Zdlouhavé načítání PC
Napsal: 15 črc 2021 12:10
Dobrý den,
rád bych vás požádal o radu. Vždy, když po delší době (např. po hodině) zapínám počítač, tak načítání win 10 trvá neúměrně dlouho (5 minut). Během načítání se PC několikrát restartuje. BIOS najede v klidu, ale pak je jen černá obrazovka, dioda zapínání monitoru slabě problikává a nic. Po samovolných restartech se WIN načte, ale, jak píši, trvá mu to. Poté vše jede bez problémů. Nemohu najít nikde radu co s tím.
Zde přikládám log z FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-07-2021
Ran by tompson (administrator) on DESKTOP-B8557MG (15-07-2021 13:06:20)
Running from D:\nove
Loaded Profiles: tompson
Platform: Windows 10 Home Version 2004 19041.1110 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <50>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12105.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.6282.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.6282.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21061.10121.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Spotify AB -> Spotify Ltd) C:\Users\kubec\AppData\Roaming\Spotify\Spotify.exe <6>
(WellWeWeb) [File not signed] C:\Program Files (x86)\WellWeWeb\CheVolume\CheVolume.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9246656 2018-01-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319544 2019-02-26] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [330280 2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3519096 2021-06-15] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1729368 2021-07-04] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\Run: [Spotify] => C:\Users\kubec\AppData\Roaming\Spotify\Spotify.exe [24155776 2021-07-09] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2647824122-2969461199-3588900344-1002\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\marke\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-2647824122-2969461199-3588900344-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\marke\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-2647824122-2969461199-3588900344-1002\...\RunOnce: [Uninstall 21.062.0328.0001\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\marke\AppData\Local\Microsoft\OneDrive\21.062.0328.0001\amd64"
HKU\S-1-5-21-2647824122-2969461199-3588900344-1002\...\RunOnce: [Uninstall 21.062.0328.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\marke\AppData\Local\Microsoft\OneDrive\21.062.0328.0001"
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3519096 2021-06-15] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HPLJ1020LM: C:\Windows\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\PDF-XChange5-ABBYY: C:\WINDOWS\system32\pxc50pma.dll [58936 2014-11-13] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe [2021-07-02] (Google LLC -> Google LLC)
Startup: C:\Users\kubec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CheVolume.lnk [2020-06-10]
ShortcutTarget: CheVolume.lnk -> C:\Users\kubec\AppData\Roaming\Microsoft\Installer\{EF2B6047-07B9-4D62-BD1E-7A8698BDE01C}\_CD23FCF4A62C8802B55F5B.exe () [File not signed]
Startup: C:\Users\kubec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2019-11-22]
ShortcutTarget: Twitch.lnk -> C:\Users\kubec\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04759541-175F-4A37-95FE-D1F2687544D9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {19EBAF6F-510C-4390-87F2-BAD1D47EE5D0} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1AED448E-8CC3-48B2-877A-A0BF097F989C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147304 2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {1C09EB0A-F261-4A02-8C96-095112689E9F} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2029640D-63C8-447A-B29F-3A31678E2709} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2BB27E4B-8BF8-4923-BD93-C97C2E50C614} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [29757392 2021-02-04] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {348F7E36-9EBF-4C6D-BCF7-8254D2D1D565} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2651216 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {3CD46FF8-6B0C-4897-B4FD-D0A4767B7839} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [267080 2021-07-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {58576D20-A8DE-4720-AF1D-1FFD097A0196} - System32\Tasks\Opera scheduled Autoupdate 1556966806 => C:\Users\kubec\AppData\Local\Programs\Opera\launcher.exe
Task: {59EBD205-F38C-47E8-8C7F-A898D21A6932} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5311432 2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {6529A986-386B-415D-B638-B3A976CB899C} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {73416CEA-BECD-4FAC-8790-DE18B6082B67} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {7E079764-19A0-4D61-A492-6DAF676B0FBE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5311432 2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {7F8AE12E-3F19-4DB2-9F17-C9A3CEA09DCC} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {85FEB762-254C-4B32-A6B1-23E66DFE3324} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23180168 2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {87B8EFCD-FDAB-48B5-8499-F1D0178ACECB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9C0C3BE7-6B0F-46F9-BA0D-B090D3D6533E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AF3BBA7A-195B-4719-86AA-30D76D3C9FA6} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2476376 2021-07-04] (Overwolf Ltd -> Overwolf LTD)
Task: {B4392E72-41B8-479A-99B0-00E3812F1DB4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-27] (Google LLC -> Google LLC)
Task: {B5D8456F-8A17-488B-88E3-74C0D0058D6E} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1628464 2021-07-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {BB4DE69A-2727-4FDE-B211-5581A6A07CF0} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [330280 2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {BE0B6865-EE56-436B-8B48-BAC9B00AB97C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23180168 2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {C022D8F9-9296-4172-B291-000481AAA4BA} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C45C110D-6004-4FB5-B817-AC8E6A5F3805} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-27] (Google LLC -> Google LLC)
Task: {CD538556-4C30-4CD3-BE31-367FB6756AF7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147304 2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {D03C3E84-9182-4AA2-ABA6-31A76C668C62} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {D71A7272-C8C7-45C6-B685-E3D2B6F19D24} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [248552 2021-07-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {E73ADCA9-A28B-42D1-98F5-66075263E7E3} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{55d45ec7-bb4e-42fc-b0d9-76c0041f5fbf}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a5f07f0a-77cf-41fd-81ce-d05bb85f37a7}: [DhcpNameServer] 192.168.42.129
Edge:
=======
DownloadDir: F:\sber
Edge Notifications: HKU\S-1-5-21-2647824122-2969461199-3588900344-1001 -> hxxps://www.ufreegames.com
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\kubec\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-14]
Edge DownloadDir: Default -> F:\sber
Edge Notifications: Default -> hxxps://www.ufreegames.com
Edge HomePage: Default -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF ProfilePath: C:\Users\kubec\AppData\Roaming\Mozilla\Firefox\Profiles\bBIdqqE1.default [2019-05-03]
FF Extension: (Avira Browser Safety) - C:\Users\kubec\AppData\Roaming\Mozilla\Firefox\Profiles\bBIdqqE1.default\Extensions\abs@avira.com [2019-05-03]
FF Extension: (Avira Password Manager) - C:\Users\kubec\AppData\Roaming\Mozilla\Firefox\Profiles\bBIdqqE1.default\Extensions\passwordmanager@avira.com [2019-05-03]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-06-24] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default [2021-07-15]
CHR DownloadDir: G:\sber
CHR Notifications: Default -> hxxps://aternos.org; hxxps://calendar.google.com; hxxps://cs.verdauung-info.com; hxxps://hoopgame.net; hxxps://kolagames.com; hxxps://mail.google.com; hxxps://meet.google.com; hxxps://www.gamesbs.com; hxxps://www.gamezhero.com; hxxps://www.gogy.com; hxxps://www.h5gamestreet.com; hxxps://www.knihcentrum.cz; hxxps://www.megaknihy.cz; hxxps://www.ufreegames.com
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR NewTab: Default -> Not-active:"chrome-extension://ipmkfpcnmccejididiaagpgchgjfajgp/html/newtab.html"
CHR Extension: (Prezentace) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-03]
CHR Extension: (Titulky plus) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\abgigldmglfimgechooinbdblfmipabb [2019-05-03]
CHR Extension: (Dokumenty) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-03]
CHR Extension: (Disk Google) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-03]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-19]
CHR Extension: (Tabulky) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-03]
CHR Extension: (Avira Browser Safety) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2021-07-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-24]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-07-09]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2020-09-22]
CHR Extension: (EPUBReader) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhhclmfgfllimlhabjkgkeebkbiadflb [2020-06-23]
CHR Extension: (Google Meet Breakout Rooms by Robert Hudek) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\kogfdlbehkaeoafmgaecphlnhohpabig [2021-06-25]
CHR Extension: (Meet Plus for Google Meet) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfjgknkjfjmnjdgdhbbmmbkoddgpdoc [2021-06-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Flat for Education - Music notation editor) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\nomkpimaohgaamiipecibpchogmfhgba [2021-01-18]
CHR Extension: (Gmail) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-26]
CHR Profile: C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-03-30]
CHR Extension: (Prezentace) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-03-30]
CHR Extension: (Dokumenty) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-03-30]
CHR Extension: (Disk Google) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-30]
CHR Extension: (YouTube) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-03-30]
CHR Extension: (Avira Password Manager) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-03-30]
CHR Extension: (Tabulky) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-03-30]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-03-30]
CHR Extension: (Avira Browser Safety) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2021-03-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-30]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-03-30]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2021-03-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-30]
CHR Extension: (Gmail) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-30]
CHR Profile: C:\Users\kubec\AppData\Local\Google\Chrome\User Data\System Profile [2021-03-29]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
Opera:
=======
OPR Profile: C:\Users\kubec\AppData\Roaming\Opera Software\Opera Stable [2020-09-21]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 ABBYY.Licensing.PDFTransformer.Classic.4.0; C:\Program Files (x86)\ABBYY PDF Transformer+\NetworkLicenseServer.exe [962256 2014-12-02] (ABBYY Production LLC -> ABBYY Production LLC)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1208432 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [537472 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484904 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484904 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [575776 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-05-08] (ASUSTeK Computer Inc. -> )
S4 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] (ASUSTeK Computer Inc. -> ) [File not signed]
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [383976 2021-05-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [264880 2021-07-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [159080 2021-04-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9056656 2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
S4 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1874272 2021-04-18] (GOG Sp. z o.o. -> GOG.com)
S4 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-04-18] (GOG Sp. z o.o. -> GOG.com)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7462200 2021-07-12] (Malwarebytes Inc -> Malwarebytes)
S4 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [974168 2021-06-24] (McAfee, LLC -> McAfee, LLC)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2519864 2020-09-28] (Electronic Arts, Inc. -> Electronic Arts)
S4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3473216 2020-09-28] (Electronic Arts, Inc. -> Electronic Arts)
S4 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2476376 2021-07-04] (Overwolf Ltd -> Overwolf LTD)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-03-22] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294520 2021-06-10] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533808 2021-01-29] (Razer USA Ltd. -> Razer Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-05-08] (ASUSTeK Computer Inc. -> )
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [209744 2021-03-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-05] (Bluestack Systems, Inc -> Bluestack System Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-04-05] (Malwarebytes Inc -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-07-12] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-07-15] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69016 2021-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-25] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156880 2021-07-15] (Malwarebytes Inc -> Malwarebytes)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2020-03-18] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [54632 2021-03-30] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_006e; C:\WINDOWS\System32\drivers\RzDev_006e.sys [56152 2021-03-22] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0306; C:\WINDOWS\System32\drivers\RzDev_0306.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
U3 aswbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-07-15 13:03 - 2021-07-15 13:06 - 000000000 ____D C:\FRST
2021-07-15 11:56 - 2021-07-15 11:56 - 000000000 ____D C:\WINDOWS\LastGood
2021-07-15 11:53 - 2021-07-15 11:53 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-07-15 11:53 - 2021-07-15 11:53 - 000156880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-07-15 11:53 - 2021-07-15 11:53 - 000069016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-07-14 14:21 - 2021-07-14 14:21 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-14 14:21 - 2021-07-14 14:21 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-14 14:21 - 2021-07-14 14:21 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-14 14:21 - 2021-07-14 14:21 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-14 14:20 - 2021-07-14 14:20 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-14 14:20 - 2021-07-14 14:20 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-14 08:22 - 2021-06-21 10:43 - 000037664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-07-14 08:21 - 2021-06-22 03:25 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-07-14 08:21 - 2021-06-22 03:25 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-07-14 08:21 - 2021-06-22 03:25 - 001474336 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-07-14 08:21 - 2021-06-22 03:25 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-07-14 08:21 - 2021-06-22 03:25 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-07-14 08:21 - 2021-06-22 03:25 - 001212192 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-07-14 08:21 - 2021-06-22 03:25 - 001097832 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-07-14 08:21 - 2021-06-22 03:25 - 001097832 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-07-14 08:21 - 2021-06-22 03:25 - 000951912 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-07-14 08:21 - 2021-06-22 03:25 - 000951912 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-07-14 08:21 - 2021-06-22 03:21 - 001519384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-07-14 08:21 - 2021-06-22 03:21 - 001170224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-07-14 08:21 - 2021-06-22 03:21 - 000715568 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-07-14 08:21 - 2021-06-22 03:21 - 000675088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-07-14 08:21 - 2021-06-22 03:21 - 000641328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-07-14 08:21 - 2021-06-22 03:21 - 000575792 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-07-14 08:21 - 2021-06-22 03:21 - 000563992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-07-14 08:21 - 2021-06-22 03:20 - 002111264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-07-14 08:21 - 2021-06-22 03:20 - 001594656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-07-14 08:21 - 2021-06-22 03:20 - 000917280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-07-14 08:21 - 2021-06-22 03:20 - 000748832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-07-14 08:21 - 2021-06-22 03:20 - 000704792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-07-14 08:21 - 2021-06-21 10:43 - 000082968 _____ C:\WINDOWS\system32\nvinfo.pb
2021-07-14 08:20 - 2021-06-22 03:19 - 008852760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-07-14 08:20 - 2021-06-22 03:19 - 007918872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-07-14 08:20 - 2021-06-22 03:19 - 004986648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-07-14 08:20 - 2021-06-22 03:19 - 002924304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-07-14 08:20 - 2021-06-22 03:19 - 000446744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-07-14 08:20 - 2021-06-22 03:18 - 000848672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-07-14 08:20 - 2021-06-22 03:17 - 006215312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-07-14 08:18 - 2021-05-04 09:49 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2021-07-12 19:06 - 2021-07-12 19:06 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-07-12 18:15 - 2021-07-12 18:15 - 000000000 ____D C:\WINDOWS\pss
2021-07-12 17:44 - 2021-07-12 17:44 - 000000112 ___SH C:\bootTel.dat
2021-07-08 18:46 - 2021-07-11 14:43 - 000002026 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray
2021-07-07 16:02 - 2021-07-07 16:02 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-07-07 16:02 - 2021-07-07 16:02 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-07-07 16:02 - 2021-07-07 16:02 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-07-07 16:02 - 2021-07-07 16:02 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-07-07 16:01 - 2021-07-07 16:01 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-07-07 16:01 - 2021-07-07 16:01 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-07-07 16:01 - 2021-07-07 16:01 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-07-07 16:01 - 2021-07-07 16:01 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-07-07 16:01 - 2021-07-07 16:01 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-07-07 16:01 - 2021-07-07 16:01 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-06-23 15:42 - 2021-07-11 14:43 - 000002814 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2021-06-15 08:17 - 2021-07-14 22:22 - 000000000 ____D C:\Users\kubec\AppData\Local\Spotify
2021-06-15 08:17 - 2021-06-15 08:17 - 000001836 _____ C:\Users\kubec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-07-15 13:06 - 2020-10-24 09:32 - 000000000 ____D C:\Users\marke
2021-07-15 13:03 - 2020-05-24 12:56 - 000000000 ____D C:\Users\kubec\AppData\Roaming\Spotify
2021-07-15 12:58 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-15 12:25 - 2019-05-03 17:21 - 000000000 ____D C:\ProgramData\NVIDIA
2021-07-15 12:06 - 2020-08-09 14:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-07-15 12:01 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-15 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-07-15 12:00 - 2020-08-09 14:50 - 001620048 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-15 12:00 - 2019-12-07 16:41 - 000690262 _____ C:\WINDOWS\system32\perfh005.dat
2021-07-15 12:00 - 2019-12-07 16:41 - 000134838 _____ C:\WINDOWS\system32\perfc005.dat
2021-07-15 12:00 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-07-15 11:53 - 2020-08-09 14:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-07-15 11:53 - 2020-08-09 14:47 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-15 11:53 - 2019-05-03 18:44 - 000000000 ____D C:\Users\Public\Speedup Sessions
2021-07-14 23:17 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-07-14 17:21 - 2020-08-09 14:48 - 000367232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-14 14:22 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-14 14:16 - 2019-05-03 17:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-14 14:14 - 2019-05-03 17:41 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-07-14 08:24 - 2019-05-03 17:30 - 000000000 ____D C:\Users\kubec\AppData\Local\NVIDIA
2021-07-14 08:18 - 2020-08-09 14:55 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2019-05-03 17:21 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-07-14 08:18 - 2019-05-03 17:21 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-07-14 08:18 - 2019-05-03 17:21 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-07-14 08:17 - 2020-12-13 22:23 - 000001476 _____ C:\Users\kubec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NVIDIA GeForce NOW.lnk
2021-07-14 08:17 - 2019-05-03 17:30 - 000000000 ____D C:\Users\kubec\AppData\Local\NVIDIA Corporation
2021-07-13 22:51 - 2020-08-09 14:48 - 000000000 ____D C:\Users\kubec
2021-07-13 17:59 - 2020-07-01 06:36 - 000000000 ____D C:\Users\kubec\AppData\Roaming\.minecraft
2021-07-12 19:06 - 2020-08-10 19:18 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-07-12 18:41 - 2019-05-29 12:32 - 000000000 ____D C:\Program Files (x86)\Steam
2021-07-12 18:17 - 2020-03-05 22:18 - 000000000 ____D C:\ProgramData\AVAST Software
2021-07-12 18:17 - 2019-05-03 18:38 - 000000000 ____D C:\Users\kubec\AppData\Roaming\Twitch
2021-07-12 17:52 - 2021-01-10 20:51 - 000000000 ____D C:\Users\kubec\AppData\Local\Overwolf
2021-07-11 14:43 - 2021-05-09 09:17 - 000002966 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper
2021-07-11 14:43 - 2021-01-10 20:52 - 000003244 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2021-07-11 14:43 - 2020-10-24 09:33 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2647824122-2969461199-3588900344-1002
2021-07-11 14:43 - 2020-08-09 14:55 - 000003604 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1556966806
2021-07-11 14:43 - 2020-08-09 14:55 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-11 14:43 - 2020-08-09 14:55 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-07-11 14:43 - 2020-08-09 14:55 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-07-11 14:43 - 2020-08-09 14:55 - 000003220 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2021-07-11 14:43 - 2020-08-09 14:55 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-07-11 14:43 - 2020-08-09 14:55 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2647824122-2969461199-3588900344-1001
2021-07-11 14:43 - 2020-08-09 14:55 - 000002862 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupUpdate
2021-07-11 14:43 - 2020-08-09 14:55 - 000002790 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2021-07-11 14:43 - 2020-08-09 14:55 - 000002566 _____ C:\WINDOWS\system32\Tasks\Avira_Antivirus_Systray
2021-07-11 09:58 - 2019-10-12 11:42 - 000000000 ____D C:\Users\kubec\AppData\Local\CrashDumps
2021-07-11 09:58 - 2019-05-03 17:19 - 000000000 ___RD C:\Users\kubec\OneDrive
2021-07-11 09:57 - 2020-08-09 14:48 - 000002381 _____ C:\Users\kubec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-07-11 09:55 - 2020-06-10 11:08 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-10 11:07 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-07-10 11:06 - 2020-08-18 17:01 - 000000000 _____ C:\end
2021-07-08 18:46 - 2020-11-26 17:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-07-08 18:46 - 2019-05-03 18:08 - 000000000 ____D C:\ProgramData\Avira
2021-07-08 18:46 - 2019-05-03 18:08 - 000000000 ____D C:\Program Files (x86)\Avira
2021-07-08 18:46 - 2019-05-03 17:29 - 000000000 ____D C:\ProgramData\Package Cache
2021-07-07 20:33 - 2019-05-06 09:53 - 000000000 ____D C:\Program Files\Microsoft Office
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-07-07 08:29 - 2021-01-10 20:52 - 000000000 ____D C:\Program Files (x86)\Overwolf
2021-07-02 07:27 - 2020-10-24 09:33 - 000000000 ___RD C:\Users\marke\OneDrive
2021-07-02 07:27 - 2020-10-24 09:32 - 000002365 _____ C:\Users\marke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-07-02 07:27 - 2020-10-24 09:32 - 000000000 ____D C:\Users\marke\AppData\Local\Packages
2021-07-02 07:06 - 2020-01-27 08:34 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-28 15:12 - 2019-11-28 15:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2021-06-27 10:36 - 2019-05-03 17:17 - 000000000 ____D C:\Users\kubec\AppData\Local\Packages
2021-06-25 18:22 - 2019-05-06 08:04 - 000000000 ____D C:\Users\kubec\AppData\Roaming\GHISLER
2021-06-25 14:36 - 2021-04-05 12:43 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-06-23 19:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-06-22 03:17 - 2020-07-17 14:51 - 007279232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-06-21 10:43 - 2020-07-17 14:51 - 000136472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-06-20 10:51 - 2021-01-24 08:42 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-15 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
==================== Files in the root of some directories ========
2020-02-03 17:51 - 2020-03-29 18:38 - 000005120 _____ () C:\Users\kubec\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-11-11 20:03 - 2019-11-11 20:03 - 000005539 _____ () C:\Users\kubec\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-07-2021
Ran by tompson (15-07-2021 13:07:20)
Running from D:\nove
Windows 10 Home Version 2004 19041.1110 (X64) (2020-08-09 12:55:36)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2647824122-2969461199-3588900344-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2647824122-2969461199-3588900344-503 - Limited - Disabled)
Guest (S-1-5-21-2647824122-2969461199-3588900344-501 - Limited - Disabled)
marke (S-1-5-21-2647824122-2969461199-3588900344-1002 - Limited - Enabled) => C:\Users\marke
tompson (S-1-5-21-2647824122-2969461199-3588900344-1001 - Administrator - Enabled) => C:\Users\kubec
WDAGUtilityAccount (S-1-5-21-2647824122-2969461199-3588900344-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABBYY PDF Transformer+ (HKLM\...\{FA400000-0001-6400-0000-074957833700}) (Version: 4.2.186 - ABBYY Production LLC)
Advanced Combat Tracker (remove only) (HKLM-x32\...\Advanced Combat Tracker) (Version: - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2104.2083 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.37.4.17510 - Avira Operations GmbH & Co. KG) Hidden
Avira Privacy Pal (HKLM-x32\...\{F2BC8305-DFBE-4C02-A906-9BBD8EE299A3}_is1) (Version: 2.4.0.1962 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.51.20724 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG;)
Avira Software Updater (HKLM-x32\...\{5FFF909D-D88F-42B9-9A85-328A1290611C}) (Version: 2.0.6.48309 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.10.0.11063 - Avira Operations GmbH & Co. KG) Hidden
Balíček ovladače systému Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.)
Battle Chasers Nightwar (HKLM-x32\...\1345854066_is1) (Version: v.22997 - GOG.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bloody7 (HKLM-x32\...\Bloody3) (Version: 19.09.0012 - Bloody)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.280.1.1002 - BlueStack Systems, Inc.)
Citra (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\{18cc945c-4224-43c6-816f-bfa84edfa023}) (Version: 1.0.0 - Citra Team)
CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.)
CurseForge (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.177.1.5 - Overwolf app)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Divinity: Original Sin 2 (HKLM-x32\...\1584823040_is1) (Version: 3.6.69.4648(a) - GOG.com)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Epic Battle Fantasy 5 version 1.2 (HKLM-x32\...\{6C18D3AF-52C5-4530-A64E-5359153BA9AB}_is1) (Version: 1.2 - DELiGHT 2018)
FastStone Image Viewer 7.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.5 - FastStone Soft)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.5.0.20723 - Foxit Software Inc.)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.66.5330 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.124 - Google LLC)
Cheat Engine 7.0 (HKLM\...\Cheat Engine 7.0_is1) (Version: - Cheat Engine)
CheVolume (HKLM-x32\...\{EF2B6047-07B9-4D62-BD1E-7A8698BDE01C}) (Version: 1.6.05 - WellWeWeb)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.2.0.1009 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{F4F771E2-6E23-4F27-93E1-27C22C71B7E2}) (Version: 17.2.0.1009 - Intel Corporation)
Java 8 Update 291 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Java 8 Update 291 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Malwarebytes version 4.4.2.123 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.2.123 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.67 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.14131.20278 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\OneDriveSetup.exe) (Version: 21.119.0613.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2647824122-2969461199-3588900344-1002\...\OneDriveSetup.exe) (Version: 21.109.0530.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{733C3ACB-432D-4880-B0E1-660000D7974D}) (Version: 1.0.0.0 - Mojang)
Moorhuhn 2 V1.1 (HKLM-x32\...\Moorhuhn 2 V1.1) (Version: - )
Neverwinter Nights: Enhanced Edition (HKLM-x32\...\1097893768_is1) (Version: 82.8193.20.1 - GOG.com)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA GeForce NOW 2.0.27.147 (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.27.147 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 471.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.11 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.84.43868 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.174.0.10 - Overwolf Ltd.)
Path of Building Community (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\Path of Building Community) (Version: 1.4.170.16 - Path of Building Community)
PDF Converter V2.2.2.2 (HKLM-x32\...\{70098260-60F4-468D-B598-C410B616B4DF}_is1) (Version: 2.2.2.2 - Apowersoft LIMITED)
Plants vs. Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PlayDance verze 1.0.980 (HKLM-x32\...\{EC8642E4-7CE3-4379-9114-6E34DEF98D58}_is1) (Version: 1.0.980 - VISO SPORT s.r.o.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.6.0624.061513 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.31.828.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8339 - Realtek Semiconductor Corp.)
Roblox Player for tompson (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for tompson (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\roblox-studio) (Version: - Roblox Corporation)
Spotify (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\Spotify) (Version: 1.1.63.568.gda8cb5ac - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StepMania (remove only) (HKLM-x32\...\StepMania) (Version: - )
The Incredible Adventures of Van Helsing - Final Cut (HKLM-x32\...\1448013298_is1) (Version: 1.1.0b (B) - GOG.com)
The Incredible Adventures of Van Helsing Final Cut - Textures DLC (HKLM-x32\...\1378339771_is1) (Version: 1.1.0b (B) - GOG.com)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
TQ Defiler.NET (HKLM-x32\...\{F4CB0C1E-A88F-46D7-AC9A-03B349A8D64F}) (Version: 1.3.7 - Soul's Software)
Tukui Client (HKLM-x32\...\{6F0A95E2-F08C-4E11-9BA3-287B3609AFC1}) (Version: 3.1.8 - Tukui)
Twitch (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Ulož.to FileManager 2.71 (64-bit) (HKLM\...\3f2e2cd28b0e4e4396c2402fbc85a0f0_is1) (Version: 2.71 - Uloz.to cloud a.s.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 38.2 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WanezGD_Tools 0.5.4 (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\116f95da-adc1-5db0-b937-03c8e4a18506) (Version: 0.5.4 - WareBare)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.605 - McAfee, LLC)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Zoom (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\ZoomUMX) (Version: 5.4.1 (58698.1027) - Zoom Video Communications, Inc.)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-16] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-03] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-07-02] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-07-14] (NVIDIA Corp.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-12] () [File not signed] [File is in use]
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [Transformer4ContextMenu] -> {558BA64F-C7A8-4B96-BCDD-B46E9D00756A} => C:\Program Files (x86)\ABBYY PDF Transformer+\x64\TRIntegration.x64.dll [2015-01-28] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-05] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-12] () [File not signed] [File is in use]
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\nvshext.dll [2021-06-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-05] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [Transformer4ContextMenu] -> {558BA64F-C7A8-4B96-BCDD-B46E9D00756A} => C:\Program Files (x86)\ABBYY PDF Transformer+\x64\TRIntegration.x64.dll [2015-01-28] (ABBYY Production LLC -> ABBYY Production LLC.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\kubec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StepMania\Go To StepMania web site.lnk -> hxxp://www.stepmania.com
ShortcutWithArgument: C:\Users\kubec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&aff_sub2=nLM2WZ6xTCipawzZenMRKUoCzOAnOvmwJzuY2Ccipza0eftThbgLfipJgAAAKyHD2sie&click_id=3609fb26e7c0dd494b86064a330f10766549e7c9 --app-window-size=1920,1200
==================== Loaded Modules (Whitelisted) =============
2019-02-12 15:10 - 2019-02-12 15:10 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2021-07-13 19:15 - 2021-07-13 19:15 - 000913920 _____ (ServiceStack) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ServiceStack.Text\02be6f4737cf4f4fdbbac7847e7e1efc\ServiceStack.Text.ni.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_291\bin\ssv.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-06-24] (McAfee, LLC -> McAfee, LLC)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\ssv.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-06-24] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 13:04 - 2015-07-10 13:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Users\kubec\AppData\Local\Microsoft\WindowsApps;C:\adb
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\kubec\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
HKU\S-1-5-21-2647824122-2969461199-3588900344-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\marke\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\B3-EU419_201908_GR_20190822110317.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: ABBYY.Licensing.PDFTransformer.Classic.4.0 => 2
MSCONFIG\Services: asComSvc => 2
MSCONFIG\Services: AsSysCtrlService => 2
MSCONFIG\Services: avast! Tools => 2
MSCONFIG\Services: FvSvc => 3
MSCONFIG\Services: GalaxyClientService => 3
MSCONFIG\Services: GalaxyCommunication => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) TPM Provisioning Service => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: McAfee WebAdvisor => 2
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: Origin Web Helper Service => 2
MSCONFIG\Services: OverwolfUpdater => 3
MSCONFIG\Services: Steam Client Service => 3
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\StartupApproved\Run: => "Overwolf"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{5D08E3EE-5002-42A6-B474-5E940F9F5D4E}C:\users\kubec\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kubec\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{EB5E2BBB-DB44-4F70-9BE5-DFD2F9DDC098}C:\users\kubec\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kubec\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4AF1D8F9-D4E2-462D-B11F-BF5DC2EE39EF}] => (Allow) D:\games\steamapps\common\Mass Effect 2\MassEffect2Launcher.exe (BioWare -> BioWare)
FirewallRules: [{3C350ADD-9121-49F3-8AF2-B07BA32BEA0B}] => (Allow) D:\games\steamapps\common\Mass Effect 2\MassEffect2Launcher.exe (BioWare -> BioWare)
FirewallRules: [{C4A9F1B4-B365-42D3-ACA8-3EE6DF4FBD59}] => (Allow) D:\games\steamapps\common\Mass Effect 2\Binaries\MassEffect2.exe (BioWare -> BioWare)
FirewallRules: [{FADC3BC4-2E96-4F0C-8607-84BAB07AB636}] => (Allow) D:\games\steamapps\common\Mass Effect 2\Binaries\MassEffect2.exe (BioWare -> BioWare)
FirewallRules: [{0469797D-3E23-481C-AEBA-B41A9026E7CB}] => (Allow) D:\games\pvz\PlantsVsZombies.exe (PopCap Games -> )
FirewallRules: [{E3713DF2-5110-4D53-B330-61FF77DAB2C2}] => (Allow) D:\games\pvz\PlantsVsZombies.exe (PopCap Games -> )
FirewallRules: [{58A60E48-27C8-4264-9F2A-EFAB0FEB7774}] => (Allow) C:\Program Files (x86)\Advanced Combat Tracker\Advanced Combat Tracker.exe (EQAditu) [File not signed]
FirewallRules: [{E250C465-2FA9-49F8-B596-4A8D6ADDAADF}] => (Allow) C:\Program Files (x86)\Advanced Combat Tracker\Advanced Combat Tracker.exe (EQAditu) [File not signed]
FirewallRules: [{C4922408-C790-438C-BE49-568662FB993D}] => (Allow) C:\Program Files (x86)\Advanced Combat Tracker\Advanced Combat Tracker.exe (EQAditu) [File not signed]
FirewallRules: [{1CFE089C-32BB-4FDE-B177-345D9354135F}] => (Allow) C:\Program Files (x86)\Advanced Combat Tracker\Advanced Combat Tracker.exe (EQAditu) [File not signed]
FirewallRules: [UDP Query User{27F31026-C33B-41B7-BE23-048FA6DB8ACE}D:\games\divinity - original sin 2\divinity - original sin 2\classic\eocapp.exe] => (Allow) D:\games\divinity - original sin 2\divinity - original sin 2\classic\eocapp.exe (Larian Studios -> )
FirewallRules: [TCP Query User{16EB6A13-5F92-40D6-A5AB-3F9FD6CF2920}D:\games\divinity - original sin 2\divinity - original sin 2\classic\eocapp.exe] => (Allow) D:\games\divinity - original sin 2\divinity - original sin 2\classic\eocapp.exe (Larian Studios -> )
FirewallRules: [{30324906-B306-4CD7-8D05-1D726043116B}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft PDF Converter\Apowersoft PDF Converter.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{C6BAC5FF-B315-49F2-A88A-7BB77E47983A}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft PDF Converter\Apowersoft PDF Converter.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{3E538BBA-4787-49A0-8412-6059DEE3AEA0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4EC8ACBE-B186-44FF-A5ED-FBE55FC7E3AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{CD47FD1F-F344-4078-B288-92BBC8C3751A}D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{206E021E-CDDA-4FB6-950E-BCFF04365090}D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{C640C16F-E851-408D-8BBD-178F89B58748}D:\games\diablo iii\x64\diablo iii64.exe] => (Allow) D:\games\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{F7BF3426-BF31-4393-9D58-7617F9423DF3}D:\games\diablo iii\x64\diablo iii64.exe] => (Allow) D:\games\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{F5DA3498-EF43-4A8E-AA26-3E59D01F3ED0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BFAA7608-B2FD-4B27-A59D-B3210C38A17F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{12BC2AF7-73A3-4FC9-9C34-1B5303A3C679}D:\games\battle chasers nightwar\bc.exe] => (Block) D:\games\battle chasers nightwar\bc.exe () [File not signed]
FirewallRules: [UDP Query User{5B8B6133-BCDB-4134-9E39-72C1F78F9226}D:\games\battle chasers nightwar\bc.exe] => (Block) D:\games\battle chasers nightwar\bc.exe () [File not signed]
FirewallRules: [{CABE9F6F-7AAC-47E3-BF66-98A9DCA33593}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{EBB3EB19-D96A-4D63-B6E2-46A5C269A766}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{04EE950B-0531-489D-A804-31BE55CA0E18}F:\sber\nove\programy\files\bin\kmss.exe] => (Allow) F:\sber\nove\programy\files\bin\kmss.exe => No File
FirewallRules: [UDP Query User{B1A74471-4642-498B-915F-63E941FF286C}F:\sber\nove\programy\files\bin\kmss.exe] => (Allow) F:\sber\nove\programy\files\bin\kmss.exe => No File
FirewallRules: [TCP Query User{125A0FE1-3028-47EE-BE41-B84938E5A93D}C:\program files\citra emulator\nightly-mingw\citra-qt.exe] => (Allow) C:\program files\citra emulator\nightly-mingw\citra-qt.exe () [File not signed]
FirewallRules: [UDP Query User{63A58723-42D8-4013-85EF-55D72A6D9696}C:\program files\citra emulator\nightly-mingw\citra-qt.exe] => (Allow) C:\program files\citra emulator\nightly-mingw\citra-qt.exe () [File not signed]
FirewallRules: [{A57DCFCB-FE0A-4F2E-81AC-7016B7D2B040}] => (Allow) D:\games\Dragon Age Inquisition\DragonAgeInquisition.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{8DE71E50-1000-4F00-B0C8-E638E61EA5C4}] => (Allow) D:\games\Dragon Age Inquisition\DragonAgeInquisition.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [TCP Query User{9E00C742-5011-42E0-B980-69EFFE0CF7FC}D:\games\van helsing\the incredible adventures of van helsing - final cut\vanhelsing_x64_win10.exe] => (Block) D:\games\van helsing\the incredible adventures of van helsing - final cut\vanhelsing_x64_win10.exe (NeoCore Games) [File not signed]
FirewallRules: [UDP Query User{8C625256-822C-48A9-BE28-1947711D84DF}D:\games\van helsing\the incredible adventures of van helsing - final cut\vanhelsing_x64_win10.exe] => (Block) D:\games\van helsing\the incredible adventures of van helsing - final cut\vanhelsing_x64_win10.exe (NeoCore Games) [File not signed]
FirewallRules: [{B690A6FD-C344-4A5C-AABA-7055CF633869}] => (Allow) D:\games\steamapps\common\Titan Quest Anniversary Edition\TQ.exe () [File not signed]
FirewallRules: [{6FD3D4AC-3898-4C82-B764-6467EA906E14}] => (Allow) D:\games\steamapps\common\Titan Quest Anniversary Edition\TQ.exe () [File not signed]
FirewallRules: [{D9201623-0BC1-4A39-9162-496D5F2BB8C9}] => (Allow) D:\games\steamapps\common\Titan Quest Anniversary Edition\WorkshopTool\TQWorkshopTool.exe (Nordic Games) [File not signed]
FirewallRules: [{121C246A-237A-4730-92E0-DD10308A2FD0}] => (Allow) D:\games\steamapps\common\Titan Quest Anniversary Edition\WorkshopTool\TQWorkshopTool.exe (Nordic Games) [File not signed]
FirewallRules: [{D2DA7910-F781-4171-BD11-3B94CC4C6DC9}] => (Allow) D:\games\steamapps\common\Grim Dawn\Grim Dawn.exe (Crate Entertainment, LLC) [File not signed]
FirewallRules: [{AEEA6BDB-4C80-43F6-8AA0-99658F26E30F}] => (Allow) D:\games\steamapps\common\Grim Dawn\Grim Dawn.exe (Crate Entertainment, LLC) [File not signed]
FirewallRules: [{148117B1-4655-46FA-9FAE-08C6C3E7C1B7}] => (Allow) C:\Users\kubec\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{F52ED7F7-40BD-4B15-89EA-70D9F937A24B}D:\games\divinity - original sin 2\divinity - original sin 2\defed\bin\eocapp.exe] => (Allow) D:\games\divinity - original sin 2\divinity - original sin 2\defed\bin\eocapp.exe () [File not signed]
FirewallRules: [UDP Query User{3DCB1B60-E1C9-445A-94FE-92FC4868DCCB}D:\games\divinity - original sin 2\divinity - original sin 2\defed\bin\eocapp.exe] => (Allow) D:\games\divinity - original sin 2\divinity - original sin 2\defed\bin\eocapp.exe () [File not signed]
FirewallRules: [{AD89F761-613B-4F22-8C1B-88D506C82884}] => (Allow) D:\games\steamapps\common\Kingdoms of Amalur Re-Reckoning\koa.exe () [File not signed]
FirewallRules: [{9A9BA4AA-6FE3-46B0-97F4-070F86531F92}] => (Allow) D:\games\steamapps\common\Kingdoms of Amalur Re-Reckoning\koa.exe () [File not signed]
FirewallRules: [{F6BD02E1-603B-4CBD-9A2F-668B49C1E7A5}] => (Allow) D:\games\steamapps\common\Dishonored RHCP\Binaries\Win32\Dishonored.exe (Bethesda Softworks -> ZeniMax Media Inc.)
FirewallRules: [{8C26BC4A-69C5-48BE-8245-5B196B2A6C4D}] => (Allow) D:\games\steamapps\common\Dishonored RHCP\Binaries\Win32\Dishonored.exe (Bethesda Softworks -> ZeniMax Media Inc.)
FirewallRules: [{86CC1389-E05A-4AAE-9317-B4E94682F27A}] => (Allow) D:\games\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{E8E4B291-3663-4A2C-AE31-D6F92889BD33}] => (Allow) D:\games\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{4115E062-B48E-485B-9DE4-7698B174B1C2}] => (Allow) D:\games\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Take-Two Interactive Software, Inc. -> Gearbox Software) [File not signed]
FirewallRules: [{DCD440D9-4035-431F-85DD-E2541A4A4ADB}] => (Allow) D:\games\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Take-Two Interactive Software, Inc. -> Gearbox Software) [File not signed]
FirewallRules: [{89D1FA3D-CF55-4431-A2DC-4EBF58FA954A}] => (Allow) D:\games\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [{A327F79E-7858-4D1F-8F0E-5CAB19D04315}] => (Allow) D:\games\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [{F27520A0-14E5-4CE0-A8E6-719DF9EAF730}] => (Allow) D:\games\steamapps\common\FINAL FANTASY XIV Online\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{86334CC4-A902-4C27-B992-4E00C876E31B}] => (Allow) D:\games\steamapps\common\FINAL FANTASY XIV Online\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{8D2109E4-472A-44AA-881B-9B80D562E403}] => (Allow) D:\games\steamapps\common\Monster Train\MonsterTrain.exe () [File not signed]
FirewallRules: [{21F09EFE-A5F3-456F-8451-59CA49C2FCB6}] => (Allow) D:\games\steamapps\common\Monster Train\MonsterTrain.exe () [File not signed]
FirewallRules: [{18836B7A-A00D-4BDF-80F7-7F59D237FEBA}] => (Allow) D:\games\steamapps\common\Metro 2033\metro2033.exe (THQ, Inc. -> 4A Games)
FirewallRules: [{33C8E280-D1FA-436D-BA75-B134B70C9FC2}] => (Allow) D:\games\steamapps\common\Metro 2033\metro2033.exe (THQ, Inc. -> 4A Games)
FirewallRules: [TCP Query User{4B795619-294D-4DEF-8680-42B927BB18CA}C:\users\kubec\appdata\local\vysor\app-3.1.4\vysor.exe] => (Allow) C:\users\kubec\appdata\local\vysor\app-3.1.4\vysor.exe (Vysor Inc.) [File not signed]
FirewallRules: [UDP Query User{E5779B1D-6124-4222-82BD-276015C2F70F}C:\users\kubec\appdata\local\vysor\app-3.1.4\vysor.exe] => (Allow) C:\users\kubec\appdata\local\vysor\app-3.1.4\vysor.exe (Vysor Inc.) [File not signed]
FirewallRules: [{C7211A0A-8F5E-41D0-BA17-897115D46C2A}] => (Allow) D:\games\steamapps\common\Grim Dawn\x64\Grim Dawn.exe (Crate Entertainment, LLC) [File not signed]
FirewallRules: [{2BCEA1FC-2D44-4F5F-A7BF-05459555D43F}] => (Allow) D:\games\steamapps\common\Grim Dawn\x64\Grim Dawn.exe (Crate Entertainment, LLC) [File not signed]
FirewallRules: [{48664137-17ED-4062-84CF-6DB9F382E9A2}] => (Allow) D:\games\steamapps\common\Bit Heroes\Bit Heroes.exe () [File not signed]
FirewallRules: [{DD00D445-F6F7-4751-90B3-9F03A2779C6C}] => (Allow) D:\games\steamapps\common\Bit Heroes\Bit Heroes.exe () [File not signed]
FirewallRules: [{B86EBDA8-1A42-427C-B2B4-1D9EBF7D610D}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [TCP Query User{539E967B-F31C-458F-9DAD-D621992CABF2}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{516B5FF2-27F5-4847-86FC-BBAF75C99B91}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{032DC7D4-0FE3-42AB-B99D-46DB74D702AB}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{166FE3F4-9C5B-4F87-ACA1-57D30B48785D}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{95F8CEBE-05C2-45BD-900B-15F530EEFB8E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{436D4BF6-0EC1-4BE2-BE58-9B9CABF1DB77}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DCF6DDDF-785F-4EF5-9C92-014698E4C526}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B71A4080-9EC4-4784-A151-784070174188}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{647518C2-56FF-4393-9942-67E2A0C2E994}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{603CB4FF-551B-48D1-AACA-83980243BF04}] => (Allow) C:\Program Files (x86)\Overwolf\0.174.0.10\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{C90F95C3-5FC2-4F6D-8A4E-D0CC4696DD07}] => (Allow) C:\Program Files (x86)\Overwolf\0.174.0.10\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{377258F7-FB9C-4C72-9EEF-B74291D325BC}] => (Block) C:\Program Files (x86)\Overwolf\0.174.0.10\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{FA5A998A-B2D9-46C4-9E72-3DA00C3D572C}] => (Block) C:\Program Files (x86)\Overwolf\0.174.0.10\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{D9331DFD-EF19-4543-AE85-A4269FB333D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BED68357-DE7D-4CB5-BE45-CD90BE2A3D2E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5BBE44A5-93C7-431D-95F5-A3825DC1681C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BF4165DE-8320-49C5-BFE9-C4AC139A34B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{643A1EC5-083D-4BAA-B2CD-00FC31588E6A}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{CC06585A-90E7-4D36-BE5B-CC8D5D0FCF0C}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{D5F37CC9-BB8C-4AB7-8162-4E0ADA64FDE9}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{8FE7016B-3C5F-4634-87C3-AF3B0CAFA1BC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D47E0CCD-2F19-4F05-8EA0-A57D9C8629F5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{435BB392-1E41-4360-9090-A9F5F9F0F2C7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BD8CCB68-63DA-4E9B-A84E-2665F14B83E9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
06-07-2021 21:16:23 Naplánovaný kontrolní bod
12-07-2021 21:38:17 Instalační služba modulů systému Windows
14-07-2021 14:16:18 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/15/2021 11:53:36 AM) (Source: usbperf) (EventID: 2001) (User: )
Description: Nelze přečíst hodnotu First Counter v klíči usbperf\Performance. Kódy stavu byly vráceny v rámci dat.
Error: (07/15/2021 11:53:31 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (07/15/2021 11:53:31 AM) (Source: usbperf) (EventID: 2001) (User: )
Description: Nelze přečíst hodnotu First Counter v klíči usbperf\Performance. Kódy stavu byly vráceny v rámci dat.
Error: (07/15/2021 11:53:18 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Nelze načíst informace registru o čítači výkonu pro WSearchIdxPi pro instanci z důvodu následující chyby: Operace byla dokončena úspěšně. 0x0.
Error: (07/15/2021 11:53:18 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Sledování výkonu objektu indexovacího modulu nebylo inicializováno, protože nejsou načteny čítače nebo nebyl otevřen sdílený objekt paměti. Tato skutečnost má vliv pouze na dostupnost čítačů výkonu. Restartujte počítač.
Kontext: aplikace , katalog SystemIndex
Error: (07/15/2021 11:53:18 AM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Sledování výkonu služby indexovacího modulu nebylo inicializováno, protože nejsou načteny čítače nebo nebyl otevřen sdílený objekt paměti. Tato skutečnost má vliv pouze na dostupnost čítačů výkonu. Restartujte počítač.
Error: (07/14/2021 10:22:07 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Nelze přečíst hodnotu First Counter v klíči usbperf\Performance. Kódy stavu byly vráceny v rámci dat.
Error: (07/14/2021 10:15:28 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Nelze přečíst hodnotu First Counter v klíči usbperf\Performance. Kódy stavu byly vráceny v rámci dat.
System errors:
=============
Error: (07/14/2021 05:21:54 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (07/14/2021 08:24:09 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (07/14/2021 08:24:09 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.
Error: (07/13/2021 10:51:21 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-B8557MG)
Description: Služba DCOM zjistila chybu 1053 při pokusu o spuštění služby BcastDVRUserService_9a606 s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Media.Capture.Internal.AppCaptureShell
Error: (07/13/2021 10:51:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba BcastDVRUserService_9a606 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (07/13/2021 10:51:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby BcastDVRUserService_9a606 bylo dosaženo časového limitu (30000 ms).
Error: (07/13/2021 03:29:30 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (15:25:48, 13.07.2021) bylo neočekávané.
Error: (07/13/2021 03:25:48 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (15:21:13, 13.07.2021) bylo neočekávané.
CodeIntegrity:
===============
Date: 2021-07-12 18:11:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2021-07-12 17:49:45
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1402 04/03/2019
Motherboard: ASUSTeK COMPUTER INC. PRIME B360-PLUS
Processor: Intel(R) Core(TM) i5-9400F CPU @ 2.90GHz
Percentage of memory in use: 50%
Total physical RAM: 16306.59 MB
Available physical RAM: 8086.68 MB
Total Virtual: 18738.59 MB
Available Virtual: 7909.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:222.21 GB) (Free:108 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:465.76 GB) (Free:24.88 GB) NTFS
\\?\Volume{0a03630f-0343-4858-8334-9ca09d672284}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{ec3e820e-d363-4565-9829-e5be1dad7923}\ () (Fixed) (Total:0.81 GB) (Free:0.37 GB) NTFS
\\?\Volume{2f124f43-86f5-4a86-8ba5-36a7bb481e08}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 1CF38A4F)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 65894539)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Předem děkuji za pomoc
rád bych vás požádal o radu. Vždy, když po delší době (např. po hodině) zapínám počítač, tak načítání win 10 trvá neúměrně dlouho (5 minut). Během načítání se PC několikrát restartuje. BIOS najede v klidu, ale pak je jen černá obrazovka, dioda zapínání monitoru slabě problikává a nic. Po samovolných restartech se WIN načte, ale, jak píši, trvá mu to. Poté vše jede bez problémů. Nemohu najít nikde radu co s tím.
Zde přikládám log z FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-07-2021
Ran by tompson (administrator) on DESKTOP-B8557MG (15-07-2021 13:06:20)
Running from D:\nove
Loaded Profiles: tompson
Platform: Windows 10 Home Version 2004 19041.1110 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <50>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12105.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.6282.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.6282.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21061.10121.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Spotify AB -> Spotify Ltd) C:\Users\kubec\AppData\Roaming\Spotify\Spotify.exe <6>
(WellWeWeb) [File not signed] C:\Program Files (x86)\WellWeWeb\CheVolume\CheVolume.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9246656 2018-01-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319544 2019-02-26] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [330280 2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3519096 2021-06-15] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1729368 2021-07-04] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\Run: [Spotify] => C:\Users\kubec\AppData\Roaming\Spotify\Spotify.exe [24155776 2021-07-09] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2647824122-2969461199-3588900344-1002\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\marke\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-2647824122-2969461199-3588900344-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\marke\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-2647824122-2969461199-3588900344-1002\...\RunOnce: [Uninstall 21.062.0328.0001\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\marke\AppData\Local\Microsoft\OneDrive\21.062.0328.0001\amd64"
HKU\S-1-5-21-2647824122-2969461199-3588900344-1002\...\RunOnce: [Uninstall 21.062.0328.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\marke\AppData\Local\Microsoft\OneDrive\21.062.0328.0001"
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3519096 2021-06-15] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HPLJ1020LM: C:\Windows\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\PDF-XChange5-ABBYY: C:\WINDOWS\system32\pxc50pma.dll [58936 2014-11-13] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe [2021-07-02] (Google LLC -> Google LLC)
Startup: C:\Users\kubec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CheVolume.lnk [2020-06-10]
ShortcutTarget: CheVolume.lnk -> C:\Users\kubec\AppData\Roaming\Microsoft\Installer\{EF2B6047-07B9-4D62-BD1E-7A8698BDE01C}\_CD23FCF4A62C8802B55F5B.exe () [File not signed]
Startup: C:\Users\kubec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2019-11-22]
ShortcutTarget: Twitch.lnk -> C:\Users\kubec\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04759541-175F-4A37-95FE-D1F2687544D9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {19EBAF6F-510C-4390-87F2-BAD1D47EE5D0} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1AED448E-8CC3-48B2-877A-A0BF097F989C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147304 2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {1C09EB0A-F261-4A02-8C96-095112689E9F} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2029640D-63C8-447A-B29F-3A31678E2709} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2BB27E4B-8BF8-4923-BD93-C97C2E50C614} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [29757392 2021-02-04] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {348F7E36-9EBF-4C6D-BCF7-8254D2D1D565} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2651216 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {3CD46FF8-6B0C-4897-B4FD-D0A4767B7839} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [267080 2021-07-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {58576D20-A8DE-4720-AF1D-1FFD097A0196} - System32\Tasks\Opera scheduled Autoupdate 1556966806 => C:\Users\kubec\AppData\Local\Programs\Opera\launcher.exe
Task: {59EBD205-F38C-47E8-8C7F-A898D21A6932} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5311432 2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {6529A986-386B-415D-B638-B3A976CB899C} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {73416CEA-BECD-4FAC-8790-DE18B6082B67} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {7E079764-19A0-4D61-A492-6DAF676B0FBE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5311432 2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {7F8AE12E-3F19-4DB2-9F17-C9A3CEA09DCC} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {85FEB762-254C-4B32-A6B1-23E66DFE3324} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23180168 2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {87B8EFCD-FDAB-48B5-8499-F1D0178ACECB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9C0C3BE7-6B0F-46F9-BA0D-B090D3D6533E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AF3BBA7A-195B-4719-86AA-30D76D3C9FA6} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2476376 2021-07-04] (Overwolf Ltd -> Overwolf LTD)
Task: {B4392E72-41B8-479A-99B0-00E3812F1DB4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-27] (Google LLC -> Google LLC)
Task: {B5D8456F-8A17-488B-88E3-74C0D0058D6E} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1628464 2021-07-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {BB4DE69A-2727-4FDE-B211-5581A6A07CF0} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [330280 2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {BE0B6865-EE56-436B-8B48-BAC9B00AB97C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23180168 2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {C022D8F9-9296-4172-B291-000481AAA4BA} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C45C110D-6004-4FB5-B817-AC8E6A5F3805} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-27] (Google LLC -> Google LLC)
Task: {CD538556-4C30-4CD3-BE31-367FB6756AF7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147304 2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {D03C3E84-9182-4AA2-ABA6-31A76C668C62} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {D71A7272-C8C7-45C6-B685-E3D2B6F19D24} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [248552 2021-07-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {E73ADCA9-A28B-42D1-98F5-66075263E7E3} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{55d45ec7-bb4e-42fc-b0d9-76c0041f5fbf}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a5f07f0a-77cf-41fd-81ce-d05bb85f37a7}: [DhcpNameServer] 192.168.42.129
Edge:
=======
DownloadDir: F:\sber
Edge Notifications: HKU\S-1-5-21-2647824122-2969461199-3588900344-1001 -> hxxps://www.ufreegames.com
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\kubec\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-14]
Edge DownloadDir: Default -> F:\sber
Edge Notifications: Default -> hxxps://www.ufreegames.com
Edge HomePage: Default -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF ProfilePath: C:\Users\kubec\AppData\Roaming\Mozilla\Firefox\Profiles\bBIdqqE1.default [2019-05-03]
FF Extension: (Avira Browser Safety) - C:\Users\kubec\AppData\Roaming\Mozilla\Firefox\Profiles\bBIdqqE1.default\Extensions\abs@avira.com [2019-05-03]
FF Extension: (Avira Password Manager) - C:\Users\kubec\AppData\Roaming\Mozilla\Firefox\Profiles\bBIdqqE1.default\Extensions\passwordmanager@avira.com [2019-05-03]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-06-24] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default [2021-07-15]
CHR DownloadDir: G:\sber
CHR Notifications: Default -> hxxps://aternos.org; hxxps://calendar.google.com; hxxps://cs.verdauung-info.com; hxxps://hoopgame.net; hxxps://kolagames.com; hxxps://mail.google.com; hxxps://meet.google.com; hxxps://www.gamesbs.com; hxxps://www.gamezhero.com; hxxps://www.gogy.com; hxxps://www.h5gamestreet.com; hxxps://www.knihcentrum.cz; hxxps://www.megaknihy.cz; hxxps://www.ufreegames.com
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR NewTab: Default -> Not-active:"chrome-extension://ipmkfpcnmccejididiaagpgchgjfajgp/html/newtab.html"
CHR Extension: (Prezentace) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-03]
CHR Extension: (Titulky plus) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\abgigldmglfimgechooinbdblfmipabb [2019-05-03]
CHR Extension: (Dokumenty) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-03]
CHR Extension: (Disk Google) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-03]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-19]
CHR Extension: (Tabulky) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-03]
CHR Extension: (Avira Browser Safety) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2021-07-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-24]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-07-09]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2020-09-22]
CHR Extension: (EPUBReader) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhhclmfgfllimlhabjkgkeebkbiadflb [2020-06-23]
CHR Extension: (Google Meet Breakout Rooms by Robert Hudek) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\kogfdlbehkaeoafmgaecphlnhohpabig [2021-06-25]
CHR Extension: (Meet Plus for Google Meet) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfjgknkjfjmnjdgdhbbmmbkoddgpdoc [2021-06-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Flat for Education - Music notation editor) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\nomkpimaohgaamiipecibpchogmfhgba [2021-01-18]
CHR Extension: (Gmail) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-26]
CHR Profile: C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-03-30]
CHR Extension: (Prezentace) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-03-30]
CHR Extension: (Dokumenty) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-03-30]
CHR Extension: (Disk Google) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-30]
CHR Extension: (YouTube) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-03-30]
CHR Extension: (Avira Password Manager) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-03-30]
CHR Extension: (Tabulky) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-03-30]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-03-30]
CHR Extension: (Avira Browser Safety) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2021-03-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-30]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-03-30]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2021-03-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-30]
CHR Extension: (Gmail) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\kubec\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-30]
CHR Profile: C:\Users\kubec\AppData\Local\Google\Chrome\User Data\System Profile [2021-03-29]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
Opera:
=======
OPR Profile: C:\Users\kubec\AppData\Roaming\Opera Software\Opera Stable [2020-09-21]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 ABBYY.Licensing.PDFTransformer.Classic.4.0; C:\Program Files (x86)\ABBYY PDF Transformer+\NetworkLicenseServer.exe [962256 2014-12-02] (ABBYY Production LLC -> ABBYY Production LLC)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1208432 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [537472 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484904 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484904 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [575776 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-05-08] (ASUSTeK Computer Inc. -> )
S4 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] (ASUSTeK Computer Inc. -> ) [File not signed]
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [383976 2021-05-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [264880 2021-07-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [159080 2021-04-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9056656 2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
S4 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1874272 2021-04-18] (GOG Sp. z o.o. -> GOG.com)
S4 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-04-18] (GOG Sp. z o.o. -> GOG.com)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7462200 2021-07-12] (Malwarebytes Inc -> Malwarebytes)
S4 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [974168 2021-06-24] (McAfee, LLC -> McAfee, LLC)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2519864 2020-09-28] (Electronic Arts, Inc. -> Electronic Arts)
S4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3473216 2020-09-28] (Electronic Arts, Inc. -> Electronic Arts)
S4 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2476376 2021-07-04] (Overwolf Ltd -> Overwolf LTD)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-03-22] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294520 2021-06-10] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533808 2021-01-29] (Razer USA Ltd. -> Razer Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-05-08] (ASUSTeK Computer Inc. -> )
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [209744 2021-03-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199312 2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-05] (Bluestack Systems, Inc -> Bluestack System Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-04-05] (Malwarebytes Inc -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-07-12] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-07-15] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69016 2021-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-25] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156880 2021-07-15] (Malwarebytes Inc -> Malwarebytes)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2020-03-18] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [54632 2021-03-30] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_006e; C:\WINDOWS\System32\drivers\RzDev_006e.sys [56152 2021-03-22] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0306; C:\WINDOWS\System32\drivers\RzDev_0306.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
U3 aswbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-07-15 13:03 - 2021-07-15 13:06 - 000000000 ____D C:\FRST
2021-07-15 11:56 - 2021-07-15 11:56 - 000000000 ____D C:\WINDOWS\LastGood
2021-07-15 11:53 - 2021-07-15 11:53 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-07-15 11:53 - 2021-07-15 11:53 - 000156880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-07-15 11:53 - 2021-07-15 11:53 - 000069016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-07-14 14:21 - 2021-07-14 14:21 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-14 14:21 - 2021-07-14 14:21 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-14 14:21 - 2021-07-14 14:21 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-14 14:21 - 2021-07-14 14:21 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-14 14:20 - 2021-07-14 14:20 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-14 14:20 - 2021-07-14 14:20 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-14 08:22 - 2021-06-21 10:43 - 000037664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-07-14 08:21 - 2021-06-22 03:25 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-07-14 08:21 - 2021-06-22 03:25 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-07-14 08:21 - 2021-06-22 03:25 - 001474336 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-07-14 08:21 - 2021-06-22 03:25 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-07-14 08:21 - 2021-06-22 03:25 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-07-14 08:21 - 2021-06-22 03:25 - 001212192 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-07-14 08:21 - 2021-06-22 03:25 - 001097832 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-07-14 08:21 - 2021-06-22 03:25 - 001097832 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-07-14 08:21 - 2021-06-22 03:25 - 000951912 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-07-14 08:21 - 2021-06-22 03:25 - 000951912 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-07-14 08:21 - 2021-06-22 03:21 - 001519384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-07-14 08:21 - 2021-06-22 03:21 - 001170224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-07-14 08:21 - 2021-06-22 03:21 - 000715568 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-07-14 08:21 - 2021-06-22 03:21 - 000675088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-07-14 08:21 - 2021-06-22 03:21 - 000641328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-07-14 08:21 - 2021-06-22 03:21 - 000575792 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-07-14 08:21 - 2021-06-22 03:21 - 000563992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-07-14 08:21 - 2021-06-22 03:20 - 002111264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-07-14 08:21 - 2021-06-22 03:20 - 001594656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-07-14 08:21 - 2021-06-22 03:20 - 000917280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-07-14 08:21 - 2021-06-22 03:20 - 000748832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-07-14 08:21 - 2021-06-22 03:20 - 000704792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-07-14 08:21 - 2021-06-21 10:43 - 000082968 _____ C:\WINDOWS\system32\nvinfo.pb
2021-07-14 08:20 - 2021-06-22 03:19 - 008852760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-07-14 08:20 - 2021-06-22 03:19 - 007918872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-07-14 08:20 - 2021-06-22 03:19 - 004986648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-07-14 08:20 - 2021-06-22 03:19 - 002924304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-07-14 08:20 - 2021-06-22 03:19 - 000446744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-07-14 08:20 - 2021-06-22 03:18 - 000848672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-07-14 08:20 - 2021-06-22 03:17 - 006215312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-07-14 08:18 - 2021-05-04 09:49 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2021-07-12 19:06 - 2021-07-12 19:06 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-07-12 18:15 - 2021-07-12 18:15 - 000000000 ____D C:\WINDOWS\pss
2021-07-12 17:44 - 2021-07-12 17:44 - 000000112 ___SH C:\bootTel.dat
2021-07-08 18:46 - 2021-07-11 14:43 - 000002026 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray
2021-07-07 16:02 - 2021-07-07 16:02 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-07-07 16:02 - 2021-07-07 16:02 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-07-07 16:02 - 2021-07-07 16:02 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-07-07 16:02 - 2021-07-07 16:02 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-07-07 16:01 - 2021-07-07 16:01 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-07-07 16:01 - 2021-07-07 16:01 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-07-07 16:01 - 2021-07-07 16:01 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-07-07 16:01 - 2021-07-07 16:01 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-07-07 16:01 - 2021-07-07 16:01 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-07-07 16:01 - 2021-07-07 16:01 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-06-23 15:42 - 2021-07-11 14:43 - 000002814 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2021-06-15 08:17 - 2021-07-14 22:22 - 000000000 ____D C:\Users\kubec\AppData\Local\Spotify
2021-06-15 08:17 - 2021-06-15 08:17 - 000001836 _____ C:\Users\kubec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-07-15 13:06 - 2020-10-24 09:32 - 000000000 ____D C:\Users\marke
2021-07-15 13:03 - 2020-05-24 12:56 - 000000000 ____D C:\Users\kubec\AppData\Roaming\Spotify
2021-07-15 12:58 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-15 12:25 - 2019-05-03 17:21 - 000000000 ____D C:\ProgramData\NVIDIA
2021-07-15 12:06 - 2020-08-09 14:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-07-15 12:01 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-15 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-07-15 12:00 - 2020-08-09 14:50 - 001620048 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-15 12:00 - 2019-12-07 16:41 - 000690262 _____ C:\WINDOWS\system32\perfh005.dat
2021-07-15 12:00 - 2019-12-07 16:41 - 000134838 _____ C:\WINDOWS\system32\perfc005.dat
2021-07-15 12:00 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-07-15 11:53 - 2020-08-09 14:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-07-15 11:53 - 2020-08-09 14:47 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-15 11:53 - 2019-05-03 18:44 - 000000000 ____D C:\Users\Public\Speedup Sessions
2021-07-14 23:17 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-07-14 17:21 - 2020-08-09 14:48 - 000367232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-14 17:20 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-14 14:22 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-14 14:16 - 2019-05-03 17:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-14 14:14 - 2019-05-03 17:41 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-07-14 08:24 - 2019-05-03 17:30 - 000000000 ____D C:\Users\kubec\AppData\Local\NVIDIA
2021-07-14 08:18 - 2020-08-09 14:55 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2020-08-09 14:55 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 08:18 - 2019-05-03 17:21 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-07-14 08:18 - 2019-05-03 17:21 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-07-14 08:18 - 2019-05-03 17:21 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-07-14 08:17 - 2020-12-13 22:23 - 000001476 _____ C:\Users\kubec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NVIDIA GeForce NOW.lnk
2021-07-14 08:17 - 2019-05-03 17:30 - 000000000 ____D C:\Users\kubec\AppData\Local\NVIDIA Corporation
2021-07-13 22:51 - 2020-08-09 14:48 - 000000000 ____D C:\Users\kubec
2021-07-13 17:59 - 2020-07-01 06:36 - 000000000 ____D C:\Users\kubec\AppData\Roaming\.minecraft
2021-07-12 19:06 - 2020-08-10 19:18 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-07-12 18:41 - 2019-05-29 12:32 - 000000000 ____D C:\Program Files (x86)\Steam
2021-07-12 18:17 - 2020-03-05 22:18 - 000000000 ____D C:\ProgramData\AVAST Software
2021-07-12 18:17 - 2019-05-03 18:38 - 000000000 ____D C:\Users\kubec\AppData\Roaming\Twitch
2021-07-12 17:52 - 2021-01-10 20:51 - 000000000 ____D C:\Users\kubec\AppData\Local\Overwolf
2021-07-11 14:43 - 2021-05-09 09:17 - 000002966 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper
2021-07-11 14:43 - 2021-01-10 20:52 - 000003244 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2021-07-11 14:43 - 2020-10-24 09:33 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2647824122-2969461199-3588900344-1002
2021-07-11 14:43 - 2020-08-09 14:55 - 000003604 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1556966806
2021-07-11 14:43 - 2020-08-09 14:55 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-11 14:43 - 2020-08-09 14:55 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-07-11 14:43 - 2020-08-09 14:55 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-07-11 14:43 - 2020-08-09 14:55 - 000003220 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2021-07-11 14:43 - 2020-08-09 14:55 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-07-11 14:43 - 2020-08-09 14:55 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2647824122-2969461199-3588900344-1001
2021-07-11 14:43 - 2020-08-09 14:55 - 000002862 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupUpdate
2021-07-11 14:43 - 2020-08-09 14:55 - 000002790 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2021-07-11 14:43 - 2020-08-09 14:55 - 000002566 _____ C:\WINDOWS\system32\Tasks\Avira_Antivirus_Systray
2021-07-11 09:58 - 2019-10-12 11:42 - 000000000 ____D C:\Users\kubec\AppData\Local\CrashDumps
2021-07-11 09:58 - 2019-05-03 17:19 - 000000000 ___RD C:\Users\kubec\OneDrive
2021-07-11 09:57 - 2020-08-09 14:48 - 000002381 _____ C:\Users\kubec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-07-11 09:55 - 2020-06-10 11:08 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-10 11:07 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-07-10 11:06 - 2020-08-18 17:01 - 000000000 _____ C:\end
2021-07-08 18:46 - 2020-11-26 17:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2021-07-08 18:46 - 2019-05-03 18:08 - 000000000 ____D C:\ProgramData\Avira
2021-07-08 18:46 - 2019-05-03 18:08 - 000000000 ____D C:\Program Files (x86)\Avira
2021-07-08 18:46 - 2019-05-03 17:29 - 000000000 ____D C:\ProgramData\Package Cache
2021-07-07 20:33 - 2019-05-06 09:53 - 000000000 ____D C:\Program Files\Microsoft Office
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-07-07 19:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-07-07 08:29 - 2021-01-10 20:52 - 000000000 ____D C:\Program Files (x86)\Overwolf
2021-07-02 07:27 - 2020-10-24 09:33 - 000000000 ___RD C:\Users\marke\OneDrive
2021-07-02 07:27 - 2020-10-24 09:32 - 000002365 _____ C:\Users\marke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-07-02 07:27 - 2020-10-24 09:32 - 000000000 ____D C:\Users\marke\AppData\Local\Packages
2021-07-02 07:06 - 2020-01-27 08:34 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-28 15:12 - 2019-11-28 15:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2021-06-27 10:36 - 2019-05-03 17:17 - 000000000 ____D C:\Users\kubec\AppData\Local\Packages
2021-06-25 18:22 - 2019-05-06 08:04 - 000000000 ____D C:\Users\kubec\AppData\Roaming\GHISLER
2021-06-25 14:36 - 2021-04-05 12:43 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-06-23 19:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-06-22 03:17 - 2020-07-17 14:51 - 007279232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-06-21 10:43 - 2020-07-17 14:51 - 000136472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-06-20 10:51 - 2021-01-24 08:42 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-15 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
==================== Files in the root of some directories ========
2020-02-03 17:51 - 2020-03-29 18:38 - 000005120 _____ () C:\Users\kubec\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-11-11 20:03 - 2019-11-11 20:03 - 000005539 _____ () C:\Users\kubec\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-07-2021
Ran by tompson (15-07-2021 13:07:20)
Running from D:\nove
Windows 10 Home Version 2004 19041.1110 (X64) (2020-08-09 12:55:36)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2647824122-2969461199-3588900344-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2647824122-2969461199-3588900344-503 - Limited - Disabled)
Guest (S-1-5-21-2647824122-2969461199-3588900344-501 - Limited - Disabled)
marke (S-1-5-21-2647824122-2969461199-3588900344-1002 - Limited - Enabled) => C:\Users\marke
tompson (S-1-5-21-2647824122-2969461199-3588900344-1001 - Administrator - Enabled) => C:\Users\kubec
WDAGUtilityAccount (S-1-5-21-2647824122-2969461199-3588900344-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABBYY PDF Transformer+ (HKLM\...\{FA400000-0001-6400-0000-074957833700}) (Version: 4.2.186 - ABBYY Production LLC)
Advanced Combat Tracker (remove only) (HKLM-x32\...\Advanced Combat Tracker) (Version: - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2104.2083 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.37.4.17510 - Avira Operations GmbH & Co. KG) Hidden
Avira Privacy Pal (HKLM-x32\...\{F2BC8305-DFBE-4C02-A906-9BBD8EE299A3}_is1) (Version: 2.4.0.1962 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.51.20724 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG;)
Avira Software Updater (HKLM-x32\...\{5FFF909D-D88F-42B9-9A85-328A1290611C}) (Version: 2.0.6.48309 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.10.0.11063 - Avira Operations GmbH & Co. KG) Hidden
Balíček ovladače systému Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.)
Battle Chasers Nightwar (HKLM-x32\...\1345854066_is1) (Version: v.22997 - GOG.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bloody7 (HKLM-x32\...\Bloody3) (Version: 19.09.0012 - Bloody)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.280.1.1002 - BlueStack Systems, Inc.)
Citra (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\{18cc945c-4224-43c6-816f-bfa84edfa023}) (Version: 1.0.0 - Citra Team)
CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.)
CurseForge (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.177.1.5 - Overwolf app)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Divinity: Original Sin 2 (HKLM-x32\...\1584823040_is1) (Version: 3.6.69.4648(a) - GOG.com)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Epic Battle Fantasy 5 version 1.2 (HKLM-x32\...\{6C18D3AF-52C5-4530-A64E-5359153BA9AB}_is1) (Version: 1.2 - DELiGHT 2018)
FastStone Image Viewer 7.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.5 - FastStone Soft)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.5.0.20723 - Foxit Software Inc.)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.66.5330 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.124 - Google LLC)
Cheat Engine 7.0 (HKLM\...\Cheat Engine 7.0_is1) (Version: - Cheat Engine)
CheVolume (HKLM-x32\...\{EF2B6047-07B9-4D62-BD1E-7A8698BDE01C}) (Version: 1.6.05 - WellWeWeb)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.2.0.1009 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{F4F771E2-6E23-4F27-93E1-27C22C71B7E2}) (Version: 17.2.0.1009 - Intel Corporation)
Java 8 Update 291 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Java 8 Update 291 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Malwarebytes version 4.4.2.123 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.2.123 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.67 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.14131.20278 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\OneDriveSetup.exe) (Version: 21.119.0613.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2647824122-2969461199-3588900344-1002\...\OneDriveSetup.exe) (Version: 21.109.0530.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{733C3ACB-432D-4880-B0E1-660000D7974D}) (Version: 1.0.0.0 - Mojang)
Moorhuhn 2 V1.1 (HKLM-x32\...\Moorhuhn 2 V1.1) (Version: - )
Neverwinter Nights: Enhanced Edition (HKLM-x32\...\1097893768_is1) (Version: 82.8193.20.1 - GOG.com)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA GeForce NOW 2.0.27.147 (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.27.147 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 471.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.11 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.84.43868 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.174.0.10 - Overwolf Ltd.)
Path of Building Community (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\Path of Building Community) (Version: 1.4.170.16 - Path of Building Community)
PDF Converter V2.2.2.2 (HKLM-x32\...\{70098260-60F4-468D-B598-C410B616B4DF}_is1) (Version: 2.2.2.2 - Apowersoft LIMITED)
Plants vs. Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PlayDance verze 1.0.980 (HKLM-x32\...\{EC8642E4-7CE3-4379-9114-6E34DEF98D58}_is1) (Version: 1.0.980 - VISO SPORT s.r.o.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.6.0624.061513 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.31.828.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8339 - Realtek Semiconductor Corp.)
Roblox Player for tompson (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for tompson (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\roblox-studio) (Version: - Roblox Corporation)
Spotify (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\Spotify) (Version: 1.1.63.568.gda8cb5ac - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StepMania (remove only) (HKLM-x32\...\StepMania) (Version: - )
The Incredible Adventures of Van Helsing - Final Cut (HKLM-x32\...\1448013298_is1) (Version: 1.1.0b (B) - GOG.com)
The Incredible Adventures of Van Helsing Final Cut - Textures DLC (HKLM-x32\...\1378339771_is1) (Version: 1.1.0b (B) - GOG.com)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
TQ Defiler.NET (HKLM-x32\...\{F4CB0C1E-A88F-46D7-AC9A-03B349A8D64F}) (Version: 1.3.7 - Soul's Software)
Tukui Client (HKLM-x32\...\{6F0A95E2-F08C-4E11-9BA3-287B3609AFC1}) (Version: 3.1.8 - Tukui)
Twitch (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Ulož.to FileManager 2.71 (64-bit) (HKLM\...\3f2e2cd28b0e4e4396c2402fbc85a0f0_is1) (Version: 2.71 - Uloz.to cloud a.s.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 38.2 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WanezGD_Tools 0.5.4 (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\116f95da-adc1-5db0-b937-03c8e4a18506) (Version: 0.5.4 - WareBare)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.605 - McAfee, LLC)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Zoom (HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\ZoomUMX) (Version: 5.4.1 (58698.1027) - Zoom Video Communications, Inc.)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-16] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-03] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-07-02] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-07-14] (NVIDIA Corp.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-12] () [File not signed] [File is in use]
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [Transformer4ContextMenu] -> {558BA64F-C7A8-4B96-BCDD-B46E9D00756A} => C:\Program Files (x86)\ABBYY PDF Transformer+\x64\TRIntegration.x64.dll [2015-01-28] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-05] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-12] () [File not signed] [File is in use]
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4a746d937e6a7240\nvshext.dll [2021-06-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-05] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-03-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [Transformer4ContextMenu] -> {558BA64F-C7A8-4B96-BCDD-B46E9D00756A} => C:\Program Files (x86)\ABBYY PDF Transformer+\x64\TRIntegration.x64.dll [2015-01-28] (ABBYY Production LLC -> ABBYY Production LLC.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\kubec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StepMania\Go To StepMania web site.lnk -> hxxp://www.stepmania.com
ShortcutWithArgument: C:\Users\kubec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&aff_sub2=nLM2WZ6xTCipawzZenMRKUoCzOAnOvmwJzuY2Ccipza0eftThbgLfipJgAAAKyHD2sie&click_id=3609fb26e7c0dd494b86064a330f10766549e7c9 --app-window-size=1920,1200
==================== Loaded Modules (Whitelisted) =============
2019-02-12 15:10 - 2019-02-12 15:10 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2021-07-13 19:15 - 2021-07-13 19:15 - 000913920 _____ (ServiceStack) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ServiceStack.Text\02be6f4737cf4f4fdbbac7847e7e1efc\ServiceStack.Text.ni.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_291\bin\ssv.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-06-24] (McAfee, LLC -> McAfee, LLC)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\ssv.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-06-24] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-06-08] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 13:04 - 2015-07-10 13:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Users\kubec\AppData\Local\Microsoft\WindowsApps;C:\adb
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\kubec\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
HKU\S-1-5-21-2647824122-2969461199-3588900344-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\marke\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\B3-EU419_201908_GR_20190822110317.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: ABBYY.Licensing.PDFTransformer.Classic.4.0 => 2
MSCONFIG\Services: asComSvc => 2
MSCONFIG\Services: AsSysCtrlService => 2
MSCONFIG\Services: avast! Tools => 2
MSCONFIG\Services: FvSvc => 3
MSCONFIG\Services: GalaxyClientService => 3
MSCONFIG\Services: GalaxyCommunication => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) TPM Provisioning Service => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: McAfee WebAdvisor => 2
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: Origin Web Helper Service => 2
MSCONFIG\Services: OverwolfUpdater => 3
MSCONFIG\Services: Steam Client Service => 3
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2647824122-2969461199-3588900344-1001\...\StartupApproved\Run: => "Overwolf"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{5D08E3EE-5002-42A6-B474-5E940F9F5D4E}C:\users\kubec\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kubec\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{EB5E2BBB-DB44-4F70-9BE5-DFD2F9DDC098}C:\users\kubec\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kubec\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4AF1D8F9-D4E2-462D-B11F-BF5DC2EE39EF}] => (Allow) D:\games\steamapps\common\Mass Effect 2\MassEffect2Launcher.exe (BioWare -> BioWare)
FirewallRules: [{3C350ADD-9121-49F3-8AF2-B07BA32BEA0B}] => (Allow) D:\games\steamapps\common\Mass Effect 2\MassEffect2Launcher.exe (BioWare -> BioWare)
FirewallRules: [{C4A9F1B4-B365-42D3-ACA8-3EE6DF4FBD59}] => (Allow) D:\games\steamapps\common\Mass Effect 2\Binaries\MassEffect2.exe (BioWare -> BioWare)
FirewallRules: [{FADC3BC4-2E96-4F0C-8607-84BAB07AB636}] => (Allow) D:\games\steamapps\common\Mass Effect 2\Binaries\MassEffect2.exe (BioWare -> BioWare)
FirewallRules: [{0469797D-3E23-481C-AEBA-B41A9026E7CB}] => (Allow) D:\games\pvz\PlantsVsZombies.exe (PopCap Games -> )
FirewallRules: [{E3713DF2-5110-4D53-B330-61FF77DAB2C2}] => (Allow) D:\games\pvz\PlantsVsZombies.exe (PopCap Games -> )
FirewallRules: [{58A60E48-27C8-4264-9F2A-EFAB0FEB7774}] => (Allow) C:\Program Files (x86)\Advanced Combat Tracker\Advanced Combat Tracker.exe (EQAditu) [File not signed]
FirewallRules: [{E250C465-2FA9-49F8-B596-4A8D6ADDAADF}] => (Allow) C:\Program Files (x86)\Advanced Combat Tracker\Advanced Combat Tracker.exe (EQAditu) [File not signed]
FirewallRules: [{C4922408-C790-438C-BE49-568662FB993D}] => (Allow) C:\Program Files (x86)\Advanced Combat Tracker\Advanced Combat Tracker.exe (EQAditu) [File not signed]
FirewallRules: [{1CFE089C-32BB-4FDE-B177-345D9354135F}] => (Allow) C:\Program Files (x86)\Advanced Combat Tracker\Advanced Combat Tracker.exe (EQAditu) [File not signed]
FirewallRules: [UDP Query User{27F31026-C33B-41B7-BE23-048FA6DB8ACE}D:\games\divinity - original sin 2\divinity - original sin 2\classic\eocapp.exe] => (Allow) D:\games\divinity - original sin 2\divinity - original sin 2\classic\eocapp.exe (Larian Studios -> )
FirewallRules: [TCP Query User{16EB6A13-5F92-40D6-A5AB-3F9FD6CF2920}D:\games\divinity - original sin 2\divinity - original sin 2\classic\eocapp.exe] => (Allow) D:\games\divinity - original sin 2\divinity - original sin 2\classic\eocapp.exe (Larian Studios -> )
FirewallRules: [{30324906-B306-4CD7-8D05-1D726043116B}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft PDF Converter\Apowersoft PDF Converter.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{C6BAC5FF-B315-49F2-A88A-7BB77E47983A}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft PDF Converter\Apowersoft PDF Converter.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{3E538BBA-4787-49A0-8412-6059DEE3AEA0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4EC8ACBE-B186-44FF-A5ED-FBE55FC7E3AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{CD47FD1F-F344-4078-B288-92BBC8C3751A}D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{206E021E-CDDA-4FB6-950E-BCFF04365090}D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\games\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{C640C16F-E851-408D-8BBD-178F89B58748}D:\games\diablo iii\x64\diablo iii64.exe] => (Allow) D:\games\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{F7BF3426-BF31-4393-9D58-7617F9423DF3}D:\games\diablo iii\x64\diablo iii64.exe] => (Allow) D:\games\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{F5DA3498-EF43-4A8E-AA26-3E59D01F3ED0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BFAA7608-B2FD-4B27-A59D-B3210C38A17F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{12BC2AF7-73A3-4FC9-9C34-1B5303A3C679}D:\games\battle chasers nightwar\bc.exe] => (Block) D:\games\battle chasers nightwar\bc.exe () [File not signed]
FirewallRules: [UDP Query User{5B8B6133-BCDB-4134-9E39-72C1F78F9226}D:\games\battle chasers nightwar\bc.exe] => (Block) D:\games\battle chasers nightwar\bc.exe () [File not signed]
FirewallRules: [{CABE9F6F-7AAC-47E3-BF66-98A9DCA33593}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{EBB3EB19-D96A-4D63-B6E2-46A5C269A766}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{04EE950B-0531-489D-A804-31BE55CA0E18}F:\sber\nove\programy\files\bin\kmss.exe] => (Allow) F:\sber\nove\programy\files\bin\kmss.exe => No File
FirewallRules: [UDP Query User{B1A74471-4642-498B-915F-63E941FF286C}F:\sber\nove\programy\files\bin\kmss.exe] => (Allow) F:\sber\nove\programy\files\bin\kmss.exe => No File
FirewallRules: [TCP Query User{125A0FE1-3028-47EE-BE41-B84938E5A93D}C:\program files\citra emulator\nightly-mingw\citra-qt.exe] => (Allow) C:\program files\citra emulator\nightly-mingw\citra-qt.exe () [File not signed]
FirewallRules: [UDP Query User{63A58723-42D8-4013-85EF-55D72A6D9696}C:\program files\citra emulator\nightly-mingw\citra-qt.exe] => (Allow) C:\program files\citra emulator\nightly-mingw\citra-qt.exe () [File not signed]
FirewallRules: [{A57DCFCB-FE0A-4F2E-81AC-7016B7D2B040}] => (Allow) D:\games\Dragon Age Inquisition\DragonAgeInquisition.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{8DE71E50-1000-4F00-B0C8-E638E61EA5C4}] => (Allow) D:\games\Dragon Age Inquisition\DragonAgeInquisition.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [TCP Query User{9E00C742-5011-42E0-B980-69EFFE0CF7FC}D:\games\van helsing\the incredible adventures of van helsing - final cut\vanhelsing_x64_win10.exe] => (Block) D:\games\van helsing\the incredible adventures of van helsing - final cut\vanhelsing_x64_win10.exe (NeoCore Games) [File not signed]
FirewallRules: [UDP Query User{8C625256-822C-48A9-BE28-1947711D84DF}D:\games\van helsing\the incredible adventures of van helsing - final cut\vanhelsing_x64_win10.exe] => (Block) D:\games\van helsing\the incredible adventures of van helsing - final cut\vanhelsing_x64_win10.exe (NeoCore Games) [File not signed]
FirewallRules: [{B690A6FD-C344-4A5C-AABA-7055CF633869}] => (Allow) D:\games\steamapps\common\Titan Quest Anniversary Edition\TQ.exe () [File not signed]
FirewallRules: [{6FD3D4AC-3898-4C82-B764-6467EA906E14}] => (Allow) D:\games\steamapps\common\Titan Quest Anniversary Edition\TQ.exe () [File not signed]
FirewallRules: [{D9201623-0BC1-4A39-9162-496D5F2BB8C9}] => (Allow) D:\games\steamapps\common\Titan Quest Anniversary Edition\WorkshopTool\TQWorkshopTool.exe (Nordic Games) [File not signed]
FirewallRules: [{121C246A-237A-4730-92E0-DD10308A2FD0}] => (Allow) D:\games\steamapps\common\Titan Quest Anniversary Edition\WorkshopTool\TQWorkshopTool.exe (Nordic Games) [File not signed]
FirewallRules: [{D2DA7910-F781-4171-BD11-3B94CC4C6DC9}] => (Allow) D:\games\steamapps\common\Grim Dawn\Grim Dawn.exe (Crate Entertainment, LLC) [File not signed]
FirewallRules: [{AEEA6BDB-4C80-43F6-8AA0-99658F26E30F}] => (Allow) D:\games\steamapps\common\Grim Dawn\Grim Dawn.exe (Crate Entertainment, LLC) [File not signed]
FirewallRules: [{148117B1-4655-46FA-9FAE-08C6C3E7C1B7}] => (Allow) C:\Users\kubec\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{F52ED7F7-40BD-4B15-89EA-70D9F937A24B}D:\games\divinity - original sin 2\divinity - original sin 2\defed\bin\eocapp.exe] => (Allow) D:\games\divinity - original sin 2\divinity - original sin 2\defed\bin\eocapp.exe () [File not signed]
FirewallRules: [UDP Query User{3DCB1B60-E1C9-445A-94FE-92FC4868DCCB}D:\games\divinity - original sin 2\divinity - original sin 2\defed\bin\eocapp.exe] => (Allow) D:\games\divinity - original sin 2\divinity - original sin 2\defed\bin\eocapp.exe () [File not signed]
FirewallRules: [{AD89F761-613B-4F22-8C1B-88D506C82884}] => (Allow) D:\games\steamapps\common\Kingdoms of Amalur Re-Reckoning\koa.exe () [File not signed]
FirewallRules: [{9A9BA4AA-6FE3-46B0-97F4-070F86531F92}] => (Allow) D:\games\steamapps\common\Kingdoms of Amalur Re-Reckoning\koa.exe () [File not signed]
FirewallRules: [{F6BD02E1-603B-4CBD-9A2F-668B49C1E7A5}] => (Allow) D:\games\steamapps\common\Dishonored RHCP\Binaries\Win32\Dishonored.exe (Bethesda Softworks -> ZeniMax Media Inc.)
FirewallRules: [{8C26BC4A-69C5-48BE-8245-5B196B2A6C4D}] => (Allow) D:\games\steamapps\common\Dishonored RHCP\Binaries\Win32\Dishonored.exe (Bethesda Softworks -> ZeniMax Media Inc.)
FirewallRules: [{86CC1389-E05A-4AAE-9317-B4E94682F27A}] => (Allow) D:\games\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{E8E4B291-3663-4A2C-AE31-D6F92889BD33}] => (Allow) D:\games\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{4115E062-B48E-485B-9DE4-7698B174B1C2}] => (Allow) D:\games\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Take-Two Interactive Software, Inc. -> Gearbox Software) [File not signed]
FirewallRules: [{DCD440D9-4035-431F-85DD-E2541A4A4ADB}] => (Allow) D:\games\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Take-Two Interactive Software, Inc. -> Gearbox Software) [File not signed]
FirewallRules: [{89D1FA3D-CF55-4431-A2DC-4EBF58FA954A}] => (Allow) D:\games\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [{A327F79E-7858-4D1F-8F0E-5CAB19D04315}] => (Allow) D:\games\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) [File not signed]
FirewallRules: [{F27520A0-14E5-4CE0-A8E6-719DF9EAF730}] => (Allow) D:\games\steamapps\common\FINAL FANTASY XIV Online\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{86334CC4-A902-4C27-B992-4E00C876E31B}] => (Allow) D:\games\steamapps\common\FINAL FANTASY XIV Online\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{8D2109E4-472A-44AA-881B-9B80D562E403}] => (Allow) D:\games\steamapps\common\Monster Train\MonsterTrain.exe () [File not signed]
FirewallRules: [{21F09EFE-A5F3-456F-8451-59CA49C2FCB6}] => (Allow) D:\games\steamapps\common\Monster Train\MonsterTrain.exe () [File not signed]
FirewallRules: [{18836B7A-A00D-4BDF-80F7-7F59D237FEBA}] => (Allow) D:\games\steamapps\common\Metro 2033\metro2033.exe (THQ, Inc. -> 4A Games)
FirewallRules: [{33C8E280-D1FA-436D-BA75-B134B70C9FC2}] => (Allow) D:\games\steamapps\common\Metro 2033\metro2033.exe (THQ, Inc. -> 4A Games)
FirewallRules: [TCP Query User{4B795619-294D-4DEF-8680-42B927BB18CA}C:\users\kubec\appdata\local\vysor\app-3.1.4\vysor.exe] => (Allow) C:\users\kubec\appdata\local\vysor\app-3.1.4\vysor.exe (Vysor Inc.) [File not signed]
FirewallRules: [UDP Query User{E5779B1D-6124-4222-82BD-276015C2F70F}C:\users\kubec\appdata\local\vysor\app-3.1.4\vysor.exe] => (Allow) C:\users\kubec\appdata\local\vysor\app-3.1.4\vysor.exe (Vysor Inc.) [File not signed]
FirewallRules: [{C7211A0A-8F5E-41D0-BA17-897115D46C2A}] => (Allow) D:\games\steamapps\common\Grim Dawn\x64\Grim Dawn.exe (Crate Entertainment, LLC) [File not signed]
FirewallRules: [{2BCEA1FC-2D44-4F5F-A7BF-05459555D43F}] => (Allow) D:\games\steamapps\common\Grim Dawn\x64\Grim Dawn.exe (Crate Entertainment, LLC) [File not signed]
FirewallRules: [{48664137-17ED-4062-84CF-6DB9F382E9A2}] => (Allow) D:\games\steamapps\common\Bit Heroes\Bit Heroes.exe () [File not signed]
FirewallRules: [{DD00D445-F6F7-4751-90B3-9F03A2779C6C}] => (Allow) D:\games\steamapps\common\Bit Heroes\Bit Heroes.exe () [File not signed]
FirewallRules: [{B86EBDA8-1A42-427C-B2B4-1D9EBF7D610D}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [TCP Query User{539E967B-F31C-458F-9DAD-D621992CABF2}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{516B5FF2-27F5-4847-86FC-BBAF75C99B91}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{032DC7D4-0FE3-42AB-B99D-46DB74D702AB}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{166FE3F4-9C5B-4F87-ACA1-57D30B48785D}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{95F8CEBE-05C2-45BD-900B-15F530EEFB8E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{436D4BF6-0EC1-4BE2-BE58-9B9CABF1DB77}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DCF6DDDF-785F-4EF5-9C92-014698E4C526}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B71A4080-9EC4-4784-A151-784070174188}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{647518C2-56FF-4393-9942-67E2A0C2E994}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{603CB4FF-551B-48D1-AACA-83980243BF04}] => (Allow) C:\Program Files (x86)\Overwolf\0.174.0.10\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{C90F95C3-5FC2-4F6D-8A4E-D0CC4696DD07}] => (Allow) C:\Program Files (x86)\Overwolf\0.174.0.10\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{377258F7-FB9C-4C72-9EEF-B74291D325BC}] => (Block) C:\Program Files (x86)\Overwolf\0.174.0.10\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{FA5A998A-B2D9-46C4-9E72-3DA00C3D572C}] => (Block) C:\Program Files (x86)\Overwolf\0.174.0.10\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{D9331DFD-EF19-4543-AE85-A4269FB333D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BED68357-DE7D-4CB5-BE45-CD90BE2A3D2E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5BBE44A5-93C7-431D-95F5-A3825DC1681C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BF4165DE-8320-49C5-BFE9-C4AC139A34B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{643A1EC5-083D-4BAA-B2CD-00FC31588E6A}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{CC06585A-90E7-4D36-BE5B-CC8D5D0FCF0C}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{D5F37CC9-BB8C-4AB7-8162-4E0ADA64FDE9}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{8FE7016B-3C5F-4634-87C3-AF3B0CAFA1BC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D47E0CCD-2F19-4F05-8EA0-A57D9C8629F5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{435BB392-1E41-4360-9090-A9F5F9F0F2C7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BD8CCB68-63DA-4E9B-A84E-2665F14B83E9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
06-07-2021 21:16:23 Naplánovaný kontrolní bod
12-07-2021 21:38:17 Instalační služba modulů systému Windows
14-07-2021 14:16:18 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/15/2021 11:53:36 AM) (Source: usbperf) (EventID: 2001) (User: )
Description: Nelze přečíst hodnotu First Counter v klíči usbperf\Performance. Kódy stavu byly vráceny v rámci dat.
Error: (07/15/2021 11:53:31 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (07/15/2021 11:53:31 AM) (Source: usbperf) (EventID: 2001) (User: )
Description: Nelze přečíst hodnotu First Counter v klíči usbperf\Performance. Kódy stavu byly vráceny v rámci dat.
Error: (07/15/2021 11:53:18 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Nelze načíst informace registru o čítači výkonu pro WSearchIdxPi pro instanci z důvodu následující chyby: Operace byla dokončena úspěšně. 0x0.
Error: (07/15/2021 11:53:18 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Sledování výkonu objektu indexovacího modulu nebylo inicializováno, protože nejsou načteny čítače nebo nebyl otevřen sdílený objekt paměti. Tato skutečnost má vliv pouze na dostupnost čítačů výkonu. Restartujte počítač.
Kontext: aplikace , katalog SystemIndex
Error: (07/15/2021 11:53:18 AM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Sledování výkonu služby indexovacího modulu nebylo inicializováno, protože nejsou načteny čítače nebo nebyl otevřen sdílený objekt paměti. Tato skutečnost má vliv pouze na dostupnost čítačů výkonu. Restartujte počítač.
Error: (07/14/2021 10:22:07 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Nelze přečíst hodnotu First Counter v klíči usbperf\Performance. Kódy stavu byly vráceny v rámci dat.
Error: (07/14/2021 10:15:28 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Nelze přečíst hodnotu First Counter v klíči usbperf\Performance. Kódy stavu byly vráceny v rámci dat.
System errors:
=============
Error: (07/14/2021 05:21:54 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (07/14/2021 08:24:09 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (07/14/2021 08:24:09 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.
Error: (07/13/2021 10:51:21 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-B8557MG)
Description: Služba DCOM zjistila chybu 1053 při pokusu o spuštění služby BcastDVRUserService_9a606 s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Media.Capture.Internal.AppCaptureShell
Error: (07/13/2021 10:51:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba BcastDVRUserService_9a606 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (07/13/2021 10:51:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby BcastDVRUserService_9a606 bylo dosaženo časového limitu (30000 ms).
Error: (07/13/2021 03:29:30 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (15:25:48, 13.07.2021) bylo neočekávané.
Error: (07/13/2021 03:25:48 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (15:21:13, 13.07.2021) bylo neočekávané.
CodeIntegrity:
===============
Date: 2021-07-12 18:11:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2021-07-12 17:49:45
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1402 04/03/2019
Motherboard: ASUSTeK COMPUTER INC. PRIME B360-PLUS
Processor: Intel(R) Core(TM) i5-9400F CPU @ 2.90GHz
Percentage of memory in use: 50%
Total physical RAM: 16306.59 MB
Available physical RAM: 8086.68 MB
Total Virtual: 18738.59 MB
Available Virtual: 7909.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:222.21 GB) (Free:108 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:465.76 GB) (Free:24.88 GB) NTFS
\\?\Volume{0a03630f-0343-4858-8334-9ca09d672284}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{ec3e820e-d363-4565-9829-e5be1dad7923}\ () (Fixed) (Total:0.81 GB) (Free:0.37 GB) NTFS
\\?\Volume{2f124f43-86f5-4a86-8ba5-36a7bb481e08}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 1CF38A4F)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 65894539)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Předem děkuji za pomoc