VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Nalezena potencionálně nežádoucí aplikace

https://forum.viry.cz:443/viewtopic.php?t=158289

Stránka 1 z 1

Nalezena potencionálně nežádoucí aplikace

Napsal: 06 říj 2021 13:32
od Ohsen
Dobrý den,

od včerejšího dne mi v Historii ochrany vyskakuje hláška "Nalezena potencionálně nežádoucí aplikace", která se stále opakovaně přichází po 10 minutách.

Následná hláška vypadá takto:
Obrázek

Dneska jsem nechal projet WD celý počítač a žádnou hrozbu mi to nenašlo.

Obrázek

Bohužel se mi na internetu nepovedlo dohledat žádný návod, jak se problému zbavit.

Níže přikládám log. Moc děkuji za odpověď.

Přeji hezký zbytek dne
MZ

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-10-2021
Ran by lamas (06-10-2021 09:06:54)
Running from C:\Users\lamas\Downloads
Windows 10 Home Version 21H2 22000.194 (X64) (2021-10-05 06:57:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3376143671-3383002286-3793547419-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3376143671-3383002286-3793547419-503 - Limited - Disabled)
Guest (S-1-5-21-3376143671-3383002286-3793547419-501 - Limited - Disabled)
lamas (S-1-5-21-3376143671-3383002286-3793547419-1001 - Administrator - Enabled) => C:\Users\lamas
WDAGUtilityAccount (S-1-5-21-3376143671-3383002286-3793547419-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.007.20095 - Adobe Systems Incorporated)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 94.1.30.87 - Autoři prohlížeče Brave)
DeepL (HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\DeepL) (Version: 2.9.2501 - DeepL GmbH)
Dell Digital Delivery Services (HKLM-x32\...\{560DFD4A-23E2-45DD-A223-A4B3FA356913}) (Version: 4.0.92.0 - Dell Inc.)
Dell Mobile Connect Drivers (HKLM\...\{0B5978E6-D912-4E4F-B117-A164F68BC95C}) (Version: 3.0.9346 - Screenovate Technologies Ltd.)
Dell Power Manager Service (HKLM\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.9.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\{9EF0AEB0-9AD2-40E6-8667-D7520C508941}) (Version: 3.10.3.3 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{900D0BCD-0B86-4DAA-B639-89BE70449569}) (Version: 5.4.1.14954 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{ec40a028-983b-4213-af2c-77ed6f6fe1d5}) (Version: 5.4.1.14954 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{795931D8-2EBF-4969-A678-4219B161F676}) (Version: 5.4.3.15135 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{555298fa-14a9-48f2-a7a0-9602f31785da}) (Version: 5.4.3.15135 - Dell Inc.)
Dell Update for Windows 10 (HKLM\...\{41D2D254-D869-4CD8-B440-5DF49083C4BA}) (Version: 4.3.0 - Dell Inc.)
Dynamic Application Loader Host Interface Service (HKLM\...\{90BC69B6-C3DD-45E3-B2EE-354635A0329B}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
GameRanger (HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\GameRanger) (Version: - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 94.0.4606.71 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden
IBM SPSS Statistics 25 (HKLM\...\{C2D1E17D-CB8A-4742-84FA-1DB5C6A1ABDD}) (Version: 25.0.0.0 - IBM Corp)
Intel Driver && Support Assistant (HKLM-x32\...\{BC82D1AD-802A-4733-BB90-A8E59AB8434A}) (Version: 21.5.33.3 - Intel) Hidden
Intel Software Package (HKLM-x32\...\{e1d93543-7ba0-4927-aa7f-09c5fc7f25df}) (Version: 8.7.10600.20700 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{88B98508-2D8F-46F1-90AD-557BE40C7067}) (Version: 2.4.07642 - Intel Corporation)
Intel(R) Dynamic Tuning (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.7.10600.20700 - Intel Corporation)
Intel(R) Dynamic Tuning Technology (HKLM-x32\...\{7a82309b-956d-4788-8207-25897660c3d6}) (Version: 8.7.10400.15556 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{899f8bb6-99cd-4f33-a004-c70d9ec22260}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{9454a0e6-0762-48ec-b153-2a75b252d1fb}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.377 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2110.15.0.2210 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{b09ce953-882c-4131-a693-2e1d73b1e50d}) (Version: 21.5.33.3 - Intel)
Intel® System Usage Report for gameplay.intel.com (HKLM-x32\...\{9eaf9956-0255-4764-87e4-2ccfc18920c6}) (Version: 2.0.1901 - Intel Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{C7BC60AB-23E3-4F47-8FBE-283937D010AA}) (Version: 2.1.2106.23002 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.14430.20234 - Microsoft Corporation)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.14430.20234 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 94.0.992.38 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 94.0.992.31 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 21.180.0905.0007 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\Teams) (Version: 1.4.00.26376 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 90.0.2 (x64 cs)) (Version: 90.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.12.0 - Mozilla)
Mozilla Thunderbird 78.14.0 (x64 cs) (HKLM\...\Mozilla Thunderbird 78.14.0 (x64 cs)) (Version: 78.14.0 - Mozilla)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.0.1 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OpenVPN 2.4.8-I602-Win10 (HKLM\...\OpenVPN) (Version: 2.4.8-I602-Win10 - OpenVPN Technologies, Inc.)
OptaneDowngradeGuard (HKLM\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Pomocník s instalací Windows 11 (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.1285 - Microsoft Corporation)
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10527 - Qualcomm)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9018.1 - Realtek Semiconductor Corp.)
RstDowngradeGuard (HKLM\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden
SmartByte Drivers and Services (HKLM\...\{9668B1BB-D0FE-4C0C-800C-B1555E069A62}) (Version: 3.1.940 - Název společnosti:)
TAP-Windows 9.24.2 (HKLM\...\TAP-Windows) (Version: 9.24.2 - OpenVPN Technologies, Inc.)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.4461 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\ZoomUMX) (Version: 5.3.2 (53291.1011) - Zoom Video Communications, Inc.)

Packages:
=========
Adobe Photoshop Express: Editor obrazů, úpravy, filtry, efekty, okraje -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.4.353.0_x64__ynb6jyjzte8ga [2021-07-19] (Adobe Inc.)
Canon Office Printer Utility -> C:\Program Files\WindowsApps\34791E63.CanonOfficePrinterUtility_12.7.0.0_x64__6e5tt8cgb93ep [2020-10-02] (Canon Inc.)
Dell CinemaColor -> C:\Program Files\WindowsApps\PortraitDisplays.DellCinemaColor_2.3.57.0_x64__2dgmkzkw4h30c [2021-07-30] (Portrait Displays)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.3.0.0_x64__htrsf667h5kn2 [2021-08-10] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.92.0_x64__htrsf667h5kn2 [2021-08-25] (Dell Inc)
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.9.11.0_x64__htrsf667h5kn2 [2021-10-05] (Dell Inc)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.10.6.0_x64__htrsf667h5kn2 [2021-10-05] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.3.12.0_x86__htrsf667h5kn2 [2021-08-03] (Dell Inc)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-05] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2020-04-03] (Dropbox Inc.)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1020.0_x64__8j3eq9eme6ctt [2021-09-03] (INTEL CORP)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt [2021-10-05] (Facebook Inc) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-10-05] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-10-05] (Microsoft Corporation) [MS Ad]
Microsoft Teams -> C:\Program Files\WindowsApps\MicrosoftTeams_21253.510.996.1465_x64__8wekyb3d8bbwe [2021-10-05] (Microsoft) [Startup Task]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.53.42632.0_x64__8wekyb3d8bbwe [2021-10-05] (Microsoft Corporation) [Startup Task]
Microsoft.UI.Xaml.CBS -> C:\Windows\SystemApps\Microsoft.UI.Xaml.CBS_8wekyb3d8bbwe [2021-10-05] (Microsoft Platform Extensions)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_1.91.7.0_x64__htrsf667h5kn2 [2021-08-07] (Dell Inc)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-08-23] (Netflix, Inc.)
OneDrive -> C:\Program Files\Microsoft OneDrive\21.180.0905.0007 [2021-10-05] (0)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-07-22] (INTEL CORP) [Startup Task]
Paint -> C:\Program Files\WindowsApps\Microsoft.Paint_10.2104.17.0_x64__8wekyb3d8bbwe [2021-10-05] (Microsoft Corporation)
Power Automate -> C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_1.0.65.0_x64__8wekyb3d8bbwe [2021-10-05] (Microsoft Corporation)
Python 3.9 -> C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.9_3.9.2032.0_x64__qbz5n2kfra8p0 [2021-09-02] (Python Software Foundation)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-28] (Microsoft Corporation)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2020-10-02] (Samsung Electronics Co. Ltd.)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.995.0_x64__rh07ty8m5nkag [2021-08-16] (Rivet Networks LLC)
Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.15.163.0_x64__43tkc6nmykmb6 [2021-10-03] (Ookla)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0 [2021-10-03] (Spotify AB) [Startup Task]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2020-04-03] (Microsoft Corporation)
TranslucentTB -> C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2021.4.0.0_x64__v826wp6bftszj [2021-10-05] (Charles Milette) [Startup Task]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-10-05] (Twitter Inc.)
Waves MaxxAudio Pro for Dell 2019 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell2019_2.0.54.0_x64__fh4rh281wavaa [2020-01-07] (Waves Audio)
WiFi Analyzer -> C:\Program Files\WindowsApps\19965MATTHAFNER.WIFIANALYZER_2.6.1.0_x64__gs5k5vmxr2ste [2021-08-02] (Matt Hafner)
Windows Notepad -> C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_10.2102.13.0_x64__8wekyb3d8bbwe [2021-10-05] (Microsoft Corporation)
Windows Terminal -> C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.6.10571.0_x64__8wekyb3d8bbwe [2021-10-05] (Microsoft Corporation) [Startup Task]
Windows Web Experience Pack -> C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20031.315.0_x64__cw5n1h2txyewy [2021-10-05] (Microsoft Windows)
Xbox -> C:\Program Files\WindowsApps\Microsoft.GamingApp_2105.900.24.0_x64__8wekyb3d8bbwe [2021-10-05] (Microsoft Corporation)
Zabezpečení Windows -> C:\Program Files\WindowsApps\Microsoft.SecHealthUI_1000.22000.1.0_neutral__8wekyb3d8bbwe [2021-10-05] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3376143671-3383002286-3793547419-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\lamas\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21161.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3376143671-3383002286-3793547419-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\lamas\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_21802104c9b3e45d\OptaneShellExt.dll [2021-03-17] (Intel(R) Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_21802104c9b3e45d\OptaneShellExt.dll [2021-03-17] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-10-05 11:55 - 2021-10-05 11:55 - 054230016 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\resources\app.asar.unpacked\build\addon.node
2021-10-05 11:55 - 2021-10-05 11:55 - 000763392 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\resources\app.asar.unpacked\build\keytar.node
2021-10-05 11:55 - 2021-10-05 11:55 - 000750080 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\resources\app.asar.unpacked\build\logging.node
2021-10-05 11:55 - 2021-10-05 11:55 - 001037824 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\resources\app.asar.unpacked\build\spellchecker_win.node
2021-10-05 11:55 - 2021-10-05 11:55 - 001218560 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\resources\app.asar.unpacked\build\systeminfo.node
2021-10-05 11:55 - 2021-10-05 11:55 - 000614912 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\resources\app.asar.unpacked\build\windows.applicationmodel.node
2021-10-05 11:55 - 2021-10-05 11:55 - 000523776 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\resources\app.asar.unpacked\build\windows.data.xml.dom.node
2021-10-05 11:55 - 2021-10-05 11:55 - 000202240 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\resources\app.asar.unpacked\build\windows.networking.pushnotifications.node
2021-10-05 11:55 - 2021-10-05 11:55 - 001144832 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\resources\app.asar.unpacked\build\windows.storage.node
2021-10-05 11:55 - 2021-10-05 11:55 - 000681984 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\resources\app.asar.unpacked\build\windows.ui.notifications.node
2021-04-13 12:36 - 2021-04-13 12:36 - 005745664 _____ () [File not signed] C:\Program Files (x86)\Intel\Driver and Support Assistant\irmfuu_module.dll
2021-07-22 18:02 - 2021-07-22 18:02 - 042803200 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\IGCC.dll
2020-01-06 21:29 - 2020-01-06 21:29 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems64.dll
2020-04-19 18:39 - 2020-04-19 18:39 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2021-10-05 11:51 - 2021-10-05 11:51 - 000137184 _____ (Microsoft Windows -> Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20031.315.0_x64__cw5n1h2txyewy\Dashboard\WebView2Loader.dll
2020-08-14 21:29 - 2020-08-14 21:29 - 000122880 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll
2020-12-01 01:14 - 2020-12-01 01:14 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll
2021-05-21 14:04 - 2021-05-21 14:04 - 000130048 _____ (Sam Grogan) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Driver and Support Assistant\NotifyIconWin32.dll
2021-07-23 11:36 - 2021-07-23 11:36 - 002122240 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\nvdimm.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{53966cb1-4d46-4166-bf23-c522403cd495} => ""="ScmDisk"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nvdimm.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{53966cb1-4d46-4166-bf23-c522403cd495} => ""="ScmDisk"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=DCTE
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-3376143671-3383002286-3793547419-1001 -> DefaultScope {AB93DFC2-045F-4F4B-932A-09AA92221FF3} URL =
SearchScopes: HKU\S-1-5-21-3376143671-3383002286-3793547419-1001 -> {AB93DFC2-045F-4F4B-932A-09AA92221FF3} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\sharepoint.com -> hxxps://ucnmuni-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2020-04-20 16:01 - 2020-04-20 16:09 - 000000506 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img19.jpg
DNS Servers: 147.251.6.10 - 147.251.4.33
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\StartupApproved\StartupFolder: => "GameRanger.lnk"
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk"
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\StartupApproved\Run: => "Samsung DeX"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DF8EA1ED-ACA0-439B-872D-209B4894A530}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{8E2ECAA9-75BF-45C2-A02F-18DF05EDA64D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{787DF416-35EC-4E48-8A30-22ADE10ECD5F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{37AAF221-B8F7-450C-8AE7-3A9292D15513}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{628561A8-5230-42CD-8902-1EA7C114BB5C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1E2CA783-234A-455F-95C8-04E98A3D6CDA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A1009C6F-674A-4B2D-9CF9-D7237ADCB610}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F7BC41BE-64EC-4A71-9935-42F69966CBD1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{431585BF-A50B-42EA-A748-B091B62F9A45}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9521962B-7EA3-44B0-ACB7-9387A0FB4E12}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{5F4CE184-728C-4C59-8DDB-959DEA18FB14}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{938F4FDC-1631-486D-956E-2A25087A594C}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{22707A19-5CE0-4B21-86DE-F5A25BD03414}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\94.0.992.31\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FDD17D8F-ABEB-4B40-ABBA-E9FF52024086}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.exe (IBM -> IBM Corp.) [File not signed]
FirewallRules: [{04F4D7B3-3336-4610-8D4B-835BA4828C9E}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.exe (IBM -> IBM Corp.) [File not signed]
FirewallRules: [{5E5EDFA7-249F-4E2B-8D54-0585D5F9395F}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.com (IBM -> IBM Corp.) [File not signed]
FirewallRules: [{85B1D622-1450-4870-9821-2AC8B7D39725}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\WinWrapIDE.exe (IBM -> IBM Corp.) [File not signed]
FirewallRules: [{338CBE1F-3F1B-42C2-B7DA-308B7F09836B}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.com (IBM -> IBM Corp.) [File not signed]
FirewallRules: [{8539728C-2348-43B9-9ED4-D5B9E75BC5F9}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\WinWrapIDE.exe (IBM -> IBM Corp.) [File not signed]
FirewallRules: [{396C4446-8F87-4727-8CBA-31F5389AB30F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.74.152.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D5015870-A41F-441A-A460-31B17F3D9A5A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.74.152.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E8E31D1E-2AA5-4E03-9F4F-0A8F933707DC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.74.152.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C6030D3B-F545-4CAD-A2C9-8177EDEA6A9E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.74.152.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F72139C8-26E2-4AAF-B3DC-6736D20599BD}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9803.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{487E6031-DA3E-4F97-9785-0E884982B979}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9803.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{46BDAF38-2B2B-4024-807A-2A7693BC3406}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{E1231E67-4ED3-460A-9FDC-DDE9467F825E}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{ED154544-9B3C-4248-BC75-F93691E86D95}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{46A5DC10-44C4-4768-A33B-948B8E71B1F2}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{97CEBAA3-6B35-42A5-9632-A422FB2B30C0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9D25793F-48B8-43DF-9D84-76121F07AF89}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{20C4BDC7-3352-4B2D-BCD4-6A4B0D38679B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{513F147B-0669-4368-84DC-6E32F707CA8B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{943677B6-CB3B-471A-8232-B3633202E62D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{63B72462-4CA0-4978-8262-A271247BB8C3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{3D0D964E-927F-4D6B-8C40-930C3B8AAB6F}C:\users\lamas\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\lamas\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{B1278C38-464B-4C9E-9CE6-C09A04C9897F}C:\users\lamas\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\lamas\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{375C42A3-8E60-43B7-A0CB-156074E4F272}C:\users\lamas\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\lamas\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [UDP Query User{DC5494FD-FBDC-4BDD-A498-BA5CE96D1ADA}C:\users\lamas\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\lamas\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [TCP Query User{7906EBF8-8972-4529-A2D3-67A72B18F322}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{B9AA09A8-8426-4730-AFBA-B46F0B0D5847}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{856E3A1A-3E52-40DF-A723-04B469A1087D}C:\users\lamas\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\lamas\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{E8582FFB-4086-4215-96B9-88A422027158}C:\users\lamas\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\lamas\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3E7DF0DE-FE01-4F3C-B370-2C4BEECCEF4C}] => (Allow) C:\Users\lamas\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{F03BC4E9-1F6C-42B3-885B-9B49F7644EB2}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21253.510.996.1465_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C89BE2A6-6EE7-447F-B57E-415C9141E306}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21253.510.996.1465_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1C81B4A4-C6E1-4FE1-9B79-60B91B0C1A95}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:220.92 GB) (Free:41.5 GB) (19%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/05/2021 10:12:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RoundedTB.exe, verze: 1.0.0.0, časové razítko: 0xe50724bd
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22000.132, časové razítko: 0xf5a91e93
Kód výjimky: 0xc000041d
Posun chyby: 0x0013e7b2
ID chybujícího procesu: 0x3668
Čas spuštění chybující aplikace: 0x01d7ba21c6b2e7e5
Cesta k chybující aplikaci: C:\Tweaks\RoundedTB_R3\RoundedTB.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: f13be3c3-e570-4fc8-aaa5-bcd0a507188f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/05/2021 10:12:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RoundedTB.exe, verze: 1.0.0.0, časové razítko: 0xe50724bd
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22000.132, časové razítko: 0xf5a91e93
Kód výjimky: 0xe0434352
Posun chyby: 0x0013e7b2
ID chybujícího procesu: 0x3668
Čas spuštění chybující aplikace: 0x01d7ba21c6b2e7e5
Cesta k chybující aplikaci: C:\Tweaks\RoundedTB_R3\RoundedTB.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 6f255185-70d0-4b9f-aecf-327992f76304
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/05/2021 10:12:54 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: RoundedTB.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.OutOfMemoryException
na System.Windows.Media.Composition.DUCE+Channel.SyncFlush()
na System.Windows.Media.MediaContext.CompleteRender()
na System.Windows.Interop.HwndTarget.OnResize()
na System.Windows.Interop.HwndTarget.HandleMessage(MS.Internal.Interop.WindowMessage, IntPtr, IntPtr)
na System.Windows.Interop.HwndSource.HwndTargetFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
na MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
na MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
na MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)

Error: (10/05/2021 10:12:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MiniSearchHost.exe, verze: 421.21000.0.0, časové razítko: 0x6102fc94
Název chybujícího modulu: twinapi.appcore.dll, verze: 10.0.22000.132, časové razítko: 0xf9ab3e3e
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010a4f4
ID chybujícího procesu: 0x3bbc
Čas spuštění chybující aplikace: 0x01d7b9db6c7cda4c
Cesta k chybující aplikaci: C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\twinapi.appcore.dll
ID zprávy: 326b991c-2218-47d7-a211-75dcdee5bc14
Úplný název chybujícího balíčku: MicrosoftWindows.Client.CBS_1000.22000.194.0_x64__cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: MiniSearchUI

Error: (10/05/2021 09:35:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program googleChatElectron.exe verze 2.3.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 40b4

Čas spuštění: 01d7ba1f747f5ec6

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\37781ZooInc.GChatforDesktop_1.0.9.0_x64__xb7zxn0ry2ahe\app\googleChatElectron.exe

ID hlášení: 672e998e-d3e4-4214-93c1-6b51b7f60ade

Úplný název balíčku s chybou: 37781ZooInc.GChatforDesktop_1.0.9.0_x64__xb7zxn0ry2ahe

ID aplikace relativní podle balíčku s chybou: googleChatElectron

Typ zablokování: Quiesce

Error: (10/05/2021 12:47:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.22000.120 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1c40

Čas spuštění: 01d7b9d4372b8a3c

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: 4bce047e-66f5-4ca4-9b97-df254a9ec158

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Cross-thread

Error: (10/05/2021 12:31:11 PM) (Source: openvpnserv) (EventID: 0) (User: )
Description: Event-ID 0

Error: (10/05/2021 08:56:43 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1017) (User: NT AUTHORITY)
Description: Sběr dat čítače výkonu od služby Lsa byl vypnut z důvodu jedné nebo více chyb generovaných knihovnou čítače výkonu pro tuto službu. Chyby, které vyvolaly tuto akci, byly zapsány do protokolu událostí aplikace. Opravte tyto chyby před novým zapnutím čítačů výkonu pro tuto službu.


System errors:
=============
Error: (10/06/2021 08:55:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Klient zásad skupiny neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (10/06/2021 08:55:20 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Klient zásad skupiny bylo dosaženo časového limitu (30000 ms).

Error: (10/06/2021 08:14:01 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{02152C23-48B5-463B-B4FD-4CA2533077C5}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (10/06/2021 08:13:59 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{F4A69ACF-A4DA-4338-B893-EE6A8E33D2DF}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (10/06/2021 08:13:52 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{02152C23-48B5-463B-B4FD-4CA2533077C5}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (10/05/2021 12:42:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Intel(R) SUR QC Software Asset Manager bylo dosaženo časového limitu (30000 ms).

Error: (10/05/2021 12:32:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Intel(R) SUR QC Software Asset Manager bylo dosaženo časového limitu (30000 ms).

Error: (10/05/2021 12:31:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba User Energy Server Service queencreek byla ukončena s následující chybou:
Ovladač %2 vrátil neplatné číslo ID pro podřízené zařízení (%3).


Windows Defender:
================Event[0]

Date: 2021-10-06 09:04:09
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=1
Název: PUA:Win32/Seznam
Závažnost: Vážné
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\OneDriveTemp\S-1-5-21-3376143671-3383002286-3793547419-1001\83B617378ACAA294!103-83B617378ACAA294!34051-83B617378ACAA294!32746-a4ff5f23d48ed826925beee5b6aec78df81e946a.temp
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: MICHALZICH\lamas
Název procesu: C:\Program Files\Microsoft OneDrive\OneDrive.exe
Verze bezpečnostních informací: AV: 1.349.2033.0, AS: 1.349.2033.0, NIS: 1.349.2033.0
Verze modulu: AM: 1.1.18600.4, NIS: 1.1.18600.4 ਍
Event[1]

Date: 2021-10-06 08:59:40
Description:
N/A
Event[2]

Date: 2021-10-06 08:54:17
Description:
N/A
Event[3]

Date: 2021-10-06 08:44:14
Description:
N/A
Event[4]

Date: 2021-10-06 08:34:15
Description:
N/A

==================== Memory info ===========================

BIOS: Dell Inc. 1.17.0 07/27/2021
Motherboard: Dell Inc. 04N9HV
Processor: Intel(R) Core(TM) i5-1035G1 CPU @ 1.00GHz
Percentage of memory in use: 85%
Total physical RAM: 7959.47 MB
Available physical RAM: 1150.08 MB
Total Virtual: 23319.47 MB
Available Virtual: 7822.49 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:220.92 GB) (Free:41.5 GB) NTFS

\\?\Volume{97ae6464-aadf-4cc3-9575-24f7ecdebe59}\ () (Fixed) (Total:1.07 GB) (Free:0.08 GB) NTFS
\\?\Volume{04f176fb-f1e2-463e-9ae3-c387df39b9d4}\ (IMAGE) (Fixed) (Total:13.88 GB) (Free:0.15 GB) NTFS
\\?\Volume{7628162a-900c-4052-b2db-5ae32c638466}\ (DELLSUPPORT) (Fixed) (Total:1.72 GB) (Free:0.83 GB) NTFS
\\?\Volume{7a9cb0af-6ad2-4051-993e-7fe1d39e629b}\ (ESP) (Fixed) (Total:0.73 GB) (Free:0.64 GB) FAT32

==================== MBR & Partition Table ====================

==================== End of Addition.txt =======================

Re: Nalezena potencionálně nežádoucí aplikace

Napsal: 06 říj 2021 13:49
od Rudy
Zdravím!
Přidejte ještě log FRST (obsah souboru frst.txt v C:\Users\lamas\Downloads) a pak můžeme pokračovat. Děkuji.

Re: Nalezena potencionálně nežádoucí aplikace

Napsal: 06 říj 2021 13:51
od Ohsen
Přidávám log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-10-2021
Ran by lamas (administrator) on MICHALZICH (Dell Inc. Inspiron 3593) (06-10-2021 09:02:51)
Running from C:\Users\lamas\Downloads
Loaded Profiles: lamas
Platform: Windows 10 Home Version 21H2 22000.194 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\RdrCEF.exe <5>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe <2>
(DeepL GmbH -> DeepL GmbH) C:\ProgramData\lamas\DeepL\app-2.9.2501\DeepL.exe
(DeepL GmbH -> The CefSharp Authors) C:\ProgramData\lamas\DeepL\app-2.9.2501\CefSharp.BrowserSubprocess.exe <3>
(Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Facebook Inc) C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\Messenger.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <42>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\esif_uf.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_dd349ca1e8d98184\LMS.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_71cc42bf8b620f67\igfxCUIServiceN.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_71cc42bf8b620f67\igfxEMN.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_4789e47f6228caeb\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d8b7fef7fc5b1320\IntelCpHDCPSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_34f570cbe7f3d6c7\RstMwService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\94.0.992.31\msedgewebview2.exe <13>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\lamas\AppData\Local\Microsoft\Teams\current\Teams.exe <9>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_10.2102.13.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe <3>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.9022.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.9022.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21084.76.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy\YourPhoneAppProxy.exe
(Microsoft Windows -> ) C:\Windows\System32\AggregatorHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\omadmprc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Scans\MsMpEngCP.exe
(Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20031.315.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(Microsoft) C:\Program Files\WindowsApps\MicrosoftTeams_21253.510.996.1465_x64__8wekyb3d8bbwe\msteams.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(OpenVPN Inc. -> ) C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpn.exe
(OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe
(Qualcomm Atheros, Inc. -> ) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <3>
(Rivet Networks LLC -> DELL) C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RAPS.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Rivet Networks LLC -> Rivet Networks, LLC.) C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_f9e3e5f664173b9e\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_f9e3e5f664173b9e\WavesSysSvc64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1141544 2020-09-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_f9e3e5f664173b9e\WavesSvc64.exe [1774688 2020-09-03] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288184 2021-08-10] (Intel Corporation -> Intel)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2340224 2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2340224 2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2340224 2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\lamas\appdata\local\microsoft\teams\Update.exe [2455256 2021-09-29] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\Run: [] => [X]
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [669112 2019-10-31] (OpenVPN Inc. -> )
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\Run: [DeepL] => C:\ProgramData\lamas\DeepL\app-2.9.2501\DeepL.exe [141360 2021-09-25] (DeepL GmbH -> DeepL GmbH)
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\Run: [googleChatElectron] => "C:\Program Files\WindowsApps\37781ZooInc.GChatforDesktop_1.0.9.0_x64__xb7zxn0ry2ahe\app\googleChatElectron.exe" --hidden
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\94.0.4606.71\Installer\chrmstp.exe [2021-10-06] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\94.1.30.87\Installer\chrmstp.exe [2021-10-02] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\Software\...\Winlogon\GPExtensions: [{8472C2C4-6B70-4301-A20D-A6CEA5F82B7E}] -> C:\WINDOWS\System32\StartTileData.dll [2021-09-13] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\Users\lamas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk [2020-10-02]
ShortcutTarget: GameRanger.lnk -> C:\Users\lamas\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
Startup: C:\Users\lamas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2021-10-05]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C064AF8-8AD7-44E3-8494-F37CABF8185D} - System32\Tasks\Microsoft\Windows\AppListBackup\Backup => {E0DCC2CC-3354-45F2-8914-519E07809082} C:\WINDOWS\system32\AppListBackupLauncher.dll [110592 2021-09-13] (Microsoft Windows -> Microsoft Corporation)
Task: {1252A84C-8F10-40E8-A3DB-1C30B0D37B16} - System32\Tasks\Microsoft\Windows\Printing\PrinterCleanupTask => {C56F065E-DE49-4E42-BE7C-305C45609D25} C:\Windows\System32\PrinterCleanupTask.dll [118784 2021-09-13] (Microsoft Windows -> Microsoft Corporation)
Task: {25DABF92-6809-41AD-AF36-12B2295DD266} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\8F97F399-8A09-446E-8B52-42E097F5026B\Passport for Work alert created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [487424 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {2BEB8C7E-183F-4A18-AA7C-64DCD72C6F85} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2F735F1E-E2A4-4242-AF1F-74B14590B951} - System32\Tasks\Microsoft\Windows\Kernel\La57Cleanup => C:\WINDOWS\system32\la57setup.exe [36864 2021-09-13] (Microsoft Windows -> Microsoft Corporation)
Task: {318D7E32-98F1-42A1-A2C7-245BFDAFB513} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [681400 2021-08-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {39BDCE6C-3B60-491E-BA1F-E52FD29394DB} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1060384 2021-08-20] (Dell Inc -> Dell Inc.)
Task: {3A931A9C-0407-4BA6-B090-AEF8B0522E82} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {42E1BD8F-7DEB-402C-98F4-820696DA968A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {4EBA7B35-9796-47FA-A58C-8F77822C3BFC} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\8F97F399-8A09-446E-8B52-42E097F5026B\PushRenewal => C:\WINDOWS\system32\deviceenroller.exe [487424 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {5229D831-02A3-48A6-8FB4-021705B88EF8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1551256 2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {538F3A57-EB7C-4574-B788-1378B9D16631} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4103280 2021-09-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {5B19304E-A302-4B5C-BB28-307DCB77498E} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {6C50FD2B-6E41-42D6-935F-9C649F38AB2A} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\8F97F399-8A09-446E-8B52-42E097F5026B\Schedule #1 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [487424 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {7AB72538-1652-4AC0-A87E-2124F9480E15} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\8F97F399-8A09-446E-8B52-42E097F5026B\Schedule #2 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [487424 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {7C3B27B7-1FEB-41C4-983A-C3F665914ED7} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-06] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {82670F64-033B-406A-ADD2-26A17FD5DB93} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\8F97F399-8A09-446E-8B52-42E097F5026B\Schedule to run OMADMClient by client => C:\WINDOWS\system32\omadmclient.exe [450560 2021-09-13] (Microsoft Windows -> Microsoft Corporation)
Task: {83E7DBD0-3119-4213-BCA2-45AFD2B01447} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5729200 2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {865C1CC6-E229-485E-99D5-E296F45506C1} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation)
Task: {8785D04A-9290-403F-A715-700A0E93F02D} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\8F97F399-8A09-446E-8B52-42E097F5026B\Provisioning initiated session => C:\WINDOWS\system32\deviceenroller.exe [487424 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {9D812998-1EF4-409C-94C3-E2AB030BEC2A} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\8F97F399-8A09-446E-8B52-42E097F5026B\Schedule created by enrollment client for renewal of certificate warning => C:\WINDOWS\system32\deviceenroller.exe [487424 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {9E2723D6-BF78-4364-818F-4FAF85A00B83} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134504 2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {A113AD26-AA99-4C14-9101-6C53FDBA2241} - System32\Tasks\Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup => C:\WINDOWS\system32\MdmDiagnosticsTool.exe [90112 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {A5E45BCC-DE8C-487B-8C49-9953CC47CF24} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21976976 2021-09-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {A79BA140-4629-44DD-88F3-26A23688E8F2} - System32\Tasks\microsoft\windows\capabilityaccessmanager\maintenancetasks => %windir%\system32\rundll32.exe %windir%\system32\CapabilityAccessManager.dll,CapabilityAccessManagerDoStoreMaintenance
Task: {AD17FDCC-F3EF-44FF-B691-EDE9C07A616E} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [3977072 2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {B2A6AF0E-C246-4FA1-AF15-1249F99A2AC3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5729200 2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {BEBEA9B6-E74E-4AD4-8430-4BB02D7A57E7} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\8F97F399-8A09-446E-8B52-42E097F5026B\OS Edition Upgrade event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [487424 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {C017E83D-7A42-41F0-AAF8-9346DF155FC7} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\8F97F399-8A09-446E-8B52-42E097F5026B\Schedule #3 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [487424 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {C6011FD0-35D2-4566-A99D-E2AE2CF1F091} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-06] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {CB614C11-F9BE-4453-A14B-E4A135C8E09F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe
Task: {D154AD10-E56B-4E18-8A60-029A50919241} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134504 2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {D25DC36E-8E1C-4672-90F1-3D83D36FAA60} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\8F97F399-8A09-446E-8B52-42E097F5026B\PushUpgrade => C:\WINDOWS\system32\deviceenroller.exe [487424 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {DBB429E7-5C23-4790-9AA6-C335979AB8CB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-03] (Google LLC -> Google LLC)
Task: {DF1F4569-AC0D-46CC-A0EA-324B5919E83A} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation)
Task: {E23CF514-6E2B-447F-8935-3731F13A3D01} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\8F97F399-8A09-446E-8B52-42E097F5026B\Schedule to run OMADMClient by server => C:\WINDOWS\system32\omadmclient.exe [450560 2021-09-13] (Microsoft Windows -> Microsoft Corporation)
Task: {E86DB898-0B87-4F5B-B407-4627F86451DF} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\8F97F399-8A09-446E-8B52-42E097F5026B\PushLaunch => C:\WINDOWS\system32\deviceenroller.exe [487424 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {ED476BAD-B100-4DE5-A82A-0A48AB6DC971} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-03] (Google LLC -> Google LLC)
Task: {EE923EBC-0FD5-44E3-8D1B-DAA50EE7ACC5} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\8F97F399-8A09-446E-8B52-42E097F5026B\Win10 S Mode event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [487424 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {F21E75C8-2470-408B-90B9-0C16A9649589} - System32\Tasks\Microsoft\Windows\Shell\ThemesSyncedImageDownload => {79F8E185-4E45-4B74-8182-02AA430661E4} C:\Windows\System32\Themes.SsfDownload.ScheduledTask.dll [200704 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {F307A1A1-A5C6-40CD-9256-98EDFFDB2C53} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21976976 2021-09-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {F41BE135-6BAF-4CA8-ACB2-91E67CAD3B21} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [95072 2020-08-14] (Rivet Networks LLC -> DELL)
Task: {F53E0D7C-E609-45DB-A4D8-326892F4FA38} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\WINDOWS\SysWOW64\nlansp_c.dll [83456 2021-06-05] (Microsoft Windows -> Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 07 C:\Windows\system32\nlansp_c.dll [126976 2021-06-05] (Microsoft Windows -> Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 86.49.5.221 86.49.5.222
Tcpip\..\Interfaces\{02152c23-48b5-463b-b4fd-4ca2533077c5}: [DhcpNameServer] 147.251.6.10 147.251.4.33
Tcpip\..\Interfaces\{0e3c8def-2bea-4880-94b8-3a133d0a4120}: [DhcpNameServer] 147.251.4.33 147.251.6.10
Tcpip\..\Interfaces\{92122bf3-6403-4cdc-9c9d-7846e2b069fd}: [DhcpNameServer] 77.48.254.254 77.48.100.254
Tcpip\..\Interfaces\{d9f01dc5-a066-4c6d-b3e4-f104e3c4edbb}: [DhcpNameServer] 147.251.4.33 147.251.6.10
Tcpip\..\Interfaces\{e17a547e-b113-4acb-9dab-233bde85000d}: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{f4a69acf-a4da-4338-b893-ee6a8e33d2df}: [DhcpNameServer] 86.49.5.221 86.49.5.222

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\lamas\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-05]

FireFox:
========
FF DefaultProfile: ks9z3nnx.default
FF ProfilePath: C:\Users\lamas\AppData\Roaming\Mozilla\Firefox\Profiles\ks9z3nnx.default [2021-07-19]
FF ProfilePath: C:\Users\lamas\AppData\Roaming\Mozilla\Firefox\Profiles\gb77tiix.default-release [2021-09-29]
FF Extension: (LastPass: Free Password Manager) - C:\Users\lamas\AppData\Roaming\Mozilla\Firefox\Profiles\gb77tiix.default-release\Extensions\support@lastpass.com.xpi [2021-08-07]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-09-25] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default [2021-10-06]
CHR HomePage: Default -> hxxp://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Překladač Google) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-08-17]
CHR Extension: (Prezentace) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-03]
CHR Extension: (Dokumenty) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-03]
CHR Extension: (Disk Google) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (DuckDuckGo) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2021-10-01]
CHR Extension: (YouTube) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-03]
CHR Extension: (DjVu Viewer and Reader) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnjifppcgdoacjkgnmkhphgfgdnkfjk [2021-09-10]
CHR Extension: (uBlock Origin) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-10-05]
CHR Extension: (Tabulky) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-30]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2021-09-30]
CHR Extension: (Unpaywall) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\iplffkdpngmdjhlpjmppncnlhomiipha [2021-08-01]
CHR Extension: (Web Scraper - Free Web Scraping) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnhgnonknehpejjnehehllkliplmbmhn [2021-08-25]
CHR Extension: (Save to Pocket) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2020-11-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Profile: C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-10-06]
CHR Profile: C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-10-06]
CHR Notifications: Profile 1 -> hxxps://mail.google.com
CHR Extension: (Prezentace) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-08-03]
CHR Extension: (Dokumenty) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-08-03]
CHR Extension: (Disk Google) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-08-03]
CHR Extension: (YouTube) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-08-03]
CHR Extension: (Tabulky) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-08-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-03]
CHR Extension: (Gmail) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-08-03]
CHR Profile: C:\Users\lamas\AppData\Local\Google\Chrome\User Data\System Profile [2021-10-06]

Brave:
=======
BRA Profile: C:\Users\lamas\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-03-07]
BRA Extension: (LastPass: Free Password Manager) - C:\Users\lamas\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2021-03-06]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\lamas\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-03-06]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\lamas\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-03-07]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\lamas\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2021-03-07]
BRA Extension: (Brave NTP sponsored images) - C:\Users\lamas\AppData\Local\BraveSoftware\Brave-Browser\User Data\efkihffiamafhbhefjaljejgdpkelpal [2021-03-07]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\lamas\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-03-06]
BRA Extension: (Brave Ad Block Updater (CZE, SVK: EasyList Czech and Slovak)) - C:\Users\lamas\AppData\Local\BraveSoftware\Brave-Browser\User Data\omkkefoeihpbpebhhbhmjekpnegokpbj [2021-03-07]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\lamas\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-03-06]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-06] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-06] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9250696 2021-09-24] (Microsoft Corporation -> Microsoft Corporation)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [315008 2021-05-13] (Dell Inc -> Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [426528 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3835424 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [452640 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [50888 2021-06-24] (Dell Inc -> )
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1020584 2021-07-28] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [19128 2021-07-08] (Dell Inc -> Dell INC.)
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{5A4E1D3D-D97D-487E-8A66-42533AC9D6B8} [45368 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38600 2021-07-20] (Dell Inc -> )
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [36792 2021-08-10] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [176568 2021-08-10] (Intel Corporation -> Intel)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncHelper.exe [3249520 2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
S3 FrameServerMonitor; C:\WINDOWS\system32\FrameServerMonitor.dll [319488 2021-09-13] (Microsoft Windows -> Microsoft Corporation)
S3 McpManagementService; C:\WINDOWS\System32\McpManagementService.dll [319488 2021-09-13] (Microsoft Windows -> Microsoft Corporation)
S3 NPSMSvc; C:\WINDOWS\System32\npsm.dll [233472 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 NPSMSvc; C:\WINDOWS\SysWOW64\npsm.dll [163840 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [45368 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.180.0905.0007\OneDriveUpdaterService.exe [3718016 2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] (OpenVPN Technologies, Inc. -> )
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [66488 2019-10-31] (OpenVPN Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [66488 2019-10-31] (OpenVPN Inc. -> The OpenVPN Project)
S3 P9RdrService; C:\WINDOWS\system32\p9rdrservice.dll [122880 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [188728 2021-05-28] (Qualcomm Atheros, Inc. -> )
R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [64848 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64856 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1630576 2020-08-14] (Rivet Networks LLC -> Rivet Networks)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2385256 2020-08-14] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-08-20] (Dell Inc -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe [2855512 2021-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe [128392 2021-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-07-28] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
S0 ebdrv; C:\WINDOWS\System32\drivers\evbda.sys [3440440 2021-06-05] (Microsoft Windows -> Marvell Semiconductor Inc.)
S0 ebdrv0; C:\WINDOWS\System32\drivers\evbd0a.sys [3423032 2021-06-05] (Microsoft Windows -> QLogic Corporation)
S3 ExecutionContext; C:\WINDOWS\System32\Drivers\ExecutionContext.sys [61440 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 HidSpiCx; C:\WINDOWS\System32\drivers\HidSpiCx.sys [118784 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 iaLPSS2_GPIO2_ICL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_icl.inf_amd64_90beccc7e046abab\iaLPSS2_GPIO2_ICL.sys [132872 2020-04-28] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ICL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_icl.inf_amd64_c8c0638291b9b209\iaLPSS2_I2C_ICL.sys [200456 2020-04-28] (Intel Corporation -> Intel Corporation)
R0 IntelPMT; C:\WINDOWS\System32\drivers\IntelPMT.sys [74224 2021-06-05] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S0 megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [100176 2021-06-05] (Microsoft Windows -> Broadcom Inc)
S0 mpi3drvi; C:\WINDOWS\System32\drivers\mpi3drvi.sys [87352 2021-06-05] (Microsoft Windows -> Broadcom Limited)
R3 MpKsl6a8e5467; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A17CCE4B-21B0-4CF7-A7DB-C7649073825D}\MpKslDrv.sys [130272 2021-10-06] (Microsoft Windows -> Microsoft Corporation)
S3 NDKPerf; C:\WINDOWS\System32\drivers\NDKPerf.sys [78152 2021-06-05] (Microsoft Windows -> )
S0 nvmedisk; C:\WINDOWS\System32\drivers\nvmedisk.sys [82240 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [164424 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 Usb4DeviceRouter; C:\WINDOWS\System32\DriverStore\FileRepository\usb4devicerouter.inf_amd64_8d9a17bd8e5b4b11\Usb4DeviceRouter.sys [831800 2021-09-13] (Microsoft Windows -> Microsoft Corporation)
S3 Usb4HostRouter; C:\WINDOWS\System32\DriverStore\FileRepository\usb4hostrouter.inf_amd64_acb1b78bb0ae3528\Usb4HostRouter.sys [557368 2021-09-13] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-10-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-10-05] (Microsoft Windows -> Microsoft Corporation)
S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-06 08:59 - 2021-10-06 09:00 - 000052693 _____ C:\Users\lamas\Downloads\Addition.txt
2021-10-06 08:41 - 2021-10-06 09:03 - 000041547 _____ C:\Users\lamas\Downloads\FRST.txt
2021-10-06 08:41 - 2021-10-06 09:03 - 000000000 ____D C:\FRST
2021-10-06 08:40 - 2021-10-06 08:40 - 002308096 _____ (Farbar) C:\Users\lamas\Downloads\FRST64.exe
2021-10-06 08:23 - 2021-10-06 08:23 - 003412544 _____ C:\Users\lamas\Downloads\SS_Odinstalator.exe
2021-10-05 21:52 - 2021-10-05 21:52 - 031679995 _____ C:\Users\lamas\Downloads\arm64.appxsym
2021-10-05 21:52 - 2021-10-05 21:52 - 000001850 _____ C:\Users\lamas\Downloads\TranslucentTB.appinstaller
2021-10-05 21:47 - 2021-10-05 22:03 - 000000254 _____ C:\Users\lamas\AppData\Local\rtb.json
2021-10-05 21:46 - 2021-10-05 21:46 - 000000000 ____D C:\Tweaks
2021-10-05 21:44 - 2021-10-05 21:44 - 005056392 _____ C:\Users\lamas\Downloads\RoundedTB_R3.zip
2021-10-05 17:04 - 2021-10-05 17:04 - 003272671 _____ C:\Users\lamas\Downloads\Niki Lambropoulos - Educational Social Software for Context-Aware Learning_ Collaborative Methods and Human Interaction (Premier Reference Source) (2009) - libgen.lc.pdf
2021-10-05 12:31 - 2021-10-05 12:31 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-015006-000000.txt
2021-10-05 09:00 - 2021-10-05 09:00 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-10-05 08:58 - 2021-10-05 08:58 - 000000020 ___SH C:\Users\lamas\ntuser.ini
2021-10-05 08:57 - 2021-10-06 08:20 - 000004212 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{326694B8-4184-4BDD-88EA-DAA8C6D20B98}
2021-10-05 08:57 - 2021-10-05 12:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-05 08:57 - 2021-10-05 08:57 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2021-10-05 08:57 - 2021-10-05 08:57 - 000011433 _____ C:\WINDOWS\diagerr.xml
2021-10-05 08:57 - 2021-10-05 08:57 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-05 08:57 - 2021-10-05 08:57 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-10-05 08:57 - 2021-10-05 08:57 - 000003420 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2021-10-05 08:57 - 2021-10-05 08:57 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-05 08:57 - 2021-10-05 08:57 - 000003318 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d71741fe994e22
2021-10-05 08:57 - 2021-10-05 08:57 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-05 08:57 - 2021-10-05 08:57 - 000003274 _____ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate
2021-10-05 08:57 - 2021-10-05 08:57 - 000003196 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
2021-10-05 08:57 - 2021-10-05 08:57 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-10-05 08:57 - 2021-10-05 08:57 - 000003042 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2021-10-05 08:57 - 2021-10-05 08:57 - 000002970 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2021-10-05 08:57 - 2021-10-05 08:57 - 000002716 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-10-05 08:57 - 2021-10-05 08:57 - 000002678 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2021-10-05 08:57 - 2021-10-05 08:57 - 000002604 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2021-10-05 08:57 - 2021-10-05 08:57 - 000002258 _____ C:\WINDOWS\system32\Tasks\SmartByte Telemetry
2021-10-05 08:57 - 2021-10-05 08:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-3376143671-3383002286-3793547419-1001
2021-10-05 08:57 - 2021-10-05 08:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-10-05 08:57 - 2021-10-05 08:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-10-05 08:57 - 2020-01-06 21:36 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4142148808-3688044604-2645567298-500
2021-10-05 08:56 - 2021-10-05 12:36 - 001714958 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-05 08:54 - 2021-10-05 18:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-05 08:53 - 2021-10-05 08:57 - 000000000 ____D C:\Windows.old
2021-10-05 08:44 - 2021-10-05 08:53 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-10-05 08:43 - 2021-10-05 08:58 - 000000000 ____D C:\Users\lamas
2021-10-05 08:43 - 2021-10-05 08:53 - 000000000 ____D C:\WINDOWS\system32\Intel
2021-10-05 08:43 - 2021-10-05 08:43 - 000000000 _SHDL C:\Users\lamas\Šablony
2021-10-05 08:43 - 2021-10-05 08:43 - 000000000 _SHDL C:\Users\lamas\Soubory cookie
2021-10-05 08:43 - 2021-10-05 08:43 - 000000000 _SHDL C:\Users\lamas\Poslední
2021-10-05 08:43 - 2021-10-05 08:43 - 000000000 _SHDL C:\Users\lamas\Okolní tiskárny
2021-10-05 08:43 - 2021-10-05 08:43 - 000000000 _SHDL C:\Users\lamas\Okolní síť
2021-10-05 08:43 - 2021-10-05 08:43 - 000000000 _SHDL C:\Users\lamas\Nabídka Start
2021-10-05 08:43 - 2021-10-05 08:43 - 000000000 _SHDL C:\Users\lamas\Dokumenty
2021-10-05 08:43 - 2021-10-05 08:43 - 000000000 _SHDL C:\Users\lamas\Data aplikací
2021-10-05 08:43 - 2021-10-05 08:43 - 000000000 _SHDL C:\Users\lamas\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-10-05 08:43 - 2021-10-05 08:43 - 000000000 _SHDL C:\Users\lamas\AppData\Local\Data aplikací
2021-10-05 08:43 - 2021-10-05 08:43 - 000000000 ____D C:\WINDOWS\system32\cAVS
2021-10-05 08:43 - 2021-10-05 08:43 - 000000000 ____D C:\WINDOWS\Firmware
2021-10-05 08:43 - 2021-06-05 14:04 - 000001281 _____ C:\Users\lamas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2021-10-05 08:43 - 2021-06-05 14:04 - 000000407 _____ C:\Users\lamas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2021-10-05 08:42 - 2021-10-05 08:44 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-10-05 08:41 - 2021-10-05 08:41 - 000000000 __RSD C:\WINDOWS\SysWOW64\WindowsDevicePortal
2021-10-05 08:41 - 2021-10-05 08:41 - 000000000 __RSD C:\WINDOWS\system32\WindowsDevicePortal
2021-10-05 08:41 - 2021-10-05 08:41 - 000000000 ___RD C:\WINDOWS\WebManagement
2021-10-05 08:34 - 2021-10-05 08:34 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2021-10-05 08:34 - 2021-10-05 08:34 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-10-05 08:34 - 2021-10-05 08:34 - 000000000 ____D C:\Program Files\MSBuild
2021-10-05 08:34 - 2021-10-05 08:34 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-10-05 08:34 - 2021-10-05 08:34 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-10-05 08:29 - 2021-10-05 08:29 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-10-05 08:22 - 2021-10-05 13:44 - 000000000 ___DC C:\WINDOWS\Panther
2021-10-05 08:20 - 2021-10-05 08:22 - 000000036 _____ C:\WINDOWS\progress.ini
2021-10-05 08:06 - 2021-10-05 08:20 - 000000000 ___HD C:\$GetCurrent
2021-10-05 08:06 - 2021-10-05 08:20 - 000000000 ____D C:\Program Files (x86)\WindowsInstallationAssistant
2021-10-02 12:54 - 2021-10-02 12:54 - 000002146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-09-29 23:50 - 2021-09-29 23:50 - 000002370 _____ C:\Users\lamas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-09-28 11:22 - 2021-10-05 08:53 - 000000000 ____D C:\WINDOWS\system32\ihvmanager
2021-09-28 11:19 - 2021-09-28 11:19 - 000000000 ____D C:\Riot Games
2021-09-28 10:10 - 2021-09-28 10:10 - 000002142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-25 20:37 - 2021-09-25 20:37 - 000000000 ____D C:\Users\lamas\AppData\Local\Sentry
2021-09-16 20:08 - 2021-09-16 20:08 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-015005-000000.txt
2021-09-16 20:07 - 2021-09-17 07:42 - 000000000 ____D C:\Users\lamas\AppData\Local\Notepad
2021-09-16 18:58 - 2021-09-16 18:58 - 000000000 ___HD C:\$WinREAgent
2021-09-13 17:48 - 2021-09-13 17:48 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-09-13 17:48 - 2021-09-13 17:48 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-09-13 17:48 - 2021-09-13 17:48 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-09-13 17:48 - 2021-09-13 17:48 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-09-13 17:41 - 2021-09-13 17:41 - 002764800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-09-13 17:41 - 2021-09-13 17:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-09-13 17:41 - 2021-09-13 17:41 - 000659456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-09-13 17:41 - 2021-09-13 17:41 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-09-13 17:41 - 2021-09-13 17:41 - 000377136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-09-13 17:41 - 2021-09-13 17:41 - 000269112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-09-13 17:41 - 2021-09-13 17:41 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssText3d.scr
2021-09-13 17:41 - 2021-09-13 17:41 - 000009522 _____ C:\WINDOWS\system32\ResPriUHMImageList
2021-09-13 17:41 - 2021-09-13 17:41 - 000009522 _____ C:\WINDOWS\system32\ResPriImageList
2021-09-13 17:41 - 2021-09-13 17:41 - 000009522 _____ C:\WINDOWS\system32\ResPriHMImageList
2021-09-13 17:41 - 2021-09-13 17:41 - 000009402 _____ C:\WINDOWS\system32\ResPriHMImageListLowCost
2021-09-13 17:41 - 2021-09-13 17:41 - 000008964 _____ C:\WINDOWS\system32\ResPriLMImageList
2021-09-13 17:41 - 2021-09-13 17:41 - 000008870 _____ C:\WINDOWS\system32\ResPriImageListLowCost
2021-09-13 17:40 - 2021-09-13 17:40 - 002310384 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-13 17:40 - 2021-09-13 17:40 - 001856848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-13 17:40 - 2021-09-13 17:40 - 001745736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-13 17:40 - 2021-09-13 17:40 - 000727584 _____ C:\WINDOWS\system32\TextShaping.dll
2021-09-13 17:40 - 2021-09-13 17:40 - 000617136 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-09-13 17:40 - 2021-09-13 17:40 - 000614400 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-13 17:40 - 2021-09-13 17:40 - 000453120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-13 17:40 - 2021-09-13 17:40 - 000425984 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-13 17:40 - 2021-09-13 17:40 - 000360448 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-09-13 17:40 - 2021-09-13 17:40 - 000335872 _____ C:\WINDOWS\system32\Windows.Internal.UI.Dialogs.dll
2021-09-13 17:40 - 2021-09-13 17:40 - 000267264 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Dialogs.dll
2021-09-13 17:40 - 2021-09-13 17:40 - 000221184 _____ C:\WINDOWS\SysWOW64\Microsoft.Internal.FrameworkUdk.System.dll
2021-09-13 17:40 - 2021-09-13 17:40 - 000180224 _____ C:\WINDOWS\system32\CloudExperienceHostRedirection.dll
2021-09-13 17:40 - 2021-09-13 17:40 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmview.ocx
2021-09-13 17:40 - 2021-09-13 17:40 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmview.ocx
2021-09-13 17:40 - 2021-09-13 17:40 - 000099560 _____ C:\WINDOWS\system32\wow64con.dll
2021-09-13 17:40 - 2021-09-13 17:40 - 000077824 _____ C:\WINDOWS\system32\runexehelper.exe
2021-09-13 17:40 - 2021-09-13 17:40 - 000041594 _____ C:\WINDOWS\SysWOW64\ctac.json
2021-09-13 17:40 - 2021-09-13 17:40 - 000036864 _____ C:\WINDOWS\system32\umpodev.dll
2021-09-13 17:40 - 2021-09-13 17:40 - 000014566 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-13 17:40 - 2021-09-13 17:40 - 000003366 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2021-09-13 17:40 - 2021-09-13 17:40 - 000003366 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2021-09-13 17:39 - 2021-09-13 17:39 - 000626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-13 17:39 - 2021-09-13 17:39 - 000311296 _____ C:\WINDOWS\system32\Microsoft.Internal.FrameworkUdk.System.dll
2021-09-13 17:39 - 2021-09-13 17:39 - 000258048 _____ C:\WINDOWS\system32\CoreMas.dll
2021-09-13 17:39 - 2021-09-13 17:39 - 000172032 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-13 17:39 - 2021-09-13 17:39 - 000041594 _____ C:\WINDOWS\system32\ctac.json
2021-09-12 15:57 - 2021-04-22 18:52 - 001790232 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-09-12 15:57 - 2021-04-22 18:52 - 001790232 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-09-12 15:57 - 2021-04-22 18:52 - 001386280 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-09-12 15:57 - 2021-04-22 18:52 - 001386280 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-09-12 15:57 - 2021-04-22 18:52 - 001096328 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-09-12 15:57 - 2021-04-22 18:52 - 001096328 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-09-12 15:57 - 2021-04-22 18:52 - 000949384 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-09-12 15:57 - 2021-04-22 18:52 - 000949384 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-09-12 15:57 - 2021-04-22 18:52 - 000613712 _____ C:\WINDOWS\system32\ze_tracing_layer.dll
2021-09-12 15:57 - 2021-04-22 18:52 - 000426832 _____ C:\WINDOWS\system32\ze_loader.dll
2021-09-12 15:57 - 2021-04-22 18:52 - 000308640 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2021-09-12 15:57 - 2021-04-22 18:52 - 000256056 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2021-09-12 15:57 - 2021-04-22 18:52 - 000172048 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2021-09-12 15:57 - 2021-04-22 18:52 - 000147360 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2021-09-12 15:57 - 2021-04-22 18:52 - 000143704 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2021-09-12 15:57 - 2021-04-22 18:51 - 026655552 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll
2021-09-12 15:57 - 2021-04-22 18:51 - 013486912 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll
2021-09-12 15:57 - 2021-04-22 18:50 - 000326992 _____ C:\WINDOWS\system32\control_api.dll
2021-09-08 10:30 - 2021-09-09 10:28 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2021-09-06 10:11 - 2021-10-05 08:53 - 000000000 ____D C:\Users\lamas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DeepL GmbH
2021-09-06 10:11 - 2021-09-30 15:58 - 000000000 ____D C:\Users\lamas\AppData\Local\DeepL_GmbH
2021-09-06 10:11 - 2021-09-06 10:11 - 000000000 ____D C:\Users\lamas\AppData\Local\DeepL
2021-09-06 10:11 - 2021-09-06 10:11 - 000000000 ____D C:\ProgramData\lamas
2021-09-06 10:10 - 2021-09-28 10:10 - 000000000 ____D C:\Program Files\Microsoft OneDrive

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-06 08:47 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-06 08:41 - 2021-06-05 14:09 - 000000000 ____D C:\WINDOWS\INF
2021-10-06 08:33 - 2020-04-03 17:01 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-06 08:32 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-10-06 08:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\appcompat
2021-10-06 08:15 - 2020-04-03 17:02 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-05 22:06 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-05 21:53 - 2021-06-05 14:10 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-05 21:53 - 2020-04-03 16:11 - 000000000 ____D C:\Users\lamas\AppData\Local\Packages
2021-10-05 21:53 - 2020-01-07 21:45 - 000000000 ____D C:\ProgramData\Packages
2021-10-05 20:49 - 2021-07-19 16:12 - 000000000 ____D C:\Users\lamas\AppData\LocalLow\Mozilla
2021-10-05 18:44 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-10-05 13:24 - 2020-04-03 16:13 - 000000000 ____D C:\Users\lamas\AppData\Local\PlaceholderTileLogoFolder
2021-10-05 12:50 - 2020-04-04 13:54 - 000000000 ____D C:\Users\lamas\AppData\Local\D3DSCache
2021-10-05 12:49 - 2020-01-07 21:30 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2021-10-05 12:46 - 2020-04-03 16:13 - 000000000 ___RD C:\Users\lamas\OneDrive
2021-10-05 12:36 - 2021-06-05 19:20 - 000727326 _____ C:\WINDOWS\system32\perfh005.dat
2021-10-05 12:36 - 2021-06-05 19:20 - 000151236 _____ C:\WINDOWS\system32\perfc005.dat
2021-10-05 12:31 - 2021-08-05 14:08 - 000012288 ___SH C:\DumpStack.log.tmp
2021-10-05 12:31 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ServiceState
2021-10-05 12:31 - 2021-06-05 14:01 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-10-05 12:31 - 2020-04-03 16:11 - 000000000 __SHD C:\Users\lamas\IntelGraphicsProfiles
2021-10-05 12:31 - 2020-01-07 21:26 - 000000000 ____D C:\Intel
2021-10-05 12:05 - 2021-06-05 14:01 - 000000000 ____D C:\WINDOWS\servicing
2021-10-05 12:05 - 2021-06-05 14:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-10-05 11:50 - 2021-06-05 14:10 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-10-05 11:50 - 2020-01-06 21:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-10-05 08:58 - 2021-06-05 14:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-10-05 08:58 - 2020-01-06 21:34 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-10-05 08:57 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-10-05 08:57 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\Registration
2021-10-05 08:57 - 2021-06-05 14:10 - 000000000 ____D C:\Program Files\Windows NT
2021-10-05 08:57 - 2021-06-05 14:10 - 000000000 ____D C:\Program Files\Windows Defender
2021-10-05 08:57 - 2021-06-05 14:01 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-10-05 08:56 - 2021-03-06 22:52 - 000002376 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2021-10-05 08:55 - 2021-06-05 14:10 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-10-05 08:55 - 2021-03-12 15:15 - 000027972 _____ C:\WINDOWS\system32\emptyregdb.dat
2021-10-05 08:54 - 2021-06-05 14:08 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-10-05 08:54 - 2020-08-30 01:02 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-05 08:53 - 2021-08-25 19:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2021-10-05 08:53 - 2021-08-24 20:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics
2021-10-05 08:53 - 2021-08-07 20:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2021-10-05 08:53 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\spool
2021-10-05 08:53 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-10-05 08:53 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2021-10-05 08:53 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-10-05 08:53 - 2021-05-22 13:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2021-10-05 08:53 - 2021-04-02 13:13 - 000000000 ____D C:\WINDOWS\system32\Samsung
2021-10-05 08:53 - 2020-10-15 07:58 - 000000000 ____D C:\Users\lamas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-10-05 08:53 - 2020-05-31 05:01 - 000000000 ____D C:\Program Files\UNP
2021-10-05 08:53 - 2020-04-03 18:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2021-10-05 08:53 - 2020-04-03 17:06 - 000000000 ____D C:\Program Files\Intel
2021-10-05 08:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-10-05 08:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-10-05 08:47 - 2021-06-05 14:10 - 000000000 __RHD C:\Users\Public\Libraries
2021-10-05 08:47 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\USOPrivate
2021-10-05 08:44 - 2021-08-25 19:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2021-10-05 08:43 - 2021-06-05 14:14 - 000000000 ____D C:\WINDOWS\Setup
2021-10-05 08:43 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-10-05 08:41 - 2021-06-05 19:27 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-10-05 08:41 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemApps
2021-10-05 08:40 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\OCR
2021-10-05 08:39 - 2021-06-05 19:28 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-10-05 08:39 - 2021-06-05 19:28 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-10-05 08:39 - 2021-06-05 19:20 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-10-05 08:39 - 2021-06-05 19:20 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-10-05 08:39 - 2021-06-05 19:20 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-10-05 08:39 - 2021-06-05 19:20 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-10-05 08:39 - 2021-06-05 19:20 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-10-05 08:39 - 2021-06-05 19:20 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-10-05 08:39 - 2021-06-05 19:20 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-10-05 08:39 - 2021-06-05 19:20 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-10-05 08:39 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-10-05 08:39 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-10-05 08:39 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-10-05 08:39 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-10-05 08:39 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-10-05 08:39 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-10-05 08:39 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-10-05 08:39 - 2021-06-05 14:10 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-10-05 08:34 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-10-05 08:34 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-10-05 08:32 - 2020-07-19 04:16 - 000021968 _____ (Thales) C:\WINDOWS\system32\axaltocm.dll
2021-10-01 15:19 - 2020-01-06 21:29 - 000000000 ____D C:\Program Files\Microsoft Office
2021-09-29 18:10 - 2021-08-07 20:34 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-09-29 18:10 - 2021-07-19 16:12 - 000000000 ____D C:\ProgramData\Mozilla
2021-09-28 14:56 - 2020-04-03 18:03 - 000000000 ____D C:\ProgramData\Riot Games
2021-09-28 11:22 - 2020-01-07 21:29 - 000000000 ____D C:\Program Files (x86)\Qualcomm
2021-09-28 11:21 - 2020-12-29 19:05 - 000000000 ____D C:\ProgramData\Intel Package Cache {d8170687-85fa-4716-bafd-087205d0db72}
2021-09-28 11:21 - 2020-12-29 19:05 - 000000000 ____D C:\ProgramData\Intel Package Cache {9f9c9e51-d42f-4462-a27a-7d419da18045}
2021-09-28 11:21 - 2020-12-29 19:05 - 000000000 ____D C:\ProgramData\Intel Package Cache {29d6077f-6adb-42de-abac-1c60aeb0e237}
2021-09-28 11:21 - 2020-12-29 19:05 - 000000000 ____D C:\ProgramData\Intel Package Cache {1CEAC85D-2590-4760-800F-8DE5E91F3700}
2021-09-28 11:21 - 2020-04-03 17:06 - 000000000 ____D C:\Program Files (x86)\Intel
2021-09-17 07:42 - 2021-08-05 13:25 - 000000000 ____D C:\Users\lamas\OneDrive\Dokumenty\Onenotové poznámkové bloky
2021-09-16 08:56 - 2020-04-04 18:31 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-16 08:56 - 2020-04-04 18:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemResources
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\id-ID
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\Provisioning
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\Program Files\Common Files\System
2021-09-13 17:49 - 2021-06-05 19:28 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-09-13 17:49 - 2021-06-05 19:28 - 000021047 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-09-12 21:41 - 2021-08-07 20:30 - 000000000 ____D C:\Users\lamas\AppData\Roaming\obs-studio
2021-09-12 16:04 - 2020-04-20 18:33 - 000000000 ____D C:\Users\lamas\AppData\Local\ElevatedDiagnostics
2021-09-09 20:22 - 2021-07-19 16:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-09-09 10:28 - 2021-08-02 13:42 - 000001069 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-09-06 10:11 - 2020-04-03 17:38 - 000000000 ____D C:\Users\lamas\AppData\Local\SquirrelTemp

==================== Files in the root of some directories ========

2020-10-15 16:50 - 2020-10-20 01:51 - 000000330 _____ () C:\Users\lamas\AppData\Roaming\debug.log
2020-04-04 13:57 - 2021-08-04 21:46 - 000007659 _____ () C:\Users\lamas\AppData\Local\Resmon.ResmonCfg
2021-10-05 21:47 - 2021-10-05 22:03 - 000000254 _____ () C:\Users\lamas\AppData\Local\rtb.json
2021-10-05 21:47 - 2021-10-05 22:12 - 000016138 _____ () C:\Users\lamas\AppData\Local\rtb.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: Nalezena potencionálně nežádoucí aplikace

Napsal: 06 říj 2021 17:41
od Rudy
OK. Teď spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Nalezena potencionálně nežádoucí aplikace

Napsal: 06 říj 2021 17:57
od Ohsen
# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-09-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-06-2021
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Tweaks

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3652 octets] - [06/10/2021 18:52:43]
AdwCleaner[S01].txt - [3713 octets] - [06/10/2021 18:53:57]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Re: Nalezena potencionálně nežádoucí aplikace

Napsal: 06 říj 2021 18:48
od Rudy
OK. Dejte nové logy FRST+Addition.

Re: Nalezena potencionálně nežádoucí aplikace

Napsal: 06 říj 2021 19:09
od Ohsen
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2021
Ran by lamas (administrator) on MICHALZICH (Dell Inc. Inspiron 3593) (06-10-2021 20:01:36)
Running from C:\Users\lamas\Downloads
Loaded Profiles: lamas
Platform: Windows 10 Home Version 21H2 22000.194 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Facebook Inc) C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\Messenger.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <36>
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_dd349ca1e8d98184\LMS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_10.2102.13.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe <5>
(Microsoft Windows -> ) C:\Windows\System32\AggregatorHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Scans\MsMpEngCP.exe
(OpenVPN Inc. -> ) C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpn.exe
(OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1141544 2020-09-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_f9e3e5f664173b9e\WavesSvc64.exe [1774688 2020-09-03] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288184 2021-08-10] (Intel Corporation -> Intel)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2340224 2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2340224 2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2340224 2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\lamas\appdata\local\microsoft\teams\Update.exe [2455256 2021-09-29] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\Run: [] => [X]
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [669112 2019-10-31] (OpenVPN Inc. -> )
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\Run: [DeepL] => C:\ProgramData\lamas\DeepL\app-2.9.2501\DeepL.exe [141360 2021-09-25] (DeepL GmbH -> DeepL GmbH)
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\94.0.4606.71\Installer\chrmstp.exe [2021-10-06] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\94.1.30.87\Installer\chrmstp.exe [2021-10-02] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\Software\...\Winlogon\GPExtensions: [{8472C2C4-6B70-4301-A20D-A6CEA5F82B7E}] -> C:\WINDOWS\System32\StartTileData.dll [2021-09-13] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\Users\lamas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk [2020-10-02]
ShortcutTarget: GameRanger.lnk -> C:\Users\lamas\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
Startup: C:\Users\lamas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2021-10-05]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C064AF8-8AD7-44E3-8494-F37CABF8185D} - System32\Tasks\Microsoft\Windows\AppListBackup\Backup => {E0DCC2CC-3354-45F2-8914-519E07809082} C:\WINDOWS\system32\AppListBackupLauncher.dll [110592 2021-09-13] (Microsoft Windows -> Microsoft Corporation)
Task: {1252A84C-8F10-40E8-A3DB-1C30B0D37B16} - System32\Tasks\Microsoft\Windows\Printing\PrinterCleanupTask => {C56F065E-DE49-4E42-BE7C-305C45609D25} C:\Windows\System32\PrinterCleanupTask.dll [118784 2021-09-13] (Microsoft Windows -> Microsoft Corporation)
Task: {25DABF92-6809-41AD-AF36-12B2295DD266} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\8F97F399-8A09-446E-8B52-42E097F5026B\Passport for Work alert created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [487424 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {2BEB8C7E-183F-4A18-AA7C-64DCD72C6F85} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2F735F1E-E2A4-4242-AF1F-74B14590B951} - System32\Tasks\Microsoft\Windows\Kernel\La57Cleanup => C:\WINDOWS\system32\la57setup.exe [36864 2021-09-13] (Microsoft Windows -> Microsoft Corporation)
Task: {318D7E32-98F1-42A1-A2C7-245BFDAFB513} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [681400 2021-08-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {39BDCE6C-3B60-491E-BA1F-E52FD29394DB} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1060384 2021-08-20] (Dell Inc -> Dell Inc.)
Task: {3A931A9C-0407-4BA6-B090-AEF8B0522E82} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {42E1BD8F-7DEB-402C-98F4-820696DA968A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {4EBA7B35-9796-47FA-A58C-8F77822C3BFC} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\8F97F399-8A09-446E-8B52-42E097F5026B\PushRenewal => C:\WINDOWS\system32\deviceenroller.exe [487424 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {5229D831-02A3-48A6-8FB4-021705B88EF8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1551256 2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {5B19304E-A302-4B5C-BB28-307DCB77498E} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {6C50FD2B-6E41-42D6-935F-9C649F38AB2A} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\8F97F399-8A09-446E-8B52-42E097F5026B\Schedule #1 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [487424 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {7AB72538-1652-4AC0-A87E-2124F9480E15} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\8F97F399-8A09-446E-8B52-42E097F5026B\Schedule #2 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [487424 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {7C3B27B7-1FEB-41C4-983A-C3F665914ED7} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-06] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {82670F64-033B-406A-ADD2-26A17FD5DB93} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\8F97F399-8A09-446E-8B52-42E097F5026B\Schedule to run OMADMClient by client => C:\WINDOWS\system32\omadmclient.exe [450560 2021-09-13] (Microsoft Windows -> Microsoft Corporation)
Task: {83E7DBD0-3119-4213-BCA2-45AFD2B01447} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5729200 2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {865C1CC6-E229-485E-99D5-E296F45506C1} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation)
Task: {8785D04A-9290-403F-A715-700A0E93F02D} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\8F97F399-8A09-446E-8B52-42E097F5026B\Provisioning initiated session => C:\WINDOWS\system32\deviceenroller.exe [487424 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {9D812998-1EF4-409C-94C3-E2AB030BEC2A} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\8F97F399-8A09-446E-8B52-42E097F5026B\Schedule created by enrollment client for renewal of certificate warning => C:\WINDOWS\system32\deviceenroller.exe [487424 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {9E2723D6-BF78-4364-818F-4FAF85A00B83} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134504 2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {A113AD26-AA99-4C14-9101-6C53FDBA2241} - System32\Tasks\Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup => C:\WINDOWS\system32\MdmDiagnosticsTool.exe [90112 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {A5E45BCC-DE8C-487B-8C49-9953CC47CF24} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21976976 2021-09-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {A79BA140-4629-44DD-88F3-26A23688E8F2} - System32\Tasks\microsoft\windows\capabilityaccessmanager\maintenancetasks => %windir%\system32\rundll32.exe %windir%\system32\CapabilityAccessManager.dll,CapabilityAccessManagerDoStoreMaintenance
Task: {AD17FDCC-F3EF-44FF-B691-EDE9C07A616E} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [3977072 2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {B2A6AF0E-C246-4FA1-AF15-1249F99A2AC3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5729200 2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {BEBEA9B6-E74E-4AD4-8430-4BB02D7A57E7} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\8F97F399-8A09-446E-8B52-42E097F5026B\OS Edition Upgrade event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [487424 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {C017E83D-7A42-41F0-AAF8-9346DF155FC7} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\8F97F399-8A09-446E-8B52-42E097F5026B\Schedule #3 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [487424 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {C0834920-9146-4692-9853-A7F05F35DFAB} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4103280 2021-09-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {C6011FD0-35D2-4566-A99D-E2AE2CF1F091} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-06] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {CB614C11-F9BE-4453-A14B-E4A135C8E09F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe
Task: {D154AD10-E56B-4E18-8A60-029A50919241} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134504 2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {D25DC36E-8E1C-4672-90F1-3D83D36FAA60} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\8F97F399-8A09-446E-8B52-42E097F5026B\PushUpgrade => C:\WINDOWS\system32\deviceenroller.exe [487424 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {DBB429E7-5C23-4790-9AA6-C335979AB8CB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-03] (Google LLC -> Google LLC)
Task: {DF1F4569-AC0D-46CC-A0EA-324B5919E83A} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation)
Task: {E23CF514-6E2B-447F-8935-3731F13A3D01} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\8F97F399-8A09-446E-8B52-42E097F5026B\Schedule to run OMADMClient by server => C:\WINDOWS\system32\omadmclient.exe [450560 2021-09-13] (Microsoft Windows -> Microsoft Corporation)
Task: {E86DB898-0B87-4F5B-B407-4627F86451DF} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\8F97F399-8A09-446E-8B52-42E097F5026B\PushLaunch => C:\WINDOWS\system32\deviceenroller.exe [487424 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {ED476BAD-B100-4DE5-A82A-0A48AB6DC971} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-03] (Google LLC -> Google LLC)
Task: {EE923EBC-0FD5-44E3-8D1B-DAA50EE7ACC5} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\8F97F399-8A09-446E-8B52-42E097F5026B\Win10 S Mode event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [487424 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {F21E75C8-2470-408B-90B9-0C16A9649589} - System32\Tasks\Microsoft\Windows\Shell\ThemesSyncedImageDownload => {79F8E185-4E45-4B74-8182-02AA430661E4} C:\Windows\System32\Themes.SsfDownload.ScheduledTask.dll [200704 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {F307A1A1-A5C6-40CD-9256-98EDFFDB2C53} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21976976 2021-09-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {F41BE135-6BAF-4CA8-ACB2-91E67CAD3B21} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [95072 2020-08-14] (Rivet Networks LLC -> DELL)
Task: {F53E0D7C-E609-45DB-A4D8-326892F4FA38} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\WINDOWS\SysWOW64\nlansp_c.dll [83456 2021-06-05] (Microsoft Windows -> Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 07 C:\Windows\system32\nlansp_c.dll [126976 2021-06-05] (Microsoft Windows -> Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 86.49.5.221 86.49.5.222
Tcpip\..\Interfaces\{02152c23-48b5-463b-b4fd-4ca2533077c5}: [DhcpNameServer] 147.251.6.10 147.251.4.33
Tcpip\..\Interfaces\{0e3c8def-2bea-4880-94b8-3a133d0a4120}: [DhcpNameServer] 147.251.4.33 147.251.6.10
Tcpip\..\Interfaces\{92122bf3-6403-4cdc-9c9d-7846e2b069fd}: [DhcpNameServer] 77.48.254.254 77.48.100.254
Tcpip\..\Interfaces\{d9f01dc5-a066-4c6d-b3e4-f104e3c4edbb}: [DhcpNameServer] 147.251.4.33 147.251.6.10
Tcpip\..\Interfaces\{e17a547e-b113-4acb-9dab-233bde85000d}: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{f4a69acf-a4da-4338-b893-ee6a8e33d2df}: [DhcpNameServer] 86.49.5.221 86.49.5.222

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\lamas\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-06]

FireFox:
========
FF DefaultProfile: ks9z3nnx.default
FF ProfilePath: C:\Users\lamas\AppData\Roaming\Mozilla\Firefox\Profiles\ks9z3nnx.default [2021-07-19]
FF ProfilePath: C:\Users\lamas\AppData\Roaming\Mozilla\Firefox\Profiles\gb77tiix.default-release [2021-09-29]
FF Extension: (LastPass: Free Password Manager) - C:\Users\lamas\AppData\Roaming\Mozilla\Firefox\Profiles\gb77tiix.default-release\Extensions\support@lastpass.com.xpi [2021-08-07]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-09-25] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default [2021-10-06]
CHR HomePage: Default -> hxxp://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Překladač Google) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-08-17]
CHR Extension: (Prezentace) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-03]
CHR Extension: (Dokumenty) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-03]
CHR Extension: (Disk Google) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (DuckDuckGo) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2021-10-01]
CHR Extension: (YouTube) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-03]
CHR Extension: (DjVu Viewer and Reader) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnjifppcgdoacjkgnmkhphgfgdnkfjk [2021-09-10]
CHR Extension: (uBlock Origin) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-10-05]
CHR Extension: (Tabulky) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-30]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2021-09-30]
CHR Extension: (Unpaywall) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\iplffkdpngmdjhlpjmppncnlhomiipha [2021-08-01]
CHR Extension: (Web Scraper - Free Web Scraping) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnhgnonknehpejjnehehllkliplmbmhn [2021-08-25]
CHR Extension: (Save to Pocket) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2020-11-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Profile: C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-10-06]
CHR Profile: C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-10-06]
CHR Notifications: Profile 1 -> hxxps://mail.google.com
CHR Extension: (Prezentace) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-08-03]
CHR Extension: (Dokumenty) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-08-03]
CHR Extension: (Disk Google) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-08-03]
CHR Extension: (YouTube) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-08-03]
CHR Extension: (Tabulky) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-08-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-03]
CHR Extension: (Gmail) - C:\Users\lamas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-08-03]
CHR Profile: C:\Users\lamas\AppData\Local\Google\Chrome\User Data\System Profile [2021-10-06]

Brave:
=======
BRA Profile: C:\Users\lamas\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-03-07]
BRA Extension: (LastPass: Free Password Manager) - C:\Users\lamas\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2021-03-06]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\lamas\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-03-06]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\lamas\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-03-07]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\lamas\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2021-03-07]
BRA Extension: (Brave NTP sponsored images) - C:\Users\lamas\AppData\Local\BraveSoftware\Brave-Browser\User Data\efkihffiamafhbhefjaljejgdpkelpal [2021-03-07]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\lamas\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-03-06]
BRA Extension: (Brave Ad Block Updater (CZE, SVK: EasyList Czech and Slovak)) - C:\Users\lamas\AppData\Local\BraveSoftware\Brave-Browser\User Data\omkkefoeihpbpebhhbhmjekpnegokpbj [2021-03-07]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\lamas\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-03-06]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-06] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-06] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9250696 2021-09-24] (Microsoft Corporation -> Microsoft Corporation)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [315008 2021-05-13] (Dell Inc -> Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [426528 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3835424 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [452640 2021-08-02] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [50888 2021-06-24] (Dell Inc -> )
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1020584 2021-07-28] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [19128 2021-07-08] (Dell Inc -> Dell INC.)
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{5A4E1D3D-D97D-487E-8A66-42533AC9D6B8} [45368 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38600 2021-07-20] (Dell Inc -> )
S2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [36792 2021-08-10] (Intel Corporation -> Intel)
S3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [176568 2021-08-10] (Intel Corporation -> Intel)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncHelper.exe [3249520 2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
S3 FrameServerMonitor; C:\WINDOWS\system32\FrameServerMonitor.dll [319488 2021-09-13] (Microsoft Windows -> Microsoft Corporation)
S3 McpManagementService; C:\WINDOWS\System32\McpManagementService.dll [319488 2021-09-13] (Microsoft Windows -> Microsoft Corporation)
S3 NPSMSvc; C:\WINDOWS\System32\npsm.dll [233472 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 NPSMSvc; C:\WINDOWS\SysWOW64\npsm.dll [163840 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [45368 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.180.0905.0007\OneDriveUpdaterService.exe [3718016 2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] (OpenVPN Technologies, Inc. -> )
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [66488 2019-10-31] (OpenVPN Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [66488 2019-10-31] (OpenVPN Inc. -> The OpenVPN Project)
S3 P9RdrService; C:\WINDOWS\system32\p9rdrservice.dll [122880 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [188728 2021-05-28] (Qualcomm Atheros, Inc. -> )
S2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [64848 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64856 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
S2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1630576 2020-08-14] (Rivet Networks LLC -> Rivet Networks)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2385256 2020-08-14] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-08-20] (Dell Inc -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe [2855512 2021-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe [128392 2021-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-07-28] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
S0 ebdrv; C:\WINDOWS\System32\drivers\evbda.sys [3440440 2021-06-05] (Microsoft Windows -> Marvell Semiconductor Inc.)
S0 ebdrv0; C:\WINDOWS\System32\drivers\evbd0a.sys [3423032 2021-06-05] (Microsoft Windows -> QLogic Corporation)
S3 ExecutionContext; C:\WINDOWS\System32\Drivers\ExecutionContext.sys [61440 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 HidSpiCx; C:\WINDOWS\System32\drivers\HidSpiCx.sys [118784 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 iaLPSS2_GPIO2_ICL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_icl.inf_amd64_90beccc7e046abab\iaLPSS2_GPIO2_ICL.sys [132872 2020-04-28] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ICL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_icl.inf_amd64_c8c0638291b9b209\iaLPSS2_I2C_ICL.sys [200456 2020-04-28] (Intel Corporation -> Intel Corporation)
R0 IntelPMT; C:\WINDOWS\System32\drivers\IntelPMT.sys [74224 2021-06-05] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S0 megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [100176 2021-06-05] (Microsoft Windows -> Broadcom Inc)
S0 mpi3drvi; C:\WINDOWS\System32\drivers\mpi3drvi.sys [87352 2021-06-05] (Microsoft Windows -> Broadcom Limited)
S3 NDKPerf; C:\WINDOWS\System32\drivers\NDKPerf.sys [78152 2021-06-05] (Microsoft Windows -> )
S0 nvmedisk; C:\WINDOWS\System32\drivers\nvmedisk.sys [82240 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [164424 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 Usb4DeviceRouter; C:\WINDOWS\System32\DriverStore\FileRepository\usb4devicerouter.inf_amd64_8d9a17bd8e5b4b11\Usb4DeviceRouter.sys [831800 2021-09-13] (Microsoft Windows -> Microsoft Corporation)
S3 Usb4HostRouter; C:\WINDOWS\System32\DriverStore\FileRepository\usb4hostrouter.inf_amd64_acb1b78bb0ae3528\Usb4HostRouter.sys [557368 2021-09-13] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-10-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-10-05] (Microsoft Windows -> Microsoft Corporation)
S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-06 20:01 - 2021-10-06 20:01 - 002308096 _____ (Farbar) C:\Users\lamas\Downloads\FRST64.exe
2021-10-06 20:01 - 2021-10-06 20:01 - 000000000 ____D C:\Users\lamas\Downloads\FRST-OlderVersion
2021-10-06 18:52 - 2021-10-06 18:54 - 000000000 ____D C:\AdwCleaner
2021-10-06 18:52 - 2021-10-06 18:52 - 008553680 _____ (Malwarebytes) C:\Users\lamas\Downloads\adwcleaner_8.3.0.exe
2021-10-06 08:59 - 2021-10-06 09:07 - 000052682 _____ C:\Users\lamas\Downloads\Addition.txt
2021-10-06 08:41 - 2021-10-06 20:02 - 000036004 _____ C:\Users\lamas\Downloads\FRST.txt
2021-10-06 08:41 - 2021-10-06 20:01 - 000000000 ____D C:\FRST
2021-10-06 08:23 - 2021-10-06 08:23 - 003412544 _____ C:\Users\lamas\Downloads\SS_Odinstalator.exe
2021-10-05 21:52 - 2021-10-05 21:52 - 031679995 _____ C:\Users\lamas\Downloads\arm64.appxsym
2021-10-05 21:52 - 2021-10-05 21:52 - 000001850 _____ C:\Users\lamas\Downloads\TranslucentTB.appinstaller
2021-10-05 21:47 - 2021-10-05 22:03 - 000000254 _____ C:\Users\lamas\AppData\Local\rtb.json
2021-10-05 21:44 - 2021-10-05 21:44 - 005056392 _____ C:\Users\lamas\Downloads\RoundedTB_R3.zip
2021-10-05 17:04 - 2021-10-05 17:04 - 003272671 _____ C:\Users\lamas\Downloads\Niki Lambropoulos - Educational Social Software for Context-Aware Learning_ Collaborative Methods and Human Interaction (Premier Reference Source) (2009) - libgen.lc.pdf
2021-10-05 12:31 - 2021-10-05 12:31 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-015006-000000.txt
2021-10-05 09:00 - 2021-10-05 09:00 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-10-05 08:58 - 2021-10-05 08:58 - 000000020 ___SH C:\Users\lamas\ntuser.ini
2021-10-05 08:57 - 2021-10-06 14:48 - 000004212 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{326694B8-4184-4BDD-88EA-DAA8C6D20B98}
2021-10-05 08:57 - 2021-10-05 12:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-05 08:57 - 2021-10-05 08:57 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2021-10-05 08:57 - 2021-10-05 08:57 - 000011433 _____ C:\WINDOWS\diagerr.xml
2021-10-05 08:57 - 2021-10-05 08:57 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-05 08:57 - 2021-10-05 08:57 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-10-05 08:57 - 2021-10-05 08:57 - 000003420 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2021-10-05 08:57 - 2021-10-05 08:57 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-05 08:57 - 2021-10-05 08:57 - 000003318 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d71741fe994e22
2021-10-05 08:57 - 2021-10-05 08:57 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-05 08:57 - 2021-10-05 08:57 - 000003274 _____ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate
2021-10-05 08:57 - 2021-10-05 08:57 - 000003196 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
2021-10-05 08:57 - 2021-10-05 08:57 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-10-05 08:57 - 2021-10-05 08:57 - 000003042 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2021-10-05 08:57 - 2021-10-05 08:57 - 000002970 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2021-10-05 08:57 - 2021-10-05 08:57 - 000002716 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-10-05 08:57 - 2021-10-05 08:57 - 000002678 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2021-10-05 08:57 - 2021-10-05 08:57 - 000002604 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2021-10-05 08:57 - 2021-10-05 08:57 - 000002258 _____ C:\WINDOWS\system32\Tasks\SmartByte Telemetry
2021-10-05 08:57 - 2021-10-05 08:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-3376143671-3383002286-3793547419-1001
2021-10-05 08:57 - 2021-10-05 08:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-10-05 08:57 - 2021-10-05 08:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-10-05 08:57 - 2020-01-06 21:36 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4142148808-3688044604-2645567298-500
2021-10-05 08:56 - 2021-10-05 12:36 - 001714958 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-05 08:54 - 2021-10-06 17:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-05 08:53 - 2021-10-05 08:57 - 000000000 ____D C:\Windows.old
2021-10-05 08:44 - 2021-10-05 08:53 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-10-05 08:43 - 2021-10-05 08:58 - 000000000 ____D C:\Users\lamas
2021-10-05 08:43 - 2021-10-05 08:53 - 000000000 ____D C:\WINDOWS\system32\Intel
2021-10-05 08:43 - 2021-10-05 08:43 - 000000000 _SHDL C:\Users\lamas\Šablony
2021-10-05 08:43 - 2021-10-05 08:43 - 000000000 _SHDL C:\Users\lamas\Soubory cookie
2021-10-05 08:43 - 2021-10-05 08:43 - 000000000 _SHDL C:\Users\lamas\Poslední
2021-10-05 08:43 - 2021-10-05 08:43 - 000000000 _SHDL C:\Users\lamas\Okolní tiskárny
2021-10-05 08:43 - 2021-10-05 08:43 - 000000000 _SHDL C:\Users\lamas\Okolní síť
2021-10-05 08:43 - 2021-10-05 08:43 - 000000000 _SHDL C:\Users\lamas\Nabídka Start
2021-10-05 08:43 - 2021-10-05 08:43 - 000000000 _SHDL C:\Users\lamas\Dokumenty
2021-10-05 08:43 - 2021-10-05 08:43 - 000000000 _SHDL C:\Users\lamas\Data aplikací
2021-10-05 08:43 - 2021-10-05 08:43 - 000000000 _SHDL C:\Users\lamas\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-10-05 08:43 - 2021-10-05 08:43 - 000000000 _SHDL C:\Users\lamas\AppData\Local\Data aplikací
2021-10-05 08:43 - 2021-10-05 08:43 - 000000000 ____D C:\WINDOWS\system32\cAVS
2021-10-05 08:43 - 2021-10-05 08:43 - 000000000 ____D C:\WINDOWS\Firmware
2021-10-05 08:43 - 2021-06-05 14:04 - 000001281 _____ C:\Users\lamas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2021-10-05 08:43 - 2021-06-05 14:04 - 000000407 _____ C:\Users\lamas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2021-10-05 08:42 - 2021-10-05 08:44 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-10-05 08:41 - 2021-10-05 08:41 - 000000000 __RSD C:\WINDOWS\SysWOW64\WindowsDevicePortal
2021-10-05 08:41 - 2021-10-05 08:41 - 000000000 __RSD C:\WINDOWS\system32\WindowsDevicePortal
2021-10-05 08:41 - 2021-10-05 08:41 - 000000000 ___RD C:\WINDOWS\WebManagement
2021-10-05 08:34 - 2021-10-05 08:34 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2021-10-05 08:34 - 2021-10-05 08:34 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-10-05 08:34 - 2021-10-05 08:34 - 000000000 ____D C:\Program Files\MSBuild
2021-10-05 08:34 - 2021-10-05 08:34 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-10-05 08:34 - 2021-10-05 08:34 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-10-05 08:29 - 2021-10-05 08:29 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-10-05 08:22 - 2021-10-06 19:15 - 000000000 ___DC C:\WINDOWS\Panther
2021-10-05 08:20 - 2021-10-05 08:22 - 000000036 _____ C:\WINDOWS\progress.ini
2021-10-05 08:06 - 2021-10-05 08:20 - 000000000 ___HD C:\$GetCurrent
2021-10-05 08:06 - 2021-10-05 08:20 - 000000000 ____D C:\Program Files (x86)\WindowsInstallationAssistant
2021-10-02 12:54 - 2021-10-02 12:54 - 000002146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-09-29 23:50 - 2021-09-29 23:50 - 000002370 _____ C:\Users\lamas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-09-28 11:22 - 2021-10-05 08:53 - 000000000 ____D C:\WINDOWS\system32\ihvmanager
2021-09-28 11:19 - 2021-09-28 11:19 - 000000000 ____D C:\Riot Games
2021-09-28 10:10 - 2021-09-28 10:10 - 000002142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-25 20:37 - 2021-09-25 20:37 - 000000000 ____D C:\Users\lamas\AppData\Local\Sentry
2021-09-16 20:08 - 2021-09-16 20:08 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-015005-000000.txt
2021-09-16 20:07 - 2021-09-17 07:42 - 000000000 ____D C:\Users\lamas\AppData\Local\Notepad
2021-09-16 18:58 - 2021-09-16 18:58 - 000000000 ___HD C:\$WinREAgent
2021-09-13 17:48 - 2021-09-13 17:48 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-09-13 17:48 - 2021-09-13 17:48 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-09-13 17:48 - 2021-09-13 17:48 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-09-13 17:48 - 2021-09-13 17:48 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-09-13 17:41 - 2021-09-13 17:41 - 002764800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-09-13 17:41 - 2021-09-13 17:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-09-13 17:41 - 2021-09-13 17:41 - 000659456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-09-13 17:41 - 2021-09-13 17:41 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-09-13 17:41 - 2021-09-13 17:41 - 000377136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-09-13 17:41 - 2021-09-13 17:41 - 000269112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-09-13 17:41 - 2021-09-13 17:41 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssText3d.scr
2021-09-13 17:41 - 2021-09-13 17:41 - 000009522 _____ C:\WINDOWS\system32\ResPriUHMImageList
2021-09-13 17:41 - 2021-09-13 17:41 - 000009522 _____ C:\WINDOWS\system32\ResPriImageList
2021-09-13 17:41 - 2021-09-13 17:41 - 000009522 _____ C:\WINDOWS\system32\ResPriHMImageList
2021-09-13 17:41 - 2021-09-13 17:41 - 000009402 _____ C:\WINDOWS\system32\ResPriHMImageListLowCost
2021-09-13 17:41 - 2021-09-13 17:41 - 000008964 _____ C:\WINDOWS\system32\ResPriLMImageList
2021-09-13 17:41 - 2021-09-13 17:41 - 000008870 _____ C:\WINDOWS\system32\ResPriImageListLowCost
2021-09-13 17:40 - 2021-09-13 17:40 - 002310384 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-13 17:40 - 2021-09-13 17:40 - 001856848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-13 17:40 - 2021-09-13 17:40 - 001745736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-13 17:40 - 2021-09-13 17:40 - 000727584 _____ C:\WINDOWS\system32\TextShaping.dll
2021-09-13 17:40 - 2021-09-13 17:40 - 000617136 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-09-13 17:40 - 2021-09-13 17:40 - 000614400 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-13 17:40 - 2021-09-13 17:40 - 000453120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-13 17:40 - 2021-09-13 17:40 - 000425984 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-13 17:40 - 2021-09-13 17:40 - 000360448 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-09-13 17:40 - 2021-09-13 17:40 - 000335872 _____ C:\WINDOWS\system32\Windows.Internal.UI.Dialogs.dll
2021-09-13 17:40 - 2021-09-13 17:40 - 000267264 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Dialogs.dll
2021-09-13 17:40 - 2021-09-13 17:40 - 000221184 _____ C:\WINDOWS\SysWOW64\Microsoft.Internal.FrameworkUdk.System.dll
2021-09-13 17:40 - 2021-09-13 17:40 - 000180224 _____ C:\WINDOWS\system32\CloudExperienceHostRedirection.dll
2021-09-13 17:40 - 2021-09-13 17:40 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmview.ocx
2021-09-13 17:40 - 2021-09-13 17:40 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmview.ocx
2021-09-13 17:40 - 2021-09-13 17:40 - 000099560 _____ C:\WINDOWS\system32\wow64con.dll
2021-09-13 17:40 - 2021-09-13 17:40 - 000077824 _____ C:\WINDOWS\system32\runexehelper.exe
2021-09-13 17:40 - 2021-09-13 17:40 - 000041594 _____ C:\WINDOWS\SysWOW64\ctac.json
2021-09-13 17:40 - 2021-09-13 17:40 - 000036864 _____ C:\WINDOWS\system32\umpodev.dll
2021-09-13 17:40 - 2021-09-13 17:40 - 000014566 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-13 17:40 - 2021-09-13 17:40 - 000003366 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2021-09-13 17:40 - 2021-09-13 17:40 - 000003366 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2021-09-13 17:39 - 2021-09-13 17:39 - 000626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-13 17:39 - 2021-09-13 17:39 - 000311296 _____ C:\WINDOWS\system32\Microsoft.Internal.FrameworkUdk.System.dll
2021-09-13 17:39 - 2021-09-13 17:39 - 000258048 _____ C:\WINDOWS\system32\CoreMas.dll
2021-09-13 17:39 - 2021-09-13 17:39 - 000172032 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-13 17:39 - 2021-09-13 17:39 - 000041594 _____ C:\WINDOWS\system32\ctac.json
2021-09-12 15:57 - 2021-04-22 18:52 - 001790232 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-09-12 15:57 - 2021-04-22 18:52 - 001790232 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-09-12 15:57 - 2021-04-22 18:52 - 001386280 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-09-12 15:57 - 2021-04-22 18:52 - 001386280 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-09-12 15:57 - 2021-04-22 18:52 - 001096328 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-09-12 15:57 - 2021-04-22 18:52 - 001096328 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-09-12 15:57 - 2021-04-22 18:52 - 000949384 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-09-12 15:57 - 2021-04-22 18:52 - 000949384 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-09-12 15:57 - 2021-04-22 18:52 - 000613712 _____ C:\WINDOWS\system32\ze_tracing_layer.dll
2021-09-12 15:57 - 2021-04-22 18:52 - 000426832 _____ C:\WINDOWS\system32\ze_loader.dll
2021-09-12 15:57 - 2021-04-22 18:52 - 000308640 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2021-09-12 15:57 - 2021-04-22 18:52 - 000256056 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2021-09-12 15:57 - 2021-04-22 18:52 - 000172048 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2021-09-12 15:57 - 2021-04-22 18:52 - 000147360 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2021-09-12 15:57 - 2021-04-22 18:52 - 000143704 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2021-09-12 15:57 - 2021-04-22 18:51 - 026655552 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll
2021-09-12 15:57 - 2021-04-22 18:51 - 013486912 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll
2021-09-12 15:57 - 2021-04-22 18:50 - 000326992 _____ C:\WINDOWS\system32\control_api.dll
2021-09-08 10:30 - 2021-09-09 10:28 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2021-09-06 10:11 - 2021-10-05 08:53 - 000000000 ____D C:\Users\lamas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DeepL GmbH
2021-09-06 10:11 - 2021-09-30 15:58 - 000000000 ____D C:\Users\lamas\AppData\Local\DeepL_GmbH
2021-09-06 10:11 - 2021-09-06 10:11 - 000000000 ____D C:\Users\lamas\AppData\Local\DeepL
2021-09-06 10:11 - 2021-09-06 10:11 - 000000000 ____D C:\ProgramData\lamas
2021-09-06 10:10 - 2021-09-28 10:10 - 000000000 ____D C:\Program Files\Microsoft OneDrive

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-06 19:55 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-06 19:51 - 2021-07-19 16:12 - 000000000 ____D C:\Users\lamas\AppData\LocalLow\Mozilla
2021-10-06 19:20 - 2020-04-03 17:01 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-06 19:15 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-10-06 19:09 - 2020-01-07 21:30 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2021-10-06 18:59 - 2021-06-05 14:09 - 000000000 ____D C:\WINDOWS\INF
2021-10-06 18:58 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\Registration
2021-10-06 08:19 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\appcompat
2021-10-06 08:15 - 2020-04-03 17:02 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-05 22:06 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-05 21:53 - 2021-06-05 14:10 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-05 21:53 - 2020-04-03 16:11 - 000000000 ____D C:\Users\lamas\AppData\Local\Packages
2021-10-05 21:53 - 2020-01-07 21:45 - 000000000 ____D C:\ProgramData\Packages
2021-10-05 18:44 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-10-05 13:24 - 2020-04-03 16:13 - 000000000 ____D C:\Users\lamas\AppData\Local\PlaceholderTileLogoFolder
2021-10-05 12:50 - 2020-04-04 13:54 - 000000000 ____D C:\Users\lamas\AppData\Local\D3DSCache
2021-10-05 12:46 - 2020-04-03 16:13 - 000000000 ___RD C:\Users\lamas\OneDrive
2021-10-05 12:36 - 2021-06-05 19:20 - 000727326 _____ C:\WINDOWS\system32\perfh005.dat
2021-10-05 12:36 - 2021-06-05 19:20 - 000151236 _____ C:\WINDOWS\system32\perfc005.dat
2021-10-05 12:31 - 2021-08-05 14:08 - 000012288 ___SH C:\DumpStack.log.tmp
2021-10-05 12:31 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ServiceState
2021-10-05 12:31 - 2021-06-05 14:01 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-10-05 12:31 - 2020-04-03 16:11 - 000000000 __SHD C:\Users\lamas\IntelGraphicsProfiles
2021-10-05 12:31 - 2020-01-07 21:26 - 000000000 ____D C:\Intel
2021-10-05 12:05 - 2021-06-05 14:01 - 000000000 ____D C:\WINDOWS\servicing
2021-10-05 12:05 - 2021-06-05 14:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-10-05 11:50 - 2021-06-05 14:10 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-10-05 11:50 - 2020-01-06 21:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-10-05 08:58 - 2021-06-05 14:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-10-05 08:58 - 2020-01-06 21:34 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-10-05 08:57 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-10-05 08:57 - 2021-06-05 14:10 - 000000000 ____D C:\Program Files\Windows NT
2021-10-05 08:57 - 2021-06-05 14:10 - 000000000 ____D C:\Program Files\Windows Defender
2021-10-05 08:57 - 2021-06-05 14:01 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-10-05 08:56 - 2021-03-06 22:52 - 000002376 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2021-10-05 08:55 - 2021-06-05 14:10 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-10-05 08:55 - 2021-03-12 15:15 - 000027972 _____ C:\WINDOWS\system32\emptyregdb.dat
2021-10-05 08:54 - 2021-06-05 14:08 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-10-05 08:54 - 2020-08-30 01:02 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-05 08:53 - 2021-08-25 19:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2021-10-05 08:53 - 2021-08-24 20:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics
2021-10-05 08:53 - 2021-08-07 20:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2021-10-05 08:53 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\spool
2021-10-05 08:53 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-10-05 08:53 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2021-10-05 08:53 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-10-05 08:53 - 2021-05-22 13:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2021-10-05 08:53 - 2021-04-02 13:13 - 000000000 ____D C:\WINDOWS\system32\Samsung
2021-10-05 08:53 - 2020-10-15 07:58 - 000000000 ____D C:\Users\lamas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-10-05 08:53 - 2020-05-31 05:01 - 000000000 ____D C:\Program Files\UNP
2021-10-05 08:53 - 2020-04-03 18:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2021-10-05 08:53 - 2020-04-03 17:06 - 000000000 ____D C:\Program Files\Intel
2021-10-05 08:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-10-05 08:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-10-05 08:47 - 2021-06-05 14:10 - 000000000 __RHD C:\Users\Public\Libraries
2021-10-05 08:47 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\USOPrivate
2021-10-05 08:44 - 2021-08-25 19:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2021-10-05 08:43 - 2021-06-05 14:14 - 000000000 ____D C:\WINDOWS\Setup
2021-10-05 08:43 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-10-05 08:41 - 2021-06-05 19:27 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-10-05 08:41 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemApps
2021-10-05 08:40 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\OCR
2021-10-05 08:39 - 2021-06-05 19:28 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-10-05 08:39 - 2021-06-05 19:28 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-10-05 08:39 - 2021-06-05 19:20 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-10-05 08:39 - 2021-06-05 19:20 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-10-05 08:39 - 2021-06-05 19:20 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-10-05 08:39 - 2021-06-05 19:20 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-10-05 08:39 - 2021-06-05 19:20 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-10-05 08:39 - 2021-06-05 19:20 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-10-05 08:39 - 2021-06-05 19:20 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-10-05 08:39 - 2021-06-05 19:20 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-10-05 08:39 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-10-05 08:39 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-10-05 08:39 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-10-05 08:39 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-10-05 08:39 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-10-05 08:39 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-10-05 08:39 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-10-05 08:39 - 2021-06-05 14:10 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-10-05 08:34 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-10-05 08:34 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-10-05 08:32 - 2020-07-19 04:16 - 000021968 _____ (Thales) C:\WINDOWS\system32\axaltocm.dll
2021-10-01 15:19 - 2020-01-06 21:29 - 000000000 ____D C:\Program Files\Microsoft Office
2021-09-29 18:10 - 2021-08-07 20:34 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-09-29 18:10 - 2021-07-19 16:12 - 000000000 ____D C:\ProgramData\Mozilla
2021-09-28 14:56 - 2020-04-03 18:03 - 000000000 ____D C:\ProgramData\Riot Games
2021-09-28 11:22 - 2020-01-07 21:29 - 000000000 ____D C:\Program Files (x86)\Qualcomm
2021-09-28 11:21 - 2020-12-29 19:05 - 000000000 ____D C:\ProgramData\Intel Package Cache {d8170687-85fa-4716-bafd-087205d0db72}
2021-09-28 11:21 - 2020-12-29 19:05 - 000000000 ____D C:\ProgramData\Intel Package Cache {9f9c9e51-d42f-4462-a27a-7d419da18045}
2021-09-28 11:21 - 2020-12-29 19:05 - 000000000 ____D C:\ProgramData\Intel Package Cache {29d6077f-6adb-42de-abac-1c60aeb0e237}
2021-09-28 11:21 - 2020-12-29 19:05 - 000000000 ____D C:\ProgramData\Intel Package Cache {1CEAC85D-2590-4760-800F-8DE5E91F3700}
2021-09-28 11:21 - 2020-04-03 17:06 - 000000000 ____D C:\Program Files (x86)\Intel
2021-09-17 07:42 - 2021-08-05 13:25 - 000000000 ____D C:\Users\lamas\OneDrive\Dokumenty\Onenotové poznámkové bloky
2021-09-16 08:56 - 2020-04-04 18:31 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-16 08:56 - 2020-04-04 18:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemResources
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\id-ID
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\Provisioning
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-09-13 17:50 - 2021-06-05 14:10 - 000000000 ____D C:\Program Files\Common Files\System
2021-09-13 17:49 - 2021-06-05 19:28 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-09-13 17:49 - 2021-06-05 19:28 - 000021047 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-09-12 21:41 - 2021-08-07 20:30 - 000000000 ____D C:\Users\lamas\AppData\Roaming\obs-studio
2021-09-12 16:04 - 2020-04-20 18:33 - 000000000 ____D C:\Users\lamas\AppData\Local\ElevatedDiagnostics
2021-09-09 20:22 - 2021-07-19 16:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-09-09 10:28 - 2021-08-02 13:42 - 000001069 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-09-06 10:11 - 2020-04-03 17:38 - 000000000 ____D C:\Users\lamas\AppData\Local\SquirrelTemp

==================== Files in the root of some directories ========

2020-10-15 16:50 - 2020-10-20 01:51 - 000000330 _____ () C:\Users\lamas\AppData\Roaming\debug.log
2020-04-04 13:57 - 2021-08-04 21:46 - 000007659 _____ () C:\Users\lamas\AppData\Local\Resmon.ResmonCfg
2021-10-05 21:47 - 2021-10-05 22:03 - 000000254 _____ () C:\Users\lamas\AppData\Local\rtb.json
2021-10-05 21:47 - 2021-10-05 22:12 - 000016138 _____ () C:\Users\lamas\AppData\Local\rtb.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


=======================================================================================================================================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2021
Ran by lamas (06-10-2021 20:05:17)
Running from C:\Users\lamas\Downloads
Windows 10 Home Version 21H2 22000.194 (X64) (2021-10-05 06:57:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3376143671-3383002286-3793547419-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3376143671-3383002286-3793547419-503 - Limited - Disabled)
Guest (S-1-5-21-3376143671-3383002286-3793547419-501 - Limited - Disabled)
lamas (S-1-5-21-3376143671-3383002286-3793547419-1001 - Administrator - Enabled) => C:\Users\lamas
WDAGUtilityAccount (S-1-5-21-3376143671-3383002286-3793547419-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.007.20095 - Adobe Systems Incorporated)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 94.1.30.87 - Autoři prohlížeče Brave)
DeepL (HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\DeepL) (Version: 2.9.2501 - DeepL GmbH)
Dell Digital Delivery Services (HKLM-x32\...\{560DFD4A-23E2-45DD-A223-A4B3FA356913}) (Version: 4.0.92.0 - Dell Inc.)
Dell Mobile Connect Drivers (HKLM\...\{0B5978E6-D912-4E4F-B117-A164F68BC95C}) (Version: 3.0.9346 - Screenovate Technologies Ltd.)
Dell Power Manager Service (HKLM\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.9.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\{9EF0AEB0-9AD2-40E6-8667-D7520C508941}) (Version: 3.10.3.3 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{900D0BCD-0B86-4DAA-B639-89BE70449569}) (Version: 5.4.1.14954 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{ec40a028-983b-4213-af2c-77ed6f6fe1d5}) (Version: 5.4.1.14954 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{795931D8-2EBF-4969-A678-4219B161F676}) (Version: 5.4.3.15135 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{555298fa-14a9-48f2-a7a0-9602f31785da}) (Version: 5.4.3.15135 - Dell Inc.)
Dell Update for Windows 10 (HKLM\...\{41D2D254-D869-4CD8-B440-5DF49083C4BA}) (Version: 4.3.0 - Dell Inc.)
Dynamic Application Loader Host Interface Service (HKLM\...\{90BC69B6-C3DD-45E3-B2EE-354635A0329B}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
GameRanger (HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\GameRanger) (Version: - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 94.0.4606.71 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden
IBM SPSS Statistics 25 (HKLM\...\{C2D1E17D-CB8A-4742-84FA-1DB5C6A1ABDD}) (Version: 25.0.0.0 - IBM Corp)
Intel Driver && Support Assistant (HKLM-x32\...\{BC82D1AD-802A-4733-BB90-A8E59AB8434A}) (Version: 21.5.33.3 - Intel) Hidden
Intel Software Package (HKLM-x32\...\{e1d93543-7ba0-4927-aa7f-09c5fc7f25df}) (Version: 8.7.10600.20700 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{88B98508-2D8F-46F1-90AD-557BE40C7067}) (Version: 2.4.07642 - Intel Corporation)
Intel(R) Dynamic Tuning (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.7.10600.20700 - Intel Corporation)
Intel(R) Dynamic Tuning Technology (HKLM-x32\...\{7a82309b-956d-4788-8207-25897660c3d6}) (Version: 8.7.10400.15556 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{899f8bb6-99cd-4f33-a004-c70d9ec22260}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{9454a0e6-0762-48ec-b153-2a75b252d1fb}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.377 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2110.15.0.2210 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{b09ce953-882c-4131-a693-2e1d73b1e50d}) (Version: 21.5.33.3 - Intel)
Intel® System Usage Report for gameplay.intel.com (HKLM-x32\...\{9eaf9956-0255-4764-87e4-2ccfc18920c6}) (Version: 2.0.1901 - Intel Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{C7BC60AB-23E3-4F47-8FBE-283937D010AA}) (Version: 2.1.2106.23002 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.14430.20234 - Microsoft Corporation)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.14430.20234 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 94.0.992.38 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 94.0.992.31 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 21.180.0905.0007 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\Teams) (Version: 1.4.00.26376 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 90.0.2 (x64 cs)) (Version: 90.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.12.0 - Mozilla)
Mozilla Thunderbird 78.14.0 (x64 cs) (HKLM\...\Mozilla Thunderbird 78.14.0 (x64 cs)) (Version: 78.14.0 - Mozilla)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.0.1 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OpenVPN 2.4.8-I602-Win10 (HKLM\...\OpenVPN) (Version: 2.4.8-I602-Win10 - OpenVPN Technologies, Inc.)
OptaneDowngradeGuard (HKLM\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Pomocník s instalací Windows 11 (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.1285 - Microsoft Corporation)
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10527 - Qualcomm)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9018.1 - Realtek Semiconductor Corp.)
RstDowngradeGuard (HKLM\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden
SmartByte Drivers and Services (HKLM\...\{9668B1BB-D0FE-4C0C-800C-B1555E069A62}) (Version: 3.1.940 - Název společnosti:)
TAP-Windows 9.24.2 (HKLM\...\TAP-Windows) (Version: 9.24.2 - OpenVPN Technologies, Inc.)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.4461 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\ZoomUMX) (Version: 5.3.2 (53291.1011) - Zoom Video Communications, Inc.)

Packages:
=========
Adobe Photoshop Express: Editor obrazů, úpravy, filtry, efekty, okraje -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.4.353.0_x64__ynb6jyjzte8ga [2021-07-19] (Adobe Inc.)
Canon Office Printer Utility -> C:\Program Files\WindowsApps\34791E63.CanonOfficePrinterUtility_12.7.0.0_x64__6e5tt8cgb93ep [2020-10-02] (Canon Inc.)
Dell CinemaColor -> C:\Program Files\WindowsApps\PortraitDisplays.DellCinemaColor_2.3.57.0_x64__2dgmkzkw4h30c [2021-07-30] (Portrait Displays)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.3.0.0_x64__htrsf667h5kn2 [2021-08-10] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.92.0_x64__htrsf667h5kn2 [2021-08-25] (Dell Inc)
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.9.11.0_x64__htrsf667h5kn2 [2021-10-05] (Dell Inc)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.10.6.0_x64__htrsf667h5kn2 [2021-10-05] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.3.12.0_x86__htrsf667h5kn2 [2021-08-03] (Dell Inc)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-05] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-09-13] (Microsoft Corporation)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2020-04-03] (Dropbox Inc.)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1020.0_x64__8j3eq9eme6ctt [2021-09-03] (INTEL CORP)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt [2021-10-05] (Facebook Inc) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-10-05] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-10-05] (Microsoft Corporation) [MS Ad]
Microsoft Teams -> C:\Program Files\WindowsApps\MicrosoftTeams_21253.510.996.1465_x64__8wekyb3d8bbwe [2021-10-05] (Microsoft) [Startup Task]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.53.42632.0_x64__8wekyb3d8bbwe [2021-10-05] (Microsoft Corporation) [Startup Task]
Microsoft.UI.Xaml.CBS -> C:\Windows\SystemApps\Microsoft.UI.Xaml.CBS_8wekyb3d8bbwe [2021-10-05] (Microsoft Platform Extensions)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_1.91.7.0_x64__htrsf667h5kn2 [2021-08-07] (Dell Inc)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-08-23] (Netflix, Inc.)
OneDrive -> C:\Program Files\Microsoft OneDrive\21.180.0905.0007 [2021-10-05] (0)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-07-22] (INTEL CORP) [Startup Task]
Paint -> C:\Program Files\WindowsApps\Microsoft.Paint_10.2104.17.0_x64__8wekyb3d8bbwe [2021-10-05] (Microsoft Corporation)
Power Automate -> C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_1.0.65.0_x64__8wekyb3d8bbwe [2021-10-05] (Microsoft Corporation)
Python 3.9 -> C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.9_3.9.2032.0_x64__qbz5n2kfra8p0 [2021-09-02] (Python Software Foundation)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-28] (Microsoft Corporation)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2020-10-02] (Samsung Electronics Co. Ltd.)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.995.0_x64__rh07ty8m5nkag [2021-08-16] (Rivet Networks LLC)
Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.15.163.0_x64__43tkc6nmykmb6 [2021-10-03] (Ookla)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0 [2021-10-03] (Spotify AB) [Startup Task]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2020-04-03] (Microsoft Corporation)
TranslucentTB -> C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2021.4.0.0_x64__v826wp6bftszj [2021-10-05] (Charles Milette) [Startup Task]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-10-05] (Twitter Inc.)
Waves MaxxAudio Pro for Dell 2019 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell2019_2.0.54.0_x64__fh4rh281wavaa [2020-01-07] (Waves Audio)
WiFi Analyzer -> C:\Program Files\WindowsApps\19965MATTHAFNER.WIFIANALYZER_2.6.1.0_x64__gs5k5vmxr2ste [2021-08-02] (Matt Hafner)
Windows Notepad -> C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_10.2102.13.0_x64__8wekyb3d8bbwe [2021-10-05] (Microsoft Corporation)
Windows Terminal -> C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.6.10571.0_x64__8wekyb3d8bbwe [2021-10-05] (Microsoft Corporation) [Startup Task]
Windows Web Experience Pack -> C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20031.315.0_x64__cw5n1h2txyewy [2021-10-05] (Microsoft Windows)
Xbox -> C:\Program Files\WindowsApps\Microsoft.GamingApp_2105.900.24.0_x64__8wekyb3d8bbwe [2021-10-05] (Microsoft Corporation)
Zabezpečení Windows -> C:\Program Files\WindowsApps\Microsoft.SecHealthUI_1000.22000.1.0_neutral__8wekyb3d8bbwe [2021-10-05] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3376143671-3383002286-3793547419-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\lamas\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21161.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3376143671-3383002286-3793547419-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\lamas\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_21802104c9b3e45d\OptaneShellExt.dll [2021-03-17] (Intel(R) Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_21802104c9b3e45d\OptaneShellExt.dll [2021-03-17] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-10-05 11:55 - 2021-10-05 11:55 - 054230016 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\resources\app.asar.unpacked\build\addon.node
2021-10-05 11:55 - 2021-10-05 11:55 - 000763392 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\resources\app.asar.unpacked\build\keytar.node
2021-10-05 11:55 - 2021-10-05 11:55 - 000750080 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\resources\app.asar.unpacked\build\logging.node
2021-10-05 11:55 - 2021-10-05 11:55 - 001037824 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\resources\app.asar.unpacked\build\spellchecker_win.node
2021-10-05 11:55 - 2021-10-05 11:55 - 001218560 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\resources\app.asar.unpacked\build\systeminfo.node
2021-10-05 11:55 - 2021-10-05 11:55 - 000614912 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\resources\app.asar.unpacked\build\windows.applicationmodel.node
2021-10-05 11:55 - 2021-10-05 11:55 - 000202240 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\resources\app.asar.unpacked\build\windows.networking.pushnotifications.node
2021-10-05 11:55 - 2021-10-05 11:55 - 001144832 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\resources\app.asar.unpacked\build\windows.storage.node
2021-10-05 11:55 - 2021-10-05 11:55 - 000681984 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\resources\app.asar.unpacked\build\windows.ui.notifications.node
2020-12-01 01:14 - 2020-12-01 01:14 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\nvdimm.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{53966cb1-4d46-4166-bf23-c522403cd495} => ""="ScmDisk"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nvdimm.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{53966cb1-4d46-4166-bf23-c522403cd495} => ""="ScmDisk"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=DCTE
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-3376143671-3383002286-3793547419-1001 -> DefaultScope {AB93DFC2-045F-4F4B-932A-09AA92221FF3} URL =
SearchScopes: HKU\S-1-5-21-3376143671-3383002286-3793547419-1001 -> {AB93DFC2-045F-4F4B-932A-09AA92221FF3} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-01] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\sharepoint.com -> hxxps://ucnmuni-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2020-04-20 16:01 - 2020-04-20 16:09 - 000000506 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img19.jpg
DNS Servers: 147.251.6.10 - 147.251.4.33
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\StartupApproved\StartupFolder: => "GameRanger.lnk"
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk"
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\StartupApproved\Run: => "Samsung DeX"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DF8EA1ED-ACA0-439B-872D-209B4894A530}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{8E2ECAA9-75BF-45C2-A02F-18DF05EDA64D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{787DF416-35EC-4E48-8A30-22ADE10ECD5F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{37AAF221-B8F7-450C-8AE7-3A9292D15513}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{628561A8-5230-42CD-8902-1EA7C114BB5C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1E2CA783-234A-455F-95C8-04E98A3D6CDA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A1009C6F-674A-4B2D-9CF9-D7237ADCB610}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F7BC41BE-64EC-4A71-9935-42F69966CBD1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{431585BF-A50B-42EA-A748-B091B62F9A45}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9521962B-7EA3-44B0-ACB7-9387A0FB4E12}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{5F4CE184-728C-4C59-8DDB-959DEA18FB14}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{938F4FDC-1631-486D-956E-2A25087A594C}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{22707A19-5CE0-4B21-86DE-F5A25BD03414}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\94.0.992.31\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FDD17D8F-ABEB-4B40-ABBA-E9FF52024086}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.exe (IBM -> IBM Corp.) [File not signed]
FirewallRules: [{04F4D7B3-3336-4610-8D4B-835BA4828C9E}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.exe (IBM -> IBM Corp.) [File not signed]
FirewallRules: [{5E5EDFA7-249F-4E2B-8D54-0585D5F9395F}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.com (IBM -> IBM Corp.) [File not signed]
FirewallRules: [{85B1D622-1450-4870-9821-2AC8B7D39725}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\WinWrapIDE.exe (IBM -> IBM Corp.) [File not signed]
FirewallRules: [{338CBE1F-3F1B-42C2-B7DA-308B7F09836B}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.com (IBM -> IBM Corp.) [File not signed]
FirewallRules: [{8539728C-2348-43B9-9ED4-D5B9E75BC5F9}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\WinWrapIDE.exe (IBM -> IBM Corp.) [File not signed]
FirewallRules: [{396C4446-8F87-4727-8CBA-31F5389AB30F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.74.152.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D5015870-A41F-441A-A460-31B17F3D9A5A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.74.152.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E8E31D1E-2AA5-4E03-9F4F-0A8F933707DC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.74.152.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C6030D3B-F545-4CAD-A2C9-8177EDEA6A9E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.74.152.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F72139C8-26E2-4AAF-B3DC-6736D20599BD}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9803.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{487E6031-DA3E-4F97-9785-0E884982B979}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9803.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{46BDAF38-2B2B-4024-807A-2A7693BC3406}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{E1231E67-4ED3-460A-9FDC-DDE9467F825E}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{ED154544-9B3C-4248-BC75-F93691E86D95}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{46A5DC10-44C4-4768-A33B-948B8E71B1F2}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{97CEBAA3-6B35-42A5-9632-A422FB2B30C0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9D25793F-48B8-43DF-9D84-76121F07AF89}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{20C4BDC7-3352-4B2D-BCD4-6A4B0D38679B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{513F147B-0669-4368-84DC-6E32F707CA8B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{943677B6-CB3B-471A-8232-B3633202E62D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{63B72462-4CA0-4978-8262-A271247BB8C3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{3D0D964E-927F-4D6B-8C40-930C3B8AAB6F}C:\users\lamas\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\lamas\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{B1278C38-464B-4C9E-9CE6-C09A04C9897F}C:\users\lamas\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\lamas\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{375C42A3-8E60-43B7-A0CB-156074E4F272}C:\users\lamas\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\lamas\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [UDP Query User{DC5494FD-FBDC-4BDD-A498-BA5CE96D1ADA}C:\users\lamas\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\lamas\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [TCP Query User{7906EBF8-8972-4529-A2D3-67A72B18F322}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{B9AA09A8-8426-4730-AFBA-B46F0B0D5847}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{856E3A1A-3E52-40DF-A723-04B469A1087D}C:\users\lamas\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\lamas\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{E8582FFB-4086-4215-96B9-88A422027158}C:\users\lamas\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\lamas\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3E7DF0DE-FE01-4F3C-B370-2C4BEECCEF4C}] => (Allow) C:\Users\lamas\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{F03BC4E9-1F6C-42B3-885B-9B49F7644EB2}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21253.510.996.1465_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C89BE2A6-6EE7-447F-B57E-415C9141E306}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21253.510.996.1465_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1C81B4A4-C6E1-4FE1-9B79-60B91B0C1A95}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:220.92 GB) (Free:41.59 GB) (19%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/06/2021 01:38:38 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (10/06/2021 01:32:36 PM) (Source: openvpnserv) (EventID: 0) (User: )
Description: Event-ID 0

Error: (10/05/2021 10:12:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RoundedTB.exe, verze: 1.0.0.0, časové razítko: 0xe50724bd
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22000.132, časové razítko: 0xf5a91e93
Kód výjimky: 0xc000041d
Posun chyby: 0x0013e7b2
ID chybujícího procesu: 0x3668
Čas spuštění chybující aplikace: 0x01d7ba21c6b2e7e5
Cesta k chybující aplikaci: C:\Tweaks\RoundedTB_R3\RoundedTB.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: f13be3c3-e570-4fc8-aaa5-bcd0a507188f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/05/2021 10:12:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RoundedTB.exe, verze: 1.0.0.0, časové razítko: 0xe50724bd
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22000.132, časové razítko: 0xf5a91e93
Kód výjimky: 0xe0434352
Posun chyby: 0x0013e7b2
ID chybujícího procesu: 0x3668
Čas spuštění chybující aplikace: 0x01d7ba21c6b2e7e5
Cesta k chybující aplikaci: C:\Tweaks\RoundedTB_R3\RoundedTB.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 6f255185-70d0-4b9f-aecf-327992f76304
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/05/2021 10:12:54 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: RoundedTB.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.OutOfMemoryException
na System.Windows.Media.Composition.DUCE+Channel.SyncFlush()
na System.Windows.Media.MediaContext.CompleteRender()
na System.Windows.Interop.HwndTarget.OnResize()
na System.Windows.Interop.HwndTarget.HandleMessage(MS.Internal.Interop.WindowMessage, IntPtr, IntPtr)
na System.Windows.Interop.HwndSource.HwndTargetFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
na MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
na MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
na MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)

Error: (10/05/2021 10:12:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MiniSearchHost.exe, verze: 421.21000.0.0, časové razítko: 0x6102fc94
Název chybujícího modulu: twinapi.appcore.dll, verze: 10.0.22000.132, časové razítko: 0xf9ab3e3e
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010a4f4
ID chybujícího procesu: 0x3bbc
Čas spuštění chybující aplikace: 0x01d7b9db6c7cda4c
Cesta k chybující aplikaci: C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\twinapi.appcore.dll
ID zprávy: 326b991c-2218-47d7-a211-75dcdee5bc14
Úplný název chybujícího balíčku: MicrosoftWindows.Client.CBS_1000.22000.194.0_x64__cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: MiniSearchUI

Error: (10/05/2021 09:35:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program googleChatElectron.exe verze 2.3.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 40b4

Čas spuštění: 01d7ba1f747f5ec6

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\37781ZooInc.GChatforDesktop_1.0.9.0_x64__xb7zxn0ry2ahe\app\googleChatElectron.exe

ID hlášení: 672e998e-d3e4-4214-93c1-6b51b7f60ade

Úplný název balíčku s chybou: 37781ZooInc.GChatforDesktop_1.0.9.0_x64__xb7zxn0ry2ahe

ID aplikace relativní podle balíčku s chybou: googleChatElectron

Typ zablokování: Quiesce

Error: (10/05/2021 12:47:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.22000.120 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1c40

Čas spuštění: 01d7b9d4372b8a3c

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: 4bce047e-66f5-4ca4-9b97-df254a9ec158

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Cross-thread


System errors:
=============
Error: (10/06/2021 06:54:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Dell Hardware Support byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (10/06/2021 06:54:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (10/06/2021 06:54:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Dell Data Vault Collector byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (10/06/2021 06:54:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (10/06/2021 06:54:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Driver & Support Assistant Updater byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/06/2021 06:54:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Driver & Support Assistant byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/06/2021 06:54:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/06/2021 06:54:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Energy Server Service queencreek byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================Event[0]

Date: 2021-10-06 18:47:16
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=1
Název: PUA:Win32/Seznam
Závažnost: Vážné
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\OneDriveTemp\S-1-5-21-3376143671-3383002286-3793547419-1001\83B617378ACAA294!103-83B617378ACAA294!34051-83B617378ACAA294!32746-a4ff5f23d48ed826925beee5b6aec78df81e946a.temp
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: MICHALZICH\lamas
Název procesu: C:\Program Files\Microsoft OneDrive\OneDrive.exe
Verze bezpečnostních informací: AV: 1.349.2033.0, AS: 1.349.2033.0, NIS: 1.349.2033.0
Verze modulu: AM: 1.1.18600.4, NIS: 1.1.18600.4 ਍
Event[1]

Date: 2021-10-06 18:37:04
Description:
N/A
Event[2]

Date: 2021-10-06 18:27:28
Description:
N/A
Event[3]

Date: 2021-10-06 18:17:12
Description:
N/A
Event[4]

Date: 2021-10-06 18:07:04
Description:
N/A

==================== Memory info ===========================

BIOS: Dell Inc. 1.17.0 07/27/2021
Motherboard: Dell Inc. 04N9HV
Processor: Intel(R) Core(TM) i5-1035G1 CPU @ 1.00GHz
Percentage of memory in use: 87%
Total physical RAM: 7959.47 MB
Available physical RAM: 989.73 MB
Total Virtual: 23319.47 MB
Available Virtual: 12796.89 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:220.92 GB) (Free:41.59 GB) NTFS

\\?\Volume{97ae6464-aadf-4cc3-9575-24f7ecdebe59}\ () (Fixed) (Total:1.07 GB) (Free:0.08 GB) NTFS
\\?\Volume{04f176fb-f1e2-463e-9ae3-c387df39b9d4}\ (IMAGE) (Fixed) (Total:13.88 GB) (Free:0.15 GB) NTFS
\\?\Volume{7628162a-900c-4052-b2db-5ae32c638466}\ (DELLSUPPORT) (Fixed) (Total:1.72 GB) (Free:0.83 GB) NTFS
\\?\Volume{7a9cb0af-6ad2-4051-993e-7fe1d39e629b}\ (ESP) (Fixed) (Total:0.73 GB) (Free:0.64 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 1F5EF3A0)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Nalezena potencionálně nežádoucí aplikace

Napsal: 06 říj 2021 19:57
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\Run: [] => [X]
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Task: {DBB429E7-5C23-4790-9AA6-C335979AB8CB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-03] (Google LLC -> Google LLC)
Task: {ED476BAD-B100-4DE5-A82A-0A48AB6DC971} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-03] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
SearchScopes: HKU\S-1-5-21-3376143671-3383002286-3793547419-1001 -> DefaultScope {AB93DFC2-045F-4F4B-932A-09AA92221FF3} URL =
SearchScopes: HKU\S-1-5-21-3376143671-3383002286-3793547419-1001 -> {AB93DFC2-045F-4F4B-932A-09AA92221FF3} URL =
C:\OneDriveTemp\S-1-5-21-3376143671-3383002286-3793547419-1001\83B617378ACAA294!103-83B617378ACAA294!34051-83B617378ACAA294!32746-a4ff5f23d48ed826925beee5b6aec78df81e946a.temp

EmptyTemp:
End
Uložte do C:\Users\lamas\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Nalezena potencionálně nežádoucí aplikace

Napsal: 06 říj 2021 21:00
od Ohsen
Fix result of Farbar Recovery Scan Tool (x64) Version: 06-10-2021
Ran by lamas (06-10-2021 21:56:04) Run:1
Running from C:\Users\lamas\Downloads
Loaded Profiles: lamas
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\...\Run: [] => [X]
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Task: {DBB429E7-5C23-4790-9AA6-C335979AB8CB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-03] (Google LLC -> Google LLC)
Task: {ED476BAD-B100-4DE5-A82A-0A48AB6DC971} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-03] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
SearchScopes: HKU\S-1-5-21-3376143671-3383002286-3793547419-1001 -> DefaultScope {AB93DFC2-045F-4F4B-932A-09AA92221FF3} URL =
SearchScopes: HKU\S-1-5-21-3376143671-3383002286-3793547419-1001 -> {AB93DFC2-045F-4F4B-932A-09AA92221FF3} URL =
C:\OneDriveTemp\S-1-5-21-3376143671-3383002286-3793547419-1001\83B617378ACAA294!103-83B617378ACAA294!34051-83B617378ACAA294!32746-a4ff5f23d48ed826925beee5b6aec78df81e946a.temp

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DBB429E7-5C23-4790-9AA6-C335979AB8CB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DBB429E7-5C23-4790-9AA6-C335979AB8CB}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ED476BAD-B100-4DE5-A82A-0A48AB6DC971}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED476BAD-B100-4DE5-A82A-0A48AB6DC971}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-3376143671-3383002286-3793547419-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AB93DFC2-045F-4F4B-932A-09AA92221FF3} => removed successfully
"C:\OneDriveTemp\S-1-5-21-3376143671-3383002286-3793547419-1001\83B617378ACAA294!103-83B617378ACAA294!34051-83B617378ACAA294!32746-a4ff5f23d48ed826925beee5b6aec78df81e946a.temp" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19102884 B
Java, Flash, Steam htmlcache => 196377675 B
Windows/system/drivers => 311354 B
Edge => 118843 B
Chrome => 2110103769 B
Brave => 25777765 B
Firefox => 255265326 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 944454 B
systemprofile32 => 944454 B
LocalService => 944454 B
NetworkService => 948832 B
lamas => 8757452 B

RecycleBin => 13673078 B
EmptyTemp: => 2.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:57:29 ====

Re: Nalezena potencionálně nežádoucí aplikace

Napsal: 07 říj 2021 09:40
od Rudy
Smazáno. Nastala nějaká změna?

Re: Nalezena potencionálně nežádoucí aplikace

Napsal: 07 říj 2021 11:20
od Ohsen
Dobrý den, hláška mi již v Historii ochrany nevyskakuje. Moc děkuji za pomoc!

Re: Nalezena potencionálně nežádoucí aplikace

Napsal: 07 říj 2021 14:26
od Rudy
Rádo se stalo! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz