Zpomalení notebooaku při staru
Napsal: 24 dub 2021 11:53
Dobrý den
Prosím o kontrolu logu. stává se mi často že se mi notebooak strašně pomalu spouští. Trvá to minuty. Jindy naběhne v celku normálně. Nevím co by to mohlo způsobovat.
Děkuji předem Bucek
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2021
Ran by Karel (24-04-2021 12:43:36)
Running from C:\Users\Karel\Downloads
Windows 10 Pro Version 20H2 19042.928 (X64) (2020-12-15 17:13:27)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2206319702-2973068575-2851948494-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2206319702-2973068575-2851948494-503 - Limited - Disabled)
Guest (S-1-5-21-2206319702-2973068575-2851948494-501 - Limited - Disabled)
Karel (S-1-5-21-2206319702-2973068575-2851948494-1001 - Administrator - Enabled) => C:\Users\Karel
WDAGUtilityAccount (S-1-5-21-2206319702-2973068575-2851948494-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AdGuard (HKLM-x32\...\{4aba1eab-3222-4eec-b751-fcc490bf0327}) (Version: 7.5.3430.0 - Adguard Software Ltd)
AdGuard (HKLM-x32\...\{685F6AB3-7C61-42D1-AE5B-3864E48D1035}) (Version: 7.5.3430.0 - Adguard Software Ltd) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20149 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Battlefield 4 (HKLM-x32\...\Battlefield 4_is1) (Version: - )
Drive Recorder Player (HKLM-x32\...\{CF01A21A-3EC1-43BE-BD99-4BC36A44BDDA}) (Version: 2.5.3 - Drive Recorder Player)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.85 - Google LLC)
HappyFoto (HKLM-x32\...\{621A70CA-32A5-4F50-A66C-C9C792580415}_is1) (Version: - Happy Foto CZ)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
i-Look 317 (HKLM-x32\...\{D8B883E4-DF64-4A91-B785-08FC9B78923D}) (Version: 1.0.0.14 - KYE)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.46 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4454.1004 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 21.052.0314.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.7 - Power Software Ltd)
Remote Mouse version 3.015 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 3.015 - Remote Mouse)
Rise of the Tomb Raider (HKLM-x32\...\{45F08513-973A-4C18-93FD-8E12B1908390}_is1) (Version: - Square Enix)
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.3.2 - TeamSpeak Systems GmbH)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
V380.1.2.4.767 (HKLM-x32\...\{8C07FBB4-BE5E-4FD7-B34B-80B052D44882}_is1) (Version: 1.2.4.767 - M@cro-video Technologies Co.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\Wargaming.net Game Center) (Version: 21.2.0.4803 - Wargaming.net)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
World of Tanks Common Test (HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\WOT.CT.PRODUCTION) (Version: - Wargaming.net)
World of Tanks EU (HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
World of Tanks Sandbox (HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\WOT.SB.PRODUCTION) (Version: - Wargaming.net)
ZLOrigin (HKLM-x32\...\ZLOrigin_is1) (Version: ZLOrigin - ZLOFENIX)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-06-29] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-20] (Microsoft Corporation)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa [2020-11-20] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-12-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-12-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.4072.0_x64__8wekyb3d8bbwe [2021-04-22] (Microsoft Studios) [MS Ad]
Remote Mouse -> C:\Program Files\WindowsApps\47900RemoteMouseTeam.486280E3D6CF9_3.0.0.0_x86__8nfdqpawkhd26 [2020-08-25] (Remote Mouse Team)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0 [2021-04-22] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2206319702-2973068575-2851948494-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-06-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-06-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-06-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-03-29 16:25 - 2014-09-09 13:30 - 000603648 _____ () [File not signed] C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll
2020-10-13 19:55 - 2019-04-19 17:12 - 001391104 _____ (Remote Mouse) [File not signed] C:\Program Files (x86)\Remote Mouse\windows_api.dll
2017-11-01 22:58 - 2017-11-01 22:58 - 001141248 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Adguard\SQLite.Interop.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://live.retetv.cz/watch-tv
SearchScopes: HKU\S-1-5-21-2206319702-2973068575-2851948494-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2021-04-18 13:04 - 2021-04-18 16:13 - 000000505 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Karel\Downloads\IMG_1766.JPG
DNS Servers: 77.48.254.254 - 77.48.100.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{EC1E7945-0749-4545-9E50-680A592E522A}] => (Allow) C:\Users\Karel\AppData\Local\Programs\Opera\67.0.3575.53\opera.exe => No File
FirewallRules: [{A0B9A70F-9615-4AE1-814E-8F489D0F2C65}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{12124292-B3A4-450F-A424-682DE2452ED0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{15F5F6C1-6113-4AB2-ABBA-9C85EABD0D33}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ACFBA099-67B5-49D3-B907-E5B6C70968DC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D229B291-7E3C-4F95-82E1-51C7301C983F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4FEF2751-CAD5-4476-9F60-E2F6B5BD896C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B2A62F4A-8A51-4BA0-B047-287140E12A68}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FE6C11D4-627B-46CF-97C8-96F34951F4C2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ABBA4A50-91BE-435D-9AC8-A765B0936DFD}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [File not signed]
FirewallRules: [{FB0728A7-29A3-4B96-A15F-D17E7E841FC5}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [File not signed]
FirewallRules: [{33011A7C-459E-46CD-A9EA-5A98CCCAE21D}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (remotemouse.net) [File not signed]
FirewallRules: [{58A0A0FB-D502-4D9B-BCDB-16A1D5651D35}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (remotemouse.net) [File not signed]
FirewallRules: [{B535A512-5488-4FA7-AD48-88B92AF8098C}] => (Block) C:\program files (x86)\v380\v380.exe (M@cro-video Technologies Co. -> ) [File not signed]
FirewallRules: [{D709A6DA-F6E4-4E6F-B099-35ACEF4B8BA8}] => (Block) C:\program files (x86)\v380\v380.exe (M@cro-video Technologies Co. -> ) [File not signed]
FirewallRules: [UDP Query User{7654EB22-F107-4781-B96C-A9876C81E877}C:\program files (x86)\v380\v380.exe] => (Allow) C:\program files (x86)\v380\v380.exe (M@cro-video Technologies Co. -> ) [File not signed]
FirewallRules: [TCP Query User{093C971C-DC17-4087-954E-2262BFF5AF95}C:\program files (x86)\v380\v380.exe] => (Allow) C:\program files (x86)\v380\v380.exe (M@cro-video Technologies Co. -> ) [File not signed]
FirewallRules: [{B0BEC8B6-49F2-4A83-BE41-0A5CA31D768F}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [UDP Query User{47FE237B-CA7F-4A56-82BD-644608D54948}C:\program files\windowsapps\47900remotemouseteam.486280e3d6cf9_3.0.0.0_x86__8nfdqpawkhd26\remotemouse\remotemouse.exe] => (Allow) C:\program files\windowsapps\47900remotemouseteam.486280e3d6cf9_3.0.0.0_x86__8nfdqpawkhd26\remotemouse\remotemouse.exe (remotemouse.net) [File not signed]
FirewallRules: [TCP Query User{3356BF5C-16F0-46D6-BFB6-FFD19D5B01AB}C:\program files\windowsapps\47900remotemouseteam.486280e3d6cf9_3.0.0.0_x86__8nfdqpawkhd26\remotemouse\remotemouse.exe] => (Allow) C:\program files\windowsapps\47900remotemouseteam.486280e3d6cf9_3.0.0.0_x86__8nfdqpawkhd26\remotemouse\remotemouse.exe (remotemouse.net) [File not signed]
FirewallRules: [UDP Query User{D4B73EDD-A583-47D2-9423-F9A8D70C015D}C:\games\battlefield 4\bf4_offline.exe] => (Allow) C:\games\battlefield 4\bf4_offline.exe (EA Digital Illusions CE AB) [File not signed]
FirewallRules: [TCP Query User{0BA12D52-809F-4ABF-AA4B-171AEF94C2F1}C:\games\battlefield 4\bf4_offline.exe] => (Allow) C:\games\battlefield 4\bf4_offline.exe (EA Digital Illusions CE AB) [File not signed]
FirewallRules: [{0A7EA1EF-BC60-4715-9760-EFABBF43A43C}] => (Block) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [{D78630BB-5A7F-49A1-82CB-45A4D386FA9B}] => (Block) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [UDP Query User{E7ABEBD2-AFA6-46D1-86DA-2EB3F0C463CF}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [TCP Query User{C0207B04-7F07-495F-A8E1-66EE9A17DC7B}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [{57DA0179-71A9-40AB-9F8F-E69850C61A1B}] => (Block) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{87F777E2-EAB8-4E42-B2CE-3883E1371A0B}] => (Block) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{6C2D337B-7F56-41B1-ADA1-E6E7D13412B1}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{B7D6704A-B7A0-4FA8-9DA7-84FF52CB552A}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{7A4B2D30-3EEF-411C-B8BB-B354F9E15EFF}] => (Block) C:\games\world_of_tanks_ct\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{DAFE3BFC-EA8B-4638-A361-9AD306B29FEC}] => (Block) C:\games\world_of_tanks_ct\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{F3FE886C-AE99-462C-9D08-9DFDF89562D5}C:\games\world_of_tanks_ct\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_ct\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{ACE695EB-3AFD-4096-BA0B-694F0D752B01}C:\games\world_of_tanks_ct\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_ct\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{558FA919-FEF3-4BAF-B1EF-B62C1B955683}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{95612BD8-74F2-4658-8A98-AE72058E1FEC}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{17CCE579-95CB-426C-B781-61C0A4C15059}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4EC38E69-3B81-4E0E-8DF2-13424A0BEDD8}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{80E4B090-B699-4183-AFDB-A54711208580}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8F7FCE55-F582-4C7F-9CF6-B244DF4375C7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{3E9B13E2-37A4-4B98-BB1B-3D8EDBC28A20}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{A62BECC8-ED7F-4604-B71A-2E012F335982}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{0086B9DF-1B61-4700-87A2-16B4F8A7B48C}] => (Allow) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{9A36D37E-708C-4E7A-B241-1A9A33C82175}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{87A76B14-F509-4506-9CD1-ED3B9A0D25D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{AA9A02D9-EDD6-4B5B-824B-D2E68BAA866D}C:\program files (x86)\relevantknowledge\rlvknlg.exe] => (Allow) C:\program files (x86)\relevantknowledge\rlvknlg.exe => No File
FirewallRules: [UDP Query User{9E88B1F7-BC2A-4E5B-953D-9D03C8244641}C:\program files (x86)\relevantknowledge\rlvknlg.exe] => (Allow) C:\program files (x86)\relevantknowledge\rlvknlg.exe => No File
FirewallRules: [TCP Query User{01493225-4413-4111-AAE3-B4DA717FE717}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe => No File
FirewallRules: [UDP Query User{B45CB2CB-25EC-4348-B060-C4A97C074CA4}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe => No File
FirewallRules: [{B932F9A2-16FC-421F-96C1-9C04B000C0FB}] => (Allow) C:\Program Files (x86)\Adguard\AdguardSvc.exe (Adguard Software Limited -> Adguard Software Ltd)
FirewallRules: [TCP Query User{D05BCB2F-3431-46CA-8156-381AFEC420A5}C:\games\world_of_tanks_sandbox\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_sandbox\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{645EA0DA-7A44-4122-9682-7CE394178C8D}C:\games\world_of_tanks_sandbox\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_sandbox\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{1D2F4952-F98C-4993-AA24-BD3093A31B7B}] => (Block) C:\games\world_of_tanks_sandbox\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{40704D35-E765-469D-BC15-FF3448F6AF24}] => (Block) C:\games\world_of_tanks_sandbox\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{28FC7AB5-C068-46CB-A140-9C9954FD070D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8A69B047-1D5D-4975-962B-267A171F25B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8C817D25-6D6B-45CB-A314-2E8A845D4FA6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9BD27152-2517-4CB2-B6EA-B47A0B2AF28E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4D8DADDE-4FF3-4A66-B67B-ABAB4BEF2CEE}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{0FD72681-95E0-4DFF-A77D-585915ECB3D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{378452E0-5377-4021-8F62-43844C1B6492}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4355561D-16B4-4076-A13C-AEE51A35692E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ADFB7704-BF13-444E-B5B0-9571C68D09E8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{79ECC70F-E9F7-4733-8C20-3ACCAAE8C7CE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CED8D8AA-5946-4B9F-87BC-6330B566DBEE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{27B15526-F77C-4D9A-9441-877CECA98449}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BEF943C2-5477-48DC-9CF8-429C2C6B2A22}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A4F21D9B-50DF-495E-9DDD-D5CD355D9442}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
08-04-2021 17:47:13 Naplánovaný kontrolní bod
16-04-2021 19:43:11 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (04/24/2021 01:37:31 AM) (Source: Adguard) (EventID: 0) (User: )
Description: Switching logger to invalid state because of System.ObjectDisposedException: K zavřenému souboru nelze přistupovat.
Source: mscorlib
Stack trace: v System.IO.__Error.FileNotOpen()
v System.IO.FileStream.get_Length()
v Microsoft.VisualBasic.Logging.FileLogTraceListener.ResourcesAvailable(Int64 newEntrySize)
v Microsoft.VisualBasic.Logging.FileLogTraceListener.WriteLine(String message)
v omX9iF1cQtp6TYX8MDA.qYRbCoxd0(Object , String , omX9iF1cQtp6TYX8MDA )
v Adguard.Commons.Utils.Logger.QigljtVYvH(TraceLevel , Object )
Error: (04/23/2021 07:10:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameBar.exe, verze: 5.521.3093.0, časové razítko: 0x6047c0e0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.906, časové razítko: 0x2f2f77bf
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010b2dc
ID chybujícího procesu: 0x28d8
Čas spuštění chybující aplikace: 0x01d7377c3b35e731
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: ab84da0d-35e0-4960-be59-caf8e2054f53
Úplný název chybujícího balíčku: Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (04/22/2021 07:42:51 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (04/18/2021 12:55:55 PM) (Source: Adguard) (EventID: 0) (User: )
Description: Switching logger to invalid state because of System.ObjectDisposedException: K zavřenému souboru nelze přistupovat.
Source: mscorlib
Stack trace: v System.IO.__Error.FileNotOpen()
v System.IO.FileStream.get_Length()
v Microsoft.VisualBasic.Logging.FileLogTraceListener.ResourcesAvailable(Int64 newEntrySize)
v Microsoft.VisualBasic.Logging.FileLogTraceListener.WriteLine(String message)
v omX9iF1cQtp6TYX8MDA.qYRbCoxd0(Object , String , omX9iF1cQtp6TYX8MDA )
v Adguard.Commons.Utils.Logger.QigljtVYvH(TraceLevel , Object )
Error: (04/17/2021 03:57:46 AM) (Source: Adguard) (EventID: 0) (User: )
Description: Switching logger to invalid state because of System.NullReferenceException: Odkaz na objekt není nastaven na instanci objektu.
Source: Microsoft.VisualBasic
Stack trace: v Microsoft.VisualBasic.Logging.FileLogTraceListener.ResourcesAvailable(Int64 newEntrySize)
v Microsoft.VisualBasic.Logging.FileLogTraceListener.WriteLine(String message)
v omX9iF1cQtp6TYX8MDA.qYRbCoxd0(Object , String , omX9iF1cQtp6TYX8MDA )
v Adguard.Commons.Utils.Logger.QigljtVYvH(TraceLevel , Object )
Error: (04/16/2021 07:43:06 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (04/09/2021 03:39:43 PM) (Source: Adguard) (EventID: 0) (User: )
Description: Switching logger to invalid state because of System.ObjectDisposedException: K zavřenému souboru nelze přistupovat.
Source: mscorlib
Stack trace: v System.IO.__Error.FileNotOpen()
v System.IO.FileStream.get_Length()
v Microsoft.VisualBasic.Logging.FileLogTraceListener.ResourcesAvailable(Int64 newEntrySize)
v Microsoft.VisualBasic.Logging.FileLogTraceListener.WriteLine(String message)
v omX9iF1cQtp6TYX8MDA.qYRbCoxd0(Object , String , omX9iF1cQtp6TYX8MDA )
v Adguard.Commons.Utils.Logger.QigljtVYvH(TraceLevel , Object )
Error: (04/08/2021 07:37:03 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
System errors:
=============
Error: (04/22/2021 06:26:44 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4BNP6E3)
Description: Server Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/22/2021 03:02:22 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Windows Update se po přijetí pokynu pro vypnutí neukončila správně.
Error: (04/17/2021 04:16:06 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Biometrická služba systému Windows se po přijetí pokynu pro vypnutí neukončila správně.
Error: (04/14/2021 08:07:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240016): Aktualizace bezpečnostních informací pro produkt Microsoft Defender Antivirus - KB2267602 (verze 1.335.854.0).
Error: (04/08/2021 06:43:50 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/05/2021 04:32:54 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/05/2021 04:31:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4BNP6E3)
Description: Server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/31/2021 04:35:58 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4BNP6E3)
Description: Server microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2021-04-16 14:18:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {75C3B5D3-03BC-475A-BDF9-35EC3D7664B7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-04-13 15:02:31
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B5903105-359A-4F32-9831-AFDB20C62E02}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-04-11 14:39:55
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {92B960BD-3124-4B3F-9D4E-D8B588690BC6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-04-08 17:46:01
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0241039E-54B8-41B6-BA42-7747FE05EA64}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-04-08 12:31:13
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {4DA6C153-793A-4866-9303-F907665CA37C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-03-16 15:33:07
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.333.472.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17900.7
Kód chyby: 0x8024001e
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===============
Date: 2021-03-13 22:03:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\88.0.4324.190\chrome_elf.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-17 21:35:57
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2021-01-17 21:34:15
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Insyde F.00 05/27/2013
Motherboard: Hewlett-Packard 1967
Processor: Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz
Percentage of memory in use: 62%
Total physical RAM: 7964.03 MB
Available physical RAM: 3012.62 MB
Total Virtual: 9884.03 MB
Available Virtual: 3375.91 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.27 GB) (Free:539.58 GB) NTFS
Drive f: (NOVÝ SVAZEK) (Fixed) (Total:22.35 GB) (Free:22.34 GB) FAT32
\\?\Volume{ec2999ac-fa58-4d8f-b6b6-826e1bb89603}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{49c84e18-2197-4ed3-bb64-174b03a37ebe}\ () (Fixed) (Total:0.61 GB) (Free:0.08 GB) NTFS
\\?\Volume{f5726e69-c4e7-4999-a74d-dc61a56a07b2}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 373BA8B4)
Partition: GPT.
==========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: 9BD31F4E)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2021
Ran by Karel (administrator) on DESKTOP-4BNP6E3 (Hewlett-Packard HP ENVY 15 Notebook PC) (24-04-2021 12:36:24)
Running from C:\Users\Karel\Downloads
Loaded Profiles: Karel
Platform: Windows 10 Pro Version 20H2 19042.928 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
() [File not signed] C:\Windows\SysWOW64\UTSCSI.EXE
(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\Adguard.BrowserExtensionHost.exe
(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\Adguard.exe
(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\AdguardSvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <16>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\sttray64.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2103.17603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(Power Software Limited -> Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(remotemouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(RemoteMouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <3>
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\WargamingErrorMonitor.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-16] (IDT, Inc.) [File not signed]
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [455872 2020-06-22] (Power Software Limited -> Power Software Ltd)
HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1941368 2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [5703528 2020-11-20] (Adguard Software Limited -> Adguard Software Ltd)
HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536424 2021-04-14] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software, a.s. -> ZONER software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.85\Installer\chrmstp.exe [2021-04-23] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0BA9EBF8-7B2A-41F0-B963-5555711EE9DD} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2B47DE31-46CD-4316-A103-3863EDE5B5AF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {47F4379E-4696-4E45-A933-FAE49045921A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6477BF9B-9FDB-4FAF-B52F-E33121DBA720} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {849CAA7C-21CA-424C-BBC9-ACCC72DCD567} - System32\Tasks\Opera scheduled Autoupdate 1606832561 => C:\Users\Karel\AppData\Local\Programs\Opera\launcher.exe [1538584 2020-03-03] (Opera Software AS -> Opera Software)
Task: {8CB7E890-7041-436B-9283-5D76823D2E8A} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2884984 2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {907B5A07-54F2-402A-B255-474D08309EEB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-09] (Google LLC -> Google LLC)
Task: {9D34221E-9AC7-4348-B845-73E78BC001EC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {9D822505-C1B4-40A3-843E-6255741B4688} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A1FAE0A4-5B48-4BD4-B7C8-BAE2156B2CC0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AF05E4B6-25C6-4404-8DCF-78CEF1F7EE5A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {B2E13539-25DC-43E8-ABE9-5FFA7DBC8EDB} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B6981BCB-692E-4908-B72E-088385D94346} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {C4C799F6-1C96-41F1-9618-9F3ECB3EB4BE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {C70EC979-D2B6-49F1-98CD-1B6B591C2FCC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D58A0152-43DE-40BF-A21C-F2A202C363B6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\AdobeGCInvoker-1.0" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\Microsoft Office 15 Sync Maintenance for DESKTOP-4BNP6E3-Karel DESKTOP-4BNP6E3" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\OneDrive Per-Machine Standalone Update Task" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\Opera scheduled Autoupdate 1606832561" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(20): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {D980F95D-962E-46E4-9FB4-2E02C2B0241A} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-4BNP6E3-Karel DESKTOP-4BNP6E3 => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {DC4BCEBA-11EC-4679-AE90-304C98B021A8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EEF56F44-7726-40E6-8383-E2C5151EEB5E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-09] (Google LLC -> Google LLC)
Task: {F9546E58-67D7-41AB-92ED-48ABF91A7614} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 77.48.254.254 77.48.100.254
Tcpip\..\Interfaces\{0d693702-71d4-4e64-8029-1d19634f5829}: [DhcpNameServer] 77.48.254.254 77.48.100.254
Tcpip\..\Interfaces\{0f816ee8-97d9-41b9-8ceb-3dd696d625f9}: [DhcpNameServer] 10.100.0.63 10.100.0.65
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Karel\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-14]
Edge HomePage: Default -> hxxps://www.seznam.cz/
Edge Extension: (AdBlock — best ad blocker) - C:\Users\Karel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2021-04-14]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-14] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default [2021-04-24]
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://meet.google.com; hxxps://www.mall.tv; hxxps://www.steersearch.com; hxxps://www17.darenjarvis.pro; hxxps://www1a.delmarmora.pro; hxxps://www1a.moshemartin.pro; hxxps://www1a.rudyvalencia.pro; hxxps://www1a.samcunningham.pro; hxxps://www21.elbaestes.pro; hxxps://www2a.michellehardin.pro; hxxps://www2a.rudyvalencia.pro; hxxps://www35.darenjarvis.pro; hxxps://www3a.samcunningham.pro; hxxps://www44.todhamilton.pro; hxxps://www50.elbaestes.pro; hxxps://www9.darenjarvis.pro
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Extension: (Prezentace) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-09]
CHR Extension: (Dokumenty) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-09]
CHR Extension: (Disk Google) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-27]
CHR Extension: (YouTube) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-09]
CHR Extension: (AdGuard asistent prohlížeče) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbohpolgemkbfphodcfgnpjcmedcjhpn [2021-03-04]
CHR Extension: (Tabulky) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-23]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-04-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Weather Underground) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2020-03-12]
CHR Extension: (Gmail) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-24]
CHR Profile: C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-12-25]
CHR Profile: C:\Users\Karel\AppData\Local\Google\Chrome\User Data\System Profile [2021-03-28]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [177000 2020-11-20] (Adguard Software Limited -> Adguard Software Ltd)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\FileSyncHelper.exe [2218872 2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [410864 2021-01-25] (NVIDIA Corporation -> NVIDIA)
S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2457520 2020-10-29] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-04-17] (Malwarebytes Inc -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\OneDriveUpdaterService.exe [2603368 2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [11264 2020-09-23] () [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5361256 2021-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
R2 UTSCSI; C:\Windows\SysWOW64\UTSCSI.EXE [45056 2020-10-23] () [File not signed]
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [100384 2016-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 adgnetworkwfpdrv; C:\WINDOWS\System32\drivers\adgnetworkwfpdrv.sys [93184 2020-04-07] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 Btcsrusb; C:\WINDOWS\System32\Drivers\btcusb.sys [53488 2020-10-29] (IVT CORPORATION -> IVT Corporation.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BTWDPAN; C:\WINDOWS\System32\drivers\btwdpan.sys [84008 2020-10-29] (Broadcom Corporation -> Broadcom Corporation.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-04-19] (Malwarebytes Inc -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-04-19] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-04-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-04-22] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-04-22] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-19] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [157944 2021-04-22] (Malwarebytes Inc -> Malwarebytes)
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1219200 2015-06-03] (MEDIATEK INC. -> Ralink Technology, Corp.)
S3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [934896 2020-10-29] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [551936 2013-08-16] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [421088 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-04-24 12:36 - 2021-04-24 12:38 - 000027097 _____ C:\Users\Karel\Downloads\FRST.txt
2021-04-24 12:35 - 2021-04-24 12:37 - 000000000 ____D C:\FRST
2021-04-24 12:33 - 2021-04-24 12:33 - 002298368 _____ (Farbar) C:\Users\Karel\Downloads\FRST64.exe
2021-04-23 19:19 - 2021-04-23 19:19 - 002772210 _____ C:\Users\Karel\Downloads\Photos (15).zip
2021-04-22 15:04 - 2021-04-22 15:04 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-04-22 15:04 - 2021-04-22 15:04 - 000157944 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-04-22 15:04 - 2021-04-22 15:04 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-04-19 15:36 - 2021-04-19 15:36 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-04-19 15:36 - 2021-04-19 15:36 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-04-18 13:04 - 2021-04-18 16:13 - 000000505 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-04-17 11:38 - 2021-04-17 11:38 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-04-17 11:38 - 2021-04-17 11:38 - 000001981 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-04-17 11:37 - 2021-04-19 15:36 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-04-17 11:37 - 2021-04-17 11:36 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-04-17 11:35 - 2021-04-17 11:35 - 000000000 ____D C:\Program Files\Malwarebytes
2021-04-17 11:34 - 2021-04-17 11:35 - 205090224 _____ (Malwarebytes) C:\Users\Karel\Downloads\mb4-setup-consumer-4.3.0.210-1.0.1173-1.0.37263.exe
2021-04-16 20:58 - 2021-04-16 20:58 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-16 20:57 - 2021-04-16 20:57 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-16 20:56 - 2021-04-16 20:56 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-16 11:13 - 2021-04-16 11:13 - 000510026 _____ C:\Users\Karel\Downloads\2203589099.pdf
2021-04-08 19:45 - 2021-04-22 15:02 - 088342528 _____ C:\WINDOWS\system32\config\SOFTWARE
2021-04-02 20:15 - 2021-04-02 20:15 - 008489331 _____ C:\Users\Karel\Downloads\Photos (13).zip
2021-04-02 20:15 - 2021-04-02 20:15 - 004179157 _____ C:\Users\Karel\Downloads\Photos (14).zip
2021-03-30 20:28 - 2021-03-30 20:28 - 000030147 _____ C:\Users\Karel\Downloads\ceník-duben-2021-23.xlsx
2021-03-29 19:06 - 2021-03-29 19:06 - 001241215 _____ C:\Users\Karel\Downloads\prilohy_81872.zip
2021-03-29 16:28 - 2021-03-29 16:28 - 000000000 ____D C:\Users\Karel\AppData\Roaming\Zoner
2021-03-29 16:28 - 2021-03-29 16:28 - 000000000 ____D C:\Users\Karel\AppData\Local\Zoner
2021-03-29 16:27 - 2014-12-26 00:31 - 000000000 ____D C:\Users\Karel\Downloads\ZPS 17 - Proof license key By Bouberri
2021-03-29 16:26 - 2021-03-29 16:26 - 000001991 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Zoner Photo Studio 17.lnk
2021-03-29 16:26 - 2021-03-29 16:26 - 000001985 _____ C:\Users\Public\Desktop\Zoner Photo Studio 17.lnk
2021-03-29 16:26 - 2021-03-29 16:26 - 000000000 ____D C:\ProgramData\Zoner
2021-03-29 16:25 - 2021-03-29 16:28 - 000000000 ____D C:\Program Files\Zoner
2021-03-29 16:24 - 2021-03-29 16:24 - 080570448 _____ (ZONER software ) C:\Users\Karel\Downloads\zps17_cz.exe
2021-03-29 16:23 - 2021-03-29 16:23 - 000195433 _____ C:\Users\Karel\Downloads\ZPS 17 - Proof license key By Bouberri (1).exe
2021-03-28 12:40 - 2021-03-28 12:42 - 028821233 _____ C:\Users\Karel\Downloads\Photos (12).zip
2021-03-28 11:50 - 2021-03-28 11:51 - 011728766 _____ C:\Users\Karel\Downloads\Photos (11).zip
2021-03-28 11:39 - 2021-03-28 11:42 - 117254506 _____ C:\Users\Karel\Downloads\Photos (10).zip
2021-03-27 20:45 - 2021-03-27 20:45 - 000098842 _____ C:\Users\Karel\Downloads\812835-jaz-solaya-ex-sol-y-mar (1).webp
2021-03-27 20:43 - 2021-03-27 20:43 - 000113626 _____ C:\Users\Karel\Downloads\391535-jaz-solaya-ex-sol-y-mar.webp
2021-03-27 20:42 - 2021-03-27 20:42 - 000098842 _____ C:\Users\Karel\Downloads\812835-jaz-solaya-ex-sol-y-mar.webp
2021-03-27 20:39 - 2021-03-27 20:39 - 000530423 _____ C:\Users\Karel\Downloads\jaza.html
2021-03-27 20:39 - 2021-03-27 20:39 - 000000000 ____D C:\Users\Karel\Downloads\jaza_files
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-04-24 12:39 - 2020-12-01 16:33 - 000000000 ____D C:\ProgramData\Adguard
2021-04-24 12:33 - 2020-06-03 23:51 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-24 12:33 - 2020-06-03 23:51 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-04-24 12:33 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-24 12:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-24 12:28 - 2020-03-09 20:08 - 000000000 ____D C:\ProgramData\NVIDIA
2021-04-24 12:27 - 2020-12-15 18:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-24 01:37 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-23 20:13 - 2020-12-15 19:12 - 000005264 _____ C:\WINDOWS\system32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-4BNP6E3-Karel DESKTOP-4BNP6E3
2021-04-23 19:17 - 2020-03-09 20:02 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-23 19:17 - 2020-03-09 20:02 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-04-23 19:14 - 2020-12-15 18:53 - 000000000 ____D C:\Users\Karel
2021-04-23 19:11 - 2020-03-12 13:35 - 000000000 ____D C:\Users\Karel\AppData\Local\CrashDumps
2021-04-22 15:18 - 2020-05-01 12:56 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-04-22 15:09 - 2020-12-15 19:12 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-22 15:09 - 2020-12-15 19:12 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-22 15:07 - 2020-03-09 20:03 - 000000000 ___RD C:\Users\Karel\OneDrive
2021-04-22 15:06 - 2021-02-03 08:57 - 000000000 ____D C:\Program Files (x86)\Adguard
2021-04-22 15:04 - 2020-03-09 19:56 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-04-22 15:04 - 2020-03-09 19:56 - 000000000 __SHD C:\Users\Karel\IntelGraphicsProfiles
2021-04-22 15:03 - 2020-12-15 19:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-22 15:03 - 2020-12-15 18:46 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-22 15:03 - 2020-03-09 20:12 - 000000000 ____D C:\ProgramData\Synaptics
2021-04-22 15:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-04-22 15:02 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-04-18 13:09 - 2020-12-15 19:03 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-18 13:09 - 2019-12-07 16:43 - 000683540 _____ C:\WINDOWS\system32\perfh005.dat
2021-04-18 13:09 - 2019-12-07 16:43 - 000137320 _____ C:\WINDOWS\system32\perfc005.dat
2021-04-18 13:09 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-17 11:37 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-17 04:18 - 2020-12-15 18:46 - 000442088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-17 04:14 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-16 21:11 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-16 20:55 - 2020-12-15 18:51 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-04-16 20:11 - 2020-03-14 18:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-16 20:08 - 2020-03-14 18:00 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-04-16 19:55 - 2020-03-13 21:14 - 000000000 ____D C:\Users\Karel\AppData\Roaming\vlc
2021-04-13 07:22 - 2021-01-12 10:25 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6d303b1e92f93
2021-04-13 07:22 - 2020-12-15 19:12 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-11 10:13 - 2020-03-09 19:40 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-04-08 19:45 - 2021-01-18 23:20 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2021-04-08 18:46 - 2020-03-12 15:54 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2021-04-08 17:35 - 2020-12-15 19:12 - 000003206 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-04-08 17:35 - 2020-03-12 15:54 - 000002172 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-31 22:23 - 2020-03-09 19:54 - 000000000 ____D C:\Users\Karel\AppData\Local\Packages
2021-03-28 21:43 - 2020-03-09 20:06 - 000000000 ____D C:\Users\Karel\AppData\Local\Comms
==================== Files in the root of some directories ========
2020-11-13 18:05 - 2020-11-13 18:05 - 000000259 _____ () C:\ProgramData\fontcacheev1.dat
2020-03-12 13:42 - 2020-03-12 13:42 - 000000410 _____ () C:\Users\Karel\AppData\Local\oobelibMkey.log
2020-12-01 16:19 - 2020-12-01 16:19 - 000016438 _____ () C:\Users\Karel\AppData\Local\partner.bmp
2020-08-18 21:55 - 2020-08-18 21:55 - 000000017 _____ () C:\Users\Karel\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Prosím o kontrolu logu. stává se mi často že se mi notebooak strašně pomalu spouští. Trvá to minuty. Jindy naběhne v celku normálně. Nevím co by to mohlo způsobovat.
Děkuji předem Bucek
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2021
Ran by Karel (24-04-2021 12:43:36)
Running from C:\Users\Karel\Downloads
Windows 10 Pro Version 20H2 19042.928 (X64) (2020-12-15 17:13:27)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2206319702-2973068575-2851948494-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2206319702-2973068575-2851948494-503 - Limited - Disabled)
Guest (S-1-5-21-2206319702-2973068575-2851948494-501 - Limited - Disabled)
Karel (S-1-5-21-2206319702-2973068575-2851948494-1001 - Administrator - Enabled) => C:\Users\Karel
WDAGUtilityAccount (S-1-5-21-2206319702-2973068575-2851948494-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AdGuard (HKLM-x32\...\{4aba1eab-3222-4eec-b751-fcc490bf0327}) (Version: 7.5.3430.0 - Adguard Software Ltd)
AdGuard (HKLM-x32\...\{685F6AB3-7C61-42D1-AE5B-3864E48D1035}) (Version: 7.5.3430.0 - Adguard Software Ltd) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20149 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Battlefield 4 (HKLM-x32\...\Battlefield 4_is1) (Version: - )
Drive Recorder Player (HKLM-x32\...\{CF01A21A-3EC1-43BE-BD99-4BC36A44BDDA}) (Version: 2.5.3 - Drive Recorder Player)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.85 - Google LLC)
HappyFoto (HKLM-x32\...\{621A70CA-32A5-4F50-A66C-C9C792580415}_is1) (Version: - Happy Foto CZ)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
i-Look 317 (HKLM-x32\...\{D8B883E4-DF64-4A91-B785-08FC9B78923D}) (Version: 1.0.0.14 - KYE)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.46 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4454.1004 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 21.052.0314.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.7 - Power Software Ltd)
Remote Mouse version 3.015 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 3.015 - Remote Mouse)
Rise of the Tomb Raider (HKLM-x32\...\{45F08513-973A-4C18-93FD-8E12B1908390}_is1) (Version: - Square Enix)
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.3.2 - TeamSpeak Systems GmbH)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
V380.1.2.4.767 (HKLM-x32\...\{8C07FBB4-BE5E-4FD7-B34B-80B052D44882}_is1) (Version: 1.2.4.767 - M@cro-video Technologies Co.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\Wargaming.net Game Center) (Version: 21.2.0.4803 - Wargaming.net)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
World of Tanks Common Test (HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\WOT.CT.PRODUCTION) (Version: - Wargaming.net)
World of Tanks EU (HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
World of Tanks Sandbox (HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\WOT.SB.PRODUCTION) (Version: - Wargaming.net)
ZLOrigin (HKLM-x32\...\ZLOrigin_is1) (Version: ZLOrigin - ZLOFENIX)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-06-29] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-20] (Microsoft Corporation)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa [2020-11-20] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-12-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-12-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.4072.0_x64__8wekyb3d8bbwe [2021-04-22] (Microsoft Studios) [MS Ad]
Remote Mouse -> C:\Program Files\WindowsApps\47900RemoteMouseTeam.486280E3D6CF9_3.0.0.0_x86__8nfdqpawkhd26 [2020-08-25] (Remote Mouse Team)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0 [2021-04-22] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2206319702-2973068575-2851948494-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-06-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-06-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-06-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-03-29 16:25 - 2014-09-09 13:30 - 000603648 _____ () [File not signed] C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll
2020-10-13 19:55 - 2019-04-19 17:12 - 001391104 _____ (Remote Mouse) [File not signed] C:\Program Files (x86)\Remote Mouse\windows_api.dll
2017-11-01 22:58 - 2017-11-01 22:58 - 001141248 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Adguard\SQLite.Interop.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://live.retetv.cz/watch-tv
SearchScopes: HKU\S-1-5-21-2206319702-2973068575-2851948494-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2021-04-18 13:04 - 2021-04-18 16:13 - 000000505 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Karel\Downloads\IMG_1766.JPG
DNS Servers: 77.48.254.254 - 77.48.100.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{EC1E7945-0749-4545-9E50-680A592E522A}] => (Allow) C:\Users\Karel\AppData\Local\Programs\Opera\67.0.3575.53\opera.exe => No File
FirewallRules: [{A0B9A70F-9615-4AE1-814E-8F489D0F2C65}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{12124292-B3A4-450F-A424-682DE2452ED0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{15F5F6C1-6113-4AB2-ABBA-9C85EABD0D33}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ACFBA099-67B5-49D3-B907-E5B6C70968DC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D229B291-7E3C-4F95-82E1-51C7301C983F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4FEF2751-CAD5-4476-9F60-E2F6B5BD896C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B2A62F4A-8A51-4BA0-B047-287140E12A68}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FE6C11D4-627B-46CF-97C8-96F34951F4C2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ABBA4A50-91BE-435D-9AC8-A765B0936DFD}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [File not signed]
FirewallRules: [{FB0728A7-29A3-4B96-A15F-D17E7E841FC5}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [File not signed]
FirewallRules: [{33011A7C-459E-46CD-A9EA-5A98CCCAE21D}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (remotemouse.net) [File not signed]
FirewallRules: [{58A0A0FB-D502-4D9B-BCDB-16A1D5651D35}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (remotemouse.net) [File not signed]
FirewallRules: [{B535A512-5488-4FA7-AD48-88B92AF8098C}] => (Block) C:\program files (x86)\v380\v380.exe (M@cro-video Technologies Co. -> ) [File not signed]
FirewallRules: [{D709A6DA-F6E4-4E6F-B099-35ACEF4B8BA8}] => (Block) C:\program files (x86)\v380\v380.exe (M@cro-video Technologies Co. -> ) [File not signed]
FirewallRules: [UDP Query User{7654EB22-F107-4781-B96C-A9876C81E877}C:\program files (x86)\v380\v380.exe] => (Allow) C:\program files (x86)\v380\v380.exe (M@cro-video Technologies Co. -> ) [File not signed]
FirewallRules: [TCP Query User{093C971C-DC17-4087-954E-2262BFF5AF95}C:\program files (x86)\v380\v380.exe] => (Allow) C:\program files (x86)\v380\v380.exe (M@cro-video Technologies Co. -> ) [File not signed]
FirewallRules: [{B0BEC8B6-49F2-4A83-BE41-0A5CA31D768F}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [UDP Query User{47FE237B-CA7F-4A56-82BD-644608D54948}C:\program files\windowsapps\47900remotemouseteam.486280e3d6cf9_3.0.0.0_x86__8nfdqpawkhd26\remotemouse\remotemouse.exe] => (Allow) C:\program files\windowsapps\47900remotemouseteam.486280e3d6cf9_3.0.0.0_x86__8nfdqpawkhd26\remotemouse\remotemouse.exe (remotemouse.net) [File not signed]
FirewallRules: [TCP Query User{3356BF5C-16F0-46D6-BFB6-FFD19D5B01AB}C:\program files\windowsapps\47900remotemouseteam.486280e3d6cf9_3.0.0.0_x86__8nfdqpawkhd26\remotemouse\remotemouse.exe] => (Allow) C:\program files\windowsapps\47900remotemouseteam.486280e3d6cf9_3.0.0.0_x86__8nfdqpawkhd26\remotemouse\remotemouse.exe (remotemouse.net) [File not signed]
FirewallRules: [UDP Query User{D4B73EDD-A583-47D2-9423-F9A8D70C015D}C:\games\battlefield 4\bf4_offline.exe] => (Allow) C:\games\battlefield 4\bf4_offline.exe (EA Digital Illusions CE AB) [File not signed]
FirewallRules: [TCP Query User{0BA12D52-809F-4ABF-AA4B-171AEF94C2F1}C:\games\battlefield 4\bf4_offline.exe] => (Allow) C:\games\battlefield 4\bf4_offline.exe (EA Digital Illusions CE AB) [File not signed]
FirewallRules: [{0A7EA1EF-BC60-4715-9760-EFABBF43A43C}] => (Block) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [{D78630BB-5A7F-49A1-82CB-45A4D386FA9B}] => (Block) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [UDP Query User{E7ABEBD2-AFA6-46D1-86DA-2EB3F0C463CF}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [TCP Query User{C0207B04-7F07-495F-A8E1-66EE9A17DC7B}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [{57DA0179-71A9-40AB-9F8F-E69850C61A1B}] => (Block) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{87F777E2-EAB8-4E42-B2CE-3883E1371A0B}] => (Block) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{6C2D337B-7F56-41B1-ADA1-E6E7D13412B1}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{B7D6704A-B7A0-4FA8-9DA7-84FF52CB552A}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{7A4B2D30-3EEF-411C-B8BB-B354F9E15EFF}] => (Block) C:\games\world_of_tanks_ct\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{DAFE3BFC-EA8B-4638-A361-9AD306B29FEC}] => (Block) C:\games\world_of_tanks_ct\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{F3FE886C-AE99-462C-9D08-9DFDF89562D5}C:\games\world_of_tanks_ct\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_ct\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{ACE695EB-3AFD-4096-BA0B-694F0D752B01}C:\games\world_of_tanks_ct\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_ct\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{558FA919-FEF3-4BAF-B1EF-B62C1B955683}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{95612BD8-74F2-4658-8A98-AE72058E1FEC}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{17CCE579-95CB-426C-B781-61C0A4C15059}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4EC38E69-3B81-4E0E-8DF2-13424A0BEDD8}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{80E4B090-B699-4183-AFDB-A54711208580}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8F7FCE55-F582-4C7F-9CF6-B244DF4375C7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{3E9B13E2-37A4-4B98-BB1B-3D8EDBC28A20}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{A62BECC8-ED7F-4604-B71A-2E012F335982}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{0086B9DF-1B61-4700-87A2-16B4F8A7B48C}] => (Allow) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{9A36D37E-708C-4E7A-B241-1A9A33C82175}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{87A76B14-F509-4506-9CD1-ED3B9A0D25D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{AA9A02D9-EDD6-4B5B-824B-D2E68BAA866D}C:\program files (x86)\relevantknowledge\rlvknlg.exe] => (Allow) C:\program files (x86)\relevantknowledge\rlvknlg.exe => No File
FirewallRules: [UDP Query User{9E88B1F7-BC2A-4E5B-953D-9D03C8244641}C:\program files (x86)\relevantknowledge\rlvknlg.exe] => (Allow) C:\program files (x86)\relevantknowledge\rlvknlg.exe => No File
FirewallRules: [TCP Query User{01493225-4413-4111-AAE3-B4DA717FE717}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe => No File
FirewallRules: [UDP Query User{B45CB2CB-25EC-4348-B060-C4A97C074CA4}C:\program files\avast software\avast\avastui.exe] => (Allow) C:\program files\avast software\avast\avastui.exe => No File
FirewallRules: [{B932F9A2-16FC-421F-96C1-9C04B000C0FB}] => (Allow) C:\Program Files (x86)\Adguard\AdguardSvc.exe (Adguard Software Limited -> Adguard Software Ltd)
FirewallRules: [TCP Query User{D05BCB2F-3431-46CA-8156-381AFEC420A5}C:\games\world_of_tanks_sandbox\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_sandbox\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{645EA0DA-7A44-4122-9682-7CE394178C8D}C:\games\world_of_tanks_sandbox\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_sandbox\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{1D2F4952-F98C-4993-AA24-BD3093A31B7B}] => (Block) C:\games\world_of_tanks_sandbox\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{40704D35-E765-469D-BC15-FF3448F6AF24}] => (Block) C:\games\world_of_tanks_sandbox\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{28FC7AB5-C068-46CB-A140-9C9954FD070D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8A69B047-1D5D-4975-962B-267A171F25B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8C817D25-6D6B-45CB-A314-2E8A845D4FA6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9BD27152-2517-4CB2-B6EA-B47A0B2AF28E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4D8DADDE-4FF3-4A66-B67B-ABAB4BEF2CEE}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{0FD72681-95E0-4DFF-A77D-585915ECB3D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{378452E0-5377-4021-8F62-43844C1B6492}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4355561D-16B4-4076-A13C-AEE51A35692E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ADFB7704-BF13-444E-B5B0-9571C68D09E8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{79ECC70F-E9F7-4733-8C20-3ACCAAE8C7CE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CED8D8AA-5946-4B9F-87BC-6330B566DBEE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{27B15526-F77C-4D9A-9441-877CECA98449}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BEF943C2-5477-48DC-9CF8-429C2C6B2A22}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A4F21D9B-50DF-495E-9DDD-D5CD355D9442}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
08-04-2021 17:47:13 Naplánovaný kontrolní bod
16-04-2021 19:43:11 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (04/24/2021 01:37:31 AM) (Source: Adguard) (EventID: 0) (User: )
Description: Switching logger to invalid state because of System.ObjectDisposedException: K zavřenému souboru nelze přistupovat.
Source: mscorlib
Stack trace: v System.IO.__Error.FileNotOpen()
v System.IO.FileStream.get_Length()
v Microsoft.VisualBasic.Logging.FileLogTraceListener.ResourcesAvailable(Int64 newEntrySize)
v Microsoft.VisualBasic.Logging.FileLogTraceListener.WriteLine(String message)
v omX9iF1cQtp6TYX8MDA.qYRbCoxd0(Object , String , omX9iF1cQtp6TYX8MDA )
v Adguard.Commons.Utils.Logger.QigljtVYvH(TraceLevel , Object )
Error: (04/23/2021 07:10:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameBar.exe, verze: 5.521.3093.0, časové razítko: 0x6047c0e0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.906, časové razítko: 0x2f2f77bf
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010b2dc
ID chybujícího procesu: 0x28d8
Čas spuštění chybující aplikace: 0x01d7377c3b35e731
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: ab84da0d-35e0-4960-be59-caf8e2054f53
Úplný název chybujícího balíčku: Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (04/22/2021 07:42:51 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (04/18/2021 12:55:55 PM) (Source: Adguard) (EventID: 0) (User: )
Description: Switching logger to invalid state because of System.ObjectDisposedException: K zavřenému souboru nelze přistupovat.
Source: mscorlib
Stack trace: v System.IO.__Error.FileNotOpen()
v System.IO.FileStream.get_Length()
v Microsoft.VisualBasic.Logging.FileLogTraceListener.ResourcesAvailable(Int64 newEntrySize)
v Microsoft.VisualBasic.Logging.FileLogTraceListener.WriteLine(String message)
v omX9iF1cQtp6TYX8MDA.qYRbCoxd0(Object , String , omX9iF1cQtp6TYX8MDA )
v Adguard.Commons.Utils.Logger.QigljtVYvH(TraceLevel , Object )
Error: (04/17/2021 03:57:46 AM) (Source: Adguard) (EventID: 0) (User: )
Description: Switching logger to invalid state because of System.NullReferenceException: Odkaz na objekt není nastaven na instanci objektu.
Source: Microsoft.VisualBasic
Stack trace: v Microsoft.VisualBasic.Logging.FileLogTraceListener.ResourcesAvailable(Int64 newEntrySize)
v Microsoft.VisualBasic.Logging.FileLogTraceListener.WriteLine(String message)
v omX9iF1cQtp6TYX8MDA.qYRbCoxd0(Object , String , omX9iF1cQtp6TYX8MDA )
v Adguard.Commons.Utils.Logger.QigljtVYvH(TraceLevel , Object )
Error: (04/16/2021 07:43:06 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (04/09/2021 03:39:43 PM) (Source: Adguard) (EventID: 0) (User: )
Description: Switching logger to invalid state because of System.ObjectDisposedException: K zavřenému souboru nelze přistupovat.
Source: mscorlib
Stack trace: v System.IO.__Error.FileNotOpen()
v System.IO.FileStream.get_Length()
v Microsoft.VisualBasic.Logging.FileLogTraceListener.ResourcesAvailable(Int64 newEntrySize)
v Microsoft.VisualBasic.Logging.FileLogTraceListener.WriteLine(String message)
v omX9iF1cQtp6TYX8MDA.qYRbCoxd0(Object , String , omX9iF1cQtp6TYX8MDA )
v Adguard.Commons.Utils.Logger.QigljtVYvH(TraceLevel , Object )
Error: (04/08/2021 07:37:03 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
System errors:
=============
Error: (04/22/2021 06:26:44 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4BNP6E3)
Description: Server Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/22/2021 03:02:22 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Windows Update se po přijetí pokynu pro vypnutí neukončila správně.
Error: (04/17/2021 04:16:06 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Biometrická služba systému Windows se po přijetí pokynu pro vypnutí neukončila správně.
Error: (04/14/2021 08:07:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240016): Aktualizace bezpečnostních informací pro produkt Microsoft Defender Antivirus - KB2267602 (verze 1.335.854.0).
Error: (04/08/2021 06:43:50 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/05/2021 04:32:54 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/05/2021 04:31:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4BNP6E3)
Description: Server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/31/2021 04:35:58 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4BNP6E3)
Description: Server microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2021-04-16 14:18:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {75C3B5D3-03BC-475A-BDF9-35EC3D7664B7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-04-13 15:02:31
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B5903105-359A-4F32-9831-AFDB20C62E02}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-04-11 14:39:55
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {92B960BD-3124-4B3F-9D4E-D8B588690BC6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-04-08 17:46:01
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0241039E-54B8-41B6-BA42-7747FE05EA64}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-04-08 12:31:13
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {4DA6C153-793A-4866-9303-F907665CA37C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-03-16 15:33:07
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.333.472.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17900.7
Kód chyby: 0x8024001e
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===============
Date: 2021-03-13 22:03:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\88.0.4324.190\chrome_elf.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-17 21:35:57
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2021-01-17 21:34:15
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Insyde F.00 05/27/2013
Motherboard: Hewlett-Packard 1967
Processor: Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz
Percentage of memory in use: 62%
Total physical RAM: 7964.03 MB
Available physical RAM: 3012.62 MB
Total Virtual: 9884.03 MB
Available Virtual: 3375.91 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.27 GB) (Free:539.58 GB) NTFS
Drive f: (NOVÝ SVAZEK) (Fixed) (Total:22.35 GB) (Free:22.34 GB) FAT32
\\?\Volume{ec2999ac-fa58-4d8f-b6b6-826e1bb89603}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{49c84e18-2197-4ed3-bb64-174b03a37ebe}\ () (Fixed) (Total:0.61 GB) (Free:0.08 GB) NTFS
\\?\Volume{f5726e69-c4e7-4999-a74d-dc61a56a07b2}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 373BA8B4)
Partition: GPT.
==========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: 9BD31F4E)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2021
Ran by Karel (administrator) on DESKTOP-4BNP6E3 (Hewlett-Packard HP ENVY 15 Notebook PC) (24-04-2021 12:36:24)
Running from C:\Users\Karel\Downloads
Loaded Profiles: Karel
Platform: Windows 10 Pro Version 20H2 19042.928 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
() [File not signed] C:\Windows\SysWOW64\UTSCSI.EXE
(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\Adguard.BrowserExtensionHost.exe
(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\Adguard.exe
(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\AdguardSvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <16>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\sttray64.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2103.17603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(Power Software Limited -> Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(remotemouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(RemoteMouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <3>
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\WargamingErrorMonitor.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-16] (IDT, Inc.) [File not signed]
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [455872 2020-06-22] (Power Software Limited -> Power Software Ltd)
HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1941368 2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [5703528 2020-11-20] (Adguard Software Limited -> Adguard Software Ltd)
HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536424 2021-04-14] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2206319702-2973068575-2851948494-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software, a.s. -> ZONER software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.85\Installer\chrmstp.exe [2021-04-23] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0BA9EBF8-7B2A-41F0-B963-5555711EE9DD} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2B47DE31-46CD-4316-A103-3863EDE5B5AF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {47F4379E-4696-4E45-A933-FAE49045921A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6477BF9B-9FDB-4FAF-B52F-E33121DBA720} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {849CAA7C-21CA-424C-BBC9-ACCC72DCD567} - System32\Tasks\Opera scheduled Autoupdate 1606832561 => C:\Users\Karel\AppData\Local\Programs\Opera\launcher.exe [1538584 2020-03-03] (Opera Software AS -> Opera Software)
Task: {8CB7E890-7041-436B-9283-5D76823D2E8A} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2884984 2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {907B5A07-54F2-402A-B255-474D08309EEB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-09] (Google LLC -> Google LLC)
Task: {9D34221E-9AC7-4348-B845-73E78BC001EC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {9D822505-C1B4-40A3-843E-6255741B4688} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A1FAE0A4-5B48-4BD4-B7C8-BAE2156B2CC0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AF05E4B6-25C6-4404-8DCF-78CEF1F7EE5A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {B2E13539-25DC-43E8-ABE9-5FFA7DBC8EDB} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B6981BCB-692E-4908-B72E-088385D94346} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {C4C799F6-1C96-41F1-9618-9F3ECB3EB4BE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {C70EC979-D2B6-49F1-98CD-1B6B591C2FCC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D58A0152-43DE-40BF-A21C-F2A202C363B6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\AdobeGCInvoker-1.0" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\Microsoft Office 15 Sync Maintenance for DESKTOP-4BNP6E3-Karel DESKTOP-4BNP6E3" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\OneDrive Per-Machine Standalone Update Task" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\Opera scheduled Autoupdate 1606832561" /ENABLE
Task: {D788444E-6D55-45B9-AC7A-ADCAA1469EA1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(20): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {D980F95D-962E-46E4-9FB4-2E02C2B0241A} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-4BNP6E3-Karel DESKTOP-4BNP6E3 => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {DC4BCEBA-11EC-4679-AE90-304C98B021A8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EEF56F44-7726-40E6-8383-E2C5151EEB5E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-09] (Google LLC -> Google LLC)
Task: {F9546E58-67D7-41AB-92ED-48ABF91A7614} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 77.48.254.254 77.48.100.254
Tcpip\..\Interfaces\{0d693702-71d4-4e64-8029-1d19634f5829}: [DhcpNameServer] 77.48.254.254 77.48.100.254
Tcpip\..\Interfaces\{0f816ee8-97d9-41b9-8ceb-3dd696d625f9}: [DhcpNameServer] 10.100.0.63 10.100.0.65
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Karel\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-14]
Edge HomePage: Default -> hxxps://www.seznam.cz/
Edge Extension: (AdBlock — best ad blocker) - C:\Users\Karel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2021-04-14]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-14] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default [2021-04-24]
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://meet.google.com; hxxps://www.mall.tv; hxxps://www.steersearch.com; hxxps://www17.darenjarvis.pro; hxxps://www1a.delmarmora.pro; hxxps://www1a.moshemartin.pro; hxxps://www1a.rudyvalencia.pro; hxxps://www1a.samcunningham.pro; hxxps://www21.elbaestes.pro; hxxps://www2a.michellehardin.pro; hxxps://www2a.rudyvalencia.pro; hxxps://www35.darenjarvis.pro; hxxps://www3a.samcunningham.pro; hxxps://www44.todhamilton.pro; hxxps://www50.elbaestes.pro; hxxps://www9.darenjarvis.pro
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Extension: (Prezentace) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-09]
CHR Extension: (Dokumenty) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-09]
CHR Extension: (Disk Google) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-27]
CHR Extension: (YouTube) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-09]
CHR Extension: (AdGuard asistent prohlížeče) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbohpolgemkbfphodcfgnpjcmedcjhpn [2021-03-04]
CHR Extension: (Tabulky) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-23]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-04-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Weather Underground) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2020-03-12]
CHR Extension: (Gmail) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-24]
CHR Profile: C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-12-25]
CHR Profile: C:\Users\Karel\AppData\Local\Google\Chrome\User Data\System Profile [2021-03-28]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [177000 2020-11-20] (Adguard Software Limited -> Adguard Software Ltd)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\FileSyncHelper.exe [2218872 2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [410864 2021-01-25] (NVIDIA Corporation -> NVIDIA)
S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2457520 2020-10-29] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-04-17] (Malwarebytes Inc -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\OneDriveUpdaterService.exe [2603368 2021-04-08] (Microsoft Corporation -> Microsoft Corporation)
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [11264 2020-09-23] () [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5361256 2021-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
R2 UTSCSI; C:\Windows\SysWOW64\UTSCSI.EXE [45056 2020-10-23] () [File not signed]
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [100384 2016-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 adgnetworkwfpdrv; C:\WINDOWS\System32\drivers\adgnetworkwfpdrv.sys [93184 2020-04-07] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 Btcsrusb; C:\WINDOWS\System32\Drivers\btcusb.sys [53488 2020-10-29] (IVT CORPORATION -> IVT Corporation.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BTWDPAN; C:\WINDOWS\System32\drivers\btwdpan.sys [84008 2020-10-29] (Broadcom Corporation -> Broadcom Corporation.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-04-19] (Malwarebytes Inc -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-04-19] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-04-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-04-22] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-04-22] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-19] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [157944 2021-04-22] (Malwarebytes Inc -> Malwarebytes)
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1219200 2015-06-03] (MEDIATEK INC. -> Ralink Technology, Corp.)
S3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [934896 2020-10-29] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [551936 2013-08-16] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [421088 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-04-24 12:36 - 2021-04-24 12:38 - 000027097 _____ C:\Users\Karel\Downloads\FRST.txt
2021-04-24 12:35 - 2021-04-24 12:37 - 000000000 ____D C:\FRST
2021-04-24 12:33 - 2021-04-24 12:33 - 002298368 _____ (Farbar) C:\Users\Karel\Downloads\FRST64.exe
2021-04-23 19:19 - 2021-04-23 19:19 - 002772210 _____ C:\Users\Karel\Downloads\Photos (15).zip
2021-04-22 15:04 - 2021-04-22 15:04 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-04-22 15:04 - 2021-04-22 15:04 - 000157944 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-04-22 15:04 - 2021-04-22 15:04 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-04-19 15:36 - 2021-04-19 15:36 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-04-19 15:36 - 2021-04-19 15:36 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-04-18 13:04 - 2021-04-18 16:13 - 000000505 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-04-17 11:38 - 2021-04-17 11:38 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-04-17 11:38 - 2021-04-17 11:38 - 000001981 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-04-17 11:37 - 2021-04-19 15:36 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-04-17 11:37 - 2021-04-17 11:36 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-04-17 11:35 - 2021-04-17 11:35 - 000000000 ____D C:\Program Files\Malwarebytes
2021-04-17 11:34 - 2021-04-17 11:35 - 205090224 _____ (Malwarebytes) C:\Users\Karel\Downloads\mb4-setup-consumer-4.3.0.210-1.0.1173-1.0.37263.exe
2021-04-16 20:58 - 2021-04-16 20:58 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-16 20:57 - 2021-04-16 20:57 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-16 20:56 - 2021-04-16 20:56 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-16 11:13 - 2021-04-16 11:13 - 000510026 _____ C:\Users\Karel\Downloads\2203589099.pdf
2021-04-08 19:45 - 2021-04-22 15:02 - 088342528 _____ C:\WINDOWS\system32\config\SOFTWARE
2021-04-02 20:15 - 2021-04-02 20:15 - 008489331 _____ C:\Users\Karel\Downloads\Photos (13).zip
2021-04-02 20:15 - 2021-04-02 20:15 - 004179157 _____ C:\Users\Karel\Downloads\Photos (14).zip
2021-03-30 20:28 - 2021-03-30 20:28 - 000030147 _____ C:\Users\Karel\Downloads\ceník-duben-2021-23.xlsx
2021-03-29 19:06 - 2021-03-29 19:06 - 001241215 _____ C:\Users\Karel\Downloads\prilohy_81872.zip
2021-03-29 16:28 - 2021-03-29 16:28 - 000000000 ____D C:\Users\Karel\AppData\Roaming\Zoner
2021-03-29 16:28 - 2021-03-29 16:28 - 000000000 ____D C:\Users\Karel\AppData\Local\Zoner
2021-03-29 16:27 - 2014-12-26 00:31 - 000000000 ____D C:\Users\Karel\Downloads\ZPS 17 - Proof license key By Bouberri
2021-03-29 16:26 - 2021-03-29 16:26 - 000001991 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Zoner Photo Studio 17.lnk
2021-03-29 16:26 - 2021-03-29 16:26 - 000001985 _____ C:\Users\Public\Desktop\Zoner Photo Studio 17.lnk
2021-03-29 16:26 - 2021-03-29 16:26 - 000000000 ____D C:\ProgramData\Zoner
2021-03-29 16:25 - 2021-03-29 16:28 - 000000000 ____D C:\Program Files\Zoner
2021-03-29 16:24 - 2021-03-29 16:24 - 080570448 _____ (ZONER software ) C:\Users\Karel\Downloads\zps17_cz.exe
2021-03-29 16:23 - 2021-03-29 16:23 - 000195433 _____ C:\Users\Karel\Downloads\ZPS 17 - Proof license key By Bouberri (1).exe
2021-03-28 12:40 - 2021-03-28 12:42 - 028821233 _____ C:\Users\Karel\Downloads\Photos (12).zip
2021-03-28 11:50 - 2021-03-28 11:51 - 011728766 _____ C:\Users\Karel\Downloads\Photos (11).zip
2021-03-28 11:39 - 2021-03-28 11:42 - 117254506 _____ C:\Users\Karel\Downloads\Photos (10).zip
2021-03-27 20:45 - 2021-03-27 20:45 - 000098842 _____ C:\Users\Karel\Downloads\812835-jaz-solaya-ex-sol-y-mar (1).webp
2021-03-27 20:43 - 2021-03-27 20:43 - 000113626 _____ C:\Users\Karel\Downloads\391535-jaz-solaya-ex-sol-y-mar.webp
2021-03-27 20:42 - 2021-03-27 20:42 - 000098842 _____ C:\Users\Karel\Downloads\812835-jaz-solaya-ex-sol-y-mar.webp
2021-03-27 20:39 - 2021-03-27 20:39 - 000530423 _____ C:\Users\Karel\Downloads\jaza.html
2021-03-27 20:39 - 2021-03-27 20:39 - 000000000 ____D C:\Users\Karel\Downloads\jaza_files
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-04-24 12:39 - 2020-12-01 16:33 - 000000000 ____D C:\ProgramData\Adguard
2021-04-24 12:33 - 2020-06-03 23:51 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-24 12:33 - 2020-06-03 23:51 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-04-24 12:33 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-24 12:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-24 12:28 - 2020-03-09 20:08 - 000000000 ____D C:\ProgramData\NVIDIA
2021-04-24 12:27 - 2020-12-15 18:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-24 01:37 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-23 20:13 - 2020-12-15 19:12 - 000005264 _____ C:\WINDOWS\system32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-4BNP6E3-Karel DESKTOP-4BNP6E3
2021-04-23 19:17 - 2020-03-09 20:02 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-23 19:17 - 2020-03-09 20:02 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-04-23 19:14 - 2020-12-15 18:53 - 000000000 ____D C:\Users\Karel
2021-04-23 19:11 - 2020-03-12 13:35 - 000000000 ____D C:\Users\Karel\AppData\Local\CrashDumps
2021-04-22 15:18 - 2020-05-01 12:56 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-04-22 15:09 - 2020-12-15 19:12 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-22 15:09 - 2020-12-15 19:12 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-22 15:07 - 2020-03-09 20:03 - 000000000 ___RD C:\Users\Karel\OneDrive
2021-04-22 15:06 - 2021-02-03 08:57 - 000000000 ____D C:\Program Files (x86)\Adguard
2021-04-22 15:04 - 2020-03-09 19:56 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-04-22 15:04 - 2020-03-09 19:56 - 000000000 __SHD C:\Users\Karel\IntelGraphicsProfiles
2021-04-22 15:03 - 2020-12-15 19:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-22 15:03 - 2020-12-15 18:46 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-22 15:03 - 2020-03-09 20:12 - 000000000 ____D C:\ProgramData\Synaptics
2021-04-22 15:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-04-22 15:02 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-04-18 13:09 - 2020-12-15 19:03 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-18 13:09 - 2019-12-07 16:43 - 000683540 _____ C:\WINDOWS\system32\perfh005.dat
2021-04-18 13:09 - 2019-12-07 16:43 - 000137320 _____ C:\WINDOWS\system32\perfc005.dat
2021-04-18 13:09 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-17 11:37 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-17 04:18 - 2020-12-15 18:46 - 000442088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-17 04:14 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-17 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-16 21:11 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-16 20:55 - 2020-12-15 18:51 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-04-16 20:11 - 2020-03-14 18:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-16 20:08 - 2020-03-14 18:00 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-04-16 19:55 - 2020-03-13 21:14 - 000000000 ____D C:\Users\Karel\AppData\Roaming\vlc
2021-04-13 07:22 - 2021-01-12 10:25 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6d303b1e92f93
2021-04-13 07:22 - 2020-12-15 19:12 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-11 10:13 - 2020-03-09 19:40 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-04-08 19:45 - 2021-01-18 23:20 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2021-04-08 18:46 - 2020-03-12 15:54 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2021-04-08 17:35 - 2020-12-15 19:12 - 000003206 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-04-08 17:35 - 2020-03-12 15:54 - 000002172 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-31 22:23 - 2020-03-09 19:54 - 000000000 ____D C:\Users\Karel\AppData\Local\Packages
2021-03-28 21:43 - 2020-03-09 20:06 - 000000000 ____D C:\Users\Karel\AppData\Local\Comms
==================== Files in the root of some directories ========
2020-11-13 18:05 - 2020-11-13 18:05 - 000000259 _____ () C:\ProgramData\fontcacheev1.dat
2020-03-12 13:42 - 2020-03-12 13:42 - 000000410 _____ () C:\Users\Karel\AppData\Local\oobelibMkey.log
2020-12-01 16:19 - 2020-12-01 16:19 - 000016438 _____ () C:\Users\Karel\AppData\Local\partner.bmp
2020-08-18 21:55 - 2020-08-18 21:55 - 000000017 _____ () C:\Users\Karel\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
