymyfvs32 [2020-12-15] (king.com)
Forza Horizon 4 -> D:\Games\Forza Horizon 4 Ultimate Edition\Fh4 [2020-10-29] (Microsoft Studios)
Forza Horizon 4 Fortune Island -> D:\Games\Forza Horizon 4 Ultimate Edition\FH4_FortuneIsland [2020-10-29] (Microsoft Studios)
Forza Horizon 4 LEGO Speed Champions -> D:\Games\Forza Horizon 4 Ultimate Edition\FH4_Lego [2020-10-29] (Microsoft Studios)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.2.0_neutral__8xx8rvfyw5nnt [2020-12-21] (Instagram)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.8.12113.0_x64__8wekyb3d8bbwe [2021-01-08] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0 [2020-12-11] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-02] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => D:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-02] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => D:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-08] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-02] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-08] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-04-03 08:20 - 2020-04-03 08:20 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-04-03 08:20 - 2020-04-03 08:20 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-04-03 08:20 - 2020-04-03 08:20 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-10-19 19:25 - 2020-04-03 08:20 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-10-19 19:25 - 2020-04-03 08:20 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-10-19 19:25 - 2020-04-03 08:20 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-10-19 19:25 - 2020-04-03 08:20 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-10-19 19:25 - 2020-04-03 08:20 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-10-19 19:25 - 2020-04-03 08:20 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\sharepoint.com -> hxxps://dsfgvx-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-04-02 18:39 - 2020-04-02 18:38 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "CheVolume.lnk"
HKLM\...\StartupApproved\Run32: => "${_APP_NAME}"
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\StartupApproved\Run: => "NordVPN"
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{B4742DD2-ED98-4E28-9793-F1B4C6F75583}C:\program files (x86)\origin games\fifa 20\fifa20.exe] => (Allow) C:\program files (x86)\origin games\fifa 20\fifa20.exe => No File
FirewallRules: [UDP Query User{EFDB17F7-1345-4A53-B769-DF790D7E8CA8}C:\program files (x86)\origin games\fifa 20\fifa20.exe] => (Allow) C:\program files (x86)\origin games\fifa 20\fifa20.exe => No File
FirewallRules: [TCP Query User{84BAF821-77EA-4DC6-BC34-20A71B5DFAD3}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{941E9434-644E-4BF5-A6B6-C25EB5069E7E}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{6C231794-4346-46CD-B931-60F4A86B1EE0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E371B97D-DE76-4E58-848D-BA0B4909AB02}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E89C72EB-899A-4596-BADA-FBCF8EB17D37}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C8BE1F0A-52BE-4F95-857F-9FB560BADEC0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{46A05C56-3EC3-415A-8662-ED7635FAC766}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F7B7C4A1-3B04-45BB-AADF-631BC1426599}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{839005A5-42C9-49D4-877F-B2F771C89119}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 20\FIFASetup\fifaconfig.exe => No File
FirewallRules: [{E94D53E7-D9C6-4128-9834-97ABB648FAFC}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 20\FIFASetup\fifaconfig.exe => No File
FirewallRules: [{A09848DA-97BA-4E81-8DBB-0ACFBA5739C1}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5126286D-8AC8-4BAA-9F18-AFA1BD074AEC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{53739D78-0B3E-4AA2-8094-E04A426A2368}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CD0913A7-F5E8-4446-8520-CD3186146364}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1198F07B-504F-4C74-83D1-C4EF022A6C00}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{4EC302A6-4D7A-4D7A-9169-C4C8BDDB23A3}C:\program files\streamlabs obs\streamlabs obs.exe] => (Allow) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [UDP Query User{5C49E810-1660-49FC-BCD8-247F0A3BF41B}C:\program files\streamlabs obs\streamlabs obs.exe] => (Allow) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [{FF565594-CF64-4BC0-AB98-DFA9E29F75BB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{36708DDA-36DE-41B0-9C70-30BD04673301}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F7D28456-7EED-4BFA-8687-B5E4660A524C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{626D3102-DCCC-429A-B41B-19EFD246E19E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{734E2961-DF5F-400A-9432-59BCEFC2A139}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{FEA5534B-F25C-4CD0-A827-491A7A413E9E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{1CF2829E-4F3C-4C13-BBB5-79929A019EA3}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{E52E3F14-6590-46F3-928A-058D658CC173}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{AF2E3568-12D6-48DE-8552-6DB44A0D56D8}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll => No File
FirewallRules: [{5C8D1195-6401-4465-917C-970EE1802CE9}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll => No File
FirewallRules: [{331BA46D-A71F-48ED-9147-4D21B055B329}] => (Allow) D:\CSko\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
FirewallRules: [{95C2FF12-EB41-4F96-BB13-ED7C2D53165D}] => (Allow) D:\CSko\steamapps\common\Aim Lab\AimLab_tb.exe () [File not signed]
FirewallRules: [{7328F064-77F3-433C-9F53-9BE5B4886B92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\launcher.exe (2K Games) [File not signed]
FirewallRules: [{0294A0BA-5A0E-4221-BD5F-ACCDC3D7E4E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia Definitive Edition\launcher.exe (2K Games) [File not signed]
FirewallRules: [TCP Query User{55873549-E966-4CD4-AABC-CA589E02A0DD}D:\tennis\tennis.world.tour.2\tennis.world.tour.2\twt2.exe] => (Allow) D:\tennis\tennis.world.tour.2\tennis.world.tour.2\twt2.exe () [File not signed]
FirewallRules: [UDP Query User{36020790-DD8B-4D7E-AE1E-B5565FDA5467}D:\tennis\tennis.world.tour.2\tennis.world.tour.2\twt2.exe] => (Allow) D:\tennis\tennis.world.tour.2\tennis.world.tour.2\twt2.exe () [File not signed]
FirewallRules: [TCP Query User{343DEEFB-9DE3-4A0F-83FF-EBD8188303CD}D:\program files (x86)\efootball pes 2021\pes2021.exe] => (Allow) D:\program files (x86)\efootball pes 2021\pes2021.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [UDP Query User{F40EC23D-CCD6-4973-99E5-F65E8DE0E3BF}D:\program files (x86)\efootball pes 2021\pes2021.exe] => (Allow) D:\program files (x86)\efootball pes 2021\pes2021.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{6869FAB5-F8A7-482E-817E-93BA0ABDF47D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{349D715A-51C3-4A8A-9C05-85750BEB0F71}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3F8C6D21-5A0F-4458-A9EB-6CA9ACE0A83D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{788A08E3-F5EF-468A-8703-E3DDF6F959E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CF8585C3-9365-4A06-9B07-B79DEC0E20CF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1DBCCDA3-C53D-4DBF-94F2-91BE9230B0D4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{4A42693F-533E-4638-BAEB-63E378198B73}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{366FACD9-214E-43A4-8EC8-3BD8A5095544}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{21DD647D-D364-47FB-9857-73ACE5917BBB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{405B4F2D-ADE6-4F11-B30C-78FDFD3A1D69}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{456A3B40-1E87-47C6-AAB6-5D8535F7A4CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{27D3E6D6-FDF7-4A42-94B4-2AD629D7C1BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F248FE6E-9AB0-4032-AB71-CBED9EFB1D0F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F8DBE8BB-9E76-469E-898F-C9B1AA174DD5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FC7A1675-40E4-4DC7-97A3-028DC3653CB3}] => (Allow) C:\Program Files\MetaTrader\metatester64.exe (MetaQuotes Ltd. -> MetaQuotes Software Corp.)
FirewallRules: [{D86D2996-2471-4242-A3F6-46F5FBAD99D0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1ADD04F4-5E1E-48DA-91BE-082BE8D6CE36}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D97AA5E0-AEEF-46AB-A3B7-25100AC820BF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CB3F74D8-1B3F-4829-BA4D-FAEA8E995ADF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3FEC57F5-386A-48F2-BD84-4CFAD60B1AF6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E5893AEC-FFF3-43B5-875E-06E1A871854D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6A03C760-EA9C-460C-8869-B378E0A74D5A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0685F193-87DA-4F53-A9C2-C39D371BA215}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

01-01-2021 13:42:24 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: DAEMON Tools Ultra Virtual USB Bus
Description: DAEMON Tools Ultra Virtual USB Bus
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Disc Soft Ltd
Service: dtultrausbbus
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: DAEMON Tools Ultra Virtual SCSI Bus
Description: DAEMON Tools Ultra Virtual SCSI Bus
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Disc Soft Ltd
Service: dtultrascsibus
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/08/2021 10:30:08 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3744,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/08/2021 09:30:20 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10616,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/08/2021 09:23:34 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11468,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/08/2021 08:00:49 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11588,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/08/2021 07:54:03 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4476,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/08/2021 07:43:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 23 4.F.0.B.9.E.E.A.E.6.D.F.C.8.9.E.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR DESKTOP-3N07L5T.local.

Error: (01/08/2021 07:43:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.1:5353 25 4.F.0.B.9.E.E.A.E.6.D.F.C.8.9.E.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR DESKTOP-3N07L5T-2.local.

Error: (01/08/2021 07:43:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 23 4.F.0.B.9.E.E.A.E.6.D.F.C.8.9.E.6.F.2.6.D.1.D.8.8.2.0.1.0.0.A.2.ip6.arpa. PTR DESKTOP-3N07L5T.local.


System errors:
=============
Error: (01/09/2021 06:12:24 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3N07L5T)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/08/2021 07:44:26 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3N07L5T)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/08/2021 07:43:27 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3N07L5T)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/08/2021 12:27:12 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY)
Description: Na miniportu Apple Mobile Device Ethernet #2, {6d303d7c-0c09-47c9-95e8-b7a6d7db595e}, došlo k události 76.

Error: (01/08/2021 12:18:07 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3N07L5T)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/08/2021 11:49:44 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3N07L5T)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/08/2021 11:48:18 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3N07L5T)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/08/2021 11:47:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2020-08-13 23:55:29.230
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {A73FAA1C-A140-4B3D-B11C-0AFDC064BE1C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-08-13 23:09:55.203
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D707B9AF-00DD-4725-835D-0CB28B2D207D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-07-03 22:18:29.702
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {8DB71C9B-37FF-4450-82AE-1EAAD1AEDDB3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===================================

Date: 2021-01-09 10:48:51.070
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-09 10:48:51.068
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-09 10:48:31.645
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-09 10:48:31.643
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-09 10:48:31.049
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-09 10:48:31.048
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-09 10:48:24.286
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-09 10:48:24.285
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1205 05/11/2018
Motherboard: ASUSTeK COMPUTER INC. STRIX B250G GAMING
Processor: Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz
Percentage of memory in use: 28%
Total physical RAM: 16329.22 MB
Available physical RAM: 11724.72 MB
Total Virtual: 27081.22 MB
Available Virtual: 20028.66 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.51 GB) (Free:27.89 GB) NTFS
Drive d: (DATA) (Fixed) (Total:1862.89 GB) (Free:1243.69 GB) NTFS

\\?\Volume{fd269f6a-201e-495f-82c3-31117159c66e}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
\\?\Volume{d229db94-1e56-4b34-942c-c1c3774d32cb}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{1cb4cf22-7f5d-4701-9a31-d6d669e5103a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Zpomalené PC - Děkuji za pomoc

Napsal: 09 led 2021 11:21
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
FirewallRules: [TCP Query User{B4742DD2-ED98-4E28-9793-F1B4C6F75583}C:\program files (x86)\origin games\fifa 20\fifa20.exe] => (Allow) C:\program files (x86)\origin games\fifa 20\fifa20.exe => No File
FirewallRules: [UDP Query User{EFDB17F7-1345-4A53-B769-DF790D7E8CA8}C:\program files (x86)\origin games\fifa 20\fifa20.exe] => (Allow) C:\program files (x86)\origin games\fifa 20\fifa20.exe => No File
FirewallRules: [{839005A5-42C9-49D4-877F-B2F771C89119}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 20\FIFASetup\fifaconfig.exe => No File
FirewallRules: [{E94D53E7-D9C6-4128-9834-97ABB648FAFC}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 20\FIFASetup\fifaconfig.exe => No File
FirewallRules: [{AF2E3568-12D6-48DE-8552-6DB44A0D56D8}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll => No File
FirewallRules: [{5C8D1195-6401-4465-917C-970EE1802CE9}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll => No File
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\MountPoints2: {0bf88ee0-12c9-11eb-878b-6045cb7226b1} - "E:\setup.exe"
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\MountPoints2: {cd80bf90-1831-11eb-878c-6045cb7226b1} - "E:\setup.exe"
Task: {4F65E85A-DF52-42CE-BF80-0032F1A2CCE8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-02] (Google LLC -> Google LLC)
Task: {C0150820-0A64-42D2-BFD6-099868C9CFE9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-02] (Google LLC -> Google LLC)

EmptyTemp:
End
Uložte do D:\Users\akhav\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Zpomalené PC - Děkuji za pomoc

Napsal: 09 led 2021 21:46
od ave007
Zdravím!
Bohužel po restartu se žádný log nezobrazil

Re: Zpomalené PC - Děkuji za pomoc

Napsal: 09 led 2021 21:46
od ave007
tak jsem našel ručně :)

Fix result of Farbar Recovery Scan Tool (x64) Version: 09-01-2021
Ran by PC (09-01-2021 21:43:20) Run:1
Running from D:\Users\akhav\Downloads
Loaded Profiles: PC
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
FirewallRules: [TCP Query User{B4742DD2-ED98-4E28-9793-F1B4C6F75583}C:\program files (x86)\origin games\fifa 20\fifa20.exe] => (Allow) C:\program files (x86)\origin games\fifa 20\fifa20.exe => No File
FirewallRules: [UDP Query User{EFDB17F7-1345-4A53-B769-DF790D7E8CA8}C:\program files (x86)\origin games\fifa 20\fifa20.exe] => (Allow) C:\program files (x86)\origin games\fifa 20\fifa20.exe => No File
FirewallRules: [{839005A5-42C9-49D4-877F-B2F771C89119}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 20\FIFASetup\fifaconfig.exe => No File
FirewallRules: [{E94D53E7-D9C6-4128-9834-97ABB648FAFC}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 20\FIFASetup\fifaconfig.exe => No File
FirewallRules: [{AF2E3568-12D6-48DE-8552-6DB44A0D56D8}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll => No File
FirewallRules: [{5C8D1195-6401-4465-917C-970EE1802CE9}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll => No File
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\MountPoints2: {0bf88ee0-12c9-11eb-878b-6045cb7226b1} - "E:\setup.exe"
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\...\MountPoints2: {cd80bf90-1831-11eb-878c-6045cb7226b1} - "E:\setup.exe"
Task: {4F65E85A-DF52-42CE-BF80-0032F1A2CCE8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-02] (Google LLC -> Google LLC)
Task: {C0150820-0A64-42D2-BFD6-099868C9CFE9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-02] (Google LLC -> Google LLC)

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B4742DD2-ED98-4E28-9793-F1B4C6F75583}C:\program files (x86)\origin games\fifa 20\fifa20.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EFDB17F7-1345-4A53-B769-DF790D7E8CA8}C:\program files (x86)\origin games\fifa 20\fifa20.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{839005A5-42C9-49D4-877F-B2F771C89119}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E94D53E7-D9C6-4128-9834-97ABB648FAFC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AF2E3568-12D6-48DE-8552-6DB44A0D56D8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5C8D1195-6401-4465-917C-970EE1802CE9}" => removed successfully
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0bf88ee0-12c9-11eb-878b-6045cb7226b1} => removed successfully
HKU\S-1-5-21-4158704578-2855211266-1573636166-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cd80bf90-1831-11eb-878c-6045cb7226b1} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4F65E85A-DF52-42CE-BF80-0032F1A2CCE8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F65E85A-DF52-42CE-BF80-0032F1A2CCE8}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C0150820-0A64-42D2-BFD6-099868C9CFE9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0150820-0A64-42D2-BFD6-099868C9CFE9}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 145292870 B
Java, Flash, Steam htmlcache => 31996459 B
Windows/system/drivers => 12827271 B
Edge => 0 B
Chrome => 335679075 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 91956 B
NetworkService => 91956 B
akhav => 36846676 B

RecycleBin => 0 B
EmptyTemp: => 546.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:43:31 ====

Re: Zpomalené PC - Děkuji za pomoc

Napsal: 09 led 2021 21:53
od Rudy
Někdy se to stane. Bylo smazáno. Nastala nějaká změna?

Re: Zpomalené PC - Děkuji za pomoc

Napsal: 10 led 2021 11:00
od ave007
Řekl bych, že je to o něco lepší

Re: Zpomalené PC - Děkuji za pomoc

Napsal: 10 led 2021 11:14
od Rudy
Zkuste ještě defragmentovat disk.

Re: Zpomalené PC - Děkuji za pomoc

Napsal: 10 led 2021 11:30
od ave007
systémové SSD?

Re: Zpomalené PC - Děkuji za pomoc

Napsal: 10 led 2021 12:26
od Rudy
OK, takže nic. Defragmentujte tedy alespoň registry: https://www.stahuj.cz/utility_a_ostatni ... ry-defrag/ .
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz