Spomalený notebook.

[peco]

Poprosím o kontrolu. Notebook je pomalý. Firefox a Opera reagujú veľmi pomaly.
FRST mi po spustení vždy spadlo, tak som ho spustil v SAFE móde. Ďakujem.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-08-2023
Ran by ibaka (administrator) on IBAKA-NTB (ASUSTeK Computer Inc. X58LE) (01-09-2023 12:51:02)
Running from E:\\FRST64.exe
Loaded Profiles: ibaka
Platform: Microsoft Windows 7 Professional Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Default browser not detected!
Boot Mode: Safe Mode (minimal)

========================================================

C:\FRST\FRST64.exe => moved successfully

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [256408 2023-09-01] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18368512 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3039921316-1115577554-865659492-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [41584544 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3039921316-1115577554-865659492-1000\...\Run: [Opera Next] => C:\Users\ibaka\AppData\Local\Programs\Opera beta\launcher.exe [2892744 2023-02-02] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-3039921316-1115577554-865659492-1000\...\MountPoints2: E - E:\Setup.exe
HKU\S-1-5-21-3039921316-1115577554-865659492-1000\...\MountPoints2: {3c442ea9-2fd4-11ec-913b-00248ccdf8bd} - E:\Setup.exe
HKU\S-1-5-21-3039921316-1115577554-865659492-1000\...\MountPoints2: {a30d4831-1fbc-11e9-af0f-00248ccdf8bd} - E:\Setup.exe
HKU\S-1-5-21-3039921316-1115577554-865659492-1000\...\MountPoints2: {b22b942f-623c-11eb-9407-00248ccdf8bd} - E:\WifiAutoInstallSetup.exe
HKU\S-1-5-21-3039921316-1115577554-865659492-1000\...\MountPoints2: {dda102f0-588e-11eb-a004-00248ccdf8bd} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3039921316-1115577554-865659492-1000\...\MountPoints2: {dda1035f-588e-11eb-a004-00248ccdf8bd} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3039921316-1115577554-865659492-1000\...\MountPoints2: {dda103ca-588e-11eb-a004-00248ccdf8bd} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3039921316-1115577554-865659492-1004\...\Run: [Viber] => C:\Users\PTR\AppData\Local\Viber\Viber.exe [49626384 2022-03-16] (Viber Media S.à r.l. -> Viber Media S.à r.l.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2018-11-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
Startup: C:\Users\ibaka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dokumenty - odkaz [2020-02-13]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {4767650A-2F51-4A6E-8593-CD9AB90A0BB4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4947352 2023-09-01] (Avast Software s.r.o. -> AVAST Software)
Task: {0A64E663-CF2E-4E53-A192-67F00A618A7D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2144664 2023-08-05] (Avast Software s.r.o. -> Avast Software)
Task: {C412209D-F691-40CA-AA0E-BEE7F0A0058D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {671E6891-8AA8-4C46-AFA0-49321E36C111} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "error" --version "6.15.10623" --silent
Task: {3E223731-5CE1-4345-B8F0-9EF0E7597E78} - System32\Tasks\CCleanerSkipUAC - ibaka => C:\Program Files\CCleaner\CCleaner.exe [34687904 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {746F6EBA-33D4-49FD-9171-D861A11DAEBE} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges (No File)
Task: {21FA0D91-C61C-4E62-9208-6CB4FE03AFEF} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {2D8A4959-1A3C-4DA8-8AEC-C19A88C711AB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {FAF18CEC-CA03-4831-AF9E-7BB0F7286FFB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {A8012119-16D0-4EDF-977E-34E51E60D5A7} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2023-09-01] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {A4CC3274-95D2-41F6-9948-79DD527A1086} - System32\Tasks\Opera scheduled assistant Autoupdate 1584073827 => C:\Users\ibaka\AppData\Local\Programs\Opera beta\launcher.exe [2892744 2023-02-02] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\ibaka\AppData\Local\Programs\Opera beta\assistant" $(Arg0)
Task: {DAB30CB8-33B9-4466-A982-4CE58C94DBF4} - System32\Tasks\Opera scheduled Autoupdate 1542296459 => C:\Users\ibaka\AppData\Local\Programs\Opera beta\launcher.exe [2892744 2023-02-02] (Opera Norway AS -> Opera Software) <==== ATTENTION
Task: {8447479A-9EC6-42A6-9513-D4849DB70094} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {78E54115-27D3-4E62-8F52-B369BD798EF3} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.12 0.0.0.0
Tcpip\..\Interfaces\{031BEE26-241F-44A0-8A20-83F1AC27326B}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{6BC606FB-F931-4DAE-8FDB-443D8B37CB90}: [DhcpNameServer] 192.168.2.12 0.0.0.0
Tcpip\..\Interfaces\{DB9ED499-CAA4-42CB-AFA5-9C044728F598}: [DhcpNameServer] 192.168.2.12 0.0.0.0
Tcpip\..\Interfaces\{EDDCBC00-A6B7-49D0-8D5F-9D1A5985B43F}: [DhcpNameServer] 192.168.2.12 0.0.0.0

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\ibaka\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-01]

FireFox:
========
FF DefaultProfile: 2lwfjws2.default
FF ProfilePath: C:\Users\ibaka\AppData\Roaming\Mozilla\Firefox\Profiles\2lwfjws2.default [2023-09-01]
FF Homepage: Mozilla\Firefox\Profiles\2lwfjws2.default -> hxxps://www.google.com/
FF Notifications: Mozilla\Firefox\Profiles\2lwfjws2.default -> hxxps://www.reddit.com
FF Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\ibaka\AppData\Roaming\Mozilla\Firefox\Profiles\2lwfjws2.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2023-03-12]
FF Extension: (Nepi Jano!) - C:\Users\ibaka\AppData\Roaming\Mozilla\Firefox\Profiles\2lwfjws2.default\Extensions\{efca0a1f-71f3-485a-8df9-322da85b676e}.xpi [2019-02-02]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-05-27] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-05-27] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-05-27] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-10-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-05-27] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3039921316-1115577554-865659492-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-05-27] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR Profile: C:\Users\ibaka\AppData\Local\Google\Chrome\User Data\Default [2023-09-01]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ibaka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-06-22]

Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-3039921316-1115577554-865659492-1000) Operabeta - "C:\Users\ibaka\AppData\Local\Programs\Opera beta\Launcher.exe"

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8904088 2023-09-01] (Avast Software s.r.o. -> AVAST Software)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [587672 2023-09-01] (Avast Software s.r.o. -> AVAST Software)
S2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [588184 2023-09-01] (Avast Software s.r.o. -> AVAST Software)
S2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-25] (Avast Software s.r.o. -> AVAST Software)
S2 WifiAutoInstallSrv; C:\Program Files\Realtek\WifiAutoInstall\WifiAutoInstallSrv.exe [124864 2017-07-31] (Realtek Semiconductor Corp. -> Realtek)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [31528 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [238496 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [392880 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297880 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [95960 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39648 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [272576 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [559184 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [23472 2023-05-10] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105248 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80416 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [946160 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S1 aswSP; C:\Windows\System32\drivers\aswSP.sys [705480 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [212680 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319568 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2753536 2011-06-27] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 DroidCam; C:\Windows\System32\DRIVERS\droidcam.sys [31576 2020-04-24] (DEV47 APPS -> Dev47Apps)
S3 FTSER2K; C:\Windows\System32\drivers\ftser2k.sys [79872 2014-09-09] (Microsoft Windows Hardware Compatibility Publisher -> FTDI Ltd.)
S3 iriuna0; C:\Windows\System32\drivers\iriuna0.sys [37744 2021-04-06] (Iriun Oy -> Windows (R) Win 7 DDK provider)
S3 iriunv0; C:\Windows\System32\unknown\iriunv0.sys [30064 2021-07-19] (Iriun Oy -> Windows (R) Win 7 DDK provider)
R2 rimmptsk; C:\Windows\System32\DRIVERS\rimmpx64.sys [67584 2009-06-25] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R2 rimsptsk; C:\Windows\System32\DRIVERS\rimspx64.sys [55296 2009-06-25] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [9302008 2021-01-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 scvad_simple; C:\Windows\System32\drivers\SplitCamAudio.sys [23552 2017-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1799680 2009-05-21] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 splitcam_hd_driver; C:\Windows\System32\DRIVERS\splitcam_hd_driver.sys [37600 2017-08-23] (OMT-LIDER, TOV -> Windows (R) Win 7 DDK provider)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
U1 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-09-01 12:39 - 2023-09-01 12:46 - 000000000 ____D C:\Program Files\trend micro
2023-09-01 12:38 - 2023-09-01 12:46 - 000000000 ____D C:\RSIT
2023-09-01 12:36 - 2023-09-01 12:51 - 000000000 ____D C:\FRST
2023-09-01 12:33 - 2023-09-01 12:33 - 002382336 _____ (Farbar) C:\Users\ibaka\Downloads\FRST64.exe
2023-09-01 10:41 - 2023-09-01 10:42 - 000001594 _____ C:\Windows\VPNUnInstall.MIF
2023-09-01 10:36 - 2023-09-01 10:36 - 000000000 ____D C:\Users\ibaka\AppData\Local\CrashDumps
2023-09-01 10:21 - 2023-09-01 12:50 - 000504256 _____ C:\Windows\ntbtlog.txt
2023-09-01 09:47 - 2023-09-01 09:47 - 000000000 ____D C:\Users\ibaka\AppData\Local\mbam
2023-09-01 09:43 - 2023-09-01 09:44 - 008791352 _____ (Malwarebytes) C:\Users\ibaka\Downloads\adwcleaner_8.4.0.exe
2023-09-01 09:43 - 2023-09-01 09:43 - 002606880 _____ (Malwarebytes) C:\Users\ibaka\Downloads\MBSetup.exe
2023-09-01 09:17 - 2023-09-01 09:17 - 000109024 _____ C:\Users\ibaka\Documents\cc_20230901_091715.reg
2023-09-01 09:17 - 2023-09-01 09:17 - 000005910 _____ C:\Users\ibaka\Documents\cc_20230901_091747.reg
2023-09-01 09:05 - 2023-09-01 12:23 - 000000000 ____D C:\Program Files\CCleaner
2023-09-01 09:05 - 2023-09-01 10:30 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-09-01 09:05 - 2023-09-01 09:05 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-09-01 09:05 - 2023-09-01 09:05 - 000003292 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-09-01 09:05 - 2023-09-01 09:05 - 000002810 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - ibaka
2023-09-01 09:05 - 2023-09-01 09:05 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2023-09-01 09:05 - 2023-09-01 09:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-09-01 09:04 - 2023-09-01 10:21 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-09-01 09:04 - 2023-09-01 09:05 - 056720648 _____ (Piriform Software Ltd) C:\Users\ibaka\Downloads\ccsetup615.exe
2023-09-01 08:15 - 2023-09-01 08:15 - 000313240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2023-08-30 20:02 - 2023-08-30 20:02 - 000000000 ___HD C:\$Windows.~WS
2023-08-12 08:26 - 2023-08-12 08:28 - 738551531 _____ C:\Users\ibaka\Downloads\Edda 1. 2. 3. (1980 - 1983) [FLAC].rar _ Ul.rar _ Ul.rar _ Ul
2023-08-12 08:23 - 2023-08-12 08:24 - 229835606 _____ C:\Users\ibaka\Downloads\Edda Művek - (1981) - 2 • [FLAC].zip _ Ul.zip _ Ul.zip _ Ul
2023-08-12 08:23 - 2023-08-12 08:23 - 245780587 _____ C:\Users\ibaka\Downloads\Edda Művek - (1980) - 1 • [FLAC].zip _ Ul.zip _ Ul.zip _ Ul
2023-08-12 07:56 - 2023-08-12 07:56 - 186183186 _____ C:\Users\ibaka\Downloads\Metallica - 2023 - 72 Seasons [320kbps].zip _ Ul.zip _ Ul.zip _ Ul
2023-08-12 07:54 - 2023-08-12 07:54 - 187135780 _____ C:\Users\ibaka\Downloads\10 Metallica - Hardwired... To Self-Destruct (Remastered).rar _ Ul.rar _ Ul.rar _ Ul

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-09-01 12:49 - 2019-06-28 20:22 - 000000000 ____D C:\ProgramData\AVAST Software
2023-09-01 11:53 - 2009-07-14 06:45 - 000029472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2023-09-01 11:53 - 2009-07-14 06:45 - 000029472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2023-09-01 11:45 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-09-01 10:36 - 2021-10-28 16:33 - 000000000 ____D C:\temp
2023-09-01 10:22 - 2009-07-14 06:45 - 000467312 _____ C:\Windows\system32\FNTCACHE.DAT
2023-09-01 10:21 - 2020-04-13 07:43 - 000000000 ____D C:\Users\ibaka\AppData\Roaming\Zoom
2023-09-01 10:21 - 2018-11-15 17:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-09-01 10:09 - 2021-11-01 09:20 - 000000000 ____D C:\Program Files\Recuva
2023-09-01 10:07 - 2023-03-05 18:22 - 000000000 ____D C:\AdwCleaner
2023-09-01 10:04 - 2018-12-28 19:03 - 000000000 ____D C:\Program Files\Tracker Software
2023-09-01 09:42 - 2022-02-08 21:24 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-09-01 09:30 - 2009-07-14 07:13 - 000006374 _____ C:\Windows\system32\PerfStringBackup.INI
2023-09-01 09:30 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2023-09-01 09:21 - 2018-11-15 21:54 - 000112248 _____ C:\Users\ibaka\AppData\Local\GDIPFONTCACHEV1.DAT
2023-09-01 09:15 - 2020-12-15 22:31 - 000000000 ____D C:\Users\ibaka\AppData\Roaming\Media Player Classic
2023-09-01 09:15 - 2019-10-30 10:08 - 000000000 ____D C:\Users\ibaka\AppData\Roaming\TeamViewer
2023-09-01 09:15 - 2019-10-30 10:08 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-09-01 09:15 - 2019-07-22 20:53 - 000000000 ____D C:\Users\ibaka\AppData\Roaming\MPC-HC
2023-09-01 09:15 - 2018-11-16 13:22 - 000000000 ____D C:\Users\ibaka\AppData\Roaming\XnView
2023-09-01 09:14 - 2019-08-16 06:00 - 000000000 ____D C:\Windows\Minidump
2023-09-01 09:14 - 2018-11-15 11:49 - 000000000 ____D C:\Windows\Panther
2023-09-01 09:03 - 2023-06-17 15:45 - 000000000 ____D C:\Program Files (x86)\Google
2023-09-01 08:57 - 2021-01-16 14:48 - 000000000 ____D C:\Users\ibaka\AppData\Local\JDownloader 2.0
2023-09-01 08:45 - 2021-04-17 18:05 - 000000000 ____D C:\Program Files\MI
2023-09-01 08:43 - 2022-09-27 15:25 - 000000000 ____D C:\Users\ibaka\AppData\Local\Deployment
2023-09-01 08:40 - 2021-05-26 06:28 - 000000000 ____D C:\Users\ibaka\AppData\Local\Avast Software
2023-09-01 08:15 - 2020-10-14 05:47 - 000272576 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2023-09-01 08:15 - 2020-04-14 20:18 - 000559184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2023-09-01 08:15 - 2019-06-28 20:26 - 000705480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2023-09-01 08:15 - 2019-06-28 20:26 - 000319568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2023-09-01 08:15 - 2019-06-28 20:26 - 000297880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2023-09-01 08:15 - 2019-06-28 20:26 - 000105248 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2023-09-01 08:15 - 2019-06-28 20:26 - 000095960 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2023-09-01 08:15 - 2019-06-28 20:26 - 000080416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2023-09-01 08:15 - 2019-06-28 20:26 - 000039648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2023-09-01 08:15 - 2019-06-28 20:26 - 000003910 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2023-09-01 08:14 - 2019-06-28 20:26 - 000946160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2023-09-01 08:14 - 2019-06-28 20:26 - 000392880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2023-09-01 08:14 - 2019-06-28 20:26 - 000238496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2023-09-01 08:14 - 2019-06-28 20:26 - 000031528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2023-08-27 19:21 - 2021-01-09 15:20 - 000000000 ____D C:\Users\ibaka\AppData\Roaming\audacity
2023-08-22 16:22 - 2018-11-26 19:37 - 000000000 ____D C:\Users\ibaka\AppData\Roaming\Microsoft\Word
2023-08-12 09:03 - 2018-11-22 19:57 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2023-08-12 08:59 - 2018-11-15 12:22 - 000000000 ____D C:\Windows\system32\MRT
2023-08-12 08:51 - 2018-11-15 12:22 - 175983240 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-08-12 08:50 - 2009-07-14 04:34 - 000000478 _____ C:\Windows\win.ini

==================== Files in the root of some directories ========

2019-03-06 10:45 - 2022-11-21 20:07 - 000000006 _____ () C:\Users\ibaka\AppData\Roaming\.nfe_lock
2019-01-22 19:56 - 2022-10-31 12:04 - 000000600 _____ () C:\Users\ibaka\AppData\Local\PUTTY.RND

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2023-09-01 12:15
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-08-2023
Ran by ibaka (01-09-2023 12:52:08)
Running from E:\
Microsoft Windows 7 Professional Service Pack 1 (X64) (2018-11-15 09:54:44)
Boot Mode: Safe Mode (minimal)
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3039921316-1115577554-865659492-500 - Administrator - Disabled)
Guest (S-1-5-21-3039921316-1115577554-865659492-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3039921316-1115577554-865659492-1002 - Limited - Enabled)
ibaka (S-1-5-21-3039921316-1115577554-865659492-1000 - Administrator - Enabled) => C:\Users\ibaka
PTR (S-1-5-21-3039921316-1115577554-865659492-1004 - Limited - Enabled) => C:\Users\PTR

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 22.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2200-000001000000}) (Version: 22.00.00.0 - Igor Pavlov)
ABBYY FineReader 12 Professional (HKLM-x32\...\{F12000FE-0001-0000-0000-074957833700}) (Version: 12.1.625 - ABBYY Production LLC)
Advanced IP Scanner 2.5 (HKLM-x32\...\{E35BC1CF-235D-4995-A816-59D3615C3B9A}) (Version: 2.5.3850 - Famatech)
AIMP (HKLM-x32\...\AIMP) (Version: v5.00.2344, 09.11.2021 - AIMP DevTeam)
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 23.8.6078 - Avast Software)
calibre 64bit (HKLM\...\{9C42268E-4541-43F5-9D88-D9D12DB39EBC}) (Version: 4.8.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 6.15 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM-x32\...\dreamboxEDIT) (Version: - )
Exact Audio Copy 1.6 (HKLM-x32\...\Exact Audio Copy) (Version: 1.6 - Andre Wiethoff)
FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
HHD Software Free Hex Editor Neo 6.44 (HKU\S-1-5-21-3039921316-1115577554-865659492-1000\...\{8EB85C0E-DE7D-4A53-BD66-708B8F2C80B0}) (Version: 6.44.01.6234 - HHD Software, Ltd.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
MediaInfo 19.09 (HKLM\...\MediaInfo) (Version: 19.09 - MediaArea.net)
Microsoft .NET Framework 4.8 (HKLM\...\{16735AF7-1D8D-3681-94A5-C578A61EC832}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Access MUI (Slovak) 2013 (HKLM\...\{90150000-0015-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Slovak) 2013 (HKLM\...\{90150000-0090-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 109.0.1518.115 - Microsoft Corporation)
Microsoft Excel MUI (Slovak) 2013 (HKLM\...\{90150000-0016-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Slovak) 2013 (HKLM\...\{90150000-00BA-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Slovak) 2013 (HKLM\...\{90150000-0044-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Slovak) 2013 (HKLM\...\{90150000-012B-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 2013 Professional Plus (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office 32-bit Components 2013 (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Nyelvi ellenőrző eszközök 2013 – magyar (HKLM\...\{90150000-001F-040E-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Slovak) 2013 (HKLM\...\{90150000-00E1-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Slovak) 2013 (HKLM\...\{90150000-00E2-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Slovak) 2013 (HKLM\...\{90150000-002C-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Slovak) 2013 (HKLM\...\{90150000-00C1-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Slovak) 2013 (HKLM\...\{90150000-006E-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (Slovak) 2013 (HKLM\...\{90150000-00A1-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Slovak) 2013 (HKLM\...\{90150000-001A-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Slovak) 2013 (HKLM\...\{90150000-0018-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Slovak) 2013 (HKLM\...\{90150000-0019-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23026 (HKLM-x32\...\{BE960C1C-7BAD-3DE6-8B1A-2616FE532845}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23026 (HKLM-x32\...\{A2563E55-3BEC-3828-8D67-E5E8B9E8B675}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28808 (HKLM-x32\...\{78079cc3-1f6e-47f6-b4d6-105f08b89409}) (Version: 14.26.28808.1 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.26.28808 (HKLM\...\{31B12D0C-C856-4B64-A4FE-7E4C2F5BF8E4}) (Version: 14.26.28808 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.26.28808 (HKLM\...\{EB5BE2A4-FB21-421C-9FA0-F7D7591B1B1F}) (Version: 14.26.28808 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Word MUI (Slovak) 2013 (HKLM\...\{90150000-001B-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Minecraft (HKLM-x32\...\{2D1ED4EA-B59D-4665-ACB3-9325872A300D}) (Version: 1.0.4.0 - Mojang)
Mozilla Firefox ESR (x64 sk) (HKLM\...\Mozilla Firefox 115.2.0 ESR (x64 sk)) (Version: 115.2.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.1 - Mozilla)
Mp3tag v3.18 (HKLM-x32\...\Mp3tag) (Version: 3.18 - Florian Heidenreich)
MPC-HC 1.8.6.3 (69ddf2553-dirty) Nightly (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.8.6.3 - MPC-HC Team)
MPC-HC 1.9.8 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.9.8 - MPC-HC Team)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.9.1 - Notepad++ Team)
Opera beta 95.0.4635.28 (HKU\S-1-5-21-3039921316-1115577554-865659492-1000\...\Opera 95.0.4635.28) (Version: 95.0.4635.28 - Opera Software)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.313.0 - Tracker Software Products Ltd)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.1.312 - Jan Fiala)
RAK - 1.22 (HKLM-x32\...\RAK_is1) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8117 - Realtek Semiconductor Corp.)
Realtek PCI-E Wireless LAN Driver (HKLM-x32\...\InstallShield_{70714FB7-4084-4202-A599-2D5935DECB67}) (Version: Drv_3.00.0015 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.49 - Piriform)
RICOH R5U8xx Media Driver ver.3.62.02 (HKLM-x32\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.62.02 - RICOH)
Scan Tailor (HKLM-x32\...\Scan Tailor) (Version: - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0015-041B-1000-0000000FF1CE}_Office15.PROPLUS_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0016-041B-1000-0000000FF1CE}_Office15.PROPLUS_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0018-041B-1000-0000000FF1CE}_Office15.PROPLUS_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0019-041B-1000-0000000FF1CE}_Office15.PROPLUS_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001A-041B-1000-0000000FF1CE}_Office15.PROPLUS_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001B-041B-1000-0000000FF1CE}_Office15.PROPLUS_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}_Office15.PROPLUS_{1E8252A7-D489-4BB6-9694-93799FFD33ED}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUS_{DABB9E2A-F054-4F97-9EB2-6992316C6EC7}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{835E4BED-E265-4103-AE14-0B4C70CF3FE8}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-040E-1000-0000000FF1CE}_Office15.PROPLUS_{0BEA5B9F-ECCB-466F-8AD4-66A0DAD86A56}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}_Office15.PROPLUS_{4601BD00-BC9B-4CA2-940C-2552782C7347}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-002C-041B-1000-0000000FF1CE}_Office15.PROPLUS_{B0E9B602-008E-43F0-8485-08C53F76926B}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0044-041B-1000-0000000FF1CE}_Office15.PROPLUS_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-006E-041B-1000-0000000FF1CE}_Office15.PROPLUS_{462FD7CD-0F6D-41ED-929F-0AEC8F146E90}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0090-041B-1000-0000000FF1CE}_Office15.PROPLUS_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00A1-041B-1000-0000000FF1CE}_Office15.PROPLUS_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00BA-041B-1000-0000000FF1CE}_Office15.PROPLUS_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1931508C-C004-4983-81E3-70BE6252904B}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-041B-1000-0000000FF1CE}_Office15.PROPLUS_{6A703F65-EF3F-45FA-B14F-B74DE1A03B93}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E1-041B-1000-0000000FF1CE}_Office15.PROPLUS_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E2-041B-1000-0000000FF1CE}_Office15.PROPLUS_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-012B-041B-1000-0000000FF1CE}_Office15.PROPLUS_{E8986B3F-3E21-4638-91F1-CF5C516A2F8C}) (Version: - Microsoft) Hidden
Sigil 1.7.0 (HKLM\...\Sigil_is1) (Version: - Sigil-Ebook)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version: - Silicon Laboratories)
Skype verzia 8.77 (HKLM-x32\...\Skype_is1) (Version: 8.77 - Skype Technologies S.A.)
Tftpd64 Standalone Edition (remove only) (HKLM-x32\...\Tftpd64) (Version: - )
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-041B-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
USB Disk Storage Format Tool 6.0 (HKLM\...\USB Disk Storage Format Tool_is1) (Version: - Authorsoft Corporation)
Viber (HKLM-x32\...\{A18FA8E1-CAF5-4D58-BA09-181A857DEBF5}) (Version: 17.2.0.6 - Viber Media S.a.r.l) Hidden
Viber (HKLM-x32\...\{E5AA947D-110B-492B-A71B-DA111290BA87}) (Version: 9.9.6.53 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-3039921316-1115577554-865659492-1000\...\{c00b42e6-072e-4993-bd15-e6fd61f4ce4f}) (Version: 9.9.6.53 - Viber Media Inc.)
Viber (HKU\S-1-5-21-3039921316-1115577554-865659492-1004\...\{a9e33949-d412-4817-912f-0955a883fb69}) (Version: 17.2.0.6 - 2010-2022 Viber Media S.a.r.l)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WifiAutoInstall version 2.0.0.8 (HKLM\...\{BBADB2D6-0408-42D0-AAF8-B79D3E8B994C}_is1) (Version: 2.0.0.8 - Realtek, Inc.)
WinDjView 2.1 (HKLM\...\WinDjView) (Version: 2.1 - Andrew Zhezherun)
Windows Driver Package - Hewlett-Packard Image (07/18/2013 14.5.0.0) (HKLM\...\F3D3E4E684490F352AF1C95BA61D8B190155CAA0) (Version: 07/18/2013 14.5.0.0 - Hewlett-Packard)
XnView 2.46 (HKLM-x32\...\XnView_is1) (Version: 2.46 - Gougelet Pierre-e)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3039921316-1115577554-865659492-1000_Classes\CLSID\{182FB546-8596-4CEF-9CB5-E9505BF7F628}\InprocServer32 -> C:\Users\ibaka\AppData\Local\HHD Software\Free Hex Editor Neo\hhdhexneo.dll (HHD Software Ltd. -> HHD Software Ltd.)
CustomCLSID: HKU\S-1-5-21-3039921316-1115577554-865659492-1000_Classes\CLSID\{6DB27B2E-87AC-4354-927A-AD711A0ED77E}\InprocServer32 -> C:\Users\ibaka\AppData\Local\HHD Software\Free Hex Editor Neo\FileDocument.dll (HHD Software Ltd. -> HHD Software Ltd.)
CustomCLSID: HKU\S-1-5-21-3039921316-1115577554-865659492-1000_Classes\CLSID\{A244CEC5-DB63-4ED9-B0D7-A0527C064113}\InprocServer32 -> C:\Users\ibaka\AppData\Local\HHD Software\Free Hex Editor Neo\FileDocument.dll (HHD Software Ltd. -> HHD Software Ltd.)
CustomCLSID: HKU\S-1-5-21-3039921316-1115577554-865659492-1000_Classes\CLSID\{AE1514A4-5D7D-4D1B-BC7F-320E6962B0DD}\InprocServer32 -> C:\Users\ibaka\AppData\Local\HHD Software\Free Hex Editor Neo\FileDocument.dll (HHD Software Ltd. -> HHD Software Ltd.)
CustomCLSID: HKU\S-1-5-21-3039921316-1115577554-865659492-1000_Classes\CLSID\{B845012A-F05A-4EC8-816D-B033183B9CA5}\InprocServer32 -> C:\Users\ibaka\AppData\Local\HHD Software\Free Hex Editor Neo\hhdhexneo.dll (HHD Software Ltd. -> HHD Software Ltd.)
CustomCLSID: HKU\S-1-5-21-3039921316-1115577554-865659492-1000_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-3039921316-1115577554-865659492-1000_Classes\CLSID\{F101EB1B-09D9-34E0-6BF9-AE5640728C7C}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3039921316-1115577554-865659492-1000_Classes\CLSID\{F350F7C1-9F0E-4A97-8EEC-E690C7095BEF}\InprocServer32 -> C:\Users\ibaka\AppData\Local\HHD Software\Free Hex Editor Neo\PatchAPI\dll\x64\hexpatch64.dll () [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-09-01] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-09-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2021-11-16] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2019-12-04] (Notepad++ -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-09-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [FineReader12ContextMenu] -> {55344AC6-630B-430C-B292-C7BE21F90061} => C:\Program Files (x86)\ABBYY FineReader 12\FRIntegration.x64.dll [2016-10-18] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2022-09-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2022-09-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-09-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2021-11-16] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2022-09-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2013-11-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-09-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [FineReader12ContextMenu] -> {55344AC6-630B-430C-B292-C7BE21F90061} => C:\Program Files (x86)\ABBYY FineReader 12\FRIntegration.x64.dll [2016-10-18] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2013-11-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1_S-1-5-21-3039921316-1115577554-865659492-1000: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2018-11-17 11:05 - 2014-11-02 20:45 - 000029184 _____ () [File not signed] C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2022-06-15 18:00 - 2022-06-15 18:00 - 000094720 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\f:txt [2907]
AlternateDataStreams: C:\Users\Public\DRM:احتضان [48]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2018-03-14] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3039921316-1115577554-865659492-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ibaka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3039921316-1115577554-865659492-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\PTR\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^vpngui.exe.lnk => C:\Windows\pss\vpngui.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^ibaka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Odoslanie do programu OneNote.lnk => C:\Windows\pss\Odoslanie do programu OneNote.lnk.Startup
MSCONFIG\startupreg: Bonus.SSR.FR12 => "C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe" /autorun
MSCONFIG\startupreg: Opera Next => C:\Users\ibaka\AppData\Local\Programs\Opera beta\launcher.exe
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: Viber => "C:\Users\ibaka\AppData\Local\Viber\Viber.exe" StartMinimized

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{49F28994-0BDD-4312-897D-833814C7E82E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{80D9DA66-9E82-4E30-8B31-548FCE3D94BE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{4A85EA5C-7F48-4DA4-99F4-B253BA759FD7}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{B92AD813-93E5-4A07-9958-63A4966F1FBF}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{7CEE6144-6115-405C-B44B-0D465EE784DB}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{A65B5E9C-BDF2-4033-98E7-05CDD68B6426}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{731A87EE-1D0D-4221-AFA9-528C361A4B8B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1AD4384A-7144-4667-BA91-937EAC061723}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{80668A69-638F-4C2C-839B-92A344E76047}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EE03C3FB-54C5-497A-A1E5-329BE58BD23B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B31CD280-E052-4B91-9AC6-7E64FDA7C734}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{951FC210-981B-4EBA-A2FF-0C444BEB7B1A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8324A7CE-ED4A-4A69-8E87-FC6CB2383D2C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FB53A6CF-8247-45BF-9C18-D253EAEFF5F0}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{875D9766-919E-4F1E-A566-F1483A18B37A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7986AF5A-CF4C-482D-8A40-E0AA171D081C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4739B67E-E6AF-42A1-92F5-46CF9C970385}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B77C424F-1B53-4AE0-B6F7-B1D17E0A9F9C}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{59D1A5AD-68BC-400E-B81C-A8A340F06248}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{91B31C68-5D44-4B58-B16D-4912E27A7A47}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{733002E7-0967-42E1-B0B9-671C9F3EBA68}] => (Block) C:\Program Files (x86)\ABBYY FineReader 12\FineReader.exe (ABBYY Production LLC -> ABBYY Production LLC.)
FirewallRules: [{C001CBBD-ACD1-4CB0-A837-70BEBDA838F2}] => (Block) C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe (ABBYY Production LLC -> ABBYY Production LLC)
FirewallRules: [{FE3DAC36-EF4D-41DE-B7C2-FE9517F3D8A4}] => (Block) C:\Program Files (x86)\ABBYY FineReader 12\Registrator.exe (ABBYY Production LLC -> ABBYY Production LLC.)
FirewallRules: [{BEF5E9B5-DB7B-4C3E-BC87-6C37CF6EBC68}] => (Block) C:\Program Files (x86)\ABBYY FineReader 12\UpdateInstaller.exe (ABBYY Production LLC -> ABBYY Production LLC.)
FirewallRules: [{4D7F1D4A-7AEC-46F7-956A-1A0514DBBC39}] => (Block) C:\Program Files (x86)\ABBYY FineReader 12\TrigrammsInstaller.exe (ABBYY Production LLC -> ABBYY Production LLC.)
FirewallRules: [{32F808AA-18A7-4868-8923-DFFBF6506C20}] => (Block) C:\Program Files (x86)\ABBYY FineReader 12\FineReader.exe (ABBYY Production LLC -> ABBYY Production LLC.)
FirewallRules: [{FFA56227-26E8-4B56-BFEB-79F1B378FAD3}] => (Block) C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe (ABBYY Production LLC -> ABBYY Production LLC)
FirewallRules: [{C997C018-9B98-48C3-A2B9-A22727190341}] => (Block) C:\Program Files (x86)\ABBYY FineReader 12\TrigrammsInstaller.exe (ABBYY Production LLC -> ABBYY Production LLC.)
FirewallRules: [{EFB9B01A-755C-47D0-AD40-6DF7B8E63CA4}] => (Block) C:\Program Files (x86)\ABBYY FineReader 12\UpdateInstaller.exe (ABBYY Production LLC -> ABBYY Production LLC.)
FirewallRules: [{96721AC5-95D1-4600-97C7-3F43CE7A0158}] => (Block) C:\Program Files (x86)\ABBYY FineReader 12\Registrator.exe (ABBYY Production LLC -> ABBYY Production LLC.)
FirewallRules: [{5E7F4B7E-072B-4EC9-8E22-048D83A04647}] => (Block) C:\Program Files (x86)\ABBYY FineReader 12\UpdateInstaller.exe (ABBYY Production LLC -> ABBYY Production LLC.)
FirewallRules: [{63C9D23C-B62D-4D8B-9EE7-3D460F58F1C8}] => (Allow) C:\Users\ibaka\AppData\Local\Programs\Opera beta\96.0.4693.12\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{A2E24D74-DD24-49F3-95C2-063C0F12955C}] => (Allow) C:\Users\ibaka\AppData\Local\Programs\Opera beta\95.0.4635.28_0\opera.exe (Opera Norway AS -> Opera Software)

==================== Restore Points =========================

02-08-2023 17:13:46 Plánovaný kontrolný bod
12-08-2023 08:47:39 Windows Update
27-08-2023 18:49:03 Plánovaný kontrolný bod
01-09-2023 08:46:51 Removed SD Card Formatter.
01-09-2023 10:40:26 Removed Cisco Systems VPN Client 5.0.07.0440

==================== Faulty Device Manager Devices ============

Name: aswRvrt
Description: aswRvrt
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: aswRvrt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: aswVmm
Description: aswVmm
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: aswVmm
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Atheros AR928X Wireless Network Adapter
Description: Atheros AR928X Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (09/01/2023 12:52:42 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/01/2023 12:52:42 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/01/2023 12:52:42 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (09/01/2023 10:43:06 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: ibaka-ntb)
Description: Application or service 'Cisco Systems, Inc. VPN Service' could not be restarted.

Error: (09/01/2023 10:36:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: malwarebytes_assistant.exe, verzia: 4.0.0.1647, časová značka: 0x64df853d
Názov chybového modulu: ucrtbase.DLL, verzia: 10.0.17763.132, časová značka: 0x309241e0
Kód výnimky: 0x40000015
Odstup chyby: 0x000000000006f09f
Identifikácia chybného procesu: 0x154c
Čas spustenia chybnej aplikácie: 0x01d9dcaf6b600d0a
Cesta chybnej aplikácie: C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe
Cesta chybného modulu: C:\Program Files\Malwarebytes\Anti-Malware\ucrtbase.DLL
Identifikácia hlásenia: b19b93c7-48a2-11ee-9155-00248ccdf8bd

Error: (09/01/2023 10:36:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: malwarebytes_assistant.exe, verzia: 4.0.0.1647, časová značka: 0x64df853d
Názov chybového modulu: ucrtbase.DLL, verzia: 10.0.17763.132, časová značka: 0x309241e0
Kód výnimky: 0x40000015
Odstup chyby: 0x000000000006f09f
Identifikácia chybného procesu: 0x19a0
Čas spustenia chybnej aplikácie: 0x01d9dcaf6d41ece2
Cesta chybnej aplikácie: C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe
Cesta chybného modulu: C:\Program Files\Malwarebytes\Anti-Malware\ucrtbase.DLL
Identifikácia hlásenia: b1542a7e-48a2-11ee-9155-00248ccdf8bd

Error: (09/01/2023 09:30:09 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/01/2023 09:30:09 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.


System errors:
=============
Error: (09/01/2023 12:52:33 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (09/01/2023 12:52:33 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server:
{F087771F-D74F-4C1A-BB8A-E16ACA9124EA}

Error: (09/01/2023 12:52:33 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server:
{6D18AD12-BDE3-4393-B311-099C346E6DF9}

Error: (09/01/2023 12:52:33 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server:
{03CA98D6-FF5D-49B8-ABC6-03DD84127020}

Error: (09/01/2023 12:52:33 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server:
{659CDEA7-489E-11D9-A9CD-000D56965251}

Error: (09/01/2023 12:52:33 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server:
{BB6DF56B-CACE-11DC-9992-0019B93A3A84}

Error: (09/01/2023 12:51:20 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service VSS with arguments "" in order to run the server:
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (09/01/2023 12:50:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby Network Location Awareness, od ktorej závisí služba Network List Service, zlyhalo kvôli nasledujúcej chybe:
Závislú službu alebo skupinu sa nepodarilo spustiť.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 202 02/25/2009
Motherboard: ASUSTeK Computer Inc. X58LE
Processor: Intel(R) Core(TM)2 Duo CPU T5850 @ 2.16GHz
Percentage of memory in use: 54%
Total physical RAM: 3063.24 MB
Available physical RAM: 1395.21 MB
Total Virtual: 6124.63 MB
Available Virtual: 4508.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:953.77 GB) (Free:396.24 GB) (Model: Apacer AS350 1TB ATA Device) NTFS
Drive e: (RED) (Removable) (Total:31.99 GB) (Free:31.99 GB) FAT32

\\?\Volume{d5f69723-e8bb-11e8-b151-806e6f6e6963}\ (Vyhradené systémom) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 953.9 GB) (Disk ID: EE14EA8D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=953.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 117.2 GB) (Disk ID: 56AF106E)
Partition 1: (Active) - (Size=32 GB) - (Type=FAT32)

==================== End of Addition.txt =======================

[JaRon]

Processor: Intel(R) Core(TM)2 Duo CPU T5850 @ 2.16GHz
Percentage of memory in use: 54%
Total physical RAM: 3063.24 MB
Od tohto HW nemozes vela ocakavat
Mozes rozsirit RAM, skontrolovat ovladace - ziadne otazniky a vykricniky

[peco]

Ovládače sú OK. RAM max 3GB podľa dosky.

[JaRon]

Tak to asi uz len na dozitie …
Skontroluj velkost adresara plocha - doporucujem max. 500MB
Vycisti registre s Ccleanerom
Odinstaluj MBAM prip. skusobne aj Avast + vsetko nepotrebne
Ale slaby procesor, malo pamate - zazraky necakaj

[peco]

Všetko sú to pekné rady.
Registre som prečistil aj rezíduá po iných aplikáciách.
Ten NtB donedávna behal svižne. Dal som doň začiatkom roka SSD a svižnosť bola evidentná. Výkon na náročnejšie aplikáci nemá, ale na intrenet a office má. Lenže asi dva-tri posledné mesiace je spomalený. Po štarte sa mi spúšťa Opera aj keď som ju vždy zo startupu vyhodil. Na bežnú prácu je to dobrý NtB. Asi urobím reinštaláciu windows. Ja tým logom nerozumiem, preto žiadam o kontrolu tu. Na jar som žiadal o kontrolu ešte staršieho desktopu a nebol problém. Ale vďaka.

PS: Spúšťanie Opery som vypol v jej nastaveniach.

[JaRon]

OK