Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-03-2022
Ran by Roman (01-04-2022 20:03:32)
Running from C:\Users\Roman\Desktop
Microsoft Windows 10 Pro Version 21H1 19043.1586 (X64) (2020-11-06 21:30:02)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-128406778-2638418637-827040753-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-128406778-2638418637-827040753-503 - Limited - Disabled)
Guest (S-1-5-21-128406778-2638418637-827040753-501 - Limited - Disabled)
Roman (S-1-5-21-128406778-2638418637-827040753-1001 - Administrator - Enabled) => C:\Users\Roman
WDAGUtilityAccount (S-1-5-21-128406778-2638418637-827040753-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Airfix Dogfighter version 1.2 (HKLM-x32\...\{A0118755-2F68-473A-9842-4B8D87E1E228}_is1) (Version: 1.2 - vol1)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version:  - Microsoft)
Apple Mobile Device Support (HKLM\...\{82C2A7D9-6BFC-4BED-9EF9-C49780F02C3E}) (Version: 15.5.0.16 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Ashampoo Burning Studio 20 (HKLM-x32\...\{91B33C97-155F-C10C-D4D6-CABA03805EE4}_is1) (Version: 20.0.4 - Ashampoo GmbH & Co. KG)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
Audacity 3.0.2 (HKLM-x32\...\Audacity_is1) (Version: 3.0.2 - Audacity Team)
Audio Record Wizard (HKLM-x32\...\Audio Record Wizard) (Version: 6.9 - NowSmart)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 22.2.6003 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 99.0.15283.83 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canyon CND-SGM14RGB Gaming Mouse (HKLM-x32\...\{373BE5DA-63B5-44D6-A61D-6AA6EDDABB5C}_is1) (Version: 1.0.4 - Canyon)
CCleaner (HKLM\...\CCleaner) (Version: 5.91 - Piriform)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
iCloud Outlook (HKLM\...\{F054257C-600A-4918-B730-F6829E491781}) (Version: 13.0.0.201 - Apple Inc.)
iTunes (HKLM\...\{7FC61561-1F27-47A6-9364-9F9E7EC5D8C4}) (Version: 12.12.3.5 - Apple Inc.)
Java 8 Update 271 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
K-Lite Codec Pack 16.5.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 16.5.0 - KLCP)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 99.0.1150.55 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-128406778-2638418637-827040753-1001\...\OneDriveSetup.exe) (Version: 22.045.0227.0004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{5016990D-7F61-4A20-9451-A915D6616DD9}) (Version: 3.66.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Opera Mail 1.0 (HKLM-x32\...\Opera 1.0.1040) (Version: 1.0.1040 - Opera Software ASA)
Opera Mail verze 1.5 (HKLM-x32\...\Opera Mail_is1) (Version: 1.5 - )
Opera Stable 84.0.4316.42 (HKU\S-1-5-21-128406778-2638418637-827040753-1001\...\Opera 84.0.4316.42) (Version: 84.0.4316.42 - Opera Software)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.322.10 - Tracker Software Products Ltd)
PDF-XChange Editor (HKLM\...\{D7DBC941-C042-4276-93C9-A91B373AF0D8}) (Version: 9.0.351.0 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{604944cd-f303-4436-bc7b-7a538b64c872}) (Version: 9.0.351.0 - Tracker Software Products (Canada) Ltd.)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
Popisovač CD/DVD 4.2 (HKLM-x32\...\Popisovač CD/DVD_is1) (Version:  - PS Media s.r.o.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller Pro 4.2.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.2.3 - VS Revo Group, Ltd.)
Samsung Diagnostika tiskárny Samsung (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.4.29 - HP Printing Korea Co., Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 2.02.53 (30.05.2018) - HP Printing Korea Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 2.00.01.24 - HP Printing Korea Co., Ltd.)
Samsung OCR Software (HKLM-x32\...\Samsung OCR Software) (Version: 1.01.18 (31.05.2018) - HP Printing Korea Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.32 - Samsung Electronics Co., Ltd.) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 9.0 - Ghisler Software GmbH)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.93 - Samsung Electronics CO., LTD.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Vypínač na dobrou noc verze 2.0 (HKLM-x32\...\Vypínač na dobrou noc_is1) (Version:  - )
Wave Editor 3.8.0.0 (HKLM-x32\...\Wave Editor_is1) (Version: 3.8.0.0 - AbyssMedia.com)
WhereIsIt? 2010 (HKLM-x32\...\whereisit-wii_is1) (Version: 2010 - Robert Galle)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Zoner Photo Studio X CS (HKU\S-1-5-21-128406778-2638418637-827040753-1001\...\ZPS X) (Version: 19.1909.2.198 - ZONER software)

Packages:
=========
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.214.500.0_x64__kgqvnymyfvs32 [2022-03-25] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-05] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_13.0.201.0_x86__nzyj5cx40ttqa [2021-12-20] (Apple Inc.) [Startup Task]
MDF to ISO -> C:\Program Files\WindowsApps\41568RaffaeleZippo.MDFtoISO_1.1.6.0_x64__5stwkxsyacxat [2020-10-19] (Raffaele Zippo) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-10-31] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-10-31] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-03-25] (Microsoft Studios) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2019-10-30] (Samsung Electronics Co. Ltd.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-03-24] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-03-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-03-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2021-01-21] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-03-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-06-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-03-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-11-02 11:14 - 2010-08-23 04:17 - 000662016 ____R () [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2020-04-08 07:30 - 2013-12-04 11:57 - 000870912 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
2020-04-08 07:29 - 2011-07-12 19:14 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2020-04-08 07:29 - 2012-10-08 17:07 - 000972288 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2020-04-08 07:30 - 2013-05-08 16:22 - 001040896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
2020-04-08 07:30 - 2013-10-18 18:04 - 005777616 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzULIB.dll
2020-04-08 07:30 - 2013-05-08 16:22 - 000208896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\ImageHelper.dll
2020-04-08 07:29 - 2010-10-05 08:22 - 000208896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2020-04-08 07:30 - 2012-06-19 12:56 - 001305600 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2020-04-08 07:30 - 2013-06-24 15:59 - 001173504 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
2020-04-08 07:29 - 2010-10-05 08:22 - 000253952 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2020-04-08 07:31 - 2012-07-20 09:39 - 001047040 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2020-04-08 07:31 - 2012-05-02 18:04 - 000233472 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\AudioProjection.dll
2020-04-08 07:31 - 2013-06-11 12:06 - 000425984 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\awiscale.DLL
2020-04-08 07:31 - 2010-12-14 17:46 - 000067584 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\CoreAudioCap.dll
2020-04-08 07:31 - 2013-08-05 11:14 - 000176128 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\DLCapPP.dll
2020-04-08 07:31 - 2010-10-29 18:58 - 000221184 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\JpegCD.DLL
2020-04-08 07:31 - 2012-04-25 14:47 - 000659456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\PhoneCtrlAPI.dll
2020-04-08 07:31 - 2012-01-12 16:44 - 000475136 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFiGO_HookKey.dll
2020-04-08 07:31 - 2013-03-21 19:38 - 000716800 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiMoveHelp.dll
2020-04-08 07:31 - 2013-08-06 20:04 - 002502656 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\xH264E.DLL
2020-04-08 07:31 - 2013-06-24 17:48 - 002055168 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\WiFiGO.dll
2020-04-08 07:29 - 2012-05-28 21:27 - 001622528 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2020-04-08 07:29 - 2009-08-12 20:15 - 000253952 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2020-04-08 07:29 - 2013-04-15 14:19 - 000883712 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2020-04-08 07:29 - 2011-09-19 20:18 - 001243136 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2020-04-08 07:29 - 2011-07-21 09:06 - 000846848 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2020-04-08 07:29 - 2012-08-29 18:09 - 000875520 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2020-04-08 07:32 - 2013-08-19 18:23 - 000043520 ____N () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2020-04-08 07:32 - 2013-08-19 17:21 - 000253952 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2020-04-08 07:32 - 2012-01-19 09:39 - 000028672 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\PEInfo.dll
2019-11-02 11:14 - 2010-06-29 04:58 - 000104448 ____N () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2019-11-02 11:14 - 2022-04-01 19:59 - 000033792 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2020-04-08 07:31 - 2013-06-13 17:37 - 000156160 _____ () [File not signed] C:\Program Files (x86)\InstallShield Installation Information\{104BE4B8-D1DB-4170-977B-364960893DC8}\CloudAPI\CloudAPI.dll
2019-11-02 11:14 - 2010-08-09 15:33 - 000108544 ____R (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\ASACPI.DLL
2020-04-08 07:29 - 2010-08-09 21:33 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AsAcpi.dll
2020-04-08 07:30 - 2012-05-03 12:17 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\asacpi.dll
2020-04-08 07:32 - 2013-08-19 17:21 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\ASACPI.DLL
2020-04-08 07:30 - 2010-10-26 19:54 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsAcpi.dll
2019-11-02 11:14 - 2010-08-12 01:52 - 000677376 ____R (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.20\asacpiEx.dll
2020-04-08 07:29 - 2010-08-12 07:52 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\asacpiEx.dll
2020-04-08 07:29 - 2010-10-05 08:22 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\AsMultiLang.dll
2020-04-08 07:30 - 2013-01-15 10:52 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\AsMultiLang.dll
2020-04-08 07:30 - 2013-01-15 10:52 - 001086464 _____ (ASUSTek Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
2020-04-08 07:29 - 2010-09-08 21:25 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\AsMultiLang.dll
2020-04-08 07:29 - 2013-08-26 14:00 - 001016320 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Cpu Frequency\CpuFrequency.dll
2020-04-08 07:30 - 2012-05-03 12:17 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\asacpiEx.dll
2020-04-08 07:30 - 2012-05-03 12:17 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\AsMultiLang.dll
2020-04-08 07:30 - 2012-05-03 12:21 - 001831424 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPU.dll
2020-04-08 07:30 - 2012-11-12 14:56 - 001095680 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\FAN Xpert\FANXpert.dll
2020-04-08 07:30 - 2013-02-07 14:24 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\AsMultiLang.dll
2020-04-08 07:31 - 2013-08-26 09:37 - 000628736 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\DLNAHelper.dll
2020-04-08 07:31 - 2013-08-26 09:37 - 000217600 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\MPListProcess.dll
2020-04-08 07:31 - 2013-08-26 09:37 - 000173056 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\UPnPXMLParse.dll
2020-04-08 07:29 - 2010-03-08 17:11 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AsMultiLang.dll
2020-04-08 07:29 - 2010-03-08 17:11 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Splitter\AsMultiLang.dll
2020-04-08 07:31 - 2012-12-25 11:55 - 001236992 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\System Information\SystemInfo.dll
2020-04-08 07:29 - 2010-03-08 17:11 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\AsMultiLang.dll
2020-04-08 07:32 - 2013-08-19 17:21 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\asacpiEx.dll
2020-04-08 07:32 - 2013-08-19 17:21 - 001876992 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\IccHelper_old.dll
2020-04-08 07:32 - 2013-08-19 17:21 - 001643008 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVEVO.dll
2020-04-08 07:32 - 2010-03-08 17:11 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\AsMultiLang.dll
2020-04-08 07:32 - 2014-02-17 15:03 - 000886272 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\Express.dll
2020-04-08 07:32 - 2010-03-08 17:11 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsMultiLang.dll
2020-04-08 07:32 - 2013-02-22 14:44 - 000999936 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\BIOSFLK.dll
2020-04-08 07:30 - 2012-03-21 19:41 - 000677376 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\asacpiEx.dll
2020-04-08 07:31 - 2012-12-28 18:25 - 001994752 _____ (Awind Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\AWTouchInjection.DLL
2020-04-08 07:31 - 2013-07-12 13:03 - 000552960 _____ (AWIND Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\MirrorOpSender.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_271\bin\ssv.dll [2020-10-25] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-10-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2021-03-24 12:17 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-128406778-2638418637-827040753-1001\Control Panel\Desktop\\Wallpaper -> c:\users\roman\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\p1050492aa.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: WinpkFilter LightWeight Filter -> nt_ndisrd (enabled) 

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "CDAServer"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "Sovos"
HKU\S-1-5-21-128406778-2638418637-827040753-1001\...\StartupApproved\Run: => "STUISpeedLauncher"
HKU\S-1-5-21-128406778-2638418637-827040753-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-128406778-2638418637-827040753-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3B47F75B-9021-4125-AD31-8792716E48C5}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{716696C2-47A9-4703-B6B1-3FA851A265EA}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{F922BCC6-B922-4E9A-9A11-69879D15500A}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{A98133A0-9367-4943-9DB3-5162323BFD98}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{D51EF286-818B-4F7F-AED0-7FF824C35D0D}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{A4D5ED57-DDC2-4B98-A18C-D2DF0E4BBC9C}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{D57934A0-1B75-46FA-9A3C-D02A7CB74A9B}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (HP Inc. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{399F0E3D-BFB0-4DE8-B311-EFE32604B2BE}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{1B153E04-6349-4C4C-95DD-0064AE07B536}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{EFBF38A8-A876-44CA-A7F8-5E6776306741}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{22384EB3-F056-437C-8B95-E7FE29413EE4}] => (Allow) C:\Program Files (x86)\Opera Mail\operamail.exe (Opera Software ASA -> Opera Software)
FirewallRules: [{5597B53E-9D59-42BB-9ADE-F7A7C48B4340}] => (Allow) C:\Program Files (x86)\Opera Mail\operamail.exe (Opera Software ASA -> Opera Software)
FirewallRules: [{0BF84F71-30F8-47DE-AFF8-9A1C5E3A7DDC}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{19E2341E-9365-4671-AA86-972911485DFA}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [TCP Query User{58478584-EF46-4145-A7E2-0E916804DF76}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Block) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe (HP Inc. -> )
FirewallRules: [UDP Query User{76523C7B-27B5-4740-88E7-13728B73369A}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Block) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe (HP Inc. -> )
FirewallRules: [{AB434FF7-36A6-4DE4-A080-06877D1DEA54}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{FC9CD2B3-A97F-4F3B-B153-CB00028BF1C4}] => (Allow) LPort=2869
FirewallRules: [{F2C5452D-54FD-4750-927C-B6039E4CF0D2}] => (Allow) LPort=1900
FirewallRules: [{507553BC-9A28-43E6-8E41-5ABD96D1BE40}] => (Allow) LPort=2869
FirewallRules: [{550EB956-2A77-498C-B6CE-780AEE55CA74}] => (Allow) LPort=1900
FirewallRules: [{3632DFDC-82B9-423A-9DAE-3BA8737BB3E5}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{4B54C00C-F686-4534-91AE-9D6A8004F5DF}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EasyPrinterManagerV2.exe (HP Inc. -> )
FirewallRules: [{90AEF3E7-5148-4DA1-9A9B-690A828DA6B7}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (HP Inc. -> HP Printing Korea Co., Ltd.)
FirewallRules: [{C59B9577-76D3-4C72-B388-2C664537C00F}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2AlertList.exe (HP Inc. -> HP Printing Korea Co., Ltd.)
FirewallRules: [{6FC219D5-C469-4874-9C86-4A887EE322FD}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2Migrator.exe (HP Inc. -> )
FirewallRules: [{C63DB7F3-6C45-4791-85F7-6EF24EED2D41}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{F539013D-81AD-4148-914C-C21B3A353E17}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{A688CBDF-997D-4CA2-B4FB-16E8D6EA4C37}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{373F24A1-47E3-48B0-A4F8-8B7D6103647F}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{BD0914C1-DA5E-4E91-914E-0BCD723D3B45}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{A537C959-2409-4973-B0D8-079ADD980A43}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F15FF877-D0F9-4669-9CFA-9B15EB8B3B9B}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D89ED2FD-7690-4A78-99CB-C15456C36E4D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{122684FE-E7E0-4C79-A958-151980D39B8E}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B838F7C4-1B71-4664-A10D-05411D475653}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{765BF60B-2F56-4A1D-9269-A1BDBEE6E3C7}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0D9E617B-5148-402F-80FF-CA80A31A82BC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B8497A24-143C-46EF-84AC-D0C7BD9E913D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{415AB7DF-82F7-46D7-9712-30ED3F85FD22}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{8CF2460A-FE63-4BF4-90DA-59A5F8BEAB8F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{7C7BB62B-9C06-439B-BA2A-A5CD5A79C849}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{25F69835-F216-4376-9CDE-5E0C565AD658}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1E1A1150-5FED-4D13-878C-72022887F497}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BFC10A2A-0E3B-4D64-BDFD-A9AEF684C1DF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D4EAD13F-6AE1-40D6-8003-BACA2917E7BC}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3A85A0D8-07B5-4429-930E-B32A30FFC6CA}] => (Allow) LPort=2869
FirewallRules: [{2765F439-44A7-49D8-A960-4A8ADBBEC576}] => (Allow) LPort=1900
FirewallRules: [{F96E91A8-0B50-4FBB-BCE9-A5DEF332802F}] => (Allow) LPort=2869
FirewallRules: [{7F4D3BFF-407D-4321-9B39-39B4052CB5B9}] => (Allow) LPort=1900
FirewallRules: [{FA4C4D0A-0EA1-4F70-B08F-7182FB64B022}] => (Allow) LPort=2869
FirewallRules: [{FEB0ED81-0CF8-4AAF-9593-426F701635E0}] => (Allow) LPort=1900
FirewallRules: [{230ADC0A-C8E9-4D47-BB91-3686D38DD519}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{1475407A-1235-4FF0-8D42-543B7862082B}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{7ACBC908-AE7F-4011-8C64-5084851CDFA2}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4B6D8E07-19CC-40AD-BF84-BFCE3D86975D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D9889533-0DAB-40E8-A7A0-642E24C1B622}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{35D9767C-F744-404D-AC54-DCD52D19AFDA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B3DE4197-CDAE-43DC-81FE-F91BF15258A3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B7867E54-6FCB-4E1E-955F-5F9BECE73891}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{2A2C9ACD-7FAD-4AA0-A4F5-A03F65A2D920}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9AC04F3F-3672-4271-A23F-E52FDCC35514}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{61E9B9DB-4840-47F8-B047-2252B2BE2DC6}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{77F036B9-46B9-4056-A319-49FABB0A7BAC}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{33BDEA9B-3A42-4AEA-8E58-362ADFD6CD37}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\ASUSDMS.exe (ASUSTeK Computer Inc. -> )
FirewallRules: [{9938D0AF-0B24-4F5E-9B95-FD153166C6D5}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\ASUSDMS.exe (ASUSTeK Computer Inc. -> )

==================== Restore Points =========================

26-03-2022 11:53:50 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/01/2022 07:57:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program ShellExperienceHost.exe verze 10.0.19041.1320 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 3638

Čas spuštění: 01d845f1c6194c88

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

ID hlášení: c493b255-3029-4dff-b62d-cbd736b2ce83

Úplný název balíčku s chybou: Microsoft.Windows.ShellExperienceHost_10.0.19041.1320_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Cross-thread

Error: (03/30/2022 11:01:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TOTALCMD.EXE, verze: 9.0.0.0, časové razítko: 0x2a425e19
Název chybujícího modulu: XCShellMenu.x86.dll, verze: 9.0.351.0, časové razítko: 0x600a1817
Kód výjimky: 0xc000008e
Posun chyby: 0x00174023
ID chybujícího procesu: 0x1e60
Čas spuštění chybující aplikace: 0x01d84466bf366177
Cesta k chybující aplikaci: C:\totalcmd\TOTALCMD.EXE
Cesta k chybujícímu modulu: C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x86.dll
ID zprávy: 048fbfff-ffda-45b7-820a-210537145249
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (03/30/2022 04:40:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TOTALCMD.EXE, verze: 9.0.0.0, časové razítko: 0x2a425e19
Název chybujícího modulu: XCShellMenu.x86.dll, verze: 9.0.351.0, časové razítko: 0x600a1817
Kód výjimky: 0xc000008e
Posun chyby: 0x00174023
ID chybujícího procesu: 0x35e0
Čas spuštění chybující aplikace: 0x01d8442a1b1480d2
Cesta k chybující aplikaci: C:\totalcmd\TOTALCMD.EXE
Cesta k chybujícímu modulu: C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x86.dll
ID zprávy: a3a7198c-11a1-44b0-abff-f78e9f616a8d
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (03/30/2022 01:33:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TOTALCMD.EXE, verze: 9.0.0.0, časové razítko: 0x2a425e19
Název chybujícího modulu: XCShellMenu.x86.dll, verze: 9.0.351.0, časové razítko: 0x600a1817
Kód výjimky: 0xc000008e
Posun chyby: 0x00174023
ID chybujícího procesu: 0x3410
Čas spuštění chybující aplikace: 0x01d8442247b77c9a
Cesta k chybující aplikaci: C:\totalcmd\TOTALCMD.EXE
Cesta k chybujícímu modulu: C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x86.dll
ID zprávy: ebac427b-4d39-4fa9-971a-85404333c5ee
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (03/30/2022 12:28:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TOTALCMD.EXE, verze: 9.0.0.0, časové razítko: 0x2a425e19
Název chybujícího modulu: XCShellMenu.x86.dll, verze: 9.0.351.0, časové razítko: 0x600a1817
Kód výjimky: 0xc000008e
Posun chyby: 0x00174023
ID chybujícího procesu: 0xde4
Čas spuštění chybující aplikace: 0x01d84417c2c9c391
Cesta k chybující aplikaci: C:\totalcmd\TOTALCMD.EXE
Cesta k chybujícímu modulu: C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x86.dll
ID zprávy: a5e06f3d-dd22-4123-a75a-4cba24a4ad67
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (03/28/2022 11:03:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TOTALCMD.EXE, verze: 9.0.0.0, časové razítko: 0x2a425e19
Název chybujícího modulu: XCShellMenu.x86.dll, verze: 9.0.351.0, časové razítko: 0x600a1817
Kód výjimky: 0xc000008e
Posun chyby: 0x00174023
ID chybujícího procesu: 0x3974
Čas spuštění chybující aplikace: 0x01d842e46643200c
Cesta k chybující aplikaci: C:\totalcmd\TOTALCMD.EXE
Cesta k chybujícímu modulu: C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x86.dll
ID zprávy: b11d7f79-fc26-4347-bbf8-4c175aedb9ca
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (03/24/2022 09:48:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PrintIsolationHost.exe, verze: 10.0.19041.746, časové razítko: 0xa2bab91c
Název chybujícího modulu: US015N.DLL, verze: 1.2.75.0, časové razítko: 0x5a5b954d
Kód výjimky: 0xc000041d
Posun chyby: 0x000000000002f0d4
ID chybujícího procesu: 0x8cc
Čas spuštění chybující aplikace: 0x01d83fb7dc10f24d
Cesta k chybující aplikaci: C:\WINDOWS\system32\PrintIsolationHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\X64\3\US015N.DLL
ID zprávy: af70aad6-5b6f-4254-9937-151353ecb00f
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (03/24/2022 09:48:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PrintIsolationHost.exe, verze: 10.0.19041.746, časové razítko: 0xa2bab91c
Název chybujícího modulu: US015N.DLL, verze: 1.2.75.0, časové razítko: 0x5a5b954d
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000002f0d4
ID chybujícího procesu: 0x8cc
Čas spuštění chybující aplikace: 0x01d83fb7dc10f24d
Cesta k chybující aplikaci: C:\WINDOWS\system32\PrintIsolationHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\X64\3\US015N.DLL
ID zprávy: 0a4be56c-dcf0-4554-8cba-7b0aa9371ae6
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (04/01/2022 08:00:40 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-5C2V1IG)
Description: Server {24EE1E72-BE24-4943-8F91-DA637552CE5B} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/01/2022 07:59:23 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (19:58:02, ‎01.‎04.‎2022) bylo neočekávané.

Error: (04/01/2022 07:51:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-5C2V1IG)
Description: Server {24EE1E72-BE24-4943-8F91-DA637552CE5B} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/01/2022 06:09:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-5C2V1IG)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/01/2022 01:53:02 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-5C2V1IG)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/01/2022 12:55:48 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-5C2V1IG)
Description: Server {24EE1E72-BE24-4943-8F91-DA637552CE5B} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/01/2022 10:46:35 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-5C2V1IG)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/01/2022 10:05:19 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-5C2V1IG)
Description: Server {24EE1E72-BE24-4943-8F91-DA637552CE5B} se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===============
Date: 2022-04-01 20:01:33
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.


==================== Memory info =========================== 

BIOS: American Megatrends Inc. 2603 06/26/2015
Motherboard: ASUSTeK COMPUTER INC. M5A97 R2.0
Processor: AMD FX(tm)-6100 Six-Core Processor 
Percentage of memory in use: 36%
Total physical RAM: 8092.02 MB
Available physical RAM: 5100.57 MB
Total Virtual: 9372.02 MB
Available Virtual: 6377.72 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.31 GB) (Free:25.31 GB) NTFS
Drive e: () (Fixed) (Total:111.79 GB) (Free:11.26 GB) NTFS

\\?\Volume{7617e120-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{7617e120-0000-0000-0000-80b31b000000}\ () (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
\\?\Volume{7617e120-0000-0000-0000-c0d21b000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 7617E120)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=499 MB) - (Type=27)
Partition 4: (Not Active) - (Size=508 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: B1A102E2)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================