VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Zpomalený PC

https://forum.viry.cz:443/viewtopic.php?t=158277

Stránka 1 z 6

Zpomalený PC

Napsal: 26 zář 2021 12:52
od pitrisin
Dobrý den, potřebuji poradit. Mám velice zpomalený pc, vůbec nevím čím by to mohlo být. Divám se do správce úloh a mívám vytížený procesor, disk a paměť, mezitím se to střídá. Třeba mi tam skočí plně zatížený system proces na 100% a tak.
Zasílám logy. Mockrát děkuji za pomoc.

Re: Zpomalený PC

Napsal: 26 zář 2021 12:53
od pitrisin
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-09-2021 02
Ran by Petrk (administrator) on DESKTOP-L4K2NGD (Gigabyte Technology Co., Ltd. H110M-S2HP) (26-09-2021 13:18:30)
Running from C:\Users\Petrk\Desktop
Loaded Profiles: Petrk
Platform: Windows 10 Pro Version 21H1 19043.1237 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\AvBugReport.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\AvBugReport.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe
(Avast Software s.r.o. -> Avast Software) C:\Program Files\Common Files\AVAST Software\Icarus\avast-tu\icarus.exe
(Avira GmbH) [File not signed] C:\Program Files (x86)\Avira\Unerase\unerase.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <16>
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{48EF0EB8-09AD-4FD1-AD22-64C577B92BD9}\EDGEMITMP_FDDC4.tmp\setup.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{48EF0EB8-09AD-4FD1-AD22-64C577B92BD9}\MicrosoftEdge_X64_94.0.992.31_93.0.961.52.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <4>
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Petrk\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.56.11001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20436.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotification.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotificationUx.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_799504293a3d3200\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Softdeluxe) [File not signed] C:\Users\Petrk\AppData\Local\Softdeluxe\Free Download Manager\fdm.exe
(Softdeluxe) [File not signed] C:\Users\Petrk\AppData\Local\Softdeluxe\Free Download Manager\wenativehost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [124184 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3180256 2021-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [2748696 2021-09-20] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [455872 2020-06-22] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779448 2021-05-12] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-05-13] (Adobe Inc. -> )
HKLM-x32\...\Run: [zenvpn] => C:\Program Files (x86)\ZenVPN OpenVPN bundle\bin\zenvpn.exe [9643265 2021-07-05] () [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4282600 2021-09-17] (Valve -> Valve Corporation)
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Run: [Discord] => C:\Users\Petrk\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Run: [com.blitz.app] => C:\Users\Petrk\AppData\Local\Programs\Blitz\Blitz.exe [122577672 2021-09-24] (Swift Media Entertainment, Inc. -> Blitz, Inc.)
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] () [File not signed]
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35093120 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33251808 2021-08-01] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Run: [Free Download Manager] => C:\Users\Petrk\AppData\Local\Softdeluxe\Free Download Manager\fdm.exe [4938752 2021-05-21] (Softdeluxe) [File not signed]
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1806680 2021-09-09] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Run: [DiscordPTB] => C:\Users\Petrk\AppData\Local\DiscordPTB\Update.exe [1512096 2021-05-22] (Discord Inc. -> GitHub)
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Run: [bt] => C:\Users\Petrk\AppData\Roaming\BitTorrent\BitTorrent.exe [2279976 2021-09-23] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\MountPoints2: {0fb1a98e-aa18-11ea-92c6-1c1b0d6559d7} - "D:\Autorun.exe"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\MountPoints2: {c7a269ad-1abf-11ec-9403-1c1b0d6559d7} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\MountPoints2: {c7a269cb-1abf-11ec-9403-1c1b0d6559d7} - "E:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\xrhk1apps: C:\Windows\System32\spool\prtprocs\x64\xrhk1apps.dll [32768 2011-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Xerox)
HKLM\...\Print\Monitors\Xerox WorkCentre 6015B Language Monitor: C:\WINDOWS\system32\xrhk1alm.dll [23040 2011-03-31] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\94.0.4606.61\Installer\chrmstp.exe [2021-09-24] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2021-09-12]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {099FE9D5-AA48-460D-B938-38E5D539AD4E} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {111CFCB1-9D9E-4CF6-85B4-12AF9206F1C3} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [6098200 2021-07-30] (Avast Software s.r.o. -> Avast Software)
Task: {13138879-A237-4824-B2A2-8EF422B901F9} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [6386968 2021-09-16] (Avast Software s.r.o. -> Avast Software)
Task: {1CFD1876-3CA0-4649-99C9-432C6FC45382} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1D3A4A5E-8C0F-4073-8E66-DC252D6E5085} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {27E08082-B518-49CC-A938-04065D06BEEC} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {2B867CD6-8116-4F23-B03B-06DCCAAEFB8F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2021-09-13] (Adobe Inc. -> Adobe)
Task: {311E82C5-E1AF-4D2A-A037-FBF3DF7AA562} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {39E75219-DD57-4AC8-BFDF-FCD212B7F62F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {50AB32BC-E1FE-4460-BC88-0F61986923C6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-30] (Google Inc -> Google LLC)
Task: {55C0234E-7DB1-4556-85DC-CD3B2EF6C8AD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7053744 2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {60C174D7-9E39-4C2B-8567-03DE0FB4292F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-09-10] (Piriform Software Ltd -> Piriform)
Task: {610D731F-11AE-43DF-B89F-66374B12E20B} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {66BD5410-53B2-47B2-8B5C-D2EAFCAA3007} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6B3FC76C-3892-4FDE-BDC5-7DDBEA8B7E98} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7053744 2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {839C6E0F-BABE-4E9E-9923-EA442965A4AC} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4917528 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
Task: {8D662F95-2D6B-4579-91B1-4B90D27E8A4D} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {90067285-830F-4B42-B726-8F05F88D5FC2} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1192216 2021-09-12] (Avast Software s.r.o. -> AVAST Software)
Task: {9D2643F1-7861-4BEA-93DD-DBBFB62F7B59} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A134A5CD-8C88-48CD-88DD-B9D59DD87D75} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4755224 2021-09-20] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid e1a85234-9cc0-4eba-9522-3fc33422dd4c
Task: {A2779BEF-A7CA-4079-A459-DBE053B5A7E5} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {A706E2CC-9E22-4584-BC5F-89362B85E9A2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {A706E2CC-9E22-4584-BC5F-89362B85E9A2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Adobe Flash Player NPAPI Notifier" /ENABLE
Task: {A706E2CC-9E22-4584-BC5F-89362B85E9A2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\Adobe Flash Player Updater" /ENABLE
Task: {A706E2CC-9E22-4584-BC5F-89362B85E9A2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {A706E2CC-9E22-4584-BC5F-89362B85E9A2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {A706E2CC-9E22-4584-BC5F-89362B85E9A2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\CCleanerSkipUAC - Petrk" /ENABLE
Task: {A706E2CC-9E22-4584-BC5F-89362B85E9A2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {A706E2CC-9E22-4584-BC5F-89362B85E9A2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {A706E2CC-9E22-4584-BC5F-89362B85E9A2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\Intel PTT EK Recertification" /ENABLE
Task: {A706E2CC-9E22-4584-BC5F-89362B85E9A2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {A706E2CC-9E22-4584-BC5F-89362B85E9A2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {A706E2CC-9E22-4584-BC5F-89362B85E9A2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {A706E2CC-9E22-4584-BC5F-89362B85E9A2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {A706E2CC-9E22-4584-BC5F-89362B85E9A2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {A706E2CC-9E22-4584-BC5F-89362B85E9A2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {A706E2CC-9E22-4584-BC5F-89362B85E9A2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-438706691-1456983326-2169936386-1001" /ENABLE
Task: {A706E2CC-9E22-4584-BC5F-89362B85E9A2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\Overwolf Updater Task" /ENABLE
Task: {A706E2CC-9E22-4584-BC5F-89362B85E9A2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {AB5DAAB9-5783-40F7-B533-7A328499A942} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AE74F09B-2930-44F1-9F4B-E0C45723A689} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-30] (Google Inc -> Google LLC)
Task: {AEE8D209-AFB0-4109-BAAD-88592F4287C5} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B52F21C7-7C64-46D5-9EE9-09503C7B9FD7} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B6EACE23-2DE4-40DA-B47A-36EDFAD8E41C} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2021-09-13] (Adobe Inc. -> Adobe)
Task: {BB8EA675-CD49-4378-824D-341B14A9DC37} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C288A388-238C-4654-B5AE-4ED149079CE6} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D646E343-7EA8-4A56-89D7-15A2EBDDC6D3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {DD1C29FB-EC12-48DF-B7CF-248861ADCEF3} - System32\Tasks\CCleanerSkipUAC - Petrk => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DF214B9C-AADA-4932-9DCE-00E8F12D52F2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {E1F66D5C-C545-4127-938D-EFB7F08ECBF1} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2483032 2021-09-09] (Overwolf Ltd -> Overwolf LTD)
Task: {E231EF3E-520A-4ABB-8900-2BDE752C4C4C} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4760344 2021-09-12] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid e43a3ecd-1cc8-448e-9e61-c30cd7c04183
Task: {E3CE8369-8381-4F2C-B2A0-3666D35CEB0C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139128 2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {EBF3A2C0-3932-4BB1-86ED-774BEDFA0E61} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F46A6BDC-0008-43C8-8660-74A30080E145} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {FDBC6147-79B9-4BFC-B4F5-A2FD118E26E0} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {FE53D70D-1893-4D83-BFD7-63F0E71E49AA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139128 2021-08-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{00ab76ad-373b-496c-9cf0-4588e453c289}: [DhcpNameServer] 10.8.0.1
Tcpip\..\Interfaces\{30135f4c-b012-40a3-8782-afaf0ab8d8cf}: [NameServer] 100.122.0.0
Tcpip\..\Interfaces\{34f189e7-70f0-4e10-ab08-7451bde8fc04}: [NameServer] 100.120.41.1
Tcpip\..\Interfaces\{bdfa07f8-f4f9-4a26-a3ed-28bb44b9ca41}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{bdfa07f8-f4f9-4a26-a3ed-28bb44b9ca41}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{caf344f0-9ad7-4230-b0ab-cf7003985567}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Petrk\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-26]
Edge Extension: (IDM Integration Module) - C:\Users\Petrk\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-03-11]
Edge HKU\S-1-5-21-438706691-1456983326-2169936386-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2020-10-30]

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2021-09-13] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-08-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-08-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-05-12] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2021-09-13] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-08-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-08-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-09-09] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-05-12] (Adobe Inc. -> Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default [2021-09-26]
CHR Notifications: Default -> hxxps://bets.net; hxxps://csgo.fastcup.net; hxxps://csgo500.com; hxxps://csgoatse.com; hxxps://esportal.com; hxxps://kfc.cz; hxxps://www.tradingview.com; hxxps://www1.bethanyharrell.pro; hxxps://www1.ramirocampos.pro; hxxps://www2a.delmarmora.pro
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://www.google.co ... oogle.com/"
CHR DefaultSearchURL: Default -> hxxps://app.gala.games/favicon.ico
CHR Extension: (Prezentace) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-30]
CHR Extension: (Free Download Manager) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2021-08-08]
CHR Extension: (The FFZ Add-On Pack) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimboljphncldaakcnapfolgnjonlea [2021-05-26]
CHR Extension: (BetterTTV) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2021-09-23]
CHR Extension: (7TV) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammjkodgmmoknidbanneddgankgfejfh [2021-09-22]
CHR Extension: (Dokumenty) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-30]
CHR Extension: (Disk Google) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-09-30]
CHR Extension: (Steam Inventory Helper) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2021-06-11]
CHR Extension: (Black green shards) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\cojkleigdijnbfecdhjigpgalhfhkdee [2019-09-30]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2021-09-17]
CHR Extension: (FrankerFaceZ) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2019-09-30]
CHR Extension: (Tabulky) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-09-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-23]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-09-18]
CHR Extension: (Gala Games Web Application) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\mapmolmdehlbdldnpoaadfmhnmaidfld [2021-03-29]
CHR Extension: (FACEIT Enhancer) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\mokknliiomknodkdmpcellamkopbdmao [2021-09-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Esportal Enhancer) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\olmfkdaefegfpkolccopfmohncemakcj [2020-10-10]
CHR Extension: (Gmail) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Profile: C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\System Profile [2021-05-20]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2021-09-13] (Adobe Inc. -> Adobe)
S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842424 2021-05-12] (Adobe Inc. -> Adobe Inc.)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3779840 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3547904 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8303184 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [630040 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1633048 2021-09-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [377624 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-05-06] (BattlEye Innovations e.K. -> )
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [15049496 2021-09-20] (Avast Software s.r.o. -> AVAST Software)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9166736 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2021-07-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [595888 2021-08-05] (EasyAntiCheat Oy -> Epic Games, Inc.)
S4 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7497336 2021-08-27] (Malwarebytes Inc -> Malwarebytes)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2556048 2021-07-15] (Electronic Arts, Inc. -> Electronic Arts)
S4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3474584 2021-07-15] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2483032 2021-09-09] (Overwolf Ltd -> Overwolf LTD)
S4 postgresql-x64-9.5; C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe [94208 2016-08-09] (PostgreSQL Global Development Group) [File not signed]
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1848624 2021-07-29] (Rockstar Games, Inc. -> Rockstar Games)
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [8807704 2021-09-12] (Avast Software s.r.o. -> AVAST Software)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13103632 2020-09-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10202040 2021-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_799504293a3d3200\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_799504293a3d3200\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 acdrv; C:\WINDOWS\system32\drivers\acdrv.sys [4670856 2020-04-25] (OnMoon Company LLC -> )
S3 ACE-BASE; C:\WINDOWS\system32\drivers\ACE-BASE.sys [1732736 2021-09-12] (Tencent Technology(Shenzhen) Company Limited -> ANTICHEATEXPERT.COM)
S3 ACE-GAME; C:\WINDOWS\system32\drivers\ACE-GAME.sys [752768 2021-09-12] (Tencent Technology(Shenzhen) Company Limited -> ANTICHEATEXPERT.COM)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [221584 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [367632 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250384 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99344 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17344 2021-08-11] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41344 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [184120 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [538464 2021-09-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107840 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82904 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851704 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [553496 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215384 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2021-09-12] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [328568 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [56960 2021-09-12] (Avast Software s.r.o. -> Avast Software)
R3 aswWintun; C:\WINDOWS\System32\drivers\aswWintun.sys [37104 2021-09-12] (Avast Software s.r.o. -> WireGuard LLC)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 EspoDriver; C:\WINDOWS\system32\drivers\EspoDriver.sys [6146048 2021-09-15] (Esportal AB -> )
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-09-30] (Martin Malik - REALiX -> REALiX(tm))
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-08-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-08-27] (Malwarebytes Inc -> Malwarebytes)
S3 MpKslc794175d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5B7C841C-3E56-4E4D-9541-5BC198A31780}\MpKslDrv.sys [107752 2021-07-31] (Microsoft Windows -> Microsoft Corporation)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2014-11-05] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tesrsdt; C:\WINDOWS\system32\drivers\tesrsdt.sys [442128 2019-10-07] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 TesSafe; C:\WINDOWS\system32\TesSafe.sys [555064 2019-10-14] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8234240 2021-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-26 13:07 - 2021-09-22 22:33 - 002304512 _____ (Farbar) C:\Users\Petrk\Desktop\FRST64.exe
2021-09-26 12:59 - 2021-09-26 12:59 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira Unerase Personal
2021-09-26 12:53 - 2021-09-26 12:53 - 000002076 _____ C:\Users\Public\Desktop\Avast Premium Security.lnk
2021-09-26 12:46 - 2021-09-07 12:35 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-09-26 12:30 - 2021-09-26 12:31 - 000303960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-09-26 12:27 - 2021-09-26 12:27 - 000000000 _____ C:\WINDOWS\WMSysPp1020
2021-09-26 11:25 - 2021-09-26 11:25 - 000000000 ____D C:\Program Files (x86)\Avira
2021-09-24 13:18 - 2021-09-24 13:18 - 000000000 ____D C:\Users\Petrk\Downloads\AGFY-GAS STATION SIM
2021-09-23 21:39 - 2021-09-24 00:16 - 000000000 ____D C:\Users\Petrk\Downloads\Gas Station Simulator
2021-09-23 21:35 - 2021-09-23 21:35 - 003567649 _____ C:\Users\Petrk\Downloads\Gas.Station.Simulator.v1.0.1.37785.torrent
2021-09-23 20:37 - 2021-09-23 20:37 - 000000000 ____D C:\Users\Public\Documents\Steam
2021-09-23 20:37 - 2021-09-23 20:37 - 000000000 ____D C:\Users\Petrk\AppData\Local\GSS2
2021-09-23 19:18 - 2021-09-23 20:17 - 000000000 ____D C:\Users\Petrk\Downloads\Gas Station Simulator 1
2021-09-23 19:15 - 2021-09-23 19:15 - 003568389 _____ C:\Users\Petrk\Downloads\Gas.Station.Simulator.v1.0.1.37829.torrent
2021-09-23 19:13 - 2021-09-24 00:18 - 000000000 ____D C:\Users\Petrk\AppData\Local\BitTorrentHelper
2021-09-23 19:12 - 2021-09-24 09:38 - 000001103 _____ C:\Users\Petrk\Desktop\BitTorrent.lnk
2021-09-23 19:12 - 2021-09-24 00:19 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\BitTorrent
2021-09-23 19:11 - 2021-09-23 19:11 - 000000000 ____D C:\Users\Petrk\AppData\Local\Adaware
2021-09-23 19:10 - 2021-09-23 19:11 - 004932568 _____ (BitTorrent Inc.) C:\Users\Petrk\Downloads\BitTorrent.exe
2021-09-22 22:33 - 2021-09-22 22:33 - 002304512 _____ (Farbar) C:\Users\Petrk\Downloads\FRST64.exe
2021-09-19 11:58 - 2021-09-20 09:49 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\EasyAntiCheat
2021-09-17 00:47 - 2021-09-17 00:47 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-17 00:47 - 2021-09-17 00:47 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-09-17 00:47 - 2021-09-17 00:47 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-09-17 00:47 - 2021-09-17 00:47 - 000170496 _____ C:\WINDOWS\system32\DeviceUpdateCenterCsp.dll
2021-09-17 00:46 - 2021-09-17 00:46 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-17 00:46 - 2021-09-17 00:46 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-17 00:46 - 2021-09-17 00:46 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-09-17 00:46 - 2021-09-17 00:46 - 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-17 00:45 - 2021-09-17 00:45 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-17 00:45 - 2021-09-17 00:45 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-17 00:45 - 2021-09-17 00:45 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-17 00:45 - 2021-09-17 00:45 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-17 00:45 - 2021-09-17 00:45 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-17 00:44 - 2021-09-17 00:44 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-17 00:44 - 2021-09-17 00:44 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-17 00:44 - 2021-09-17 00:44 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-17 00:44 - 2021-09-17 00:44 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-17 00:44 - 2021-09-17 00:44 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-09-17 00:43 - 2021-09-17 00:43 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-17 00:43 - 2021-09-17 00:43 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-17 00:43 - 2021-09-17 00:43 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-16 23:52 - 2021-09-16 23:52 - 000000000 ___HD C:\$WinREAgent
2021-09-16 19:10 - 2021-09-16 19:10 - 1860610614 _____ C:\Users\Petrk\Downloads\AGFY-GAS STATION SIM.rar
2021-09-15 22:45 - 2021-09-26 12:23 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\discordptb
2021-09-15 22:44 - 2021-09-26 11:39 - 000000000 ____D C:\Users\Petrk\AppData\Local\DiscordPTB
2021-09-15 22:34 - 2021-09-15 22:36 - 000000000 ____D C:\Users\Petrk\AppData\Local\Discord
2021-09-15 01:50 - 2021-09-15 01:50 - 000000000 ____D C:\Users\Petrk\Downloads\ACLib
2021-09-14 21:12 - 2021-09-14 21:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TopCD
2021-09-14 21:10 - 2021-09-14 21:12 - 000000000 ____D C:\Program Files\Kobra 11 Nitro
2021-09-14 01:59 - 2021-09-20 09:49 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\dvdcss
2021-09-13 08:45 - 2021-09-16 17:05 - 000000000 ____D C:\Users\Petrk\Desktop\GAMES
2021-09-13 08:39 - 2021-09-26 13:34 - 000003774 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2021-09-13 08:39 - 2021-09-26 13:34 - 000003488 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2021-09-13 08:39 - 2021-09-13 08:39 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2021-09-13 08:39 - 2021-09-13 08:39 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2021-09-13 08:39 - 2021-09-13 08:39 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-09-12 16:28 - 2021-09-12 16:28 - 000000000 ____D C:\WINDOWS\Panther
2021-09-12 15:07 - 2021-09-26 12:23 - 000000000 ____D C:\WINDOWS\system32\gf2engine
2021-09-12 15:07 - 2021-09-12 15:07 - 000002125 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Cleanup Premium.lnk
2021-09-12 14:34 - 2021-09-26 12:53 - 000002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2021-09-12 14:29 - 2021-09-12 14:29 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2021-09-12 14:29 - 2021-09-12 14:29 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2021-09-12 14:29 - 2021-09-12 14:28 - 000538464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-09-12 14:28 - 2021-09-16 16:40 - 000000000 ____D C:\Program Files (x86)\Avast Software
2021-09-12 14:27 - 2021-09-26 12:32 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2021-09-12 14:27 - 2021-09-16 18:52 - 000036120 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2021-09-12 14:27 - 2021-09-12 14:27 - 000056960 _____ (Avast Software) C:\WINDOWS\system32\Drivers\aswVpnRdr.sys
2021-09-12 14:27 - 2021-09-12 14:27 - 000053904 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\aswTap.sys
2021-09-12 14:27 - 2021-09-12 14:27 - 000037104 _____ (WireGuard LLC) C:\WINDOWS\system32\Drivers\aswWintun.sys
2021-09-12 14:27 - 2021-09-12 14:27 - 000002149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SecureLine VPN.lnk
2021-09-10 22:22 - 2021-09-10 22:22 - 000000013 _____ C:\Users\Petrk\Desktop\valorant SENSI..txt
2021-09-08 22:20 - 2021-09-08 22:20 - 000000072 _____ C:\WINDOWS\system32\AdsInfoCls
2021-09-08 19:01 - 2021-09-08 19:01 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\GMEGLOBAL
2021-09-08 16:33 - 2021-09-16 16:38 - 000000000 ____D C:\Program Files\AntiCheatExpert
2021-09-08 16:33 - 2021-09-12 17:33 - 001732736 _____ (ANTICHEATEXPERT.COM) C:\WINDOWS\system32\Drivers\ACE-BASE.sys
2021-09-08 16:33 - 2021-09-12 17:33 - 000752768 _____ (ANTICHEATEXPERT.COM) C:\WINDOWS\system32\Drivers\ACE-GAME.sys
2021-09-08 16:32 - 2021-09-12 17:54 - 000000000 ____D C:\ProgramData\AntiCheatExpert
2021-09-08 16:18 - 2021-09-08 16:42 - 000000000 ____D C:\Users\Petrk\AppData\Local\Tiger
2021-09-07 12:36 - 2021-09-07 12:35 - 000215384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-09-05 09:01 - 2021-09-10 17:50 - 000000000 ____D C:\Users\Petrk\AppData\LocalLow\IGDump
2021-09-02 18:27 - 2021-09-15 21:39 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\cookie-electron
2021-09-02 17:50 - 2021-09-02 17:50 - 000000223 _____ C:\Users\Petrk\Desktop\Cookie Clicker.url
2021-08-27 19:50 - 2021-08-27 19:54 - 000000000 ____D C:\Users\Petrk\Documents\My Spore Creations
2021-08-27 19:50 - 2021-08-27 19:53 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\Spore
2021-08-27 19:50 - 2021-08-27 19:50 - 000001244 _____ C:\AiOLog.txt
2021-08-27 19:48 - 2021-08-27 19:48 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\SPORE Collection_Uninstall
2021-08-27 19:48 - 2021-08-27 19:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2021-08-27 19:29 - 2021-08-27 19:51 - 000000000 ____D C:\AiO-Files
2021-08-27 16:28 - 2021-08-27 16:28 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-08-27 16:28 - 2021-08-27 16:28 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-08-27 16:27 - 2021-08-27 16:27 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-08-27 16:27 - 2021-08-27 16:27 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-08-27 16:27 - 2021-08-27 16:27 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-08-27 16:25 - 2021-08-27 16:25 - 000000000 ____D C:\Program Files\Malwarebytes

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-26 13:34 - 2021-08-19 09:55 - 000002252 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Petrk
2021-09-26 13:34 - 2021-07-16 01:04 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-09-26 13:34 - 2021-07-16 01:04 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-26 13:34 - 2021-07-13 22:38 - 000003244 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2021-09-26 13:34 - 2020-11-06 08:41 - 000003220 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2021-09-26 13:34 - 2020-11-05 21:16 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-09-26 13:34 - 2020-11-05 21:16 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-26 13:34 - 2020-11-05 21:16 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-26 13:34 - 2020-11-05 21:16 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-26 13:34 - 2020-11-05 21:16 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-09-26 13:34 - 2020-11-05 21:16 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-26 13:34 - 2020-11-05 21:16 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-26 13:34 - 2020-11-05 21:16 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-438706691-1456983326-2169936386-1001
2021-09-26 13:34 - 2020-11-05 21:16 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-26 13:34 - 2020-11-05 21:16 - 000002236 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-09-26 13:34 - 2020-11-05 21:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-09-26 13:28 - 2021-05-20 14:23 - 000042669 _____ C:\Users\Petrk\Desktop\FRST.txt
2021-09-26 13:24 - 2021-05-20 14:11 - 000000000 ____D C:\FRST
2021-09-26 13:23 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-26 13:19 - 2020-04-06 02:04 - 000000000 ____D C:\Program Files\CCleaner
2021-09-26 13:18 - 2020-12-24 00:33 - 000000000 ____D C:\Users\postgres
2021-09-26 13:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-09-26 13:17 - 2020-06-06 13:28 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-26 13:17 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-26 12:52 - 2020-11-05 21:16 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-09-26 12:46 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-09-26 12:46 - 2019-09-30 19:53 - 000000000 ____D C:\ProgramData\NVIDIA
2021-09-26 12:39 - 2019-10-04 23:05 - 000000000 ____D C:\Users\Petrk\AppData\Local\CrashDumps
2021-09-26 12:39 - 2019-09-30 17:57 - 000000000 ____D C:\Program Files (x86)\Steam
2021-09-26 12:38 - 2020-04-10 21:12 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-09-26 12:37 - 2019-09-30 16:21 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-26 12:33 - 2020-11-05 20:47 - 000000000 ____D C:\Users\Petrk
2021-09-26 12:32 - 2019-10-01 17:02 - 000000000 ____D C:\ProgramData\AVAST Software
2021-09-26 12:30 - 2020-11-05 21:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-09-26 12:30 - 2020-11-05 20:40 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-26 12:23 - 2021-08-17 21:10 - 000000000 ____D C:\Program Files\Riot Vanguard
2021-09-26 12:23 - 2021-07-05 21:53 - 000000000 ____D C:\Program Files\TAP-Windows
2021-09-26 12:23 - 2021-04-01 17:32 - 000000000 ____D C:\Users\Petrk\AppData\Local\LostRelics
2021-09-26 12:23 - 2021-01-19 22:00 - 000000000 ____D C:\Users\Petrk\Desktop\zbytek
2021-09-26 12:23 - 2020-11-07 15:45 - 000000000 ___HD C:\GrandeDevice
2021-09-26 12:23 - 2020-06-17 12:55 - 000000000 ____D C:\Program Files (x86)\LEGO MARVEL Super Heroes
2021-09-26 12:23 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-09-26 11:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\registration
2021-09-26 11:40 - 2019-10-02 19:44 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\Blitz
2021-09-26 11:39 - 2019-09-30 18:20 - 000000000 ____D C:\ProgramData\Riot Games
2021-09-26 09:34 - 2020-11-05 20:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-09-25 17:54 - 2019-09-30 20:09 - 000000000 ____D C:\Users\Petrk\AppData\Local\D3DSCache
2021-09-25 16:42 - 2021-05-18 13:32 - 000000032 _____ C:\Users\Petrk\AppData\Roaming\.machineId
2021-09-24 10:41 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-09-24 10:08 - 2019-09-30 16:26 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-09-24 10:08 - 2019-09-30 16:26 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-09-24 09:38 - 2021-03-10 21:34 - 000002460 _____ C:\Users\Petrk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mavis Hub.lnk
2021-09-24 09:38 - 2020-11-05 20:47 - 000002520 _____ C:\Users\Petrk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-24 09:38 - 2020-04-08 02:49 - 000002404 _____ C:\Users\Petrk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blitz.lnk
2021-09-23 21:54 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-09-22 18:46 - 2021-07-13 22:37 - 000000000 ____D C:\Program Files (x86)\Overwolf
2021-09-20 09:49 - 2019-10-01 19:45 - 000000000 ____D C:\Users\Petrk\AppData\Local\SquirrelTemp
2021-09-17 22:18 - 2019-10-01 19:45 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\Discord
2021-09-17 15:27 - 2020-10-06 18:48 - 000000000 ____D C:\Program Files\esportal-client
2021-09-17 09:07 - 2020-11-05 21:00 - 002635886 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-09-17 09:07 - 2020-10-29 09:37 - 000783992 _____ C:\WINDOWS\system32\perfh019.dat
2021-09-17 09:07 - 2020-10-29 09:37 - 000158144 _____ C:\WINDOWS\system32\perfc019.dat
2021-09-17 09:07 - 2019-12-07 16:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2021-09-17 09:07 - 2019-12-07 16:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2021-09-17 08:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-09-17 08:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-09-17 08:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-09-17 08:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-09-17 08:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-09-17 08:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-09-17 08:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-09-17 08:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-09-17 08:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-09-17 08:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-09-17 08:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-09-17 08:55 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-09-17 08:55 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-09-17 08:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-09-17 08:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-09-17 08:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-09-17 08:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-09-17 08:42 - 2019-12-07 16:35 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\TS3Client
2021-09-17 08:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-09-17 00:58 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-09-16 16:43 - 2021-07-13 22:34 - 000000000 ____D C:\Users\Petrk\AppData\Local\Overwolf
2021-09-16 16:41 - 2019-12-26 15:54 - 000000000 ____D C:\Program Files (x86)\GameforgeClient
2021-09-16 16:38 - 2019-10-17 16:12 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-09-16 16:22 - 2021-07-05 21:22 - 000000000 ____D C:\Program Files (x86)\Proton Technologies
2021-09-16 16:08 - 2021-04-11 17:38 - 000000000 ____D C:\Users\Petrk\Desktop\textove soubory
2021-09-16 03:02 - 2019-09-30 22:17 - 000000000 ____D C:\Users\Petrk\AppData\Local\ElevatedDiagnostics
2021-09-15 22:45 - 2019-10-01 19:45 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-09-15 15:59 - 2021-05-16 08:54 - 006146048 ____S C:\WINDOWS\system32\Drivers\EspoDriver.sys
2021-09-15 09:10 - 2019-09-30 16:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-15 08:46 - 2019-09-30 16:14 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-14 17:08 - 2020-05-16 14:32 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-09-14 02:29 - 2019-12-23 18:37 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\vlc
2021-09-14 01:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-09-13 08:47 - 2021-01-28 17:54 - 000000000 ____D C:\Users\Petrk\Desktop\obrazky
2021-09-13 08:42 - 2019-12-07 16:35 - 000000970 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2021-09-13 08:40 - 2019-10-01 16:23 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-09-13 08:40 - 2019-10-01 16:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-09-13 08:40 - 2019-10-01 16:23 - 000000000 ____D C:\Program Files\WinRAR
2021-09-13 08:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-09-12 21:56 - 2020-10-12 20:47 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-09-12 18:24 - 2020-11-05 21:16 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-12 18:24 - 2020-11-05 21:16 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-12 18:24 - 2020-11-05 21:16 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-12 18:24 - 2020-11-05 21:16 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-12 17:57 - 2020-11-30 09:06 - 000003378 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b3a5a8889aed
2021-09-12 17:57 - 2020-11-05 21:16 - 000003572 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-09-12 17:57 - 2020-11-05 21:16 - 000003348 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-09-12 16:15 - 2021-05-12 19:38 - 000002672 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-09-12 16:12 - 2020-01-23 23:47 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\TeamViewer
2021-09-12 16:12 - 2019-12-23 22:35 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\Sony
2021-09-12 16:12 - 2019-10-04 19:06 - 000000000 ____D C:\Users\Petrk\Documents\Euro Truck Simulator 2
2021-09-12 16:11 - 2021-07-24 23:29 - 000000000 ____D C:\Users\Petrk\Desktop\FiveM
2021-09-12 16:11 - 2020-02-29 17:03 - 000000000 ____D C:\Users\Petrk\Desktop\Adobe Illustrator CC 2019
2021-09-12 16:11 - 2019-10-20 09:31 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2021-09-12 15:52 - 2021-05-12 19:37 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-09-12 15:27 - 2019-10-01 21:11 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\AVAST Software
2021-09-12 15:27 - 2019-10-01 17:04 - 000000000 ____D C:\Program Files\AVAST Software
2021-09-12 14:42 - 2021-07-05 21:53 - 000000000 ____D C:\ProgramData\ZenVPN
2021-09-12 14:42 - 2021-07-05 21:53 - 000000000 ____D C:\Program Files (x86)\ZenVPN OpenVPN bundle
2021-09-12 14:27 - 2019-10-01 17:29 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2021-09-12 08:57 - 2021-05-03 15:46 - 000000000 ____D C:\WINDOWS\Minidump
2021-09-09 17:05 - 2021-04-11 17:37 - 000000000 ____D C:\Users\Petrk\Desktop\Filmy
2021-09-08 16:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\tracing
2021-09-08 16:36 - 2019-09-30 20:09 - 000000000 ____D C:\ProgramData\Package Cache
2021-09-07 12:36 - 2019-10-01 17:29 - 000328568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-09-07 12:35 - 2020-10-22 18:47 - 000184120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-09-07 12:35 - 2019-10-01 17:29 - 000851704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-09-07 12:35 - 2019-10-01 17:29 - 000553496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-09-07 12:35 - 2019-10-01 17:29 - 000367632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-09-07 12:35 - 2019-10-01 17:29 - 000250384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-09-07 12:35 - 2019-10-01 17:29 - 000221584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-09-07 12:35 - 2019-10-01 17:29 - 000107840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-09-07 12:35 - 2019-10-01 17:29 - 000099344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-09-07 12:35 - 2019-10-01 17:29 - 000082904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-09-07 12:35 - 2019-10-01 17:29 - 000041344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-09-04 19:05 - 2019-12-28 19:29 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\obs-studio
2021-09-04 12:18 - 2020-09-21 00:00 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-31 09:10 - 2021-01-15 23:20 - 000000000 ____D C:\Program Files\Microsoft Office
2021-08-28 10:21 - 2020-06-14 09:30 - 000000000 ____D C:\Program Files\Java
2021-08-28 10:21 - 2020-04-19 22:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-08-28 10:20 - 2020-04-19 22:45 - 000000000 ____D C:\Program Files (x86)\Java
2021-08-28 10:15 - 2020-06-14 09:30 - 000191832 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2021-08-28 10:14 - 2020-04-19 22:45 - 000164696 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2021-08-27 19:38 - 2020-01-31 19:57 - 000000000 ____D C:\games
2021-08-27 16:55 - 2021-07-01 15:55 - 000000000 ____D C:\Users\Petrk\AppData\Local\OriginalApplicationSetup
2021-08-27 16:55 - 2020-02-07 11:38 - 000000000 ____D C:\Program Files (x86)\uTorrent
2021-08-27 08:39 - 2020-04-24 10:29 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2021-08-27 08:39 - 2020-03-28 23:57 - 002163152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2021-08-27 08:39 - 2020-03-28 23:57 - 000307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2021-08-27 08:39 - 2020-03-28 23:57 - 000213456 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2021-08-27 08:39 - 2020-03-28 23:57 - 000188856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2021-08-27 08:39 - 2020-03-28 23:57 - 000061904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe

==================== Files in the root of some directories ========

2021-05-18 13:32 - 2021-09-25 16:42 - 000000032 _____ () C:\Users\Petrk\AppData\Roaming\.machineId
2021-06-26 12:02 - 2021-07-02 16:07 - 095884942 _____ () C:\Users\Petrk\AppData\Roaming\gta5_patch.bin
2020-12-07 19:48 - 2020-12-07 20:20 - 000000099 _____ () C:\Users\Petrk\AppData\Roaming\LauncherSettings_live.cfg
2021-06-26 12:02 - 2021-06-26 12:02 - 000332800 _____ () C:\Users\Petrk\AppData\Roaming\patcher.dll
2020-12-07 19:51 - 2020-12-07 19:51 - 000002577 _____ () C:\Users\Petrk\AppData\Roaming\TheHunterSettings_live.bin
2020-12-07 19:54 - 2020-12-07 19:55 - 000000050 _____ () C:\Users\Petrk\AppData\Roaming\TheHunterSettings_steam_live.cfg
2020-04-06 02:18 - 2020-04-06 02:18 - 000407216 _____ () C:\Users\Petrk\AppData\Local\ars.cache
2020-04-06 02:20 - 2020-04-06 02:20 - 001135712 _____ () C:\Users\Petrk\AppData\Local\census.cache
2020-04-06 00:43 - 2020-04-06 00:43 - 000000036 _____ () C:\Users\Petrk\AppData\Local\housecall.guid.cache
2021-05-12 19:07 - 2021-05-12 19:07 - 000000410 _____ () C:\Users\Petrk\AppData\Local\oobelibMkey.log
2020-07-09 23:03 - 2021-04-10 11:15 - 000003668 _____ () C:\Users\Petrk\AppData\Local\PlariumPlay.log
2020-07-29 17:44 - 2020-07-29 17:44 - 000007598 _____ () C:\Users\Petrk\AppData\Local\Resmon.ResmonCfg
2020-04-06 01:35 - 2020-04-06 01:35 - 000000010 _____ () C:\Users\Petrk\AppData\Local\sponge.last.runtime.cache
2020-01-30 11:48 - 2020-01-30 11:49 - 000011654 _____ () C:\Users\Petrk\AppData\Local\WiDiSetupLog.20200130.104832.txt

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: Zpomalený PC

Napsal: 26 zář 2021 12:54
od pitrisin
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-09-2021 02
Ran by Petrk (26-09-2021 13:35:13)
Running from C:\Users\Petrk\Desktop
Windows 10 Pro Version 21H1 19043.1237 (X64) (2020-11-05 19:17:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-438706691-1456983326-2169936386-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-438706691-1456983326-2169936386-503 - Limited - Disabled)
Guest (S-1-5-21-438706691-1456983326-2169936386-501 - Limited - Disabled)
Petrk (S-1-5-21-438706691-1456983326-2169936386-1001 - Administrator - Enabled) => C:\Users\Petrk
postgres (S-1-5-21-438706691-1456983326-2169936386-1002 - Limited - Enabled) => C:\Users\postgres
WDAGUtilityAccount (S-1-5-21-438706691-1456983326-2169936386-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Disabled - Up to date) {05BC7AB5-FF0E-71EC-1054-15DA19B62DC7}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
FW: COMODO Firewall (Disabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.007.20091 - Adobe Systems Incorporated)
Adobe After Effects CC 2019 (HKLM-x32\...\AEFT_16_0) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.4.5.550 - Adobe Inc.)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Apowersoft Video Konvertor V4.8.4.24 (HKLM-x32\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.8.4.24 - APOWERSOFT LIMITED)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 21.3.10678.4990 - Avast Software)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 21.7.2481 - Avast Software)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.12.5655.2712 - Avast Software)
Avira Unerase Personal (HKLM-x32\...\Avira Unerase Personal) (Version: - )
AviSynth 2.5 (HKLM-x32\...\Avisynth) (Version: - )
Barn Finders (HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Barn Finders) (Version: - HOODLUM)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Ben and Ed - Blood Party (HKLM\...\YmVuYW5kZWRibG9vZHBhcnR5_is1) (Version: 1 - )
BitTorrent (HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\BitTorrent) (Version: 7.10.5.46097 - BitTorrent Inc.)
Blackmagic RAW Common Components (HKLM\...\{0F3BD969-5F12-4734-A4EF-91B30FB9B1D5}) (Version: 2.0 - Blackmagic Design)
Blitz (HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 1.15.50 - Blitz, Inc.)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.85 - Piriform)
CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
CPUID HWMonitor 1.44 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.44 - CPUID, Inc.)
Cyberpunk 2077 (HKLM-x32\...\Cyberpunk 2077_is1) (Version: - )
DaVinci Resolve (HKLM\...\{71FDE96C-DE54-4BFB-83CF-0C000C7602A6}) (Version: 17.0.00018 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{79BE47CF-4B6B-428D-9313-3DFD1924FB97}) (Version: 1.5.0.0 - Blackmagic Design)
Discord (HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Discord) (Version: 1.0.9002 - Discord Inc.)
Discord PTB (HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\DiscordPTB) (Version: 1.0.1008 - Discord Inc.)
Drug Dealer Simulator (HKLM-x32\...\Drug Dealer Simulator_is1) (Version: - )
Epic Games Launcher (HKLM-x32\...\{53041896-BE90-4A26-9954-9E9FDC7D4495}) (Version: 1.1.229.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.2.1 - )
Esportal Client (HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Esportal Client Installer) (Version: - Esportal)
Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.13 - Blackmagic Design)
Fall Guys Tracker (HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Overwolf_boagepiocdhgngpcogedeaomcdiomjhomdkjjepm) (Version: 0.1.64 - Overwolf app)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free Download Manager (HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\{0C1D4CF2-5575-4786-834C-B0FC977E9714}}_is1) (Version: 6.14.2.3973 - Softdeluxe)
GameInput Redistributable (HKLM-x32\...\{7E52156F-18FE-B953-BEA9-6BE6A77AFDFF}) (Version: 10.1.19041.3906 - Microsoft Corporation)
G-Loot (HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Overwolf_ilhhbpdpcedbknejiojcocmkjjmbigfbajehlipi) (Version: 5.1.32 - Overwolf app)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 94.0.4606.61 - Google LLC)
Grand Theft Auto: San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.0.0.22 - Rockstar Games)
Grand Theft Auto: San Andreas (HKLM-x32\...\Grand Theft Auto: San Andreas) (Version: 1.0.0.22 - Rockstar Games)
Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.1.175 - Riot Games, Inc.)
HLAE (HKLM-x32\...\{EBBAA9C4-621F-4440-B12C-0D30E28BC95D}) (Version: 2.113.9 - advancedfx.org)
HLAE Installer (HKLM-x32\...\{f019abd3-6ecf-4d67-ad89-970d1c2be921}) (Version: 2.113.9 - advancedfx.org)
House Flipper HGTV (HKLM-x32\...\House Flipper HGTV_is1) (Version: - )
Chatterino version default (HKLM\...\{F5FE6614-04D4-4D32-8600-0ABA0AC113A4}_is1) (Version: default - Daniel Schnabel)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Java 8 Update 301 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180301F0}) (Version: 8.0.3010.9 - Oracle Corporation)
Java 8 Update 301 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180301F0}) (Version: 8.0.3010.9 - Oracle Corporation)
Kobra 11 Nitro (HKLM-x32\...\{5AAA952E-B15E-47E0-94E4-DD6DC7B9C796}_is1) (Version: 3.0.0.CZ - US - ACTION, s.r.o.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
LEGO MARVEL Super Heroes (HKLM-x32\...\LEGO MARVEL Super Heroes_is1) (Version: - Warner Bros. Games)
LEGO® Star Wars™ - The Complete Saga (HKLM-x32\...\1731318270_is1) (Version: 1.0 - GOG.com)
LEGO® Star Wars™: The Complete Saga (HKLM-x32\...\InstallShield_{D596980D-17BE-4425-B8F0-5640719AADE9}) (Version: 1.00.0000 - LucasArts)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Lost Relics (HKLM-x32\...\Lost Relics 000173) (Version: 000173 - Codebit Labs)
Magic Bullet Suite v13.0.2 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 13.0.2 - Red Giant, LLC)
Malwarebytes version 4.4.5.130 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.5.130 - Malwarebytes)
Mavis Hub 1.3.0 (HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\{cc9e8b63-ffef-5371-bb50-2dfd3e6be1f2}) (Version: 1.3.0 - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 94.0.992.31 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 94.0.992.31 - Microsoft Corporation)
Microsoft Office Mondo 2016 - cs-cz (HKLM\...\MondoRetail - cs-cz) (Version: 16.0.14326.20238 - Microsoft Corporation)
Microsoft Office Mondo 2016 - en-us (HKLM\...\MondoRetail - en-us) (Version: 16.0.14326.20238 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\OneDriveSetup.exe) (Version: 21.160.0808.0002 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{650c9b4a-60ec-4e4e-8d8e-32d85ce3b7c5}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MKVToolNix 44.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 44.0.0 - Moritz Bunkus)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 471.68 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.68 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 24.0.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20238 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20238 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.102.48654 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.180.0.5 - Overwolf Ltd.)
Pavtube Video Converter Ultimate Ver 4.9.3.0 (HKLM-x32\...\{682B3199-76C3-4745-B7AE-FC13F6676421}_is1) (Version: - )
Peace (HKLM\...\Peace) (Version: 1.5.2.0 - P.E. Verbeek)
PostgreSQL 9.5 (HKLM\...\PostgreSQL 9.5) (Version: 9.5 - PostgreSQL Global Development Group)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.7 - Power Software Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8899.1 - Realtek Semiconductor Corp.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.42.369 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.9 - Rockstar Games)
Simcity version 10.1.0.0 (HKLM-x32\...\Simcity_is1) (Version: 10.1.0.0 - Mr DJ)
SMG Music Display version 2.23 (HKLM-x32\...\{931AA4E3-45FE-4182-B85D-A5AF229435B1}_is1) (Version: 2.23 - Streamsoft)
SPORE Collection (HKLM-x32\...\SPORE Collection_R.G. Mechanics_is1) (Version: - R.G. Mechanics, Panky)
Streamer Life Simulator (HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Streamer Life Simulator) (Version: - HOODLUM)
Streamlabs OBS 0.19.4 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.19.4 - General Workings, Inc.)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.10.5 - TeamViewer)
Thief Simulator (HKLM-x32\...\Thief Simulator_is1) (Version: - )
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
Universe (HKLM\...\Universe v3.0.2) (Version: - Red Giant LLC)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{C4BE7550-ECE1-417D-A787-01266DC1F5A6}) (Version: 1.22.0.0 - Microsoft Corporation) Hidden
VALORANT (HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
VEGAS Pro 16.0 (HKLM\...\{0A119E00-A098-11E8-A73C-00155D6302F2}) (Version: 16.0.248 - VEGAS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2021-09-26] (Adobe Systems Incorporated)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-26] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-09-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-09-26] (Microsoft Corporation) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.17.3004.0_x64__8wekyb3d8bbwe [2021-09-26] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-09-26] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.180.0_x64__dt26b99r8h8gj [2021-09-26] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-438706691-1456983326-2169936386-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-C94526CBE9FF} -> [Creative Cloud Files] => C:\Users\Petrk\Creative Cloud Files [2021-05-13 08:11]
CustomCLSID: HKU\S-1-5-21-438706691-1456983326-2169936386-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-438706691-1456983326-2169936386-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-05-13] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-05-13] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-05-13] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-05-13] (Adobe Inc. -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-06-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [Roll Back Shell Extention] -> {A51DA762-BDD7-11D5-973D-C0539E56E216} => C:\Program Files (x86)\Avira\Unerase\ciasvrue.dll [2006-07-26] () [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-08-27] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-06-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_799504293a3d3200\nvshext.dll [2021-08-06] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-05-13] (Adobe Inc. -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-08-27] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-06-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6-x32: [Roll Back Shell Extention] -> {A51DA762-BDD7-11D5-973D-C0539E56E216} => C:\Program Files (x86)\Avira\Unerase\ciasvrue.dll [2006-07-26] () [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [71680 2011-10-22] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.XVID] => C:\WINDOWS\system32\xvidvfw.dll [255488 2011-05-30] () [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2011-10-22] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [240640 2011-05-30] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Petrk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Gala Games Web Application.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mapmolmdehlbdldnpoaadfmhnmaidfld

==================== Loaded Modules (Whitelisted) =============

2021-07-01 16:02 - 2021-05-21 12:41 - 000078336 _____ (Softdeluxe) [File not signed] C:\Users\Petrk\AppData\Local\Softdeluxe\Free Download Manager\downloadsbatch.dll
2021-07-01 16:02 - 2021-05-21 12:42 - 003211776 _____ (Softdeluxe) [File not signed] C:\Users\Petrk\AppData\Local\Softdeluxe\Free Download Manager\downloadsbt.dll
2021-07-01 16:02 - 2021-05-21 12:42 - 000488448 _____ (Softdeluxe) [File not signed] C:\Users\Petrk\AppData\Local\Softdeluxe\Free Download Manager\downloadsms.dll
2021-07-01 16:02 - 2021-05-21 12:42 - 000273408 _____ (Softdeluxe) [File not signed] C:\Users\Petrk\AppData\Local\Softdeluxe\Free Download Manager\downloadswww.dll
2021-07-01 16:02 - 2021-05-21 12:38 - 000033792 _____ (Softdeluxe) [File not signed] C:\Users\Petrk\AppData\Local\Softdeluxe\Free Download Manager\logger.dll
2021-07-01 16:02 - 2021-05-21 12:41 - 000337920 _____ (Softdeluxe) [File not signed] C:\Users\Petrk\AppData\Local\Softdeluxe\Free Download Manager\vmsclshared.dll
2021-07-01 16:02 - 2021-05-21 12:39 - 000040960 _____ (Softdeluxe) [File not signed] C:\Users\Petrk\AppData\Local\Softdeluxe\Free Download Manager\winunivappfeatures.dll
2021-07-01 16:02 - 2020-05-27 22:16 - 002837504 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\Petrk\AppData\Local\Softdeluxe\Free Download Manager\libcrypto-1_1-x64.dll
2021-07-01 16:02 - 2020-05-27 22:16 - 000681472 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\Petrk\AppData\Local\Softdeluxe\Free Download Manager\libssl-1_1-x64.dll
2021-07-01 16:02 - 2021-05-21 12:42 - 005972464 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Users\Petrk\AppData\Local\Softdeluxe\Free Download Manager\Qt5Core.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\tracing:? [16]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [1748]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_301\bin\ssv.dll [2021-08-28] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_301\bin\jp2ssv.dll [2021-08-28] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\ssv.dll [2021-08-28] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\jp2ssv.dll [2021-08-28] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-03-24 21:21 - 2018-03-24 21:19 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2020-01-26 14:28 - 2020-01-30 11:57 - 000000506 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 DESKTOP-L4K2NGD.mshome.net # 2025 1 2 28 9 57 28 770
192.168.137.140 LGwebOSTV.mshome.net # 2020 2 4 6 9 57 28 748

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Petrk\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\thumb-1920-561044.jpg
HKU\S-1-5-21-438706691-1456983326-2169936386-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "zenvpn"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\StartupApproved\Run: => "Xvid"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\StartupApproved\Run: => "PlariumPlay"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\StartupApproved\Run: => "Free Download Manager"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\StartupApproved\Run: => "DiscordPTB"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\StartupApproved\Run: => "bt"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\StartupApproved\Run: => "com.blitz.app"
HKU\S-1-5-21-438706691-1456983326-2169936386-1002\...\StartupApproved\Run: => "OneDriveSetup"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8A6A076D-A2A1-4B69-9048-B7AE75B1E24A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D536D4F4-C544-4F8D-99DF-E1D43FC71C63}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D8FA5C4E-CDB0-41F9-9EBA-7508015BCCF2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{10FD5212-C6AD-4A2F-ABAF-1F74B0AEAA93}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4588DABA-EB6D-40A4-95B5-DCA7EEA146A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{1F742208-B528-45B5-B513-1E1D65DF006C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{3B5CB858-7CC6-4A7C-B964-503AD959A598}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{BC1C7687-7ADE-4345-93A6-19AACB16CF56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [UDP Query User{2E6FBD3A-2ABA-4AB6-91C4-B8289688C708}C:\program files\vegas\vegas pro 16.0\vegas160.exe] => (Allow) C:\program files\vegas\vegas pro 16.0\vegas160.exe (MAGIX Software GmbH -> MAGIX Computer Products Intl. Co.)
FirewallRules: [TCP Query User{B273010F-E12D-4DD0-92ED-C908AB3B7DCC}C:\program files\vegas\vegas pro 16.0\vegas160.exe] => (Allow) C:\program files\vegas\vegas pro 16.0\vegas160.exe (MAGIX Software GmbH -> MAGIX Computer Products Intl. Co.)
FirewallRules: [{A0E39E48-8C54-4564-9CDF-20F0B206240E}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{D9897B4F-D850-4587-AEDB-4424B8C2A6A8}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{EB1DD6ED-E297-46F1-817A-9648744419F8}] => (Allow) C:\program files\ben and ed blood party\baebloodparty\binaries\win32\baebloodparty-win32-debuggame.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{90D0409C-03B3-4887-BCD5-99CC66E7D0FD}] => (Allow) C:\program files\ben and ed blood party\baebloodparty\binaries\win32\baebloodparty-win32-debuggame.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{9FAD2578-87A8-4C18-8B3F-D94B489E96EE}C:\program files\ben and ed blood party\baebloodparty\binaries\win32\baebloodparty-win32-debuggame.exe] => (Allow) C:\program files\ben and ed blood party\baebloodparty\binaries\win32\baebloodparty-win32-debuggame.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{BC6F1186-9873-411A-BF74-D4DB44C5DFDC}C:\program files\ben and ed blood party\baebloodparty\binaries\win32\baebloodparty-win32-debuggame.exe] => (Allow) C:\program files\ben and ed blood party\baebloodparty\binaries\win32\baebloodparty-win32-debuggame.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{54C0CE6B-CF15-48FD-B37C-3637D7F67220}C:\users\petrk\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\users\petrk\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe
FirewallRules: [TCP Query User{4C040E9D-AFAC-4DCF-80F2-5F3B19F530E2}C:\users\petrk\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\users\petrk\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{AD143FA4-9835-4C2F-868C-80A0648C61FE}C:\program files\streamlabs obs\streamlabs obs.exe] => (Allow) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [TCP Query User{BBE96638-0642-44A3-9616-62B558F07D77}C:\program files\streamlabs obs\streamlabs obs.exe] => (Allow) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [UDP Query User{4A870036-A08E-4421-8717-42C08FCAF4CD}C:\users\petrk\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\petrk\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [TCP Query User{709F8A75-FF36-43CD-AA11-909A837B5789}C:\users\petrk\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\petrk\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [{67B9A843-6A4D-4CE1-B66C-8B2E103B9057}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C1DD31CE-28A0-41CA-B435-182E00EC13CD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0CE50159-DC27-42C9-B778-BB33B4C0053C}] => (Allow) C:\Program Files (x86)\Mr DJ\Simcity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.) [File not signed]
FirewallRules: [{CAB35116-6F6B-4F89-962D-ACE80A9AB44E}] => (Allow) C:\Program Files (x86)\Mr DJ\Simcity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.) [File not signed]
FirewallRules: [{3832726A-880D-45EE-A1F8-1AFDDAFD80F0}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{04152DE3-453A-41FA-8D47-E30C66E462B6}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{D4032119-E758-442C-B2E9-21341235C420}] => (Block) C:\riot games\pbe\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [{33194180-4082-4CBE-A815-146DAC97DF83}] => (Block) C:\riot games\pbe\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{9CF85E16-E6D8-453E-88D7-EEA5CAA038F0}C:\riot games\pbe\game\league of legends.exe] => (Allow) C:\riot games\pbe\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [TCP Query User{7680DE8F-C25C-47A2-8B89-BD3A8B485D06}C:\riot games\pbe\game\league of legends.exe] => (Allow) C:\riot games\pbe\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{249E1307-61BE-4018-9692-6481BD63755F}C:\users\petrk\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petrk\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{116E50DC-43CB-4658-9F08-CB4A972E8EC6}C:\users\petrk\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petrk\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{BD9428D6-52F5-4115-8BD4-CE543B68EEAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{EE05112D-F51D-420B-85A0-56A97EAA4CA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{9D2C2BA3-EFB8-4763-A7F0-75043B77B267}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5244BDF0-1E92-4669-B8DC-C4833E30E735}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A297D50C-C140-401C-9FF9-FB6EA7D68264}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{A3A186FE-47BE-4438-B848-6C73C64E9FFB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{70C04786-EC77-4E5E-B53F-6E2ED6ED63F3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{EF19584A-82A3-442E-9567-EA5A231DA016}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{15C61252-344D-4C16-A383-7470BB20DAE5}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{D9337BF7-C0AD-4E40-B9CC-EB6840DB6D86}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{E5EC1695-193E-4851-A243-FB8A9FDA085B}] => (Block) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{81C5B261-C0B5-4A8C-A15D-0B71AF5751EE}] => (Block) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{3ABE1E16-A536-4A03-8F3C-53B191CEECC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{2D10D19F-306A-4FEF-BE8F-C5F433F8B568}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [TCP Query User{DA02A034-F70B-438B-AA08-15D6200DDC7E}C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{849BDCD6-35EE-4763-88F8-7E57DDDC9B11}C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{16BC4C90-1AAF-4463-99E2-F320A988805E}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{E2364338-5CBD-4D57-A658-494F36D0A8AF}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{5DFB561A-4B64-4985-AE7C-6981192BDD81}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{62FDAE62-DB26-45C4-B9D2-B32974BD0F38}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{4BB1E6DB-F487-47A1-A82E-28229467DC1D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{F027606C-C517-4EDB-8287-F4D9AA1203D5}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{96527DB2-7627-48A6-A027-87575548E302}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{BE8814FC-20C8-45F8-97A5-E9D9783CFE3A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{8787A23F-DE81-4C66-99A6-CF25D6029F95}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{FB70548B-091F-41D5-9EFC-7471FCF204A6}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{A45C7C6C-6AD9-4690-B0B4-FCFB749E855D}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{7F1C60E4-5D79-49D6-9365-293BBFF784AB}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{38EDDF95-5BFC-4C8F-AC7E-A68932EA9532}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{A5A43F35-6E98-4313-9042-1FA082C1E7C2}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{5EFF46E7-1295-4CB4-8E0C-C68AD34E4842}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{569CE3A5-4654-4692-969B-15D4DDB5C7B5}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{EEC3D3FF-8C08-48E8-9DB5-439D6532420E}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{E416C0FE-1BB8-4924-882C-CB510EA2DA12}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{36D9A6C6-8931-46A8-BDDD-E8B8698C85D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hobo Tough Life\HoboRPG.exe () [File not signed]
FirewallRules: [{552839FF-7D9C-4FE9-B708-5D888AF04623}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hobo Tough Life\HoboRPG.exe () [File not signed]
FirewallRules: [{EA2CDD57-04E0-4FD2-952E-ABE3B27874CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{11481EAB-F595-4B85-AA83-4DCAC190615E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F711B876-7BF4-41E8-AECF-CD3ACED31EDC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F102E9EC-E2B2-46E5-A9D0-547360BA2C39}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{D5C31519-F810-487C-8BF3-4A3DE4CF3659}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{1F543120-0C34-45E6-AABC-732000DACB6A}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{3F0356DB-388D-4F7A-9044-9A093A522753}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{80EE797E-3B9F-4E24-B59F-EE1238C9F657}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{82EDD73F-25AB-4CBF-8973-DC5D8A113021}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Driver Booster for Steam\DriverBooster.exe (IObit CO., LTD -> IObit)
FirewallRules: [{6951F7FF-F450-4967-8BB1-DC3A91482E54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Driver Booster for Steam\DriverBooster.exe (IObit CO., LTD -> IObit)
FirewallRules: [{2F8B1AC3-7534-4C5B-8048-5948AB98DC93}] => (Allow) C:\Program Files\esportal-client\esportal-client.exe (Esportal AB -> Esportal AB)
FirewallRules: [{CD8D031A-3B94-4B92-9FB1-452417736920}] => (Allow) C:\Program Files\esportal-client\esportal-client.exe (Esportal AB -> Esportal AB)
FirewallRules: [{49BB5B34-0F5B-4960-A5E6-C66149AF4AAB}] => (Allow) C:\Program Files\esportal-client\esportal-client.exe (Esportal AB -> Esportal AB)
FirewallRules: [{BB47F15C-8E0A-4E29-B79E-8FE9B26234E1}] => (Allow) C:\Program Files\esportal-client\esportal-client.exe (Esportal AB -> Esportal AB)
FirewallRules: [TCP Query User{DDA22382-52D1-4ABC-B2C5-E38BD0A69B8F}C:\program files\epic games\gtav\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\program files\epic games\gtav\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{62B950C9-7E8B-485F-A69E-4415EB39D856}C:\program files\epic games\gtav\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\program files\epic games\gtav\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{E08F52F9-E85A-4C52-A05B-7A4D7C6AFB6E}C:\program files\epic games\gtav\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\program files\epic games\gtav\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{79E8384D-673B-4036-AEAD-47D2A7FA0475}C:\program files\epic games\gtav\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\program files\epic games\gtav\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{A67D2082-008F-42B9-B137-6E3A37152EF6}C:\users\petrk\downloads\phasmophobia.v0.29.6.2-0xdeadc0de\phasmophobia\phasmophobia.exe] => (Allow) C:\users\petrk\downloads\phasmophobia.v0.29.6.2-0xdeadc0de\phasmophobia\phasmophobia.exe () [File not signed]
FirewallRules: [UDP Query User{AA7FE62A-0ACD-4547-8A61-51D75867FC3E}C:\users\petrk\downloads\phasmophobia.v0.29.6.2-0xdeadc0de\phasmophobia\phasmophobia.exe] => (Allow) C:\users\petrk\downloads\phasmophobia.v0.29.6.2-0xdeadc0de\phasmophobia\phasmophobia.exe () [File not signed]
FirewallRules: [{8A5144EB-8FFF-4333-8941-3668F77413DE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C22F8AF0-B71A-43AB-BAAE-728945FE6045}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2B162142-31CE-4092-A9DA-CEEE789BD51D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{83A203E9-B9FD-414C-A847-DCF94C634366}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{43D0F671-F1F5-4D62-B4CA-C428887CCC95}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{0704CD5D-6D83-4F0F-9194-FFBDD6CB148B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{28CE21AC-2FD5-4869-B4B3-C54182F55291}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9EEDA235-22DD-456E-834A-3BF396B65B5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cookie Clicker\Cookie Clicker.exe (Orteil) [File not signed]
FirewallRules: [{774DFA99-F34E-4654-B052-E6129FF4A7BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cookie Clicker\Cookie Clicker.exe (Orteil) [File not signed]
FirewallRules: [{995CF0E5-F5B6-47C2-B406-F5F2B067AD2A}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{37176976-B56A-4C7A-838F-927DF330D37F}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{ACD0A27E-0AE9-4FDD-93A1-51708901F6CE}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{72D59E07-792D-470A-BE6F-8A235AAC6DB5}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D628E9CB-4C0B-45B1-8AB4-F384E5A5FA23}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6C8575C6-5DB5-41CC-85FE-51C6255C3925}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B6DE2533-19DB-49A8-8BCD-D6424DB21FBE}] => (Allow) C:\Program Files (x86)\Overwolf\0.178.0.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{0C1FA62A-E41B-4934-97A6-0199F18E0E98}] => (Allow) C:\Program Files (x86)\Overwolf\0.178.0.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{45D96E22-6811-47EC-8101-95C536AF31D5}] => (Allow) C:\Program Files (x86)\Overwolf\0.180.0.5\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{7E6F32BA-1BCC-4C53-85CB-E859461E70AB}] => (Allow) C:\Program Files (x86)\Overwolf\0.180.0.5\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{596BE9E4-C077-49E7-BB7B-C5F92E9181CF}] => (Block) C:\Program Files (x86)\Overwolf\0.178.0.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{2A7056B6-335B-4A70-B747-8BA562D3901E}] => (Block) C:\Program Files (x86)\Overwolf\0.178.0.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{415ACDC0-90D0-42A8-AD94-AD66171A3528}] => (Allow) C:\Program Files (x86)\Overwolf\0.180.0.5\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{A73A4886-558C-482B-842B-0A7B0EBED327}] => (Allow) C:\Program Files (x86)\Overwolf\0.180.0.5\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{D081AE70-8E2A-469B-889B-13B897A18154}] => (Block) C:\Program Files (x86)\Overwolf\0.180.0.5\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{F184E3A5-67CF-4FBF-B350-ADDC8DBC8017}] => (Block) C:\Program Files (x86)\Overwolf\0.180.0.5\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{D24CF11D-D05C-466C-B53D-B0159EFBD248}] => (Block) C:\Program Files (x86)\Overwolf\0.180.0.5\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{80F52781-A998-48CA-ACE1-E874E8019534}] => (Block) C:\Program Files (x86)\Overwolf\0.180.0.5\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{F29F114B-0932-4AB5-8C27-EB7E7444E4F6}] => (Allow) C:\Users\Petrk\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{A4DFB3C0-6A35-4870-AA54-9BA4123BB758}] => (Allow) C:\Users\Petrk\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{951A86A9-73FF-48E7-86ED-6DF644E7C9DC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{596BC8C6-39DC-4299-B8A8-5EC2CFB975E2}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{BEC37E7A-870F-4C62-8ED7-48999B404458}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6EFF9E4E-D3CD-41F5-A731-35907DB4E3D3}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\94.0.992.31\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

24-09-2021 17:34:32 Nainstalováno: Microsoft Visual C++ 2005 Redistributable
26-09-2021 11:08:24 Operace obnovení

==================== Faulty Device Manager Devices ============

Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (09/26/2021 01:39:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program unerase.exe verze 1.2.1.2 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 28d4

Čas spuštění: 01d7b2c5a66ac009

Čas ukončení: 3

Cesta k aplikaci: C:\Program Files (x86)\Avira\Unerase\unerase.exe

ID hlášení: 324228db-f265-41f7-b99a-2ba0c2b72fa4

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (09/26/2021 01:12:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 22.9.2021.2 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 3334

Čas spuštění: 01d7b2c643a61a76

Čas ukončení: 60000

Cesta k aplikaci: C:\Users\Petrk\Downloads\FRST64.exe

ID hlášení: b24cc20e-8b2b-47b6-bd5f-d8bbbe333666

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (09/26/2021 12:44:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program NVIDIA Share.exe verze 73.3683.1933.5 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2a80

Čas spuštění: 01d7b2c2ce0f4071

Čas ukončení: 10

Cesta k aplikaci: C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe

ID hlášení: ef0d6300-ba65-4f73-8c00-70b386afd229

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (09/26/2021 12:44:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program YourPhone.exe verze 1.21072.161.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1fd0

Čas spuštění: 01d7b2c220fe7e1f

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21072.161.0_x64__8wekyb3d8bbwe\YourPhone.exe

ID hlášení: 85f943eb-7f04-44c5-8bc1-4389c7c4fe34

Úplný název balíčku s chybou: Microsoft.YourPhone_1.21072.161.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Cross-thread

Error: (09/26/2021 12:38:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: vgtray.exe, verze: 1.8.2.16, časové razítko: 0x612d4c86
Název chybujícího modulu: vgtray.exe, verze: 1.8.2.16, časové razítko: 0x612d4c86
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000701c4
ID chybujícího procesu: 0x1820
Čas spuštění chybující aplikace: 0x01d7b2c22cc38801
Cesta k chybující aplikaci: C:\Program Files\Riot Vanguard\vgtray.exe
Cesta k chybujícímu modulu: C:\Program Files\Riot Vanguard\vgtray.exe
ID zprávy: a3796fe1-16e0-499b-9c5f-abc61453bf2a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/26/2021 12:31:34 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3640,R,98) SRUJet: Při otevírání souboru protokolu C:\WINDOWS\system32\SRU\SRU00030.log došlo k chybě -1811 (0xfffff8ed).

Error: (09/26/2021 11:29:16 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (09/26/2021 11:29:16 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]


System errors:
=============
Error: (09/26/2021 01:07:12 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: DESKTOP-L4K2NGD)
Description: 0x8000002a33\??\C:\FRST\s2Dd2En0Fe9K\SOFTWARE

Error: (09/26/2021 12:38:39 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime přestala během spouštění reagovat.

Error: (09/26/2021 12:38:31 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/26/2021 12:36:33 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.

Error: (09/26/2021 12:32:36 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server Windows.Internal.StateRepository.ApplicationExtension se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/26/2021 12:31:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba HuaweiHiSuiteService64.exe neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (09/26/2021 12:30:25 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (17:19:14, ‎24.‎09.‎2021) bylo neočekávané.

Error: (09/26/2021 11:29:15 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Avast Antivirus se po přijetí pokynu pro vypnutí neukončila správně.


CodeIntegrity:
===============
Date: 2021-09-26 13:09:00
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2021-09-26 13:08:40
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. F20 11/11/2016
Motherboard: Gigabyte Technology Co., Ltd. H110M-S2HP-CF
Processor: Intel(R) Core(TM) i5-7600 CPU @ 3.50GHz
Percentage of memory in use: 67%
Total physical RAM: 8144.44 MB
Available physical RAM: 2622.71 MB
Total Virtual: 17360.44 MB
Available Virtual: 10192.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.38 GB) (Free:156.35 GB) NTFS

\\?\Volume{46029b4d-50e3-4957-bc8f-c0b2a31dc2bc}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS
\\?\Volume{4b280e1e-daf8-44f3-842e-2a7f1ce8ec12}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{08ab3d1f-4e35-4487-85f6-dbaed34b5da3}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Zpomalený PC

Napsal: 26 zář 2021 16:40
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Zpomalený PC

Napsal: 26 zář 2021 17:51
od pitrisin
Zdravím, restart neproběhl, jen jsem tam měl nějaké nálezy, žádný repair tam taky nebyl. Díky

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-09-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-26-2021
# Duration: 00:00:41
# OS: Windows 10 Pro
# Cleaned: 4
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion

***** [ Files ] *****

Deleted C:\Users\Petrk\AppData\Local\Temp\WebCompanion.zip

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1737 octets] - [26/09/2021 18:35:57]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: Zpomalený PC

Napsal: 26 zář 2021 18:05
od Rudy
Nevadí, bylo smazáno. Dejte nové logy FRST+Addition.

Re: Zpomalený PC

Napsal: 27 zář 2021 08:17
od pitrisin
Zdravím, zasílám logy. Děkuji

Re: Zpomalený PC

Napsal: 27 zář 2021 08:17
od pitrisin
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-09-2021 02
Ran by Petrk (administrator) on DESKTOP-L4K2NGD (Gigabyte Technology Co., Ltd. H110M-S2HP) (27-09-2021 08:52:03)
Running from C:\Users\Petrk\Desktop
Loaded Profiles: Petrk
Platform: Windows 10 Pro Version 21H1 19043.1237 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\AvBugReport.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\AvBugReport.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.56.11001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.56.11001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_799504293a3d3200\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [124184 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3180256 2021-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [2748696 2021-09-20] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [455872 2020-06-22] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779448 2021-05-12] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-05-13] (Adobe Inc. -> )
HKLM-x32\...\Run: [zenvpn] => C:\Program Files (x86)\ZenVPN OpenVPN bundle\bin\zenvpn.exe [9643265 2021-07-05] () [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4282600 2021-09-17] (Valve -> Valve Corporation)
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Run: [Discord] => C:\Users\Petrk\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Run: [com.blitz.app] => C:\Users\Petrk\AppData\Local\Programs\Blitz\Blitz.exe [122577672 2021-09-24] (Swift Media Entertainment, Inc. -> Blitz, Inc.)
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] () [File not signed]
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35093120 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33251808 2021-08-01] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Run: [Free Download Manager] => C:\Users\Petrk\AppData\Local\Softdeluxe\Free Download Manager\fdm.exe [4938752 2021-05-21] (Softdeluxe) [File not signed]
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1806680 2021-09-09] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Run: [DiscordPTB] => C:\Users\Petrk\AppData\Local\DiscordPTB\Update.exe [1512096 2021-05-22] (Discord Inc. -> GitHub)
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Run: [bt] => C:\Users\Petrk\AppData\Roaming\BitTorrent\BitTorrent.exe [2279976 2021-09-23] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\MountPoints2: {0fb1a98e-aa18-11ea-92c6-1c1b0d6559d7} - "D:\Autorun.exe"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\MountPoints2: {c7a269ad-1abf-11ec-9403-1c1b0d6559d7} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\MountPoints2: {c7a269cb-1abf-11ec-9403-1c1b0d6559d7} - "E:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\xrhk1apps: C:\Windows\System32\spool\prtprocs\x64\xrhk1apps.dll [32768 2011-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Xerox)
HKLM\...\Print\Monitors\Xerox WorkCentre 6015B Language Monitor: C:\WINDOWS\system32\xrhk1alm.dll [23040 2011-03-31] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\94.0.4606.61\Installer\chrmstp.exe [2021-09-24] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2021-09-12]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {099FE9D5-AA48-460D-B938-38E5D539AD4E} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {111CFCB1-9D9E-4CF6-85B4-12AF9206F1C3} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [6098200 2021-07-30] (Avast Software s.r.o. -> Avast Software)
Task: {13138879-A237-4824-B2A2-8EF422B901F9} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [6386968 2021-09-16] (Avast Software s.r.o. -> Avast Software)
Task: {1CFD1876-3CA0-4649-99C9-432C6FC45382} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1D3A4A5E-8C0F-4073-8E66-DC252D6E5085} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {27E08082-B518-49CC-A938-04065D06BEEC} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {2B867CD6-8116-4F23-B03B-06DCCAAEFB8F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2021-09-13] (Adobe Inc. -> Adobe)
Task: {311E82C5-E1AF-4D2A-A037-FBF3DF7AA562} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {39E75219-DD57-4AC8-BFDF-FCD212B7F62F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {50AB32BC-E1FE-4460-BC88-0F61986923C6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-30] (Google Inc -> Google LLC)
Task: {51528F70-28B5-4088-933C-A4AF35D8AB10} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {51528F70-28B5-4088-933C-A4AF35D8AB10} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Adobe Flash Player NPAPI Notifier" /ENABLE
Task: {51528F70-28B5-4088-933C-A4AF35D8AB10} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\Adobe Flash Player Updater" /ENABLE
Task: {51528F70-28B5-4088-933C-A4AF35D8AB10} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {51528F70-28B5-4088-933C-A4AF35D8AB10} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {51528F70-28B5-4088-933C-A4AF35D8AB10} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\CCleanerSkipUAC - Petrk" /ENABLE
Task: {51528F70-28B5-4088-933C-A4AF35D8AB10} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {51528F70-28B5-4088-933C-A4AF35D8AB10} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {51528F70-28B5-4088-933C-A4AF35D8AB10} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\Intel PTT EK Recertification" /ENABLE
Task: {51528F70-28B5-4088-933C-A4AF35D8AB10} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {51528F70-28B5-4088-933C-A4AF35D8AB10} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {51528F70-28B5-4088-933C-A4AF35D8AB10} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {51528F70-28B5-4088-933C-A4AF35D8AB10} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {51528F70-28B5-4088-933C-A4AF35D8AB10} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {51528F70-28B5-4088-933C-A4AF35D8AB10} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {51528F70-28B5-4088-933C-A4AF35D8AB10} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-438706691-1456983326-2169936386-1001" /ENABLE
Task: {51528F70-28B5-4088-933C-A4AF35D8AB10} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\Overwolf Updater Task" /ENABLE
Task: {51528F70-28B5-4088-933C-A4AF35D8AB10} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {55C0234E-7DB1-4556-85DC-CD3B2EF6C8AD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7053744 2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {60C174D7-9E39-4C2B-8567-03DE0FB4292F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-09-10] (Piriform Software Ltd -> Piriform)
Task: {610D731F-11AE-43DF-B89F-66374B12E20B} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {66BD5410-53B2-47B2-8B5C-D2EAFCAA3007} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6B3FC76C-3892-4FDE-BDC5-7DDBEA8B7E98} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7053744 2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {839C6E0F-BABE-4E9E-9923-EA442965A4AC} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4917528 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
Task: {8D662F95-2D6B-4579-91B1-4B90D27E8A4D} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {9D2643F1-7861-4BEA-93DD-DBBFB62F7B59} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9D38966F-945D-4B7C-A41E-7FD799B03E1C} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1192216 2021-09-12] (Avast Software s.r.o. -> AVAST Software)
Task: {A134A5CD-8C88-48CD-88DD-B9D59DD87D75} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4755224 2021-09-20] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid e1a85234-9cc0-4eba-9522-3fc33422dd4c
Task: {A2779BEF-A7CA-4079-A459-DBE053B5A7E5} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {AB5DAAB9-5783-40F7-B533-7A328499A942} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AE74F09B-2930-44F1-9F4B-E0C45723A689} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-30] (Google Inc -> Google LLC)
Task: {AEE8D209-AFB0-4109-BAAD-88592F4287C5} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B52F21C7-7C64-46D5-9EE9-09503C7B9FD7} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B6EACE23-2DE4-40DA-B47A-36EDFAD8E41C} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2021-09-13] (Adobe Inc. -> Adobe)
Task: {BB8EA675-CD49-4378-824D-341B14A9DC37} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C288A388-238C-4654-B5AE-4ED149079CE6} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D646E343-7EA8-4A56-89D7-15A2EBDDC6D3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {DD1C29FB-EC12-48DF-B7CF-248861ADCEF3} - System32\Tasks\CCleanerSkipUAC - Petrk => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DF214B9C-AADA-4932-9DCE-00E8F12D52F2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {E1F66D5C-C545-4127-938D-EFB7F08ECBF1} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2483032 2021-09-09] (Overwolf Ltd -> Overwolf LTD)
Task: {E231EF3E-520A-4ABB-8900-2BDE752C4C4C} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4760344 2021-09-12] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid e43a3ecd-1cc8-448e-9e61-c30cd7c04183
Task: {E3CE8369-8381-4F2C-B2A0-3666D35CEB0C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139128 2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {EBF3A2C0-3932-4BB1-86ED-774BEDFA0E61} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F46A6BDC-0008-43C8-8660-74A30080E145} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {FDBC6147-79B9-4BFC-B4F5-A2FD118E26E0} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {FE53D70D-1893-4D83-BFD7-63F0E71E49AA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139128 2021-08-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{00ab76ad-373b-496c-9cf0-4588e453c289}: [DhcpNameServer] 10.8.0.1
Tcpip\..\Interfaces\{30135f4c-b012-40a3-8782-afaf0ab8d8cf}: [NameServer] 100.122.0.0
Tcpip\..\Interfaces\{34f189e7-70f0-4e10-ab08-7451bde8fc04}: [NameServer] 100.120.41.1
Tcpip\..\Interfaces\{bdfa07f8-f4f9-4a26-a3ed-28bb44b9ca41}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{bdfa07f8-f4f9-4a26-a3ed-28bb44b9ca41}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{caf344f0-9ad7-4230-b0ab-cf7003985567}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Petrk\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-27]
Edge Extension: (IDM Integration Module) - C:\Users\Petrk\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-03-11]
Edge HKU\S-1-5-21-438706691-1456983326-2169936386-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2020-10-30]

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2021-09-13] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-08-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-08-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-05-12] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2021-09-13] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-08-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-08-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-09-09] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-05-12] (Adobe Inc. -> Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default [2021-09-27]
CHR Notifications: Default -> hxxps://bets.net; hxxps://csgo.fastcup.net; hxxps://csgo500.com; hxxps://csgoatse.com; hxxps://esportal.com; hxxps://kfc.cz; hxxps://www.tradingview.com; hxxps://www1.bethanyharrell.pro; hxxps://www1.ramirocampos.pro; hxxps://www2a.delmarmora.pro
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://www.google.co ... oogle.com/"
CHR DefaultSearchURL: Default -> hxxps://app.gala.games/favicon.ico
CHR Extension: (Prezentace) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-30]
CHR Extension: (Free Download Manager) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2021-08-08]
CHR Extension: (The FFZ Add-On Pack) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimboljphncldaakcnapfolgnjonlea [2021-05-26]
CHR Extension: (BetterTTV) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2021-09-23]
CHR Extension: (7TV) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammjkodgmmoknidbanneddgankgfejfh [2021-09-22]
CHR Extension: (Dokumenty) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-30]
CHR Extension: (Disk Google) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-09-30]
CHR Extension: (Steam Inventory Helper) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2021-06-11]
CHR Extension: (Black green shards) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\cojkleigdijnbfecdhjigpgalhfhkdee [2019-09-30]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2021-09-17]
CHR Extension: (FrankerFaceZ) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2019-09-30]
CHR Extension: (Tabulky) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-09-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-23]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-09-18]
CHR Extension: (Gala Games Web Application) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\mapmolmdehlbdldnpoaadfmhnmaidfld [2021-03-29]
CHR Extension: (FACEIT Enhancer) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\mokknliiomknodkdmpcellamkopbdmao [2021-09-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Esportal Enhancer) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\olmfkdaefegfpkolccopfmohncemakcj [2020-10-10]
CHR Extension: (Gmail) - C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Profile: C:\Users\Petrk\AppData\Local\Google\Chrome\User Data\System Profile [2021-05-20]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2021-09-13] (Adobe Inc. -> Adobe)
S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842424 2021-05-12] (Adobe Inc. -> Adobe Inc.)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3779840 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3547904 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8303184 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [630040 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1633048 2021-09-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [377624 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-05-06] (BattlEye Innovations e.K. -> )
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [15049496 2021-09-20] (Avast Software s.r.o. -> AVAST Software)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9166736 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2021-07-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [595888 2021-08-05] (EasyAntiCheat Oy -> Epic Games, Inc.)
S4 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7497336 2021-08-27] (Malwarebytes Inc -> Malwarebytes)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2556048 2021-07-15] (Electronic Arts, Inc. -> Electronic Arts)
S4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3474584 2021-07-15] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2483032 2021-09-09] (Overwolf Ltd -> Overwolf LTD)
S4 postgresql-x64-9.5; C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe [94208 2016-08-09] (PostgreSQL Global Development Group) [File not signed]
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1848624 2021-07-29] (Rockstar Games, Inc. -> Rockstar Games)
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [8807704 2021-09-12] (Avast Software s.r.o. -> AVAST Software)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13103632 2020-09-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10202040 2021-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_799504293a3d3200\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_799504293a3d3200\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 acdrv; C:\WINDOWS\system32\drivers\acdrv.sys [4670856 2020-04-25] (OnMoon Company LLC -> )
S3 ACE-BASE; C:\WINDOWS\system32\drivers\ACE-BASE.sys [1732736 2021-09-12] (Tencent Technology(Shenzhen) Company Limited -> ANTICHEATEXPERT.COM)
S3 ACE-GAME; C:\WINDOWS\system32\drivers\ACE-GAME.sys [752768 2021-09-12] (Tencent Technology(Shenzhen) Company Limited -> ANTICHEATEXPERT.COM)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [221584 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [367632 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250384 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99344 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17344 2021-08-11] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41344 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [184120 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [538464 2021-09-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107840 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82904 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851704 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [553496 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215384 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2021-09-12] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [328568 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [56960 2021-09-12] (Avast Software s.r.o. -> Avast Software)
R3 aswWintun; C:\WINDOWS\System32\drivers\aswWintun.sys [37104 2021-09-12] (Avast Software s.r.o. -> WireGuard LLC)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 EspoDriver; C:\WINDOWS\system32\drivers\EspoDriver.sys [6146048 2021-09-15] (Esportal AB -> )
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-09-30] (Martin Malik - REALiX -> REALiX(tm))
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-08-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-08-27] (Malwarebytes Inc -> Malwarebytes)
S3 MpKslc794175d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5B7C841C-3E56-4E4D-9541-5BC198A31780}\MpKslDrv.sys [107752 2021-07-31] (Microsoft Windows -> Microsoft Corporation)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2014-11-05] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tesrsdt; C:\WINDOWS\system32\drivers\tesrsdt.sys [442128 2019-10-07] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 TesSafe; C:\WINDOWS\system32\TesSafe.sys [555064 2019-10-14] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8234240 2021-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-27 08:26 - 2021-09-27 08:26 - 000000000 _____ C:\WINDOWS\WMSysPp1020
2021-09-26 19:17 - 2021-09-26 19:24 - 000066110 _____ C:\Users\Petrk\Downloads\Addition.txt
2021-09-26 19:10 - 2021-09-26 19:24 - 000066003 _____ C:\Users\Petrk\Downloads\FRST.txt
2021-09-26 18:33 - 2021-09-26 18:34 - 008553680 _____ (Malwarebytes) C:\Users\Petrk\Downloads\AdwCleaner.exe
2021-09-26 14:56 - 2021-09-26 11:02 - 000008318 _____ C:\Users\Petrk\Desktop\GSS_Stats_76561197960267366.sav
2021-09-26 14:43 - 2021-09-26 10:59 - 001014300 _____ C:\Users\Petrk\Desktop\AutoSave.sav
2021-09-26 14:39 - 2021-09-26 14:39 - 000000000 ____D C:\Users\Petrk\Downloads\Yeni WinRAR ZIP archive
2021-09-26 13:07 - 2021-09-22 22:33 - 002304512 _____ (Farbar) C:\Users\Petrk\Desktop\FRST64.exe
2021-09-26 12:59 - 2021-09-26 12:59 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira Unerase Personal
2021-09-26 12:53 - 2021-09-26 12:53 - 000002076 _____ C:\Users\Public\Desktop\Avast Premium Security.lnk
2021-09-26 12:46 - 2021-09-07 12:35 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-09-26 12:30 - 2021-09-26 12:31 - 000303960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-09-26 11:25 - 2021-09-26 11:25 - 000000000 ____D C:\Program Files (x86)\Avira
2021-09-24 13:18 - 2021-09-24 13:18 - 000000000 ____D C:\Users\Petrk\Downloads\AGFY-GAS STATION SIM
2021-09-23 21:39 - 2021-09-24 00:16 - 000000000 ____D C:\Users\Petrk\Downloads\Gas Station Simulator
2021-09-23 21:35 - 2021-09-23 21:35 - 003567649 _____ C:\Users\Petrk\Downloads\Gas.Station.Simulator.v1.0.1.37785.torrent
2021-09-23 20:37 - 2021-09-23 20:37 - 000000000 ____D C:\Users\Public\Documents\Steam
2021-09-23 20:37 - 2021-09-23 20:37 - 000000000 ____D C:\Users\Petrk\AppData\Local\GSS2
2021-09-23 19:18 - 2021-09-23 20:17 - 000000000 ____D C:\Users\Petrk\Downloads\Gas Station Simulator 1
2021-09-23 19:15 - 2021-09-23 19:15 - 003568389 _____ C:\Users\Petrk\Downloads\Gas.Station.Simulator.v1.0.1.37829.torrent
2021-09-23 19:13 - 2021-09-24 00:18 - 000000000 ____D C:\Users\Petrk\AppData\Local\BitTorrentHelper
2021-09-23 19:12 - 2021-09-24 09:38 - 000001103 _____ C:\Users\Petrk\Desktop\BitTorrent.lnk
2021-09-23 19:12 - 2021-09-24 00:19 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\BitTorrent
2021-09-23 19:11 - 2021-09-23 19:11 - 000000000 ____D C:\Users\Petrk\AppData\Local\Adaware
2021-09-23 19:10 - 2021-09-23 19:11 - 004932568 _____ (BitTorrent Inc.) C:\Users\Petrk\Downloads\BitTorrent.exe
2021-09-22 22:33 - 2021-09-22 22:33 - 002304512 _____ (Farbar) C:\Users\Petrk\Downloads\FRST64.exe
2021-09-22 19:12 - 2021-09-22 19:12 - 000330494 _____ C:\Users\Petrk\Downloads\Yeni WinRAR ZIP archive.zip
2021-09-19 11:58 - 2021-09-20 09:49 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\EasyAntiCheat
2021-09-17 00:47 - 2021-09-17 00:47 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-17 00:47 - 2021-09-17 00:47 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-09-17 00:47 - 2021-09-17 00:47 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-09-17 00:47 - 2021-09-17 00:47 - 000170496 _____ C:\WINDOWS\system32\DeviceUpdateCenterCsp.dll
2021-09-17 00:46 - 2021-09-17 00:46 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-17 00:46 - 2021-09-17 00:46 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-17 00:46 - 2021-09-17 00:46 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-09-17 00:46 - 2021-09-17 00:46 - 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-17 00:45 - 2021-09-17 00:45 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-17 00:45 - 2021-09-17 00:45 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-17 00:45 - 2021-09-17 00:45 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-17 00:45 - 2021-09-17 00:45 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-17 00:45 - 2021-09-17 00:45 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-17 00:44 - 2021-09-17 00:44 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-17 00:44 - 2021-09-17 00:44 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-17 00:44 - 2021-09-17 00:44 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-17 00:44 - 2021-09-17 00:44 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-17 00:44 - 2021-09-17 00:44 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-09-17 00:43 - 2021-09-17 00:43 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-17 00:43 - 2021-09-17 00:43 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-17 00:43 - 2021-09-17 00:43 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-16 23:52 - 2021-09-16 23:52 - 000000000 ___HD C:\$WinREAgent
2021-09-16 19:10 - 2021-09-16 19:10 - 1860610614 _____ C:\Users\Petrk\Downloads\AGFY-GAS STATION SIM.rar
2021-09-15 22:45 - 2021-09-26 12:23 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\discordptb
2021-09-15 22:44 - 2021-09-26 11:39 - 000000000 ____D C:\Users\Petrk\AppData\Local\DiscordPTB
2021-09-15 22:34 - 2021-09-15 22:36 - 000000000 ____D C:\Users\Petrk\AppData\Local\Discord
2021-09-15 01:50 - 2021-09-15 01:50 - 000000000 ____D C:\Users\Petrk\Downloads\ACLib
2021-09-14 21:12 - 2021-09-14 21:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TopCD
2021-09-14 21:10 - 2021-09-14 21:12 - 000000000 ____D C:\Program Files\Kobra 11 Nitro
2021-09-14 01:59 - 2021-09-20 09:49 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\dvdcss
2021-09-13 08:45 - 2021-09-16 17:05 - 000000000 ____D C:\Users\Petrk\Desktop\GAMES
2021-09-13 08:39 - 2021-09-27 08:29 - 000003774 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2021-09-13 08:39 - 2021-09-27 08:29 - 000003488 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2021-09-13 08:39 - 2021-09-13 08:39 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2021-09-13 08:39 - 2021-09-13 08:39 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2021-09-13 08:39 - 2021-09-13 08:39 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-09-12 16:28 - 2021-09-12 16:28 - 000000000 ____D C:\WINDOWS\Panther
2021-09-12 15:07 - 2021-09-26 12:23 - 000000000 ____D C:\WINDOWS\system32\gf2engine
2021-09-12 15:07 - 2021-09-12 15:07 - 000002125 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Cleanup Premium.lnk
2021-09-12 14:34 - 2021-09-26 12:53 - 000002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2021-09-12 14:29 - 2021-09-12 14:29 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2021-09-12 14:29 - 2021-09-12 14:29 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2021-09-12 14:29 - 2021-09-12 14:28 - 000538464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-09-12 14:28 - 2021-09-16 16:40 - 000000000 ____D C:\Program Files (x86)\Avast Software
2021-09-12 14:27 - 2021-09-27 08:29 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2021-09-12 14:27 - 2021-09-16 18:52 - 000036120 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2021-09-12 14:27 - 2021-09-12 14:27 - 000056960 _____ (Avast Software) C:\WINDOWS\system32\Drivers\aswVpnRdr.sys
2021-09-12 14:27 - 2021-09-12 14:27 - 000053904 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\aswTap.sys
2021-09-12 14:27 - 2021-09-12 14:27 - 000037104 _____ (WireGuard LLC) C:\WINDOWS\system32\Drivers\aswWintun.sys
2021-09-12 14:27 - 2021-09-12 14:27 - 000002149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SecureLine VPN.lnk
2021-09-10 22:22 - 2021-09-10 22:22 - 000000013 _____ C:\Users\Petrk\Desktop\valorant SENSI..txt
2021-09-08 22:20 - 2021-09-08 22:20 - 000000072 _____ C:\WINDOWS\system32\AdsInfoCls
2021-09-08 19:01 - 2021-09-08 19:01 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\GMEGLOBAL
2021-09-08 16:33 - 2021-09-16 16:38 - 000000000 ____D C:\Program Files\AntiCheatExpert
2021-09-08 16:33 - 2021-09-12 17:33 - 001732736 _____ (ANTICHEATEXPERT.COM) C:\WINDOWS\system32\Drivers\ACE-BASE.sys
2021-09-08 16:33 - 2021-09-12 17:33 - 000752768 _____ (ANTICHEATEXPERT.COM) C:\WINDOWS\system32\Drivers\ACE-GAME.sys
2021-09-08 16:32 - 2021-09-12 17:54 - 000000000 ____D C:\ProgramData\AntiCheatExpert
2021-09-08 16:18 - 2021-09-08 16:42 - 000000000 ____D C:\Users\Petrk\AppData\Local\Tiger
2021-09-07 12:36 - 2021-09-07 12:35 - 000215384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-09-05 09:01 - 2021-09-10 17:50 - 000000000 ____D C:\Users\Petrk\AppData\LocalLow\IGDump
2021-09-02 18:27 - 2021-09-15 21:39 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\cookie-electron
2021-09-02 17:50 - 2021-09-02 17:50 - 000000223 _____ C:\Users\Petrk\Desktop\Cookie Clicker.url

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-27 08:57 - 2021-05-20 14:23 - 000041277 _____ C:\Users\Petrk\Desktop\FRST.txt
2021-09-27 08:57 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-27 08:54 - 2021-05-20 14:11 - 000000000 ____D C:\FRST
2021-09-27 08:52 - 2020-04-06 02:04 - 000000000 ____D C:\Program Files\CCleaner
2021-09-27 08:46 - 2020-11-05 20:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-09-27 08:46 - 2019-09-30 17:57 - 000000000 ____D C:\Program Files (x86)\Steam
2021-09-27 08:45 - 2020-11-05 21:16 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-09-27 08:39 - 2019-09-30 19:53 - 000000000 ____D C:\ProgramData\NVIDIA
2021-09-27 08:32 - 2019-09-30 16:21 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-27 08:29 - 2021-08-19 09:55 - 000002252 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Petrk
2021-09-27 08:29 - 2021-07-16 01:04 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-09-27 08:29 - 2021-07-16 01:04 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-27 08:29 - 2021-07-13 22:38 - 000003244 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2021-09-27 08:29 - 2020-11-06 08:41 - 000003220 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2021-09-27 08:29 - 2020-11-05 21:16 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-09-27 08:29 - 2020-11-05 21:16 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-27 08:29 - 2020-11-05 21:16 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-27 08:29 - 2020-11-05 21:16 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-27 08:29 - 2020-11-05 21:16 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-09-27 08:29 - 2020-11-05 21:16 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-27 08:29 - 2020-11-05 21:16 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-27 08:29 - 2020-11-05 21:16 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-438706691-1456983326-2169936386-1001
2021-09-27 08:29 - 2020-11-05 21:16 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-27 08:29 - 2020-11-05 21:16 - 000002236 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-09-27 08:28 - 2020-04-10 21:12 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2021-09-27 08:27 - 2020-11-05 21:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-09-27 08:27 - 2020-11-05 20:40 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-26 22:31 - 2020-11-05 21:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-09-26 22:28 - 2019-09-30 18:20 - 000000000 ____D C:\ProgramData\Riot Games
2021-09-26 22:07 - 2019-10-02 19:44 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\Blitz
2021-09-26 22:06 - 2021-05-18 13:32 - 000000032 _____ C:\Users\Petrk\AppData\Roaming\.machineId
2021-09-26 21:56 - 2019-10-01 17:02 - 000000000 ____D C:\ProgramData\AVAST Software
2021-09-26 21:52 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-09-26 14:38 - 2019-10-04 23:05 - 000000000 ____D C:\Users\Petrk\AppData\Local\CrashDumps
2021-09-26 14:18 - 2020-11-05 20:47 - 000002377 _____ C:\Users\Petrk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-26 13:50 - 2021-05-20 14:26 - 000066394 _____ C:\Users\Petrk\Desktop\Addition.txt
2021-09-26 13:18 - 2020-12-24 00:33 - 000000000 ____D C:\Users\postgres
2021-09-26 13:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-09-26 13:17 - 2020-06-06 13:28 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-26 13:17 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-26 12:46 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-09-26 12:33 - 2020-11-05 20:47 - 000000000 ____D C:\Users\Petrk
2021-09-26 12:23 - 2021-08-17 21:10 - 000000000 ____D C:\Program Files\Riot Vanguard
2021-09-26 12:23 - 2021-07-05 21:53 - 000000000 ____D C:\Program Files\TAP-Windows
2021-09-26 12:23 - 2021-04-01 17:32 - 000000000 ____D C:\Users\Petrk\AppData\Local\LostRelics
2021-09-26 12:23 - 2021-01-19 22:00 - 000000000 ____D C:\Users\Petrk\Desktop\zbytek
2021-09-26 12:23 - 2020-11-07 15:45 - 000000000 ___HD C:\GrandeDevice
2021-09-26 12:23 - 2020-06-17 12:55 - 000000000 ____D C:\Program Files (x86)\LEGO MARVEL Super Heroes
2021-09-26 12:23 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-09-26 11:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\registration
2021-09-25 17:54 - 2019-09-30 20:09 - 000000000 ____D C:\Users\Petrk\AppData\Local\D3DSCache
2021-09-24 10:41 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-09-24 10:08 - 2019-09-30 16:26 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-09-24 10:08 - 2019-09-30 16:26 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-09-24 09:38 - 2021-03-10 21:34 - 000002460 _____ C:\Users\Petrk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mavis Hub.lnk
2021-09-24 09:38 - 2020-04-08 02:49 - 000002404 _____ C:\Users\Petrk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blitz.lnk
2021-09-22 18:46 - 2021-07-13 22:37 - 000000000 ____D C:\Program Files (x86)\Overwolf
2021-09-20 09:49 - 2019-10-01 19:45 - 000000000 ____D C:\Users\Petrk\AppData\Local\SquirrelTemp
2021-09-17 22:18 - 2019-10-01 19:45 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\Discord
2021-09-17 15:27 - 2020-10-06 18:48 - 000000000 ____D C:\Program Files\esportal-client
2021-09-17 09:07 - 2020-11-05 21:00 - 002635886 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-09-17 09:07 - 2020-10-29 09:37 - 000783992 _____ C:\WINDOWS\system32\perfh019.dat
2021-09-17 09:07 - 2020-10-29 09:37 - 000158144 _____ C:\WINDOWS\system32\perfc019.dat
2021-09-17 09:07 - 2019-12-07 16:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2021-09-17 09:07 - 2019-12-07 16:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2021-09-17 08:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-09-17 08:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-09-17 08:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-09-17 08:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-09-17 08:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-09-17 08:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-09-17 08:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-09-17 08:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-09-17 08:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-09-17 08:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-09-17 08:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-09-17 08:55 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-09-17 08:55 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-09-17 08:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-09-17 08:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-09-17 08:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-09-17 08:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-09-17 08:42 - 2019-12-07 16:35 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\TS3Client
2021-09-17 08:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-09-17 00:58 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-09-16 16:43 - 2021-07-13 22:34 - 000000000 ____D C:\Users\Petrk\AppData\Local\Overwolf
2021-09-16 16:41 - 2019-12-26 15:54 - 000000000 ____D C:\Program Files (x86)\GameforgeClient
2021-09-16 16:38 - 2019-10-17 16:12 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-09-16 16:22 - 2021-07-05 21:22 - 000000000 ____D C:\Program Files (x86)\Proton Technologies
2021-09-16 16:08 - 2021-04-11 17:38 - 000000000 ____D C:\Users\Petrk\Desktop\textove soubory
2021-09-16 03:02 - 2019-09-30 22:17 - 000000000 ____D C:\Users\Petrk\AppData\Local\ElevatedDiagnostics
2021-09-15 22:45 - 2019-10-01 19:45 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-09-15 15:59 - 2021-05-16 08:54 - 006146048 ____S C:\WINDOWS\system32\Drivers\EspoDriver.sys
2021-09-15 09:10 - 2019-09-30 16:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-15 08:46 - 2019-09-30 16:14 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-14 17:08 - 2020-05-16 14:32 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-09-14 02:29 - 2019-12-23 18:37 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\vlc
2021-09-14 01:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-09-13 08:47 - 2021-01-28 17:54 - 000000000 ____D C:\Users\Petrk\Desktop\obrazky
2021-09-13 08:42 - 2019-12-07 16:35 - 000000970 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2021-09-13 08:40 - 2019-10-01 16:23 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-09-13 08:40 - 2019-10-01 16:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-09-13 08:40 - 2019-10-01 16:23 - 000000000 ____D C:\Program Files\WinRAR
2021-09-13 08:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-09-12 21:56 - 2020-10-12 20:47 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-09-12 18:24 - 2020-11-05 21:16 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-12 18:24 - 2020-11-05 21:16 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-12 18:24 - 2020-11-05 21:16 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-12 18:24 - 2020-11-05 21:16 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-09-12 17:57 - 2020-11-30 09:06 - 000003378 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b3a5a8889aed
2021-09-12 17:57 - 2020-11-05 21:16 - 000003572 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-09-12 17:57 - 2020-11-05 21:16 - 000003348 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-09-12 16:15 - 2021-05-12 19:38 - 000002672 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-09-12 16:12 - 2020-01-23 23:47 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\TeamViewer
2021-09-12 16:12 - 2019-12-23 22:35 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\Sony
2021-09-12 16:12 - 2019-10-04 19:06 - 000000000 ____D C:\Users\Petrk\Documents\Euro Truck Simulator 2
2021-09-12 16:11 - 2021-07-24 23:29 - 000000000 ____D C:\Users\Petrk\Desktop\FiveM
2021-09-12 16:11 - 2020-02-29 17:03 - 000000000 ____D C:\Users\Petrk\Desktop\Adobe Illustrator CC 2019
2021-09-12 16:11 - 2019-10-20 09:31 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2021-09-12 15:52 - 2021-05-12 19:37 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-09-12 15:27 - 2019-10-01 21:11 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\AVAST Software
2021-09-12 15:27 - 2019-10-01 17:04 - 000000000 ____D C:\Program Files\AVAST Software
2021-09-12 14:42 - 2021-07-05 21:53 - 000000000 ____D C:\ProgramData\ZenVPN
2021-09-12 14:42 - 2021-07-05 21:53 - 000000000 ____D C:\Program Files (x86)\ZenVPN OpenVPN bundle
2021-09-12 14:27 - 2019-10-01 17:29 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2021-09-12 08:57 - 2021-05-03 15:46 - 000000000 ____D C:\WINDOWS\Minidump
2021-09-09 17:05 - 2021-04-11 17:37 - 000000000 ____D C:\Users\Petrk\Desktop\Filmy
2021-09-08 16:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\tracing
2021-09-08 16:36 - 2019-09-30 20:09 - 000000000 ____D C:\ProgramData\Package Cache
2021-09-07 12:36 - 2019-10-01 17:29 - 000328568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-09-07 12:35 - 2020-10-22 18:47 - 000184120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-09-07 12:35 - 2019-10-01 17:29 - 000851704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-09-07 12:35 - 2019-10-01 17:29 - 000553496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-09-07 12:35 - 2019-10-01 17:29 - 000367632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-09-07 12:35 - 2019-10-01 17:29 - 000250384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-09-07 12:35 - 2019-10-01 17:29 - 000221584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-09-07 12:35 - 2019-10-01 17:29 - 000107840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-09-07 12:35 - 2019-10-01 17:29 - 000099344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-09-07 12:35 - 2019-10-01 17:29 - 000082904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-09-07 12:35 - 2019-10-01 17:29 - 000041344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-09-04 19:05 - 2019-12-28 19:29 - 000000000 ____D C:\Users\Petrk\AppData\Roaming\obs-studio
2021-09-04 12:18 - 2020-09-21 00:00 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-31 09:10 - 2021-01-15 23:20 - 000000000 ____D C:\Program Files\Microsoft Office
2021-08-28 10:21 - 2020-06-14 09:30 - 000000000 ____D C:\Program Files\Java
2021-08-28 10:21 - 2020-04-19 22:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-08-28 10:20 - 2020-04-19 22:45 - 000000000 ____D C:\Program Files (x86)\Java
2021-08-28 10:15 - 2020-06-14 09:30 - 000191832 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2021-08-28 10:14 - 2020-04-19 22:45 - 000164696 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

==================== Files in the root of some directories ========

2021-05-18 13:32 - 2021-09-26 22:06 - 000000032 _____ () C:\Users\Petrk\AppData\Roaming\.machineId
2021-06-26 12:02 - 2021-07-02 16:07 - 095884942 _____ () C:\Users\Petrk\AppData\Roaming\gta5_patch.bin
2020-12-07 19:48 - 2020-12-07 20:20 - 000000099 _____ () C:\Users\Petrk\AppData\Roaming\LauncherSettings_live.cfg
2021-06-26 12:02 - 2021-06-26 12:02 - 000332800 _____ () C:\Users\Petrk\AppData\Roaming\patcher.dll
2020-12-07 19:51 - 2020-12-07 19:51 - 000002577 _____ () C:\Users\Petrk\AppData\Roaming\TheHunterSettings_live.bin
2020-12-07 19:54 - 2020-12-07 19:55 - 000000050 _____ () C:\Users\Petrk\AppData\Roaming\TheHunterSettings_steam_live.cfg
2020-04-06 02:18 - 2020-04-06 02:18 - 000407216 _____ () C:\Users\Petrk\AppData\Local\ars.cache
2020-04-06 02:20 - 2020-04-06 02:20 - 001135712 _____ () C:\Users\Petrk\AppData\Local\census.cache
2020-04-06 00:43 - 2020-04-06 00:43 - 000000036 _____ () C:\Users\Petrk\AppData\Local\housecall.guid.cache
2021-05-12 19:07 - 2021-05-12 19:07 - 000000410 _____ () C:\Users\Petrk\AppData\Local\oobelibMkey.log
2020-07-09 23:03 - 2021-04-10 11:15 - 000003668 _____ () C:\Users\Petrk\AppData\Local\PlariumPlay.log
2020-07-29 17:44 - 2020-07-29 17:44 - 000007598 _____ () C:\Users\Petrk\AppData\Local\Resmon.ResmonCfg
2020-04-06 01:35 - 2020-04-06 01:35 - 000000010 _____ () C:\Users\Petrk\AppData\Local\sponge.last.runtime.cache
2020-01-30 11:48 - 2020-01-30 11:49 - 000011654 _____ () C:\Users\Petrk\AppData\Local\WiDiSetupLog.20200130.104832.txt

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: Zpomalený PC

Napsal: 27 zář 2021 08:18
od pitrisin
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-09-2021 02
Ran by Petrk (27-09-2021 09:09:57)
Running from C:\Users\Petrk\Desktop
Windows 10 Pro Version 21H1 19043.1237 (X64) (2020-11-05 19:17:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-438706691-1456983326-2169936386-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-438706691-1456983326-2169936386-503 - Limited - Disabled)
Guest (S-1-5-21-438706691-1456983326-2169936386-501 - Limited - Disabled)
Petrk (S-1-5-21-438706691-1456983326-2169936386-1001 - Administrator - Enabled) => C:\Users\Petrk
postgres (S-1-5-21-438706691-1456983326-2169936386-1002 - Limited - Enabled) => C:\Users\postgres
WDAGUtilityAccount (S-1-5-21-438706691-1456983326-2169936386-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Disabled - Up to date) {05BC7AB5-FF0E-71EC-1054-15DA19B62DC7}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
FW: COMODO Firewall (Disabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.007.20091 - Adobe Systems Incorporated)
Adobe After Effects CC 2019 (HKLM-x32\...\AEFT_16_0) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.4.5.550 - Adobe Inc.)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Apowersoft Video Konvertor V4.8.4.24 (HKLM-x32\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.8.4.24 - APOWERSOFT LIMITED)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 21.3.10678.4990 - Avast Software)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 21.7.2481 - Avast Software)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.12.5655.2712 - Avast Software)
Avira Unerase Personal (HKLM-x32\...\Avira Unerase Personal) (Version: - )
AviSynth 2.5 (HKLM-x32\...\Avisynth) (Version: - )
Barn Finders (HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Barn Finders) (Version: - HOODLUM)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Ben and Ed - Blood Party (HKLM\...\YmVuYW5kZWRibG9vZHBhcnR5_is1) (Version: 1 - )
BitTorrent (HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\BitTorrent) (Version: 7.10.5.46097 - BitTorrent Inc.)
Blackmagic RAW Common Components (HKLM\...\{0F3BD969-5F12-4734-A4EF-91B30FB9B1D5}) (Version: 2.0 - Blackmagic Design)
Blitz (HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 1.15.50 - Blitz, Inc.)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.85 - Piriform)
CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
CPUID HWMonitor 1.44 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.44 - CPUID, Inc.)
Cyberpunk 2077 (HKLM-x32\...\Cyberpunk 2077_is1) (Version: - )
DaVinci Resolve (HKLM\...\{71FDE96C-DE54-4BFB-83CF-0C000C7602A6}) (Version: 17.0.00018 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{79BE47CF-4B6B-428D-9313-3DFD1924FB97}) (Version: 1.5.0.0 - Blackmagic Design)
Discord (HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Discord) (Version: 1.0.9002 - Discord Inc.)
Discord PTB (HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\DiscordPTB) (Version: 1.0.1008 - Discord Inc.)
Drug Dealer Simulator (HKLM-x32\...\Drug Dealer Simulator_is1) (Version: - )
Epic Games Launcher (HKLM-x32\...\{53041896-BE90-4A26-9954-9E9FDC7D4495}) (Version: 1.1.229.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.2.1 - )
Esportal Client (HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Esportal Client Installer) (Version: - Esportal)
Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.13 - Blackmagic Design)
Fall Guys Tracker (HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Overwolf_boagepiocdhgngpcogedeaomcdiomjhomdkjjepm) (Version: 0.1.64 - Overwolf app)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free Download Manager (HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\{0C1D4CF2-5575-4786-834C-B0FC977E9714}}_is1) (Version: 6.14.2.3973 - Softdeluxe)
GameInput Redistributable (HKLM-x32\...\{7E52156F-18FE-B953-BEA9-6BE6A77AFDFF}) (Version: 10.1.19041.3906 - Microsoft Corporation)
G-Loot (HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Overwolf_ilhhbpdpcedbknejiojcocmkjjmbigfbajehlipi) (Version: 5.1.32 - Overwolf app)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 94.0.4606.61 - Google LLC)
Grand Theft Auto: San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.0.0.22 - Rockstar Games)
Grand Theft Auto: San Andreas (HKLM-x32\...\Grand Theft Auto: San Andreas) (Version: 1.0.0.22 - Rockstar Games)
Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.1.175 - Riot Games, Inc.)
HLAE (HKLM-x32\...\{EBBAA9C4-621F-4440-B12C-0D30E28BC95D}) (Version: 2.113.9 - advancedfx.org)
HLAE Installer (HKLM-x32\...\{f019abd3-6ecf-4d67-ad89-970d1c2be921}) (Version: 2.113.9 - advancedfx.org)
House Flipper HGTV (HKLM-x32\...\House Flipper HGTV_is1) (Version: - )
Chatterino version default (HKLM\...\{F5FE6614-04D4-4D32-8600-0ABA0AC113A4}_is1) (Version: default - Daniel Schnabel)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Java 8 Update 301 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180301F0}) (Version: 8.0.3010.9 - Oracle Corporation)
Java 8 Update 301 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180301F0}) (Version: 8.0.3010.9 - Oracle Corporation)
Kobra 11 Nitro (HKLM-x32\...\{5AAA952E-B15E-47E0-94E4-DD6DC7B9C796}_is1) (Version: 3.0.0.CZ - US - ACTION, s.r.o.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
LEGO MARVEL Super Heroes (HKLM-x32\...\LEGO MARVEL Super Heroes_is1) (Version: - Warner Bros. Games)
LEGO® Star Wars™ - The Complete Saga (HKLM-x32\...\1731318270_is1) (Version: 1.0 - GOG.com)
LEGO® Star Wars™: The Complete Saga (HKLM-x32\...\InstallShield_{D596980D-17BE-4425-B8F0-5640719AADE9}) (Version: 1.00.0000 - LucasArts)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Lost Relics (HKLM-x32\...\Lost Relics 000173) (Version: 000173 - Codebit Labs)
Magic Bullet Suite v13.0.2 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 13.0.2 - Red Giant, LLC)
Malwarebytes version 4.4.5.130 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.5.130 - Malwarebytes)
Mavis Hub 1.3.0 (HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\{cc9e8b63-ffef-5371-bb50-2dfd3e6be1f2}) (Version: 1.3.0 - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 94.0.992.31 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 94.0.992.31 - Microsoft Corporation)
Microsoft Office Mondo 2016 - cs-cz (HKLM\...\MondoRetail - cs-cz) (Version: 16.0.14326.20238 - Microsoft Corporation)
Microsoft Office Mondo 2016 - en-us (HKLM\...\MondoRetail - en-us) (Version: 16.0.14326.20238 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\OneDriveSetup.exe) (Version: 21.170.0822.0002 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{650c9b4a-60ec-4e4e-8d8e-32d85ce3b7c5}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MKVToolNix 44.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 44.0.0 - Moritz Bunkus)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 471.68 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.68 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 24.0.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20238 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20238 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.102.48654 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.180.0.5 - Overwolf Ltd.)
Pavtube Video Converter Ultimate Ver 4.9.3.0 (HKLM-x32\...\{682B3199-76C3-4745-B7AE-FC13F6676421}_is1) (Version: - )
Peace (HKLM\...\Peace) (Version: 1.5.2.0 - P.E. Verbeek)
PostgreSQL 9.5 (HKLM\...\PostgreSQL 9.5) (Version: 9.5 - PostgreSQL Global Development Group)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.7 - Power Software Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8899.1 - Realtek Semiconductor Corp.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.42.369 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.9 - Rockstar Games)
Simcity version 10.1.0.0 (HKLM-x32\...\Simcity_is1) (Version: 10.1.0.0 - Mr DJ)
SMG Music Display version 2.23 (HKLM-x32\...\{931AA4E3-45FE-4182-B85D-A5AF229435B1}_is1) (Version: 2.23 - Streamsoft)
SPORE Collection (HKLM-x32\...\SPORE Collection_R.G. Mechanics_is1) (Version: - R.G. Mechanics, Panky)
Streamer Life Simulator (HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Streamer Life Simulator) (Version: - HOODLUM)
Streamlabs OBS 0.19.4 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.19.4 - General Workings, Inc.)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.10.5 - TeamViewer)
Thief Simulator (HKLM-x32\...\Thief Simulator_is1) (Version: - )
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
Universe (HKLM\...\Universe v3.0.2) (Version: - Red Giant LLC)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{C4BE7550-ECE1-417D-A787-01266DC1F5A6}) (Version: 1.22.0.0 - Microsoft Corporation) Hidden
VALORANT (HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
VEGAS Pro 16.0 (HKLM\...\{0A119E00-A098-11E8-A73C-00155D6302F2}) (Version: 16.0.248 - VEGAS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2021-09-26] (Adobe Systems Incorporated)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-26] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-09-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-09-26] (Microsoft Corporation) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.17.3004.0_x64__8wekyb3d8bbwe [2021-09-26] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-09-26] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.180.0_x64__dt26b99r8h8gj [2021-09-26] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-438706691-1456983326-2169936386-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-C94526CBE9FF} -> [Creative Cloud Files] => C:\Users\Petrk\Creative Cloud Files [2021-05-13 08:11]
CustomCLSID: HKU\S-1-5-21-438706691-1456983326-2169936386-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-438706691-1456983326-2169936386-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-05-13] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-05-13] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-05-13] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-05-13] (Adobe Inc. -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-06-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [Roll Back Shell Extention] -> {A51DA762-BDD7-11D5-973D-C0539E56E216} => C:\Program Files (x86)\Avira\Unerase\ciasvrue.dll [2006-07-26] () [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-08-27] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-06-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_799504293a3d3200\nvshext.dll [2021-08-06] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-05-13] (Adobe Inc. -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-08-27] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-06-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6-x32: [Roll Back Shell Extention] -> {A51DA762-BDD7-11D5-973D-C0539E56E216} => C:\Program Files (x86)\Avira\Unerase\ciasvrue.dll [2006-07-26] () [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [71680 2011-10-22] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.XVID] => C:\WINDOWS\system32\xvidvfw.dll [255488 2011-05-30] () [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2011-10-22] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [240640 2011-05-30] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Petrk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Gala Games Web Application.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mapmolmdehlbdldnpoaadfmhnmaidfld

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\tracing:? [16]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [1748]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_301\bin\ssv.dll [2021-08-28] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_301\bin\jp2ssv.dll [2021-08-28] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\ssv.dll [2021-08-28] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\jp2ssv.dll [2021-08-28] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-03-24 21:21 - 2018-03-24 21:19 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2020-01-26 14:28 - 2020-01-30 11:57 - 000000506 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 DESKTOP-L4K2NGD.mshome.net # 2025 1 2 28 9 57 28 770
192.168.137.140 LGwebOSTV.mshome.net # 2020 2 4 6 9 57 28 748

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Petrk\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\thumb-1920-561044.jpg
HKU\S-1-5-21-438706691-1456983326-2169936386-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "zenvpn"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\StartupApproved\Run: => "Xvid"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\StartupApproved\Run: => "PlariumPlay"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\StartupApproved\Run: => "Free Download Manager"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\StartupApproved\Run: => "DiscordPTB"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\StartupApproved\Run: => "bt"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\StartupApproved\Run: => "com.blitz.app"
HKU\S-1-5-21-438706691-1456983326-2169936386-1002\...\StartupApproved\Run: => "OneDriveSetup"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8A6A076D-A2A1-4B69-9048-B7AE75B1E24A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D536D4F4-C544-4F8D-99DF-E1D43FC71C63}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D8FA5C4E-CDB0-41F9-9EBA-7508015BCCF2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{10FD5212-C6AD-4A2F-ABAF-1F74B0AEAA93}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4588DABA-EB6D-40A4-95B5-DCA7EEA146A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{1F742208-B528-45B5-B513-1E1D65DF006C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{3B5CB858-7CC6-4A7C-B964-503AD959A598}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{BC1C7687-7ADE-4345-93A6-19AACB16CF56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [UDP Query User{2E6FBD3A-2ABA-4AB6-91C4-B8289688C708}C:\program files\vegas\vegas pro 16.0\vegas160.exe] => (Allow) C:\program files\vegas\vegas pro 16.0\vegas160.exe (MAGIX Software GmbH -> MAGIX Computer Products Intl. Co.)
FirewallRules: [TCP Query User{B273010F-E12D-4DD0-92ED-C908AB3B7DCC}C:\program files\vegas\vegas pro 16.0\vegas160.exe] => (Allow) C:\program files\vegas\vegas pro 16.0\vegas160.exe (MAGIX Software GmbH -> MAGIX Computer Products Intl. Co.)
FirewallRules: [{A0E39E48-8C54-4564-9CDF-20F0B206240E}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{D9897B4F-D850-4587-AEDB-4424B8C2A6A8}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{EB1DD6ED-E297-46F1-817A-9648744419F8}] => (Allow) C:\program files\ben and ed blood party\baebloodparty\binaries\win32\baebloodparty-win32-debuggame.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{90D0409C-03B3-4887-BCD5-99CC66E7D0FD}] => (Allow) C:\program files\ben and ed blood party\baebloodparty\binaries\win32\baebloodparty-win32-debuggame.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{9FAD2578-87A8-4C18-8B3F-D94B489E96EE}C:\program files\ben and ed blood party\baebloodparty\binaries\win32\baebloodparty-win32-debuggame.exe] => (Allow) C:\program files\ben and ed blood party\baebloodparty\binaries\win32\baebloodparty-win32-debuggame.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{BC6F1186-9873-411A-BF74-D4DB44C5DFDC}C:\program files\ben and ed blood party\baebloodparty\binaries\win32\baebloodparty-win32-debuggame.exe] => (Allow) C:\program files\ben and ed blood party\baebloodparty\binaries\win32\baebloodparty-win32-debuggame.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{54C0CE6B-CF15-48FD-B37C-3637D7F67220}C:\users\petrk\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\users\petrk\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe
FirewallRules: [TCP Query User{4C040E9D-AFAC-4DCF-80F2-5F3B19F530E2}C:\users\petrk\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\users\petrk\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{AD143FA4-9835-4C2F-868C-80A0648C61FE}C:\program files\streamlabs obs\streamlabs obs.exe] => (Allow) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [TCP Query User{BBE96638-0642-44A3-9616-62B558F07D77}C:\program files\streamlabs obs\streamlabs obs.exe] => (Allow) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [UDP Query User{4A870036-A08E-4421-8717-42C08FCAF4CD}C:\users\petrk\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\petrk\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [TCP Query User{709F8A75-FF36-43CD-AA11-909A837B5789}C:\users\petrk\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\petrk\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [{67B9A843-6A4D-4CE1-B66C-8B2E103B9057}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C1DD31CE-28A0-41CA-B435-182E00EC13CD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0CE50159-DC27-42C9-B778-BB33B4C0053C}] => (Allow) C:\Program Files (x86)\Mr DJ\Simcity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.) [File not signed]
FirewallRules: [{CAB35116-6F6B-4F89-962D-ACE80A9AB44E}] => (Allow) C:\Program Files (x86)\Mr DJ\Simcity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.) [File not signed]
FirewallRules: [{3832726A-880D-45EE-A1F8-1AFDDAFD80F0}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{04152DE3-453A-41FA-8D47-E30C66E462B6}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{D4032119-E758-442C-B2E9-21341235C420}] => (Block) C:\riot games\pbe\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [{33194180-4082-4CBE-A815-146DAC97DF83}] => (Block) C:\riot games\pbe\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{9CF85E16-E6D8-453E-88D7-EEA5CAA038F0}C:\riot games\pbe\game\league of legends.exe] => (Allow) C:\riot games\pbe\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [TCP Query User{7680DE8F-C25C-47A2-8B89-BD3A8B485D06}C:\riot games\pbe\game\league of legends.exe] => (Allow) C:\riot games\pbe\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{249E1307-61BE-4018-9692-6481BD63755F}C:\users\petrk\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petrk\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{116E50DC-43CB-4658-9F08-CB4A972E8EC6}C:\users\petrk\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petrk\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{BD9428D6-52F5-4115-8BD4-CE543B68EEAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{EE05112D-F51D-420B-85A0-56A97EAA4CA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{9D2C2BA3-EFB8-4763-A7F0-75043B77B267}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5244BDF0-1E92-4669-B8DC-C4833E30E735}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A297D50C-C140-401C-9FF9-FB6EA7D68264}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{A3A186FE-47BE-4438-B848-6C73C64E9FFB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{70C04786-EC77-4E5E-B53F-6E2ED6ED63F3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{EF19584A-82A3-442E-9567-EA5A231DA016}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{15C61252-344D-4C16-A383-7470BB20DAE5}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{D9337BF7-C0AD-4E40-B9CC-EB6840DB6D86}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{E5EC1695-193E-4851-A243-FB8A9FDA085B}] => (Block) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{81C5B261-C0B5-4A8C-A15D-0B71AF5751EE}] => (Block) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{3ABE1E16-A536-4A03-8F3C-53B191CEECC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{2D10D19F-306A-4FEF-BE8F-C5F433F8B568}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [TCP Query User{DA02A034-F70B-438B-AA08-15D6200DDC7E}C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{849BDCD6-35EE-4763-88F8-7E57DDDC9B11}C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{16BC4C90-1AAF-4463-99E2-F320A988805E}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{E2364338-5CBD-4D57-A658-494F36D0A8AF}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{5DFB561A-4B64-4985-AE7C-6981192BDD81}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{62FDAE62-DB26-45C4-B9D2-B32974BD0F38}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{4BB1E6DB-F487-47A1-A82E-28229467DC1D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{F027606C-C517-4EDB-8287-F4D9AA1203D5}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{96527DB2-7627-48A6-A027-87575548E302}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{BE8814FC-20C8-45F8-97A5-E9D9783CFE3A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{8787A23F-DE81-4C66-99A6-CF25D6029F95}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{FB70548B-091F-41D5-9EFC-7471FCF204A6}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{A45C7C6C-6AD9-4690-B0B4-FCFB749E855D}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{7F1C60E4-5D79-49D6-9365-293BBFF784AB}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{38EDDF95-5BFC-4C8F-AC7E-A68932EA9532}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{A5A43F35-6E98-4313-9042-1FA082C1E7C2}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{5EFF46E7-1295-4CB4-8E0C-C68AD34E4842}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{569CE3A5-4654-4692-969B-15D4DDB5C7B5}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{EEC3D3FF-8C08-48E8-9DB5-439D6532420E}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{E416C0FE-1BB8-4924-882C-CB510EA2DA12}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{36D9A6C6-8931-46A8-BDDD-E8B8698C85D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hobo Tough Life\HoboRPG.exe () [File not signed]
FirewallRules: [{552839FF-7D9C-4FE9-B708-5D888AF04623}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hobo Tough Life\HoboRPG.exe () [File not signed]
FirewallRules: [{EA2CDD57-04E0-4FD2-952E-ABE3B27874CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{11481EAB-F595-4B85-AA83-4DCAC190615E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F711B876-7BF4-41E8-AECF-CD3ACED31EDC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F102E9EC-E2B2-46E5-A9D0-547360BA2C39}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{D5C31519-F810-487C-8BF3-4A3DE4CF3659}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{1F543120-0C34-45E6-AABC-732000DACB6A}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{3F0356DB-388D-4F7A-9044-9A093A522753}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{80EE797E-3B9F-4E24-B59F-EE1238C9F657}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{82EDD73F-25AB-4CBF-8973-DC5D8A113021}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Driver Booster for Steam\DriverBooster.exe (IObit CO., LTD -> IObit)
FirewallRules: [{6951F7FF-F450-4967-8BB1-DC3A91482E54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Driver Booster for Steam\DriverBooster.exe (IObit CO., LTD -> IObit)
FirewallRules: [{2F8B1AC3-7534-4C5B-8048-5948AB98DC93}] => (Allow) C:\Program Files\esportal-client\esportal-client.exe (Esportal AB -> Esportal AB)
FirewallRules: [{CD8D031A-3B94-4B92-9FB1-452417736920}] => (Allow) C:\Program Files\esportal-client\esportal-client.exe (Esportal AB -> Esportal AB)
FirewallRules: [{49BB5B34-0F5B-4960-A5E6-C66149AF4AAB}] => (Allow) C:\Program Files\esportal-client\esportal-client.exe (Esportal AB -> Esportal AB)
FirewallRules: [{BB47F15C-8E0A-4E29-B79E-8FE9B26234E1}] => (Allow) C:\Program Files\esportal-client\esportal-client.exe (Esportal AB -> Esportal AB)
FirewallRules: [TCP Query User{DDA22382-52D1-4ABC-B2C5-E38BD0A69B8F}C:\program files\epic games\gtav\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\program files\epic games\gtav\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{62B950C9-7E8B-485F-A69E-4415EB39D856}C:\program files\epic games\gtav\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\program files\epic games\gtav\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{E08F52F9-E85A-4C52-A05B-7A4D7C6AFB6E}C:\program files\epic games\gtav\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\program files\epic games\gtav\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{79E8384D-673B-4036-AEAD-47D2A7FA0475}C:\program files\epic games\gtav\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\program files\epic games\gtav\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{A67D2082-008F-42B9-B137-6E3A37152EF6}C:\users\petrk\downloads\phasmophobia.v0.29.6.2-0xdeadc0de\phasmophobia\phasmophobia.exe] => (Allow) C:\users\petrk\downloads\phasmophobia.v0.29.6.2-0xdeadc0de\phasmophobia\phasmophobia.exe () [File not signed]
FirewallRules: [UDP Query User{AA7FE62A-0ACD-4547-8A61-51D75867FC3E}C:\users\petrk\downloads\phasmophobia.v0.29.6.2-0xdeadc0de\phasmophobia\phasmophobia.exe] => (Allow) C:\users\petrk\downloads\phasmophobia.v0.29.6.2-0xdeadc0de\phasmophobia\phasmophobia.exe () [File not signed]
FirewallRules: [{8A5144EB-8FFF-4333-8941-3668F77413DE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C22F8AF0-B71A-43AB-BAAE-728945FE6045}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2B162142-31CE-4092-A9DA-CEEE789BD51D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{83A203E9-B9FD-414C-A847-DCF94C634366}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{43D0F671-F1F5-4D62-B4CA-C428887CCC95}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{0704CD5D-6D83-4F0F-9194-FFBDD6CB148B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{28CE21AC-2FD5-4869-B4B3-C54182F55291}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9EEDA235-22DD-456E-834A-3BF396B65B5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cookie Clicker\Cookie Clicker.exe (Orteil) [File not signed]
FirewallRules: [{774DFA99-F34E-4654-B052-E6129FF4A7BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cookie Clicker\Cookie Clicker.exe (Orteil) [File not signed]
FirewallRules: [{995CF0E5-F5B6-47C2-B406-F5F2B067AD2A}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{37176976-B56A-4C7A-838F-927DF330D37F}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{ACD0A27E-0AE9-4FDD-93A1-51708901F6CE}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{72D59E07-792D-470A-BE6F-8A235AAC6DB5}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D628E9CB-4C0B-45B1-8AB4-F384E5A5FA23}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6C8575C6-5DB5-41CC-85FE-51C6255C3925}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B6DE2533-19DB-49A8-8BCD-D6424DB21FBE}] => (Allow) C:\Program Files (x86)\Overwolf\0.178.0.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{0C1FA62A-E41B-4934-97A6-0199F18E0E98}] => (Allow) C:\Program Files (x86)\Overwolf\0.178.0.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{45D96E22-6811-47EC-8101-95C536AF31D5}] => (Allow) C:\Program Files (x86)\Overwolf\0.180.0.5\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{7E6F32BA-1BCC-4C53-85CB-E859461E70AB}] => (Allow) C:\Program Files (x86)\Overwolf\0.180.0.5\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{596BE9E4-C077-49E7-BB7B-C5F92E9181CF}] => (Block) C:\Program Files (x86)\Overwolf\0.178.0.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{2A7056B6-335B-4A70-B747-8BA562D3901E}] => (Block) C:\Program Files (x86)\Overwolf\0.178.0.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{415ACDC0-90D0-42A8-AD94-AD66171A3528}] => (Allow) C:\Program Files (x86)\Overwolf\0.180.0.5\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{A73A4886-558C-482B-842B-0A7B0EBED327}] => (Allow) C:\Program Files (x86)\Overwolf\0.180.0.5\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{D081AE70-8E2A-469B-889B-13B897A18154}] => (Block) C:\Program Files (x86)\Overwolf\0.180.0.5\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{F184E3A5-67CF-4FBF-B350-ADDC8DBC8017}] => (Block) C:\Program Files (x86)\Overwolf\0.180.0.5\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{D24CF11D-D05C-466C-B53D-B0159EFBD248}] => (Block) C:\Program Files (x86)\Overwolf\0.180.0.5\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{80F52781-A998-48CA-ACE1-E874E8019534}] => (Block) C:\Program Files (x86)\Overwolf\0.180.0.5\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{F29F114B-0932-4AB5-8C27-EB7E7444E4F6}] => (Allow) C:\Users\Petrk\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{A4DFB3C0-6A35-4870-AA54-9BA4123BB758}] => (Allow) C:\Users\Petrk\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{951A86A9-73FF-48E7-86ED-6DF644E7C9DC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{596BC8C6-39DC-4299-B8A8-5EC2CFB975E2}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{BEC37E7A-870F-4C62-8ED7-48999B404458}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6EFF9E4E-D3CD-41F5-A731-35907DB4E3D3}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\94.0.992.31\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

24-09-2021 17:34:32 Nainstalováno: Microsoft Visual C++ 2005 Redistributable
26-09-2021 11:08:24 Operace obnovení

==================== Faulty Device Manager Devices ============

Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (09/26/2021 05:25:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program League of Legends.exe verze 11.19.398.9466 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: bf4

Čas spuštění: 01d7b2ea5717fb01

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Riot Games\League of Legends\Game\League of Legends.exe

ID hlášení: cddb9682-1ffb-498b-bc09-5e9b40a59122

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Top level window is idle

Error: (09/26/2021 02:38:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchApp.exe, verze: 10.0.19041.1202, časové razítko: 0xc9006c8b
Název chybujícího modulu: dcomp.dll, verze: 10.0.19041.1237, časové razítko: 0x556ab332
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000004caf3
ID chybujícího procesu: 0x37b8
Čas spuštění chybující aplikace: 0x01d7b2c7e6d3b7a5
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\dcomp.dll
ID zprávy: f15eba08-5e87-4b9b-bb8f-c519aa45d8f8
Úplný název chybujícího balíčku: Microsoft.Windows.Search_1.14.2.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI

Error: (09/26/2021 01:39:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program unerase.exe verze 1.2.1.2 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 28d4

Čas spuštění: 01d7b2c5a66ac009

Čas ukončení: 3

Cesta k aplikaci: C:\Program Files (x86)\Avira\Unerase\unerase.exe

ID hlášení: 324228db-f265-41f7-b99a-2ba0c2b72fa4

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (09/26/2021 01:12:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 22.9.2021.2 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 3334

Čas spuštění: 01d7b2c643a61a76

Čas ukončení: 60000

Cesta k aplikaci: C:\Users\Petrk\Downloads\FRST64.exe

ID hlášení: b24cc20e-8b2b-47b6-bd5f-d8bbbe333666

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (09/26/2021 12:44:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program NVIDIA Share.exe verze 73.3683.1933.5 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2a80

Čas spuštění: 01d7b2c2ce0f4071

Čas ukončení: 10

Cesta k aplikaci: C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe

ID hlášení: ef0d6300-ba65-4f73-8c00-70b386afd229

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (09/26/2021 12:44:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program YourPhone.exe verze 1.21072.161.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1fd0

Čas spuštění: 01d7b2c220fe7e1f

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21072.161.0_x64__8wekyb3d8bbwe\YourPhone.exe

ID hlášení: 85f943eb-7f04-44c5-8bc1-4389c7c4fe34

Úplný název balíčku s chybou: Microsoft.YourPhone_1.21072.161.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Cross-thread

Error: (09/26/2021 12:38:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: vgtray.exe, verze: 1.8.2.16, časové razítko: 0x612d4c86
Název chybujícího modulu: vgtray.exe, verze: 1.8.2.16, časové razítko: 0x612d4c86
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000701c4
ID chybujícího procesu: 0x1820
Čas spuštění chybující aplikace: 0x01d7b2c22cc38801
Cesta k chybující aplikaci: C:\Program Files\Riot Vanguard\vgtray.exe
Cesta k chybujícímu modulu: C:\Program Files\Riot Vanguard\vgtray.exe
ID zprávy: a3796fe1-16e0-499b-9c5f-abc61453bf2a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/26/2021 12:31:34 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3640,R,98) SRUJet: Při otevírání souboru protokolu C:\WINDOWS\system32\SRU\SRU00030.log došlo k chybě -1811 (0xfffff8ed).


System errors:
=============
Error: (09/27/2021 08:34:10 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.

Error: (09/27/2021 08:29:27 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server Windows.Internal.StateRepository.ApplicationExtension se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/27/2021 08:28:47 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-L4K2NGD)
Description: Služba DCOM zjistila chybu 1068 při pokusu o spuštění služby cdpsvc s argumenty Není k dispozici za účelem spuštění serveru:
{284CACFE-B6F2-461A-90C3-A7ACC8353816}

Error: (09/27/2021 08:28:46 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba CDPSvc závisí na službě NcbService, která neuspěla při spuštění v důsledku následující chyby:
Zařízení připojené k systému nefunguje.

Error: (09/27/2021 08:28:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba HuaweiHiSuiteService64.exe neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (09/27/2021 08:27:35 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NcbService byla ukončena s následující chybou:
Zařízení připojené k systému nefunguje.

Error: (09/27/2021 08:27:16 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (2:34:47, ‎27.‎09.‎2021) bylo neočekávané.

Error: (09/27/2021 08:25:35 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684Při zpracování obnovovacích dat došlo k závažné chybě.


CodeIntegrity:
===============
Date: 2021-09-27 08:44:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-09-27 08:34:12
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. F20 11/11/2016
Motherboard: Gigabyte Technology Co., Ltd. H110M-S2HP-CF
Processor: Intel(R) Core(TM) i5-7600 CPU @ 3.50GHz
Percentage of memory in use: 58%
Total physical RAM: 8144.44 MB
Available physical RAM: 3388.43 MB
Total Virtual: 17360.44 MB
Available Virtual: 11242.61 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.38 GB) (Free:152.81 GB) NTFS

\\?\Volume{46029b4d-50e3-4957-bc8f-c0b2a31dc2bc}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS
\\?\Volume{4b280e1e-daf8-44f3-842e-2a7f1ce8ec12}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{08ab3d1f-4e35-4487-85f6-dbaed34b5da3}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Zpomalený PC

Napsal: 27 zář 2021 09:29
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

ClosePeocesses:
AlternateDataStreams: C:\WINDOWS\tracing:? [16]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [1748]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\MountPoints2: {0fb1a98e-aa18-11ea-92c6-1c1b0d6559d7} - "D:\Autorun.exe"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\MountPoints2: {c7a269ad-1abf-11ec-9403-1c1b0d6559d7} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\MountPoints2: {c7a269cb-1abf-11ec-9403-1c1b0d6559d7} - "E:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {50AB32BC-E1FE-4460-BC88-0F61986923C6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-30] (Google Inc -> Google LLC)
Task: {AE74F09B-2930-44F1-9F4B-E0C45723A689} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-30] (Google Inc -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\DumpStack.log.tmp

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Zpomalený PC

Napsal: 27 zář 2021 10:01
od pitrisin
Dobře, jdu na to. Viděl jsem, že jste napsal v logu "close peocesses". Jestli je to chyba.

Re: Zpomalený PC

Napsal: 27 zář 2021 10:59
od pitrisin
Fix result of Farbar Recovery Scan Tool (x64) Version: 22-09-2021 02
Ran by Petrk (27-09-2021 11:43:36) Run:2
Running from C:\Users\Petrk\Desktop
Loaded Profiles: Petrk & postgres
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
AlternateDataStreams: C:\WINDOWS\tracing:? [16]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [1748]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\MountPoints2: {0fb1a98e-aa18-11ea-92c6-1c1b0d6559d7} - "D:\Autorun.exe"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\MountPoints2: {c7a269ad-1abf-11ec-9403-1c1b0d6559d7} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\...\MountPoints2: {c7a269cb-1abf-11ec-9403-1c1b0d6559d7} - "E:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {50AB32BC-E1FE-4460-BC88-0F61986923C6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-30] (Google Inc -> Google LLC)
Task: {AE74F09B-2930-44F1-9F4B-E0C45723A689} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-30] (Google Inc -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\DumpStack.log.tmp

EmptyTemp:
End

*****************

Processes closed successfully.
C:\WINDOWS\tracing => ":?" ADS removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0fb1a98e-aa18-11ea-92c6-1c1b0d6559d7} => removed successfully
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c7a269ad-1abf-11ec-9403-1c1b0d6559d7} => removed successfully
HKU\S-1-5-21-438706691-1456983326-2169936386-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c7a269cb-1abf-11ec-9403-1c1b0d6559d7} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{50AB32BC-E1FE-4460-BC88-0F61986923C6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{50AB32BC-E1FE-4460-BC88-0F61986923C6}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AE74F09B-2930-44F1-9F4B-E0C45723A689}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE74F09B-2930-44F1-9F4B-E0C45723A689}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14931146 B
Java, Flash, Steam htmlcache => 764672640 B
Windows/system/drivers => 5940933 B
Edge => 0 B
Chrome => 500370810 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile32 => 0 B
LocalService => 119110 B
NetworkService => 124748 B
Petrk => 111702470 B
postgres => 111702470 B

RecycleBin => 0 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 27-09-2021 11:53:13)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 11:53:43 ====

Re: Zpomalený PC

Napsal: 27 zář 2021 12:39
od Rudy
Smazáno. Nastala změna k lepšímu?

Re: Zpomalený PC

Napsal: 27 zář 2021 12:50
od pitrisin
No trošku. Není to jak to bylo předtím svižný.

Re: Zpomalený PC

Napsal: 27 zář 2021 13:48
od Rudy
Zkuste ještě defragmentovat disk.
Všechny časy jsou v UTC+01:00
Stránka 1 z 6

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz