Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-01-2022 01
Ran by Bludky (10-01-2022 20:27:21)
Running from C:\Users\42072\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1415 (X64) (2020-12-03 21:13:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3456692171-1342812710-3318875897-500 - Administrator - Disabled)
Bludky (S-1-5-21-3456692171-1342812710-3318875897-1001 - Administrator - Enabled) => C:\Users\42072
DefaultAccount (S-1-5-21-3456692171-1342812710-3318875897-503 - Limited - Disabled)
Guest (S-1-5-21-3456692171-1342812710-3318875897-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3456692171-1342812710-3318875897-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.11.2500 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 96.1.13589.111 - Autoři prohlížeče Avast Secure Browser)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.14.5878.3406 - Avast Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Booking (HKLM-x32\...\{13D4CD54-EA09-4FDB-B979-8B2BC0F020CA}_is1) (Version: 2.0.701 - Booking)
CCleaner (HKLM\...\CCleaner) (Version: 5.78 - Piriform)
EA Desktop (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.0.100.4941 - Electronic Arts) Hidden
EA Desktop (HKLM-x32\...\{9d365a2c-801c-4d99-a902-f17f2dc03510}) (Version: 12.0.100.4941 - Electronic Arts)
EA Download Manager (HKLM-x32\...\EADM) (Version: 5.0.0.255 - Electronic Arts, Inc.)
Ekura (HKLM-x32\...\Sindicate Ekura) (Version: 12.159.10674 - Sindicate)
GIMP 2.10.18 (HKU\S-1-5-21-3456692171-1342812710-3318875897-1001\...\GIMP-2_is1) (Version: 2.10.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.110 - Google LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5107 - Intel Corporation)
Kolekce The Sims™ 3 Moje městečko (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
Kolekce The Sims™ 3 Zahradní mejdan (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.14701.20262 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.55 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 97.0.1072.55 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3456692171-1342812710-3318875897-1001\...\OneDriveSetup.exe) (Version: 21.230.1107.0004 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3456692171-1342812710-3318875897-1001\...\Teams) (Version: 1.4.00.32771 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29325 (HKLM-x32\...\{d7a6435f-ac9a-4af6-8fdc-ca130d13fac9}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 81.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 81.0.2 (x64 cs)) (Version: 81.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.0.2 - Mozilla)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.35.9.0 - TEFINCOM S.A.)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{BD0E4F38-D3F6-452D-A32E-B14D721839AC}) (Version: 1.0.1 - NordVPN)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.101.48500 - Electronic Arts, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8564 - Realtek Semiconductor Corp.)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.2781 - Microsoft Corporation)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 3 Cestovní horečka (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 World Adventures) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Diesel Kolekce (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
The Sims™ 3 Do Budoucnosti (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims™ 3 Domácí mazlíčci (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Hrátky osudu (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Luxusní bydlení – Kolekce (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
The Sims™ 3 Obludárium (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Povolání snů (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims™ 3 Roční období (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Seasons) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Showtime (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Showtime) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Studentský život (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 University Life) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Tropický ráj (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Island Paradise) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Po setmění (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.659 - McAfee, LLC)
WhatsApp (HKU\S-1-5-21-3456692171-1342812710-3318875897-1001\...\WhatsApp) (Version: 2.2029.4 - WhatsApp)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.12.41.0_x86__kgqvnymyfvs32 [2021-12-08] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.71.3.0_x86__kgqvnymyfvs32 [2021-12-27] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-07-27] (Microsoft Corporation)
Hotspot Shield Free VPN -> C:\Program Files\WindowsApps\6F71D7A7.HotspotShieldFreeVPN_2.10.5.0_x64__nsbqstbb9qxb6 [2021-09-25] (Pango Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa [2021-11-28] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12030.0_x64__8wekyb3d8bbwe [2021-12-12] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.18.203.0_x64__8wekyb3d8bbwe [2021-12-12] (Microsoft Studios)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0 [2022-01-08] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3456692171-1342812710-3318875897-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\42072\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21264.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-30] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2020-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-30] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\42072\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2011-11-10 14:22 - 2011-11-10 14:22 - 000083456 _____ () [File not signed] C:\Program Files (x86)\Ekura\miles\mssa3d.m3d
2011-11-10 14:22 - 2011-11-10 14:22 - 000070656 _____ () [File not signed] C:\Program Files (x86)\Ekura\miles\mssds3d.m3d
2011-11-10 14:22 - 2011-11-10 14:22 - 000093696 _____ () [File not signed] C:\Program Files (x86)\Ekura\miles\mssdsp.flt
2011-11-10 14:22 - 2011-11-10 14:22 - 000080896 _____ () [File not signed] C:\Program Files (x86)\Ekura\miles\mssdx7.m3d
2011-11-10 14:22 - 2011-11-10 14:22 - 000103424 _____ () [File not signed] C:\Program Files (x86)\Ekura\miles\msseax.m3d
2011-11-10 14:22 - 2011-11-10 14:22 - 000125952 _____ () [File not signed] C:\Program Files (x86)\Ekura\miles\mssmp3.asi
2011-11-10 14:22 - 2011-11-10 14:22 - 000354816 _____ () [File not signed] C:\Program Files (x86)\Ekura\miles\mssrsx.m3d
2011-11-10 14:22 - 2011-11-10 14:22 - 000067072 _____ () [File not signed] C:\Program Files (x86)\Ekura\miles\msssoft.m3d
2011-11-10 14:22 - 2011-11-10 14:22 - 000197120 _____ () [File not signed] C:\Program Files (x86)\Ekura\miles\mssvoice.asi
2015-08-22 19:22 - 2015-08-22 19:22 - 000349696 _____ () [File not signed] C:\Program Files (x86)\Ekura\mss32.dll
2015-08-22 19:22 - 2015-08-22 19:22 - 001806336 _____ () [File not signed] C:\Program Files (x86)\Ekura\SpeedTreeRT.dll
2015-08-22 19:22 - 2015-08-22 19:22 - 000269312 _____ (Abysmal Software) [File not signed] C:\Program Files (x86)\Ekura\DevIL.dll
2020-03-16 11:52 - 2020-03-16 11:52 - 001743360 ____T (bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\bookingDesktopApppdate.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3456692171-1342812710-3318875897-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-12-27] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-12-27] (McAfee, LLC -> McAfee, LLC)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3456692171-1342812710-3318875897-1001\...\sharepoint.com -> hxxps://mailssosfm-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2021-12-27 16:16 - 2022-01-03 04:11 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3456692171-1342812710-3318875897-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.1.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled) 
SecureLine TAP: NordVPN LightWeight Firewall -> NordLwf (enabled) 
Wi-Fi: NordVPN LightWeight Firewall -> NordLwf (enabled) 
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled) 

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A48BB67C-293B-4D3A-A524-F07B2123DA02}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BBA25181-5AB9-41BB-A64F-4E0B64731F9E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{878BA7F5-0A03-4C21-B48B-53A384532269}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe (Electronic Arts) [File not signed]
FirewallRules: [TCP Query User{109B0D27-7FEE-432D-B807-D5684559545E}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe (Electronic Arts) [File not signed]
FirewallRules: [{741CB77B-2BA9-435D-BF1C-C7F56C466861}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{80D53345-2891-4FA8-80B8-9F3D2DAF6FFA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{0A2445D9-35E2-49BE-9C1F-74BED7C970C7}C:\users\42072\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\42072\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{237184B1-C412-4000-9873-18D362921608}C:\users\42072\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\42072\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{550CCD36-6FC3-48D0-A3FD-C69FF9A404C7}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{86B6100F-61C4-4BDB-9940-94C8C5BC62C8}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D2366C1F-8A34-40C1-8465-CDC560522AB8}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B8AB1BFB-3956-415C-88F3-8C7489BB5947}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{ADD0A723-02D2-4650-AB39-6B640624DBDC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{099CCAD6-FB3A-4B88-ABF1-D4488968583D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8E1D1C64-5C47-422C-85C8-E6A54A164156}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{807AFCD7-07A5-4086-AF9B-856D6C91A447}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{39F9DD3E-5DD3-479F-8C8C-8440054B376B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{44C874B0-9116-407A-821E-51CFDA990379}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{125DB37D-760A-450E-BA42-3DE411C6538F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{84F2CE23-78A0-43B8-943D-6E6F7F222A4E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0AFBEF05-1255-4DCC-A00E-BD71B97D8561}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{92618697-56C0-418C-89CC-64A02877591F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1BCACC4F-44B1-401F-9094-BF1AB49B2090}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8255EB72-8EFA-48FB-8F72-E57E18E2467E}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{1AD3BF3E-01F4-4705-9CB8-EFC9F75ED855}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{EA145AC0-134D-4AF3-9464-0548B49F3B14}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DE32CC5C-3485-4986-A2C3-B0B7F0B4EB63}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{931727DC-20A6-4376-BC20-91BF65D3BC60}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{85A1AAA5-069F-4D6A-86EC-3A0C191591E8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4284F311-BC16-47D5-8FE8-69CEF21F0366}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{2F9614F6-6D96-486D-929A-AA1A76E8198C}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{46B496B8-3F15-4CA6-9585-A087C6D5289F}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{33FDC4F8-FFD7-4DEE-90F3-51BCFC4E7896}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{99992C26-38BE-428A-9568-6C8B0F18F374}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4E9AF488-1C6E-467A-97D5-89DFA880D318}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B31B6FC8-7EAC-4ED7-ADE6-8264382FDE8D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E848CF1E-3EB9-4493-89AA-05847B9D43C8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3FEE7B61-3C8A-4BA0-BE94-0F409D712EF7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5BDD1C1A-0F34-4657-BB0C-37F084BD4176}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{14431C19-E373-4DC4-A466-5D50EFC64662}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{63A8AC5C-F990-4D36-8737-D6CE84FD401A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3F7D77C4-597D-4B8B-8F7A-85FD7FD3E192}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\97.0.1072.55\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

08-12-2021 16:48:29 Naplánovaný kontrolní bod
28-12-2021 09:04:42 Naplánovaný kontrolní bod
29-12-2021 17:01:31 Instalační služba modulů systému Windows
29-12-2021 17:10:53 Instalační služba modulů systému Windows
06-01-2022 11:06:11 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/10/2022 02:06:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.1415 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 17a4

Čas spuštění: 01d8054967892043

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: c471b24f-61aa-4487-8770-83fb6c613d40

Úplný název balíčku s chybou: 

ID aplikace relativní podle balíčku s chybou: 

Typ zablokování: Unknown

Error: (01/09/2022 12:10:31 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostw (4124,G,0) Pokus o otevření souboru C:\Users\42072\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat jen pro čtení selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (01/09/2022 11:40:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Origin.exe, verze: 10.5.101.48500, časové razítko: 0x60d25674
Název chybujícího modulu: msxml3.dll_unloaded, verze: 8.110.19041.844, časové razítko: 0x831bff0e
Kód výjimky: 0xc0000005
Posun chyby: 0x000c50a4
ID chybujícího procesu: 0x2f88
Čas spuštění chybující aplikace: 0x01d805453d48f526
Cesta k chybující aplikaci: C:\Program Files (x86)\Origin\Origin.exe
Cesta k chybujícímu modulu: msxml3.dll
ID zprávy: f518a4d7-7379-4e00-a2fd-0bd2b6c3dfb6
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (01/09/2022 11:40:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Origin.exe, verze: 10.5.101.48500, časové razítko: 0x60d25674
Název chybujícího modulu: MSVCR120.dll_unloaded, verze: 12.0.21005.1, časové razítko: 0x524f7ce6
Kód výjimky: 0xc00001a5
Posun chyby: 0x0001a0d5
ID chybujícího procesu: 0x2f88
Čas spuštění chybující aplikace: 0x01d805453d48f526
Cesta k chybující aplikaci: C:\Program Files (x86)\Origin\Origin.exe
Cesta k chybujícímu modulu: MSVCR120.dll
ID zprávy: e89f4ff1-be34-4c36-89e8-489f8f78936c
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (01/08/2022 02:03:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Origin.exe, verze: 10.5.101.48500, časové razítko: 0x60d25674
Název chybujícího modulu: libcurl.dll, verze: 7.59.0.0, časové razítko: 0x5ab4389f
Kód výjimky: 0xc0000409
Posun chyby: 0x000520ac
ID chybujícího procesu: 0x2d74
Čas spuštění chybující aplikace: 0x01d80490059eda48
Cesta k chybující aplikaci: C:\Program Files (x86)\Origin\Origin.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Origin\libcurl.dll
ID zprávy: 8dfa2b55-a85d-4af4-ab8c-f2b939115ef7
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (01/04/2022 12:47:30 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (01/04/2022 12:47:30 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/03/2022 04:13:35 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={9CAB0EDA-FF9A-0003-4B14-B09C9AFFD701}: The user DESKTOP-104HI1H\Bludky dialed a connection named rakytnik which has failed. The error code returned on failure is 868.


System errors:
=============
Error: (01/10/2022 08:41:30 AM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (01/09/2022 12:14:54 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-104HI1H)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě: 
2147942767
při provádění příkazu: 
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (01/09/2022 12:10:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Origin Web Helper Service neuspěla při spuštění v důsledku následující chyby: 
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/09/2022 12:10:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Origin Web Helper Service bylo dosaženo časového limitu (45000 ms).

Error: (01/09/2022 12:10:12 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby avast! Tools bylo dosaženo časového limitu (30000 ms).

Error: (01/09/2022 12:10:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba EABackgroundService neuspěla při spuštění v důsledku následující chyby: 
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/09/2022 12:10:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby EABackgroundService bylo dosaženo časového limitu (45000 ms).

Error: (01/09/2022 12:09:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba luminati_net_updater_win_hola_org neuspěla při spuštění v důsledku následující chyby: 
Systém nemůže nalézt uvedený soubor.


CodeIntegrity:
===============
Date: 2022-01-10 14:06:20
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2022-01-10 06:10:08
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info =========================== 

BIOS: American Megatrends Inc. X540LJ.301 11/01/2016
Motherboard: ASUSTeK COMPUTER INC. X540LJ
Processor: Intel(R) Core(TM) i3-5005U CPU @ 2.00GHz
Percentage of memory in use: 74%
Total physical RAM: 8093.14 MB
Available physical RAM: 2074.22 MB
Total Virtual: 10397.14 MB
Available Virtual: 2125.19 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.5 GB) (Free:332.16 GB) NTFS
Drive d: (Sims3EP11) (CDROM) (Total:6.15 GB) (Free:0 GB) UDF

\\?\Volume{6737b43b-5f03-4ef5-8d45-124bae0d084a}\ () (Fixed) (Total:0.52 GB) (Free:0.04 GB) NTFS
\\?\Volume{dfc6af09-ccb5-4751-8c39-0b14886f3aa3}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 447.1 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================