Stránka 1 z 1

prosba preventivní kontrola

Napsal: 17 bře 2022 14:49
od Dzura
Zdravím,
prosím o kontrolu logu. V ntb jsem upgradoval RAM i pevný disk na velice slušnou úroveň pro kancelářskou práci, ale stále "funí" a strašně hřeje. O to více se to zhoršilo po aktualizaci na W11, kdy již několik měsíců velice pomálu funguje načítání synchronizovaných složek přes Onedrive.
Řeším tedy, zda přeinstalovat windows a tím vyčistit, nebo jestli se mně tu něco neskrývá.
Děkuji


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Windows\System32\DellTPad\ApntEx.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <6>
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> ) C:\Program Files\PowerToys\modules\AlwaysOnTop\PowerToys.AlwaysOnTop.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\Awake\PowerToys.Awake.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\ColorPicker\PowerToys.ColorPickerUI.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\FancyZones\PowerToys.FancyZones.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\KeyboardManager\KeyboardManagerEngine\PowerToys.KeyboardManagerEngine.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\launcher\PowerToys.PowerLauncher.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_22055.502.1226.2344_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\99.0.1150.39\msedgewebview2.exe <7>
(cmd.exe ->) (Microsoft Corporation -> Microsoft) C:\Users\jirik\AppData\Local\Packages\Microsoft.PowerAutomateDesktop_8wekyb3d8bbwe\TempState\webextensions\PAD.BrowserNativeMessageHost.exe
(DellTPad\Apoint.exe ->) (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Windows\System32\DellTPad\ApMsgFwd.exe
(DellTPad\Apoint.exe ->) (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Windows\System32\DellTPad\ApRemote.exe
(DellTPad\Apoint.exe ->) (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Windows\System32\DellTPad\hidfind.exe
(DellTPad\HidMonitorSvc.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Alps Electric Co., Ltd.) C:\Windows\System32\DellTPad\Apoint.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxEM.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\55.0.3.0\crashpad_handler.exe
(explorer.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_b4d0b189ff2aba03\WavesSvc64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <41>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\jirik\AppData\Local\Microsoft\Teams\current\Teams.exe <9>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) ("STMicroelectronics Srl" -> ) C:\Windows\System32\drivers\DellFFDPWmiService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Broadcom Inc -> ) C:\Windows\System32\bcmUshUpgradeService.exe
(services.exe ->) (Broadcom Inc -> Broadcom Corporation) C:\Windows\System32\bcmHostControlService.exe
(services.exe ->) (Broadcom Inc -> Broadcom Corporation) C:\Windows\System32\bcmHostStorageService.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\Command Monitor\dataeng\bin\dsm_sa_datamgr64.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\Command Monitor\dataeng\bin\dsm_sa_eventmgr64.exe
(services.exe ->) (Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_003a6d3c4c50c291\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_f629911085770af0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\TbtP2pShortcutService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\ThunderboltService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_9c788f1d162b1224\RstMwService.exe
(services.exe ->) (Microsoft Corporation -> ) C:\Program Files (x86)\Microsoft\Microsoft Search in Bing\MicrosoftSearchInBing.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Alps Electric Co., Ltd.) C:\Windows\System32\DellTPad\HidMonitorSvc.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_07d057a43ab2de16\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a1020546271138b9\RtkAudUService64.exe <3>
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(services.exe ->) (Sober Lemur S.a.s. di Vacondio Andrea -> Andrea Vacondio) C:\Program Files\PDFsam Enhanced 7\activation-service.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_b4d0b189ff2aba03\WavesSysSvc64.exe
(sihost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\jirik\AppData\Local\Microsoft\OneDrive\22.050.0306.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2202.10603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a1020546271138b9\RtkAudUService64.exe [1343072 2021-08-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_b4d0b189ff2aba03\WavesSvc64.exe [1774584 2021-02-19] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [CNAP3 Launcher] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNAP3LAK.EXE [228520 2012-06-13] (CANON INC. -> CANON INC.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3951232 2020-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [157464 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288184 2022-02-22] (Intel Corporation -> Intel)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\jirik\AppData\Local\Microsoft\Teams\Update.exe [2492176 2022-03-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\ZPS 19 CZ\Program32\ZPSTRAY.EXE [790512 2020-05-04] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\Run: [Samsung DeX] => C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe [10929320 2021-12-03] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1664701216-379068115-2624813269-500\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Administrator\AppData\Local\Microsoft\Teams\Update.exe [2455256 2021-11-04] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1664701216-379068115-2624813269-500\...\Run: [MicrosoftEdgeAutoLaunch_98769996E24836F99EC8617644423B4C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-1664701216-379068115-2624813269-500\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-1664701216-379068115-2624813269-500\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-1664701216-379068115-2624813269-500\...\RunOnce: [Uninstall 21.050.0310.0001\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\21.050.0310.0001\amd64"
HKU\S-1-5-21-1664701216-379068115-2624813269-500\...\RunOnce: [Uninstall 21.050.0310.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\21.050.0310.0001"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\HP1006S: C:\Windows\System32\spool\prtprocs\x64\HP1006S.DLL [373760 2010-06-29] (Hewlett-Packard) [File not signed]
HKLM\...\Windows x64\Print Processors\OKX055PP: C:\Windows\System32\spool\prtprocs\x64\OKX055PP.DLL [52224 2017-05-08] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
HKLM\...\Windows x64\Print Processors\XeroxV5Print: C:\Windows\System32\spool\prtprocs\x64\x5print.dll [90112 2018-09-27] (Xerox Corporation) [File not signed]
HKLM\...\Print\Monitors\Oki Language Monitor v2 x64: C:\Windows\system32\OPPFLM64.DLL [24064 2011-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
HKLM\...\Print\Monitors\PDFsam Enhanced 7 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\brand_solution_name_pdfpmon_v.6.11.0.7.dll [960120 2021-11-23] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\...\Print\Monitors\Software602 XPS port monitor: C:\Windows\system32\602localmon.dll [43584 2021-04-21] (Software602 a.s. -> Windows (R) Win 7 DDK provider)
HKLM\...\Print\Monitors\Status Monitor Language Monitor for Dell 2155cn Color MFP PCL6: C:\Windows\system32\DLXGIZIL.DLL [185344 2012-08-06] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\99.0.4844.74\Installer\chrmstp.exe [2022-03-17] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\jirik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2021-09-21]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02A5D236-9513-4989-8C02-1ABC1051190C} - System32\Tasks\Andrea Vacondio\PDFsam Enhanced 7\App Notification Logon => C:\Program Files\PDFsam Enhanced 7\sam-launcher.exe [1868696 2021-11-03] (Sober Lemur S.a.s. di Vacondio Andrea -> Andrea Vacondio)
Task: {03DF2AB2-048D-4649-B345-8E5AC722D822} - System32\Tasks\S-1-12-1-3063163100-1313087218-1108411322-350980306\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (No File)
Task: {06C76325-0E4D-4D6F-997E-D01315A70C6F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {0C6FC58D-61E8-42F0-95D5-856ACA70039A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1009872 2021-11-02] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {0F9C3379-9329-49AC-9B62-08AAAA2D24BA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {11789747-9262-434F-8EA9-9ED9BF398345} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2296088 2022-03-17] (Avast Software s.r.o. -> Avast Software)
Task: {157A4F78-2B7D-41C9-A118-3D8EFEFFD0E4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {198103C4-3E81-43FA-BD88-40A491DEB567} - System32\Tasks\Andrea Vacondio\PDFsam Enhanced 7\App Notification => C:\Program Files\PDFsam Enhanced 7\sam-launcher.exe [1868696 2021-11-03] (Sober Lemur S.a.s. di Vacondio Andrea -> Andrea Vacondio)
Task: {1DFB14A4-D5FD-49C6-819E-BEB4D2D5A5AB} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1060384 2021-11-15] (Dell Inc -> Dell Inc.)
Task: {2372FA22-7C35-459E-AA50-3DF758A7A768} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2332984 2022-03-17] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {3876480C-0653-4052-A62D-654DE6ABF894} - System32\Tasks\PowerToys\Autorun for jirik => C:\Program Files\PowerToys\PowerToys.exe [1028488 2022-01-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {3B0DFDD1-0286-4D69-8E7B-BDF415BFC4E2} - System32\Tasks\Andrea Vacondio\PDFsam Enhanced 7\Update => C:\Program Files\PDFsam Enhanced 7\sam.exe [3418520 2021-11-03] (Sober Lemur S.a.s. di Vacondio Andrea -> Andrea Vacondio)
Task: {457B6D49-948E-41C5-B603-E19884E5448B} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [59232 2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {50F4D05F-A755-4C8E-8E4F-728215E18966} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {592186CA-B55C-47A4-B050-725974938F68} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {63AABD32-AED0-4FD3-8DF4-5F96284C934C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {6D781464-7C25-474F-A7B6-E6B6B11C1153} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647376 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7576D4BD-18CB-4002-B2BB-E5CD0E59DC73} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [137072 2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {75D62E8F-0B42-41FB-A186-65AE866700B6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8307120 2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {7D695D0D-7798-4A4D-A109-5F4676DED0AA} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {8145331A-C6B8-4DE5-89EC-85790D76C890} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {8BEF427B-8263-49BB-B3A5-5ADA19051374} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe (No File)
Task: {9653903F-7F36-4592-86A4-CDB77AF0EC76} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-11] (Google LLC -> Google LLC)
Task: {9DF2EB2A-4D17-4330-9461-5D8C793C9D5B} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\Windows\system32\gpupdate.exe [53248 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {A0CD714F-F37C-4D18-AE78-8FE626BF57AD} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4992280 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
Task: {A4A59830-F4D3-470F-A8F9-D769207846C0} - System32\Tasks\S-1-5-21-315978714-1530173223-4211313467-1723\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (No File)
Task: {A50EA7C3-0DCF-49E7-A2D4-3A150B0C4EF9} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1596312 2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A67DE7FE-597C-4C26-933A-C12A2FCB2988} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {AEC18D0C-BF4C-4968-A48A-DFFEA99D3C9C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-11] (Google LLC -> Google LLC)
Task: {BA5D0DF0-76C5-422E-958D-42D9295EAC70} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {BE823640-6AAD-4ED2-96D0-CAC1743110C7} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {CBE4F2F1-18C7-4014-AB35-E499C632AE7A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8307120 2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Antivirus Emergency Update" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CreateExplorerShellUnelevatedTask" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\Dell SupportAssistAgent AutoUpdate" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore1d7ba36d77c6604" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(20): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(21): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(22): schtasks.exe -> /Change /TN "\OneDrive Reporting Task-S-1-5-21-1664701216-379068115-2624813269-1001" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(23): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-12-1-3063163100-1313087218-1108411322-350980306" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(24): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-1664701216-379068115-2624813269-1001" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(25): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-315978714-1530173223-4211313467-1723" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(26): schtasks.exe -> /Change /TN "\USER_ESRV_SVC_QUEENCREEK" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(27): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {D33C55C1-8581-4987-A22C-4D895D3755AB} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4103816 2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {D80D1755-9351-4A8F-A710-6DA326683455} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [137072 2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {D8E42D54-9A12-4297-BE9D-9C1F89F69A64} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation)
Task: {E4F908C6-AF91-45D5-A64F-628C50B9F75E} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation)
Task: {F59760A0-6004-43FD-A1BB-2B125C319D12} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {FBFBC443-BF92-4E2A-8DBB-936B722BF7AB} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\Windows\system32\gpupdate.exe [53248 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {FC5082FB-5D42-415B-98EC-B85F62285365} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339472 2022-02-03] (Nvidia Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.0 account.zoner.com
Tcpip\Parameters: [DhcpNameServer] 172.16.0.1
Tcpip\..\Interfaces\{3b8ddc94-c4f5-424a-8372-5cf90ed6e3f8}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4b130dab-321a-4041-b525-8add95e0427b}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d45d8283-cba9-48e4-9593-148fb376ca32}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{e1735eeb-c22d-48f4-a9b6-d3386b227d21}: [DhcpNameServer] 192.168.77.162
Tcpip\..\Interfaces\{e7ca5f04-a2ac-4010-ab60-1506a47d728f}: [DhcpNameServer] 172.16.0.1

Edge:
=======
Edge Profile: C:\Users\jirik\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-17]
Edge Extension: (Microsoft Power Automate) - C:\Users\jirik\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\njjljiblognghfjfpcdpdbpbfcmhgafg [2022-02-15]
Edge HKU\S-1-5-21-1664701216-379068115-2624813269-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [njjljiblognghfjfpcdpdbpbfcmhgafg]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1664701216-379068115-2624813269-1001: @kb-ext.cz/PKIComponent -> C:\Users\jirik\AppData\Roaming\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll [2020-12-03] (KOMERCNI BANKA A.S. -> Komerční banka, a.s.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default [2022-03-17]
CHR Notifications: Default -> hxxps://app.freelo.cz; hxxps://app.gotowebinar.com; hxxps://calendar.google.com; hxxps://meet.google.com; hxxps://messages.google.com; hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://10.1.10.90/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/","hxxp://www.google.com/"
CHR Extension: (Prezentace) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-08-21]
CHR Extension: (Dokumenty) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-08-21]
CHR Extension: (Disk Google) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-08-21]
CHR Extension: (Read on reMarkable) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfhkfdnddlhfippjbflipboognpdpoeh [2021-10-27]
CHR Extension: (YouTube) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-08-21]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-01-12]
CHR Extension: (Video Downloader for Vimeo) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgmcdpfpkoildicgacgldinemhgmcbgp [2022-02-08]
CHR Extension: (Komponenta pro aplikaci BUSINESS 24) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmnbkaminnbffdjkdlahealilagcdfdi [2021-10-04]
CHR Extension: (Blue-White) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpdppflofbnccceeefenhhokdcaipacc [2021-08-21]
CHR Extension: (Tabulky) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-08-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-17]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-03-08]
CHR Extension: (Microsoft Power Automate) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjgfobnenmnljakmhboildkafdkicala [2022-03-07]
CHR Extension: (Microsoft Editor: kontrola pravopisu a gramatiky) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpaiobkfhnonedkhhfjpmhdalgeoebfa [2022-03-16]
CHR Extension: (Cisco Webex Extension) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2022-02-24]
CHR Extension: (Grammarly for Chrome) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-03-07]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-02-14]
CHR Extension: (AVG Online Security) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbmoafcmbajniiapeidgficgifbfmjfo [2021-11-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-21]
CHR Extension: (Gmail) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-08-21]
CHR HKU\S-1-5-21-1664701216-379068115-2624813269-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gjgfobnenmnljakmhboildkafdkicala]
CHR HKU\S-1-5-21-1664701216-379068115-2624813269-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 ApHidMonitorService; C:\WINDOWS\system32\DellTPad\HidMonitorSvc.exe [863632 2019-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Alps Electric Co., Ltd.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8483920 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [564504 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1957144 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [563992 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11649952 2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
R2 dcevt64; C:\Program Files\Dell\Command Monitor\dataeng\bin\dsm_sa_eventmgr64.exe [631856 2021-09-07] (Dell Inc -> Dell Inc.)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [315008 2021-08-23] (Dell Inc -> Dell Inc.)
R2 dcstor64; C:\Program Files\Dell\Command Monitor\dataeng\bin\dsm_sa_datamgr64.exe [878128 2021-09-07] (Dell Inc -> Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [436256 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3847712 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [462880 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [50888 2021-06-24] (Dell Inc -> )
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1024680 2021-09-01] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [19128 2021-03-31] (Dell Inc -> Dell INC.)
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{2546AB0A-C1FA-45BD-8036-834025BEA937} [45368 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38600 2021-11-11] (Dell Inc -> )
R2 DellFFDPWmiService; C:\WINDOWS\System32\drivers\DellFFDPWmiService.exe [32528 2020-02-17] ("STMicroelectronics Srl" -> )
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [39352 2022-02-22] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [181176 2022-02-22] (Intel Corporation -> Intel)
R2 hostcontrolsvc; C:\WINDOWS\System32\bcmHostControlService.exe [832848 2021-12-01] (Broadcom Inc -> Broadcom Corporation)
R2 hoststoragesvc; C:\WINDOWS\System32\bcmHostStorageService.exe [169296 2021-12-01] (Broadcom Inc -> Broadcom Corporation)
R2 MicrosoftSearchInBing; C:\Program Files (x86)\Microsoft\Microsoft Search in Bing\MicrosoftSearchInBing.exe [21376 2020-04-20] (Microsoft Corporation -> )
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [45368 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 PDFsam Enhanced 7; C:\Program Files\PDFsam Enhanced 7\activation-service.exe [3210648 2021-11-03] (Sober Lemur S.a.s. di Vacondio Andrea -> Andrea Vacondio)
S3 PDFsam Enhanced 7 Creator; C:\Program Files\PDFsam Enhanced 7\creator-ws.exe [514456 2021-11-03] (Sober Lemur S.a.s. di Vacondio Andrea -> Andrea Vacondio)
S3 PDFsam Enhanced 7 Update Service; C:\Program Files\PDFsam Enhanced 7\update-service.exe [267672 2021-11-03] (Sober Lemur S.a.s. di Vacondio Andrea -> Andrea Vacondio)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6187016 2022-03-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182296 2021-06-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2021-06-23] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2021-06-23] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-11-15] (Dell Inc -> Dell Inc.)
R2 TbtP2pShortcutService; C:\WINDOWS\TbtP2pShortcutService.exe [254112 2021-07-14] (Intel Corporation -> Intel Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12912936 2021-11-16] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 ushupgradesvc; C:\WINDOWS\System32\bcmUshUpgradeService.exe [314192 2021-12-01] (Broadcom Inc -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WMIRegistrationService; C:\WINDOWS\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe [538736 2021-10-05] (Intel Corporation -> Intel Corporation)
S3 era-updater; "C:\ProgramData\ESET\RemoteAdministrator\Agent\EraAgentApplicationData\Data\UpdaterService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_07d057a43ab2de16\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_07d057a43ab2de16\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ApHidfiltrService; C:\WINDOWS\System32\drivers\ApHidfiltrSW.sys [360848 2019-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Alps Electric Co., Ltd.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [228928 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [370752 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2022-03-17] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [269440 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [546320 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [855336 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [551920 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215920 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
S3 avgTap; C:\WINDOWS\System32\drivers\avgTap.sys [54888 2021-12-24] (AVG Technologies CZ, s.r.o. -> The OpenVPN Project)
S3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24968 2022-01-31] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dlcdcncm; C:\WINDOWS\System32\drivers\dlcdcncm62_x64.sys [90344 2020-04-28] (DISPLAYLINK (UK) LIMITED -> DisplayLink Corp.)
S3 dlusbaudio; C:\WINDOWS\System32\drivers\dlusbaudio_x64.sys [238320 2017-05-29] (DISPLAYLINK -> DisplayLink Corp.)
R1 googledrivefs3688; C:\WINDOWS\System32\DRIVERS\googledrivefs3688.sys [381456 2022-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
S3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [110904 2022-01-28] (Microsoft Windows -> Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 rtump64x64; C:\WINDOWS\System32\drivers\rtump64x64.sys [962600 2021-09-22] (Realtek Semiconductor Corp. -> Realtek Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167432 2021-06-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43536 2021-06-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48520 2021-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435424 2021-11-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-07] (Microsoft Windows -> Microsoft Corporation)
R3 WiMan; C:\WINDOWS\System32\DriverStore\FileRepository\wiman.inf_amd64_f54d0a27ac206b8c\WiMan\WiMan.sys [167992 2021-10-05] (Intel Corporation -> Intel Corporation)
U1 aswbdisk; no ImagePath
S1 netfilter2; system32\drivers\netfilter2.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-17 14:41 - 2022-03-17 14:42 - 000051788 _____ C:\Users\jirik\Desktop\FRST.txt
2022-03-17 14:40 - 2022-03-17 14:41 - 000000000 ____D C:\FRST
2022-03-17 14:40 - 2022-03-17 14:40 - 002364928 _____ (Farbar) C:\Users\jirik\Desktop\FRST64.exe
2022-03-17 14:33 - 2022-03-17 14:35 - 000000000 ____D C:\ProgramData\AVG
2022-03-17 14:32 - 2022-03-17 14:32 - 004146112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgremoverx.exe
2022-03-17 14:27 - 2022-03-17 14:32 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-03-17 14:25 - 2022-03-17 14:25 - 014519408 _____ (AVG Technologies CZ, s.r.o.) C:\Users\jirik\Downloads\avgclear.exe
2022-03-17 14:08 - 2022-03-17 14:08 - 000002166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2022-03-17 14:08 - 2022-03-17 14:08 - 000000000 ____D C:\Users\jirik\AppData\Roaming\Avast Software
2022-03-17 14:08 - 2022-03-17 14:08 - 000000000 ____D C:\Users\jirik\AppData\Local\Avast Software
2022-03-17 14:07 - 2022-03-17 14:07 - 000855336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-03-17 14:07 - 2022-03-17 14:07 - 000551920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-03-17 14:07 - 2022-03-17 14:07 - 000546320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-03-17 14:07 - 2022-03-17 14:07 - 000370752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-03-17 14:07 - 2022-03-17 14:07 - 000340760 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-03-17 14:07 - 2022-03-17 14:07 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-03-17 14:07 - 2022-03-17 14:07 - 000269440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-03-17 14:07 - 2022-03-17 14:07 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-03-17 14:07 - 2022-03-17 14:07 - 000228928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-03-17 14:07 - 2022-03-17 14:07 - 000215920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-03-17 14:07 - 2022-03-17 14:07 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-03-17 14:07 - 2022-03-17 14:07 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-03-17 14:07 - 2022-03-17 14:07 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-03-17 14:07 - 2022-03-17 14:07 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-03-17 14:07 - 2022-03-17 14:07 - 000021936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2022-03-17 14:07 - 2022-03-17 14:07 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-03-17 14:07 - 2022-03-17 14:07 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2022-03-17 14:07 - 2022-03-17 14:07 - 000000000 ____D C:\Program Files\Avast Software
2022-03-17 14:06 - 2022-03-17 14:37 - 000000000 ____D C:\ProgramData\Avast Software
2022-03-17 14:06 - 2022-03-17 14:06 - 000259872 _____ (AVAST Software) C:\Users\jirik\Downloads\avast_premium_security_setup_online (1).exe
2022-03-17 14:05 - 2022-03-17 14:05 - 000259872 _____ (AVAST Software) C:\Users\jirik\Downloads\avast_premium_security_setup_online.exe
2022-03-17 14:03 - 2022-03-17 14:03 - 000471936 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-17 14:03 - 2022-03-17 14:03 - 000000000 ____D C:\WINDOWS\Panther
2022-03-17 14:02 - 2022-03-17 14:02 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000075-000000.txt
2022-03-17 13:50 - 2022-03-17 13:50 - 000087025 _____ C:\Users\jirik\Downloads\CHC_Účetní_deník_2021.xlsx
2022-03-17 10:21 - 2022-03-17 10:21 - 000031138 _____ C:\Users\jirik\Downloads\CHC_Obratová_předvaha_analyticky_2021.xlsx
2022-03-16 13:27 - 2022-03-16 13:27 - 000056096 _____ C:\Users\jirik\Downloads\zalohova_9220362.pdf
2022-03-16 11:12 - 2022-03-16 11:12 - 003764463 _____ C:\Users\jirik\Downloads\2022_B11_Letak_terminy.pdf
2022-03-11 07:22 - 2022-03-11 07:27 - 000011964 _____ C:\Users\jirik\Desktop\příkazy 11.03.2022.xlsx
2022-03-10 13:34 - 2022-03-10 13:34 - 000000000 ____D C:\Users\jirik\AppData\LocalLow\NVIDIA
2022-03-10 10:49 - 2022-03-10 10:49 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000074-000000.txt
2022-03-10 10:34 - 2022-03-10 10:34 - 000015016 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-03-10 10:32 - 2022-03-10 10:32 - 000000000 ___HD C:\$WinREAgent
2022-03-07 21:06 - 2022-03-07 21:18 - 000000000 ____D C:\Users\jirik\Desktop\TB 20220307
2022-03-03 08:33 - 2022-03-03 08:33 - 000000000 ____D C:\Users\jirik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\reMarkable
2022-03-03 08:32 - 2022-03-03 08:33 - 000000000 ____D C:\Program Files (x86)\reMarkable
2022-02-24 09:47 - 2022-02-24 11:00 - 000000000 __SHD C:\Users\jirik\Documents\cache
2022-02-24 09:46 - 2022-03-17 13:58 - 000000000 ____D C:\Users\jirik\AppData\Local\WebEx
2022-02-24 09:46 - 2022-02-24 09:46 - 000000000 ____D C:\Users\jirik\AppData\Roaming\Mozilla
2022-02-24 07:11 - 2022-02-24 07:11 - 000001516 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2022-02-22 07:13 - 2022-03-17 14:01 - 000000000 ____D C:\Users\jirik\Downloads\podpisové stránky PH
2022-02-17 20:06 - 2022-02-17 20:06 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000073-000000.txt
2022-02-17 18:01 - 2022-02-17 18:01 - 000210432 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll
2022-02-17 11:56 - 2022-02-17 11:56 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000072-000000.txt

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-17 14:41 - 2021-10-05 23:21 - 001715176 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-03-17 14:41 - 2021-10-05 22:29 - 000725838 _____ C:\WINDOWS\system32\perfh005.dat
2022-03-17 14:41 - 2021-10-05 22:29 - 000150784 _____ C:\WINDOWS\system32\perfc005.dat
2022-03-17 14:41 - 2021-06-05 13:09 - 000000000 ____D C:\WINDOWS\INF
2022-03-17 14:39 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-03-17 14:39 - 2020-05-11 18:10 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-17 14:39 - 2019-10-22 23:37 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2022-03-17 14:37 - 2022-02-01 07:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\PowerToys
2022-03-17 14:37 - 2022-01-04 10:08 - 000000000 ____D C:\Users\jirik\Documents\CHC
2022-03-17 14:37 - 2021-08-23 07:34 - 000000000 __SHD C:\Users\jirik\IntelGraphicsProfiles
2022-03-17 14:37 - 2021-08-21 11:27 - 000000000 ___RD C:\Users\jirik\OneDrive - CZECH HOME CAPITAL Services, s.r.o
2022-03-17 14:37 - 2021-08-21 11:01 - 000000000 ___RD C:\Users\jirik\CZECH HOME CAPITAL Services, s.r.o
2022-03-17 14:37 - 2021-08-15 09:16 - 000000000 ___RD C:\Users\jirik\OneDrive
2022-03-17 14:37 - 2021-08-15 09:13 - 000000000 ____D C:\Users\jirik\AppData\Local\Packages
2022-03-17 14:37 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-17 14:37 - 2021-06-05 13:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-17 14:37 - 2020-05-12 09:52 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-03-17 14:37 - 2020-04-29 22:37 - 000714015 _____ C:\WINDOWS\system32\CVFirmwareUpgradeLog.txt
2022-03-17 14:37 - 2019-10-22 23:36 - 000000000 ____D C:\ProgramData\NVIDIA
2022-03-17 14:36 - 2021-11-08 07:06 - 000000000 ____D C:\Program Files\Common Files\AVG
2022-03-17 14:36 - 2021-10-05 23:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-17 14:36 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\ServiceState
2022-03-17 14:36 - 2021-06-05 13:01 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2022-03-17 14:36 - 2020-05-31 14:44 - 000012288 ___SH C:\DumpStack.log.tmp
2022-03-17 14:36 - 2020-04-29 22:37 - 000000000 ____D C:\Intel
2022-03-17 14:35 - 2021-11-08 07:07 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2022-03-17 14:34 - 2021-12-24 11:36 - 000000000 ____D C:\Program Files (x86)\AVG
2022-03-17 14:34 - 2021-06-05 13:10 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-17 14:17 - 2021-08-21 10:20 - 000000000 ____D C:\Users\jirik\AppData\Local\D3DSCache
2022-03-17 14:12 - 2020-05-11 18:10 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-03-17 14:08 - 2022-01-18 11:50 - 000000000 ____D C:\Users\jirik\AppData\Roaming\Kastner software
2022-03-17 14:08 - 2022-01-18 11:50 - 000000000 ____D C:\ProgramData\KASTNER software
2022-03-17 14:07 - 2021-11-08 16:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2022-03-17 14:07 - 2021-06-05 13:10 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-03-17 14:03 - 2022-02-14 13:39 - 000002588 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2022-03-17 14:03 - 2021-10-11 05:39 - 000003214 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7ba36d77c6604
2022-03-17 14:03 - 2021-10-06 07:55 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-03-17 14:03 - 2021-10-06 07:55 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-03-17 14:03 - 2021-10-06 07:54 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-03-17 14:03 - 2021-10-06 07:54 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-03-17 14:03 - 2021-10-06 07:54 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-03-17 14:03 - 2021-10-06 07:54 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-03-17 14:03 - 2021-10-06 07:54 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-03-17 14:03 - 2021-10-06 07:54 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-03-17 14:03 - 2021-10-06 07:54 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-03-17 14:03 - 2021-10-05 23:21 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-03-17 14:03 - 2021-10-05 23:21 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-17 14:03 - 2021-10-05 23:21 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-03-17 14:03 - 2021-10-05 23:21 - 000003274 _____ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate
2022-03-17 14:03 - 2021-10-05 23:21 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-03-17 14:03 - 2021-10-05 23:21 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-03-17 14:03 - 2021-10-05 23:21 - 000003042 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2022-03-17 14:03 - 2021-10-05 23:21 - 000002970 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2022-03-17 14:03 - 2021-10-05 23:21 - 000002882 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-12-1-3063163100-1313087218-1108411322-350980306
2022-03-17 14:03 - 2021-10-05 23:21 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-315978714-1530173223-4211313467-1723
2022-03-17 14:03 - 2021-10-05 23:21 - 000002678 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2022-03-17 14:03 - 2021-10-05 23:21 - 000002604 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2022-03-17 14:03 - 2021-10-05 23:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-17 14:03 - 2021-08-21 10:26 - 000000000 ____D C:\Users\jirik\AppData\Roaming\WhatsApp
2022-03-17 14:03 - 2020-05-11 19:23 - 000000000 ____D C:\Program Files\WinRAR
2022-03-17 14:01 - 2021-10-26 05:02 - 000000000 ____D C:\Users\jirik\AppData\Local\WhatsApp
2022-03-17 13:59 - 2021-12-24 11:43 - 000000000 ____D C:\Users\jirik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-03-17 13:59 - 2021-11-08 07:07 - 000003992 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2022-03-17 13:59 - 2020-05-11 19:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-03-17 13:59 - 2019-10-22 23:49 - 000000000 ____D C:\ProgramData\Packages
2022-03-17 10:19 - 2021-12-13 06:21 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1664701216-379068115-2624813269-1001
2022-03-17 10:19 - 2021-10-26 09:54 - 000003368 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1664701216-379068115-2624813269-1001
2022-03-17 10:19 - 2021-10-26 09:54 - 000002385 _____ C:\Users\jirik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-03-16 13:01 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\Registration
2022-03-16 09:54 - 2019-10-22 23:38 - 000000000 ____D C:\Program Files\Microsoft Office
2022-03-12 20:32 - 2020-09-10 15:39 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-11 09:38 - 2021-11-23 09:38 - 000000000 ____D C:\ProgramData\boost_interprocess
2022-03-11 09:38 - 2021-11-23 09:37 - 000000000 ____D C:\Users\jirik\AppData\Roaming\PDFsam Enhanced 7
2022-03-11 08:29 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-10 11:22 - 2021-12-01 16:59 - 000002404 _____ C:\Users\jirik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams (work or school).lnk
2022-03-10 10:49 - 2021-06-05 15:30 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-03-10 10:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-10 10:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-10 10:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-10 10:38 - 2021-02-20 15:27 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-03-10 10:38 - 2020-05-11 18:16 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-10 10:35 - 2020-05-11 18:16 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-03-10 10:34 - 2021-10-05 23:18 - 003102208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-03-10 10:32 - 2021-10-11 08:13 - 000000000 ____D C:\Program Files\dotnet
2022-03-10 10:32 - 2019-10-22 23:34 - 000000000 ____D C:\ProgramData\Package Cache
2022-03-10 09:01 - 2021-11-08 08:17 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-03-09 17:15 - 2021-08-21 10:19 - 000000000 ____D C:\Users\jirik\Documents\SB RED files
2022-03-09 17:09 - 2021-08-21 10:19 - 000000000 ____D C:\Users\jirik\Documents\Shikun
2022-03-09 15:44 - 2022-01-20 17:13 - 004194305 _____ C:\WINDOWS\SysWOW64\lil.log.old
2022-03-08 09:18 - 2021-10-11 06:19 - 000000000 ____D C:\Users\jirik\AppData\Local\CrashDumps
2022-03-01 00:36 - 2021-06-21 16:55 - 000504136 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2022-03-01 00:36 - 2021-06-21 16:55 - 000491848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-02-24 07:11 - 2019-10-22 23:35 - 000000000 ____D C:\Program Files (x86)\Intel
2022-02-17 20:06 - 2021-06-05 15:30 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-02-17 20:06 - 2021-06-05 13:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-02-17 20:06 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-02-17 20:06 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-02-17 20:06 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-02-17 20:06 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-02-15 11:31 - 2021-10-06 07:54 - 000000000 ____D C:\Users\jirik\AppData\Local\NVIDIA

==================== Files in the root of some directories ========

2021-10-06 08:00 - 2021-10-06 08:00 - 000007601 _____ () C:\Users\jirik\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2022-03-14 11:09
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2022
Ran by jirik (17-03-2022 14:42:35)
Running from C:\Users\jirik\Desktop
Microsoft Windows 11 Pro Version 21H2 22000.556 (X64) (2021-10-05 22:22:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1664701216-379068115-2624813269-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1664701216-379068115-2624813269-503 - Limited - Disabled)
Guest (S-1-5-21-1664701216-379068115-2624813269-501 - Limited - Disabled)
jirik (S-1-5-21-1664701216-379068115-2624813269-1001 - Administrator - Enabled) => C:\Users\jirik
WDAGUtilityAccount (S-1-5-21-1664701216-379068115-2624813269-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.001.20085 - Adobe)
Aplikácie Microsoft 365 pre veľké organizácie - sk-sk (HKLM\...\O365ProPlusRetail - sk-sk) (Version: 16.0.14931.20132 - Microsoft Corporation)
Aplikacje Microsoft 365 dla przedsiębiorstw - pl-pl (HKLM\...\O365ProPlusRetail - pl-pl) (Version: 16.0.14931.20132 - Microsoft Corporation)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.61.1 - Asmedia Technology)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 22.2.6003 - Avast Software)
AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1188.1 - AVG Technologies) Hidden
DefaultPackMSI (HKLM-x32\...\{D066B018-448B-40C5-9034-259BBCC49351}) (Version: 4.6.2.0 - Microsoft) Hidden
Dell 2155 Color MFP Scanner Driver (HKLM-x32\...\{40989F6C-18D8-4EE1-9B79-3D6FD2893EE9}) (Version: 1.0.2.2 - Dell Inc.)
Dell Command | Monitor (HKLM\...\{91E79414-DB41-4030-9A13-E133EE30F1D5}) (Version: 10.6.0.150 - Dell Inc.)
Dell Command | Update for Windows Universal (HKLM\...\{4CCADC13-F3AE-454F-B724-33F6D4E52022}) (Version: 4.4.0 - Dell Inc.)
Dell ControlVault Host Components Installer 64 bit (HKLM\...\{3C37C528-723A-4CA5-A867-AADF00DC0C06}) (Version: 5.8.30.51 - Broadcom Limited)
Dell Digital Delivery Services (HKLM-x32\...\{560DFD4A-23E2-45DD-A223-A4B3FA356913}) (Version: 4.0.92.0 - Dell Inc.)
Dell PointStick Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.3201.101.307 - ALPS ELECTRIC CO., LTD.)
Dell Power Manager Service (HKLM\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.10.0 - Dell Inc.)
Dell Printer Software (HKLM-x32\...\{105F3CE5-FE55-408E-BF30-E78F85BA0B12}) (Version: 1.00.000 - Dell Inc.)
Dell SupportAssist (HKLM\...\{E0659C89-D276-4B77-A5EC-A8F2F042E78F}) (Version: 3.10.4.18 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{08E7C8D5-F2B5-4F09-B0EA-F28913BEFDB0}) (Version: 5.5.1.16143 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{2a8bafd6-22ae-4d0e-87a4-686b2a4a2ab0}) (Version: 5.5.1.16143 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{E9E87628-7D88-4557-9A80-49B2B4A81460}) (Version: 5.4.1.14954 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{ef6a1215-d616-4e4f-9453-525ed9903031}) (Version: 5.4.1.14954 - Dell Inc.)
dch_setup (HKLM-x32\...\{0A5C4FC7-C229-464C-A042-1DB2352152B6}) (Version: 1.47.0.0 - elrazdah) Hidden
Documentation Manager (HKLM\...\{885E5716-698F-47E6-9ABD-87260B6C80F7}) (Version: 21.80.2.1 - Intel Corporation) Hidden
Documentation Manager (HKLM\...\{E6D708BA-9130-4926-AA3E-AEBB5DE1E60B}) (Version: 22.110.1.1 - Intel Corporation) Hidden
Dynamic Application Loader Host Interface Service (HKLM\...\{0AFA46DB-6E86-479E-BF66-B25C29324A5F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
eObčanka (HKLM\...\{45F6BE7F-4C79-4E99-A6C8-63919DFF6F87}) (Version: 3.1.1.19123 - MONET+, a.s. pro Ministerstvo vnitra České republiky)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 55.0.3.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 99.0.4844.74 - Google LLC)
Intel Driver && Support Assistant (HKLM-x32\...\{24ED9BA6-04C1-4F09-AB37-A7DC5ECDE6ED}) (Version: 22.1.8.8 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{88B98508-2D8F-46F1-90AD-557BE40C7067}) (Version: 2.4.07642 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.5.10103.7263 - Intel Corporation)
Intel(R) Graphics Driver Software (HKLM-x32\...\{124d91b2-2d97-4cc4-9ee7-2d2182a0884a}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{18b616d9-4adb-4666-82ce-a8a4337bd269}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{2028abfa-7954-482c-a38b-3d1f1dbbdfcf}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{2e312ef6-e0d3-4dc4-bce3-1fc8264ddb12}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{34989299-2d34-4a1b-baa2-4de4fafbb4d0}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{3772486f-d832-4cf7-b6f6-ba5d4d746da6}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{48d1bf71-f60f-4827-b977-16efdbae0c7a}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{899f8bb6-99cd-4f33-a004-c70d9ec22260}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{8a13c1a0-15ca-4939-92ea-9a745169ba28}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{9454a0e6-0762-48ec-b153-2a75b252d1fb}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{a3052cfa-e19e-4092-a8e5-264f6d84442c}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{b0307f85-280a-491f-8f69-4678e4100558}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{bd73e01d-c055-4533-8bc3-1f9489e66168}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{c49f9463-8ca3-4422-82b0-c06c7a9640ed}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{ee09a6a7-c9c8-43cf-a6c0-ec07b3567e5b}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{fb198756-7be7-4730-8f2e-282d5e71e412}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{37942a92-9e3f-4d70-9b5c-5955cbc54505}) (Version: 10.1.18121.8164 - Intel(R) Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2141.15.0.2511 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2020.7 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00002110-0220-1029-84C8-B8D95FA3C8C3}) (Version: 22.110.2.1 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{5604a897-b259-42f9-80fa-d71081fad4a6}) (Version: 22.1.8.8 - Intel)
Intel® Software Installer (HKLM-x32\...\{094650cc-6461-47bb-96c0-4ec910a08b94}) (Version: 22.110.1.1 - Intel Corporation) Hidden
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.14931.20132 - Microsoft Corporation)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.14931.20132 - Microsoft Corporation)
Microsoft 365 - hu-hu (HKLM\...\O365HomePremRetail - hu-hu) (Version: 16.0.14931.20132 - Microsoft Corporation)
Microsoft 365 - pl-pl (HKLM\...\O365HomePremRetail - pl-pl) (Version: 16.0.14931.20132 - Microsoft Corporation)
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.14931.20132 - Microsoft Corporation)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.14931.20132 - Microsoft Corporation)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.14931.20132 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 99.0.1150.39 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 99.0.1150.39 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\OneDriveSetup.exe) (Version: 22.050.0306.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1664701216-379068115-2624813269-500\...\OneDriveSetup.exe) (Version: 21.205.1003.0005 - Microsoft Corporation)
Microsoft Search in Bing (HKLM-x32\...\{C17F6DEF-D34C-4B75-97E1-D81062408B4A}) (Version: 2.0.2 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\Teams) (Version: 1.5.00.5967 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1664701216-379068115-2624813269-500\...\Teams) (Version: 1.4.00.26376 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{4812E2CC-BAA9-49AE-B310-DA845882322B}) (Version: 4.66.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.23 (x64) (HKLM-x32\...\{d2f91fed-8a18-4071-b8d3-22606fa9a9f6}) (Version: 3.1.23.31022 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.15 (x64) (HKLM-x32\...\{1e198010-5aa4-4fa4-b886-a31eb45f4661}) (Version: 5.0.15.31016 - Microsoft Corporation)
Nagyvállalati Microsoft 365-alkalmazások - hu-hu (HKLM\...\O365ProPlusRetail - hu-hu) (Version: 16.0.14931.20132 - Microsoft Corporation)
NVIDIA FrameView SDK 1.2.7321.30900954 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7321.30900954 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.0.84 - NVIDIA Corporation)
NVIDIA Graphics Driver 511.79 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 511.79 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20094 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13801.20638 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13801.20638 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0415-1000-0000000FF1CE}) (Version: 16.0.14931.20072 - Microsoft Corporation) Hidden
OptaneDowngradeGuard (HKLM\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden
PDFsam Basic (HKLM\...\{7784962D-70CC-4C26-B020-FF05D4280846}) (Version: 4.2.2.0 - Sober Lemur S.a.s. di Vacondio Andrea)
PDFsam Enhanced 7 (HKLM-x32\...\PDFsam Enhanced 7) (Version: 7.0.49.2295 - Sober Lemur S.a.s. di Vacondio Andrea)
PDFsam Enhanced 7 Edit Module (HKLM\...\{63380AAA-0783-42BC-B807-471E0BC00907}) (Version: 7.0.70.15196 - Andrea Vacondio) Hidden
PDFsam Enhanced 7 OCR Module (HKLM\...\{5D758ECE-77BA-400F-8F4C-42C93BEA6C1D}) (Version: 7.0.70.15196 - Andrea Vacondio) Hidden
PDFsam Enhanced 7 View Module (HKLM\...\{A1DD96C4-2ADF-4A7E-AA8B-D9362106B553}) (Version: 7.0.70.15196 - Andrea Vacondio) Hidden
PowerToys (Preview) (HKLM\...\{76DF3D62-A29E-4060-87DC-EA8B4A78FA62}) (Version: 0.55.0 - Microsoft Corporation) Hidden
PowerToys (Preview) x64 (HKLM-x32\...\{ad2fbc9a-2620-48c9-a9a2-3f7da9490620}) (Version: 0.55.0 - Microsoft Corporation)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9228.1 - Realtek Semiconductor Corp.)
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.2299 - Realtek Semiconductor Corp.)
Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.48.914.2021 - Realtek)
reMarkable (HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\reMarkable) (Version: 2.12.1 - reMarkable)
rM2 Template Helper (HKLM-x32\...\{3D58910F-6BC2-4105-B6B4-DE4FEA1761BC}) (Version: 1.0.0 - freeremarkabletools.com) Hidden
rM2 Template Helper and Custom Screens (HKLM-x32\...\rM2 Template Helper 1.0.0) (Version: 1.0.0 - freeremarkabletools.com)
RstDowngradeGuard (HKLM\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Samsung DeX (HKLM-x32\...\{43409A91-7C1A-4D28-B628-AD78F09DA3F0}) (Version: 2.4.0.27 - Samsung Electronics Co., Ltd.) Hidden
Samsung DeX (HKLM-x32\...\{a306c372-6ec4-43f0-b372-b1de15b0e935}) (Version: 2.4.0.27 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.46.0 - Samsung Electronics Co., Ltd.)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0093 - ST Microelectronics)
ST Microelectronics 3 Axis Digital Accelerometer Solution version 4.10.0104 (HKLM\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}_is1) (Version: 4.10.0104 - ST Microelectronics)
STORMWARE POHODA Klient CZ Komplet (HKLM-x32\...\{5F510E0B-E5D1-4DA1-B61D-4BC90D23828C}) (Version: 12500.181 - STORMWARE)
STORMWARE POHODA Klient CZ Komplet (HKLM-x32\...\{E6E1B035-4E22-4B17-8D99-2EBDEEBFF7F8}) (Version: 12804.4 - STORMWARE)
TbtLegacyPlug (HKLM-x32\...\{488D2737-A8BE-4F2A-8A9B-AEFF2DB8833F}) (Version: 18.0.0.0 - elrazdah) Hidden
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.4461 - Microsoft Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.24.5 - TeamViewer)
Thunderbolt™ Software (HKLM-x32\...\{6653e751-8a5d-4ba0-b13d-c3a212e9cd67}) (Version: 1.47.0.0 - Intel(R) Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WhatsApp (HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\WhatsApp) (Version: 2.2206.9 - WhatsApp)
WiFi Password Revealer (HKLM-x32\...\WiFi Password Revealer_is1) (Version: 1.0.0.13 - Magical Jelly Bean)
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (dg_ssudbus) USB (12/02/2015 2.12.1.0) (HKLM\...\85A33267F12961AF9ED9AE799DEDA5E62BEA236F) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (ssudmdm) Modem (12/02/2015 2.12.1.0) (HKLM\...\88ED314360B98E6E82E7CC3201FAEB4A9FD291B4) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (WinUSB) AndroidUsbDeviceClass (12/02/2015 2.12.1.0) (HKLM\...\701281E8283E9E3681220099A9DA5013A5A437AF) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)
ZPS 19 CZ v.19.2004.2.245 - 04.05.2020 (HKLM-x32\...\ZPS 19 CZ v.19.2004.2.245 - 04.05.2020) (Version: v.19.2004.2.245 - 04.05.2020 - Libbi)

Packages:
=========
Canon Office Printer Utility -> C:\Program Files\WindowsApps\34791E63.CanonOfficePrinterUtility_12.7.0.0_x64__6e5tt8cgb93ep [2021-11-08] (Canon Inc.)
Dell Command | Update -> C:\Program Files\WindowsApps\DellInc.DellCommandUpdate_4.4.18.0_x86__htrsf667h5kn2 [2021-11-04] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.92.0_x64__htrsf667h5kn2 [2022-03-17] (Dell Inc)
Dell Document Hub -> C:\Program Files\WindowsApps\DellPrinter.DellDocumentHub_1.7.0.6_x64__nmdn7k89bxsn6 [2021-09-29] (DELL GLOBAL B.V. (SINGAPORE BRANCH))
Dell Free Fall Data Protection -> C:\Program Files\WindowsApps\STMicroelectronicsMEMS.DellFreeFallDataProtection_1.0.27.0_x64__rp6h1c31mfy1y [2021-12-29] (STMICROELECTRONICS S.R.L.)
Dell PointStick -> C:\Program Files\WindowsApps\cirquecorporation.dellpointstick_10.3.1.0_x64__kjn5yvbh8sxt4 [2021-08-15] (Cirque Corporation)
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.10.10.0_x64__htrsf667h5kn2 [2021-11-09] (Dell Inc)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.10.7.0_x64__htrsf667h5kn2 [2022-01-31] (Dell Inc)
Intel(R) Management and Security Status -> C:\Program Files\WindowsApps\AppUp.IntelManagementandSecurityStatus_2116.0.159.0_x64__8j3eq9eme6ctt [2022-03-17] (INTEL CORP) [Startup Task]
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt [2022-03-16] (INTEL CORP) [Startup Task]
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1024.0_x64__8j3eq9eme6ctt [2022-02-10] (INTEL CORP)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1420.6.106.0_x64__8xx8rvfyw5nnt [2022-03-02] (Facebook Inc) [Startup Task]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.1817.0_x64__8wekyb3d8bbwe [2021-12-16] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.2180.0_x64__8wekyb3d8bbwe [2022-02-28] (Microsoft Studios) [MS Ad]
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-11-04] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-02-14] (NVIDIA Corp.)
Power Automate -> C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_10.0.3129.0_x64__8wekyb3d8bbwe [2022-02-22] (Microsoft Corporation) [Startup Task]
RICOH Driver Utility -> C:\Program Files\WindowsApps\3EA2211E.RICOHDriverUtility_4.7.0.0_x86__fxme7667cy4q4 [2022-01-28] (Ricoh Company, Ltd.)
Thunderbolt™ Control Center -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.34.0_x64__8j3eq9eme6ctt [2021-11-04] (INTEL CORP)
Waves MaxxAudio Pro for Dell 2019 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell2019_2.0.54.0_x64__fh4rh281wavaa [2021-08-15] (Waves Audio)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2206.9.0_x64__cv1g1gvanyjgm [2022-03-07] (WhatsApp Inc.)
Windows Package Manager Source (winget) -> C:\Program Files\WindowsApps\Microsoft.Winget.Source_2021.1011.703.66_neutral__8wekyb3d8bbwe [2021-10-11] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2022-03-17] (0)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1664701216-379068115-2624813269-1001_Classes\CLSID\{04271989-C4D2-07B5-E5A9-CCE76A6F03B0} -> [OneDrive - CZECH HOME CAPITAL Services, s.r.o] => C:\Users\jirik\OneDrive - CZECH HOME CAPITAL Services, s.r.o [2021-08-21 11:27]
CustomCLSID: HKU\S-1-5-21-1664701216-379068115-2624813269-1001_Classes\CLSID\{04271989-C4D2-52C0-35FB-9D3B27E996B2} -> [CZECH HOME CAPITAL Services, s.r.o] => C:\Users\jirik\CZECH HOME CAPITAL Services, s.r.o [2021-08-21 11:01]
CustomCLSID: HKU\S-1-5-21-1664701216-379068115-2624813269-1001_Classes\CLSID\{07665729-6243-4746-95b7-79579308d1b2}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.PdfPreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1664701216-379068115-2624813269-1001_Classes\CLSID\{0BAD39CB-DD3E-4F21-9156-649B0156C28E}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_b4d0b189ff2aba03\WavesSvc64.exe (Waves Inc -> Waves Audio Ltd.)
CustomCLSID: HKU\S-1-5-21-1664701216-379068115-2624813269-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\jirik\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22026.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1664701216-379068115-2624813269-1001_Classes\CLSID\{36B27788-A8BB-4698-A756-DF9F11F64F84}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.SvgThumbnailProvider.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1664701216-379068115-2624813269-1001_Classes\CLSID\{45769bcc-e8fd-42d0-947e-02beef77a1f5}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.MarkdownPreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1664701216-379068115-2624813269-1001_Classes\CLSID\{8BC8AFC2-4E7C-4695-818E-8C1FFDCEA2AF}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.StlThumbnailProvider.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1664701216-379068115-2624813269-1001_Classes\CLSID\{afbd5a44-2520-4ae0-9224-6cfce8fe4400}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.MonacoPreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1664701216-379068115-2624813269-1001_Classes\CLSID\{BCC13D15-9720-4CC4-8371-EA74A274741E}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.PdfThumbnailProvider.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1664701216-379068115-2624813269-1001_Classes\CLSID\{BFEE99B4-B74D-4348-BCA5-E757029647FF}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.GcodeThumbnailProvider.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1664701216-379068115-2624813269-1001_Classes\CLSID\{dd5cacda-7c2e-4997-a62a-04a597b58f76}\localserver32 -> "C:\Program Files\PowerToys\modules\launcher\PowerLauncher.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-1664701216-379068115-2624813269-1001_Classes\CLSID\{ddee2b8a-6807-48a6-bb20-2338174ff779}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.SvgPreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1664701216-379068115-2624813269-1001_Classes\CLSID\{ec52dea8-7c9f-4130-a77b-1737d0418507}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.GcodePreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_b31ddd6f2a24807e\OptaneShellExt.dll [2021-02-09] (Intel(R) Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-03-17] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-03-17] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-03-17] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => -> No File
ContextMenuHandlers1: [Long-Term Docs Signer] -> {8B7B7594-9951-4D5A-BBCC-EB9AEE81CB12} => -> No File
ContextMenuHandlers1: [PDFsamEnhanced7_ManagerExt] -> {91D6DCFE-A19D-41CC-8940-46C21D26CF83} => C:\Program Files\PDFsam Enhanced 7\context-menu.dll [2021-11-03] (Sober Lemur S.a.s. di Vacondio Andrea -> Andrea Vacondio)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-03-17] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_b31ddd6f2a24807e\OptaneShellExt.dll [2021-02-09] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers3: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Program Files\PowerToys\modules\PowerRename\PowerToys.PowerRenameExt.dll [2022-01-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_07d057a43ab2de16\nvshext.dll [2022-02-10] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-03-17] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => -> No File

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-04-22 07:31 - 2021-04-22 07:31 - 005745664 _____ () [File not signed] C:\Program Files (x86)\Intel\Driver and Support Assistant\irmfuu_module.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 013525504 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avcodec-58.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 002586112 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avformat-58.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000658944 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avutil-56.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000135680 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\brotlicommon.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000041984 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\brotlidec.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000056320 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\bz2.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 001130496 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\cairo.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000222208 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\fontconfig.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000117248 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libexpat.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000009728 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libcharset.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000918016 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libiconv.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000164864 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libpng16.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000152576 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\swresample-3.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000611328 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\swscale-5.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000074752 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\zlib1.dll
2022-03-11 08:36 - 2022-03-11 08:36 - 000093696 _____ (Dell Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\PlatinumCaller\92a6808bcc5ce2e30156034c43f54608\PlatinumCaller.ni.dll
2020-07-09 06:49 - 2010-06-29 14:22 - 000373760 _____ (Hewlett-Packard) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1006S.DLL
2021-12-06 08:04 - 2021-12-06 08:04 - 042859520 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt\IGCC.dll
2022-03-11 08:36 - 2022-03-11 08:36 - 004205568 _____ (Marko Lahma) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Quartz\ca55b9ebefcd92086c96e55441e14302\Quartz.ni.dll
2022-02-24 07:54 - 2022-02-24 07:54 - 003864576 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\1cf4295c15101db684576474e0b8a99d\Newtonsoft.Json.ni.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000055808 _____ (Open Source Software community LGPL) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\pthreadVC2.dll
2020-12-01 00:14 - 2020-12-01 00:14 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll
2021-05-21 07:12 - 2021-05-21 07:12 - 000130048 _____ (Sam Grogan) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Driver and Support Assistant\NotifyIconWin32.dll
2021-12-03 13:17 - 2021-12-03 13:17 - 004578816 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\NativeSamsungDexFramework.dll
2021-12-03 13:16 - 2021-12-03 13:16 - 002832384 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\SCommon.dll
2021-12-03 13:14 - 2021-12-03 13:14 - 006556672 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\SLocales.dll
2022-02-24 07:54 - 2022-02-24 07:54 - 000591872 _____ (Serilog Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Serilog\c5f5b1ce40f1785c7ad7a84a7ff7e70f\Serilog.ni.dll
2022-02-18 07:59 - 2022-02-18 07:59 - 000104448 _____ (Serilog Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Serilog.Sinks.File\1aba4bb2e66d08a62a8dbeaeffcff650\Serilog.Sinks.File.ni.dll
2022-02-18 07:59 - 2022-02-18 07:59 - 000782336 _____ (Serilog Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Serilog\f4e7647fa7b084281b743da93735b0f1\Serilog.ni.dll
2021-07-23 10:36 - 2021-07-23 10:36 - 002122240 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2020-06-30 14:37 - 2020-06-30 14:37 - 000460288 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files\PDFsam Enhanced 7\libcurl.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000539136 _____ (The FreeType Project) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\freetype.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000110207 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\BASS.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000019008 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\BASSCD.dll
2021-10-25 11:31 - 2021-10-25 11:31 - 000017472 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\BASSWMA.dll
2020-05-12 10:52 - 2018-09-27 13:20 - 000090112 _____ (Xerox Corporation) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\x5print.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1664701216-379068115-2624813269-1001\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-1664701216-379068115-2624813269-1001\Software\Classes\.cmd: => <==== ATTENTION

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1664701216-379068115-2624813269-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-1664701216-379068115-2624813269-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-1664701216-379068115-2624813269-1001 -> DefaultScope {16CE290B-F459-401D-B46F-B8E98FCE9D58} URL =
SearchScopes: HKU\S-1-5-21-1664701216-379068115-2624813269-1001 -> {16CE290B-F459-401D-B46F-B8E98FCE9D58} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-14] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\mojebanka.cz -> hxxps://etrading.mojebanka.cz
IE trusted site: HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\mojeplatba.cz -> hxxps://www.mojeplatba.cz
IE trusted site: HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\sharepoint.com -> hxxps://czhomecapital-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2020-05-25 08:45 - 000000859 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 account.zoner.com

2020-05-11 19:49 - 2020-10-18 13:27 - 000000509 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1664701216-379068115-2624813269-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jirik\Pictures\PlWDsd.jpg
HKU\S-1-5-21-1664701216-379068115-2624813269-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Dell\Win LTBLUE 1920x1200.jpg
DNS Servers: 172.16.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "AVG Secure VPN.lnk"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "CNAP3 Launcher"
HKLM\...\StartupApproved\Run: => "TuneupUI.exe"
HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\StartupApproved\Run: => "GoogleDriveFS"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{67980830-AA5A-4ECB-8532-E56BC0476F91}C:\users\jirik\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jirik\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{D503EAEE-F962-4DA3-9487-9B10004B6209}C:\users\jirik\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jirik\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{72F795B0-D6B6-4DE0-89E0-D2438AD825E6}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{1689BB4D-6CB4-4468-A4E6-59A5CDEDDFD7}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{5750731D-D068-43EC-85E8-08D094417EBF}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{36EB50B5-747D-4645-9120-B5EA641B0A1A}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{C068F240-EE20-4261-A0DE-DE4B73D0FADD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7CEE3769-1E66-43DA-9877-BF8DADA81F16}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B66A3B1C-8C48-4629-9F26-813DAC9C97AB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B18D7152-4CC5-475A-B805-38E0A937312D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{918DD0C7-E638-4202-A0A5-A74B782CA410}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE (Software 2000 Limited) [File not signed]
FirewallRules: [{CC1B9AEE-D46D-4556-8E6A-7275473F9D85}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE (Software 2000 Limited) [File not signed]
FirewallRules: [{332839C6-6673-4894-993E-4BE7CA2F67D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{0760B7A5-498C-49F7-896C-35D25BBBC8E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{789006B1-1283-4748-9798-26130C859BE0}C:\program files (x86)\remarkable\remarkable.exe] => (Allow) C:\program files (x86)\remarkable\remarkable.exe (reMarkable) [File not signed]
FirewallRules: [UDP Query User{2E4D4556-928A-4693-990E-4B92235ECD71}C:\program files (x86)\remarkable\remarkable.exe] => (Allow) C:\program files (x86)\remarkable\remarkable.exe (reMarkable) [File not signed]
FirewallRules: [TCP Query User{3C1B8618-6D69-4623-AE90-F636320B33AA}C:\program files (x86)\remarkable\remarkable.exe] => (Allow) C:\program files (x86)\remarkable\remarkable.exe (reMarkable) [File not signed]
FirewallRules: [UDP Query User{847F5FEB-938E-43A8-8E73-6B2F24E8DB4A}C:\program files (x86)\remarkable\remarkable.exe] => (Allow) C:\program files (x86)\remarkable\remarkable.exe (reMarkable) [File not signed]
FirewallRules: [{61D57555-5D9F-4EEE-B1AF-EC34CF46466A}] => (Allow) C:\Users\jirik\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{2CF7C2F1-76C3-4661-A657-C2E82B09DF05}] => (Allow) C:\Users\jirik\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{70A9A759-1A2C-46FF-AECE-4970D01F796C}] => (Allow) C:\Users\jirik\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{B9A14284-E0DC-4754-B0D2-456AFB2DEB8E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{929BD1FD-B140-4A2A-B5FF-C7644E0CD0B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{026CEB0A-E5C6-47C8-A216-52A652322674}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AB862ABD-C445-418D-B27C-661E804F7A4F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7F3AF721-16A7-40AF-8D8E-8D1EDF8383F2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A57C9D83-E6C8-4A08-8767-284DF79AD0DC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{56B3F8E5-A1E1-47AC-8EF5-6ACE5ED748DE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FF978E91-15ED-4FA7-927E-24B7B340B847}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0047F015-DEF8-4BF1-B026-C3841CB072DE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0E4DD107-D54D-43F2-8316-634151FAC938}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2CC4F186-2E16-432C-AAFC-FF140602E5C7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{83B13197-DFE9-461D-AC13-F619FA23C703}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5F9CCEF7-38E8-4E88-9B84-39B68F9401CC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{E7EB86C9-8F3A-4FB3-819F-ABC9224DBA56}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{2224B638-BC96-4EBD-B8B7-8623FD1B4094}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{414859D6-D7FB-4011-8950-1AB121F02006}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{E070CCFB-C935-4660-BE98-075FDE68A953}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{281D0455-CAE5-439D-A2D4-01ABF17FAB52}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{F70F1B93-C72B-419E-8719-18F0648FB69A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{C77EDD6A-340A-4A6C-AF37-B1D40BFA69AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{5BD23CA1-D848-4E4A-B16F-A8CA4EF04B50}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{403CEBAB-E478-45F7-92C4-B3729928F991}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{EA3F5536-56D4-4964-8EBD-2D33B59E3512}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DF1C8595-99D9-4F97-B149-40C05C29B5F5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{38B26707-09FD-4558-A385-ADBCA088EECA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3580BFEA-9D23-455A-8617-8772C8E32B45}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{99F64852-C2E3-408B-8F2E-EE9EB8D7CF84}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\99.0.1150.39\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CF94EC02-849C-4F0D-BB5E-FBCC66AAA321}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9E2C0215-3FA2-42D3-89F0-B29C9684DD74}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0745D3C8-1B5B-442C-9116-F6A5E83AED17}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{886FE31B-DAAD-43C1-A0D9-9234BA420839}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2A4C97EF-7C8A-4152-B67D-9AFF55DEC666}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8040C09A-A76D-4518-B6D2-E1F0359EBDC3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1F4EC86F-0AB5-435D-BB47-9F8E57FF52BF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{26254886-72F1-4F95-B762-7FD36A9B49AB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{66F3ECC7-F280-42CE-9F71-AC9FD491B01E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B5416879-956A-4B98-91B5-3DC4F00FDA84}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{83C03660-27AA-428E-B3A3-12BC70A88578}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4D7D79C1-7A88-4537-B176-FA9C92426EFC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6679A920-E2A3-43D8-9328-9D8A7E2CB4F9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6DB0CA9F-500E-4708-895E-7CF07FE80F67}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{85A36E87-E785-41B4-ABE0-2345CBF4E825}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{51524265-A6AD-471F-A7E9-029167090825}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A2C263F3-F49A-42C3-AA35-5EAB8167EDE8}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22055.502.1226.2344_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7442CC5B-B144-49F3-8A93-74868B411DDF}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22055.502.1226.2344_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

17-03-2022 14:16:31 Removed STORMWARE POHODA Klient CZ Komplet.
17-03-2022 14:17:39 Removed STORMWARE POHODA Klient CZ Komplet.

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/17/2022 02:18:51 PM) (Source: MsiInstaller) (EventID: 11606) (User: KLICKADELL)
Description: Produkt: STORMWARE POHODA Klient CZ - Chyba 1606. Nelze získat přístup k umístění v síti \\192.168.33.3\POHODA.

Error: (03/17/2022 02:18:50 PM) (Source: MsiInstaller) (EventID: 11606) (User: KLICKADELL)
Description: Produkt: STORMWARE POHODA Klient CZ - Chyba 1606. Nelze získat přístup k umístění v síti \\192.168.33.3\POHODA.

Error: (03/17/2022 02:17:32 PM) (Source: MsiInstaller) (EventID: 11606) (User: KLICKADELL)
Description: Produkt: STORMWARE POHODA Klient CZ - Chyba 1606. Nelze získat přístup k umístění v síti \\192.168.33.3\POHODA.

Error: (03/17/2022 02:17:32 PM) (Source: MsiInstaller) (EventID: 11606) (User: KLICKADELL)
Description: Produkt: STORMWARE POHODA Klient CZ - Chyba 1606. Nelze získat přístup k umístění v síti \\192.168.33.3\POHODA.

Error: (03/17/2022 02:03:28 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: User hive is loaded by another process (Registry Lock) Process name: C:\Program Files\AVG\Antivirus\avgToolsSvc.exe, PID: 5592, ProfSvc PID: 1840.

Error: (03/17/2022 02:03:28 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: User hive is loaded by another process (Registry Lock) Process name: C:\Program Files\AVG\TuneUp\TuneupSvc.exe, PID: 7252, ProfSvc PID: 1840.

Error: (03/17/2022 01:28:26 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {dc587621-e985-47e4-b83c-2f1a81877bc5}

Error: (03/17/2022 01:26:05 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {dc587621-e985-47e4-b83c-2f1a81877bc5}


System errors:
=============
Error: (03/17/2022 02:37:13 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{E7CA5F04-A2AC-4010-AB60-1506A47D728F} because another computer on the network has the same name. The server could not start.

Error: (03/17/2022 02:36:16 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (03/17/2022 02:36:10 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (03/17/2022 02:36:09 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (03/17/2022 02:35:58 PM) (Source: DCOM) (EventID: 10010) (User: KLICKADELL)
Description: The server {69B7FE84-6361-4423-B948-1D64820B1E96} did not register with DCOM within the required timeout.

Error: (03/17/2022 02:35:58 PM) (Source: DCOM) (EventID: 10010) (User: KLICKADELL)
Description: The server {69B7FE84-6361-4423-B948-1D64820B1E96} did not register with DCOM within the required timeout.

Error: (03/17/2022 02:32:53 PM) (Source: DCOM) (EventID: 10005) (User: KLICKADELL)
Description: DCOM got error "1084" attempting to start the service TokenBroker with arguments "Unavailable" in order to run the server:
Windows.Internal.Security.Authentication.Web.WamProviderRegistration

Error: (03/17/2022 02:32:53 PM) (Source: DCOM) (EventID: 10005) (User: KLICKADELL)
Description: DCOM got error "1084" attempting to start the service UdkUserSvc_5dab8 with arguments "Unavailable" in order to run the server:
WindowsUdk.UI.Shell.ViewCoordinator


Windows Defender:
================Event[0]

Date: 2022-03-17 14:32:22
Description:
Funkce Ochrana v reálném čase u prohledávání Microsoft Defender Antivirus zjistila chybu a došlo k jejímu selhání.
Funkce: On Access
Kód chyby: 0x8007043c
Popis chyby: This service cannot be started in Safe Mode
Důvod: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2022-03-17 14:31:34
Description:
Microsoft Defender Antivirus narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.616.0
Zdroj aktualizace: Microsoft Update Server
Typ bezpečnostních informací: AntiVirus
Typ aktualizace: Full
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x80240022
Popis chyby: The program can't check for definition updates.

Date: 2022-03-17 14:31:34
Description:
Microsoft Defender Antivirus narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.616.0
Zdroj aktualizace: Microsoft Update Server
Typ bezpečnostních informací: AntiVirus
Typ aktualizace: Full
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x80240022
Popis chyby: The program can't check for definition updates.

Date: 2021-11-07 12:19:13
Description:
Microsoft Defender Antivirus narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.576.0
Zdroj aktualizace: Microsoft Update Server
Typ bezpečnostních informací: AntiVirus
Typ aktualizace: Full
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x80240022
Popis chyby: The program can't check for definition updates.

CodeIntegrity:
===============
Date: 2022-03-17 14:37:53
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\EdgeWebView\Application\99.0.1150.39\msedgewebview2.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Microsoft signing level requirements.

Date: 2022-03-17 14:21:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2022-03-17 14:05:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume3\Program Files\Google\Drive File Stream\55.0.3.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

Date: 2022-03-17 14:04:30
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. 1.17.0 12/08/2021
Motherboard: Dell Inc. 0Y8H01
Processor: Intel(R) Core(TM) i5-9400H CPU @ 2.50GHz
Percentage of memory in use: 34%
Total physical RAM: 32550.16 MB
Available physical RAM: 21308.9 MB
Total Virtual: 37414.16 MB
Available Virtual: 24853.39 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:236.7 GB) (Free:36.38 GB) NTFS
Drive d: (data) (Fixed) (Total:715.41 GB) (Free:714.39 GB) NTFS

\\?\Volume{da98eb80-8faf-4fca-a912-433578d20155}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.25 GB) NTFS
\\?\Volume{089256a1-b47e-4c20-b26e-d0fe6349a5ee}\ (ESP) (Fixed) (Total:0.66 GB) (Free:0.6 GB) FAT32

==================== MBR & Partition Table ====================

==================== End of Addition.txt =======================

Re: prosba preventivní kontrola

Napsal: 19 bře 2022 18:02
od Rudy
Zdravím!
Spustte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: prosba preventivní kontrola

Napsal: 19 bře 2022 19:06
od Dzura
děkuij.
Níže zasílám log scanu a opravy

# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2022-03-15.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-19-2022
# Duration: 00:00:04
# OS: Windows 10 Pro
# Scanned: 32040
# Detected: 18


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.BrowseFox C:\Program Files (x86)\WEB CONNECTION

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.DellCommand|PowerManager Folder C:\Program Files\DELL\COMMANDPOWERMANAGER
Preinstalled.DellCommand|PowerManager Folder C:\ProgramData\DELL\COMMANDPOWERMANAGER
Preinstalled.DellCommand|PowerManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}
Preinstalled.DellCommand|Update Folder C:\Program Files\DELL\COMMANDUPDATE
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AGENT
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AUDIT
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\PLUGIN
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSISTAGENT
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SAREMEDIATION\PLUGIN
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\SUPPORTASSIST\CLIENT\TECHNICIANTOOLKIT
Preinstalled.DellSupportAssistAgent Folder C:\Users\jirik\Documents\DELL\SUPPORTASSIST
Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1DFB14A4-D5FD-49C6-819E-BEB4D2D5A5AB}
Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DFB14A4-D5FD-49C6-819E-BEB4D2D5A5AB}
Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dell SupportAssistAgent AutoUpdate
Preinstalled.DellSupportAssistAgent Task C:\Windows\System32\Tasks\DELL SUPPORTASSISTAGENT AUTOUPDATE
Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATESERVICE
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATESERVICE



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########


# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2022-03-15.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-19-2022
# Duration: 00:00:04
# OS: Windows 10 Pro
# Cleaned: 18
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\WEB CONNECTION

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.DellCommand|PowerManager Folder C:\Program Files\DELL\COMMANDPOWERMANAGER
Deleted Preinstalled.DellCommand|PowerManager Folder C:\ProgramData\DELL\COMMANDPOWERMANAGER
Deleted Preinstalled.DellCommand|PowerManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}
Deleted Preinstalled.DellCommand|Update Folder C:\Program Files\DELL\COMMANDUPDATE
Deleted Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AGENT
Deleted Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AUDIT
Deleted Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\PLUGIN
Deleted Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSISTAGENT
Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SAREMEDIATION\PLUGIN
Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\SUPPORTASSIST\CLIENT\TECHNICIANTOOLKIT
Deleted Preinstalled.DellSupportAssistAgent Folder C:\Users\jirik\Documents\DELL\SUPPORTASSIST
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1DFB14A4-D5FD-49C6-819E-BEB4D2D5A5AB}
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DFB14A4-D5FD-49C6-819E-BEB4D2D5A5AB}
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dell SupportAssistAgent AutoUpdate
Deleted Preinstalled.DellSupportAssistAgent Task C:\Windows\System32\Tasks\DELL SUPPORTASSISTAGENT AUTOUPDATE
Deleted Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATESERVICE
Deleted Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATESERVICE


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3253 octets] - [19/03/2022 19:02:41]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: prosba preventivní kontrola

Napsal: 19 bře 2022 20:02
od Rudy
OK. Dejte nové logy FRST+Addition.

Re: prosba preventivní kontrola

Napsal: 22 bře 2022 11:56
od Dzura
zasílám níže nové logy. Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-03-2022
Ran by jirik (administrator) on KLICKADELL (Dell Inc. Latitude 5501) (22-03-2022 11:53:20)
Running from C:\Users\jirik\Desktop
Loaded Profiles: jirik & Administrator
Platform: Microsoft Windows 11 Pro Version 21H2 22000.556 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Windows\System32\DellTPad\ApntEx.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe <6>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
(C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\jirik\AppData\Local\Microsoft\Teams\current\Teams.exe <9>
(C:\Program Files\WindowsApps\MicrosoftTeams_22055.502.1226.2344_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\99.0.1150.46\msedgewebview2.exe <13>
(cmd.exe ->) (Microsoft Corporation -> Microsoft) C:\Users\jirik\AppData\Local\Packages\Microsoft.PowerAutomateDesktop_8wekyb3d8bbwe\TempState\webextensions\PAD.BrowserNativeMessageHost.exe
(DellTPad\Apoint.exe ->) (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Windows\System32\DellTPad\ApMsgFwd.exe
(DellTPad\Apoint.exe ->) (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Windows\System32\DellTPad\ApRemote.exe
(DellTPad\Apoint.exe ->) (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Windows\System32\DellTPad\hidfind.exe
(DellTPad\HidMonitorSvc.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Alps Electric Co., Ltd.) C:\Windows\System32\DellTPad\Apoint.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxEM.exe
(explorer.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe <3>
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\55.0.3.0\crashpad_handler.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <37>
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_b4d0b189ff2aba03\WavesSvc64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\msoasb.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) ("STMicroelectronics Srl" -> ) C:\Windows\System32\drivers\DellFFDPWmiService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (Broadcom Inc -> ) C:\Windows\System32\bcmUshUpgradeService.exe
(services.exe ->) (Broadcom Inc -> Broadcom Corporation) C:\Windows\System32\bcmHostControlService.exe
(services.exe ->) (Broadcom Inc -> Broadcom Corporation) C:\Windows\System32\bcmHostStorageService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_003a6d3c4c50c291\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_f629911085770af0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\TbtP2pShortcutService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\ThunderboltService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_9c788f1d162b1224\RstMwService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Alps Electric Co., Ltd.) C:\Windows\System32\DellTPad\HidMonitorSvc.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_07d057a43ab2de16\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a1020546271138b9\RtkAudUService64.exe <3>
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(services.exe ->) (Sober Lemur S.a.s. di Vacondio Andrea -> Andrea Vacondio) C:\Program Files\PDFsam Enhanced 7\activation-service.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_b4d0b189ff2aba03\WavesSysSvc64.exe
(sihost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\jirik\AppData\Local\Microsoft\OneDrive\22.050.0306.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <6>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\jirik\AppData\Local\WhatsApp\app-2.2208.14\WhatsApp.exe <6>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a1020546271138b9\RtkAudUService64.exe [1343072 2021-08-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_b4d0b189ff2aba03\WavesSvc64.exe [1774584 2021-02-19] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [CNAP3 Launcher] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNAP3LAK.EXE [228520 2012-06-13] (CANON INC. -> CANON INC.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3951232 2020-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [157464 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [3804440 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288184 2022-02-22] (Intel Corporation -> Intel)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\jirik\AppData\Local\Microsoft\Teams\Update.exe [2492176 2022-03-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\ZPS 19 CZ\Program32\ZPSTRAY.EXE [790512 2020-05-04] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\Run: [Samsung DeX] => C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe [10929320 2021-12-03] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1664701216-379068115-2624813269-500\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Administrator\AppData\Local\Microsoft\Teams\Update.exe [2455256 2021-11-04] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1664701216-379068115-2624813269-500\...\Run: [MicrosoftEdgeAutoLaunch_98769996E24836F99EC8617644423B4C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-1664701216-379068115-2624813269-500\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-1664701216-379068115-2624813269-500\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-1664701216-379068115-2624813269-500\...\RunOnce: [Uninstall 21.050.0310.0001\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\21.050.0310.0001\amd64"
HKU\S-1-5-21-1664701216-379068115-2624813269-500\...\RunOnce: [Uninstall 21.050.0310.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\21.050.0310.0001"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\HP1006S: C:\Windows\System32\spool\prtprocs\x64\HP1006S.DLL [373760 2010-06-29] (Hewlett-Packard) [File not signed]
HKLM\...\Windows x64\Print Processors\OKX055PP: C:\Windows\System32\spool\prtprocs\x64\OKX055PP.DLL [52224 2017-05-08] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
HKLM\...\Windows x64\Print Processors\XeroxV5Print: C:\Windows\System32\spool\prtprocs\x64\x5print.dll [90112 2018-09-27] (Xerox Corporation) [File not signed]
HKLM\...\Print\Monitors\Oki Language Monitor v2 x64: C:\Windows\system32\OPPFLM64.DLL [24064 2011-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
HKLM\...\Print\Monitors\PDFsam Enhanced 7 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\brand_solution_name_pdfpmon_v.6.11.0.7.dll [960120 2021-11-23] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\...\Print\Monitors\Software602 XPS port monitor: C:\Windows\system32\602localmon.dll [43584 2021-04-21] (Software602 a.s. -> Windows (R) Win 7 DDK provider)
HKLM\...\Print\Monitors\Status Monitor Language Monitor for Dell 2155cn Color MFP PCL6: C:\Windows\system32\DLXGIZIL.DLL [185344 2012-08-06] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\99.0.4844.82\Installer\chrmstp.exe [2022-03-22] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2022-03-17]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
Startup: C:\Users\jirik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2021-09-21]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02A5D236-9513-4989-8C02-1ABC1051190C} - System32\Tasks\Andrea Vacondio\PDFsam Enhanced 7\App Notification Logon => C:\Program Files\PDFsam Enhanced 7\sam-launcher.exe [1868696 2021-11-03] (Sober Lemur S.a.s. di Vacondio Andrea -> Andrea Vacondio)
Task: {03DF2AB2-048D-4649-B345-8E5AC722D822} - System32\Tasks\S-1-12-1-3063163100-1313087218-1108411322-350980306\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (No File)
Task: {06C76325-0E4D-4D6F-997E-D01315A70C6F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {0C6FC58D-61E8-42F0-95D5-856ACA70039A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1009872 2021-11-02] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {0F9C3379-9329-49AC-9B62-08AAAA2D24BA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {11789747-9262-434F-8EA9-9ED9BF398345} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2296088 2022-03-17] (Avast Software s.r.o. -> Avast Software)
Task: {157A4F78-2B7D-41C9-A118-3D8EFEFFD0E4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {198103C4-3E81-43FA-BD88-40A491DEB567} - System32\Tasks\Andrea Vacondio\PDFsam Enhanced 7\App Notification => C:\Program Files\PDFsam Enhanced 7\sam-launcher.exe [1868696 2021-11-03] (Sober Lemur S.a.s. di Vacondio Andrea -> Andrea Vacondio)
Task: {2372FA22-7C35-459E-AA50-3DF758A7A768} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2332984 2022-03-17] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {361E445A-19B7-466C-9227-8ECD391FD61E} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [6592792 2022-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {3876480C-0653-4052-A62D-654DE6ABF894} - System32\Tasks\PowerToys\Autorun for jirik => C:\Program Files\PowerToys\PowerToys.exe [1028488 2022-01-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {3B0DFDD1-0286-4D69-8E7B-BDF415BFC4E2} - System32\Tasks\Andrea Vacondio\PDFsam Enhanced 7\Update => C:\Program Files\PDFsam Enhanced 7\sam.exe [3418520 2021-11-03] (Sober Lemur S.a.s. di Vacondio Andrea -> Andrea Vacondio)
Task: {457B6D49-948E-41C5-B603-E19884E5448B} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [59232 2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {50F4D05F-A755-4C8E-8E4F-728215E18966} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {592186CA-B55C-47A4-B050-725974938F68} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {5AAC3F45-8D9D-4745-B2B3-9FC5F1DB601A} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1227032 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
Task: {63AABD32-AED0-4FD3-8DF4-5F96284C934C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {647397D4-AA31-4373-B1C1-97864FCD9E56} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [6475544 2022-03-15] (Avast Software s.r.o. -> Avast Software)
Task: {6D781464-7C25-474F-A7B6-E6B6B11C1153} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647376 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {71439018-F12C-42DC-B0CF-ABB9CE4C8083} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4688664 2022-03-17] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\SecureLine VPN\log" --guid 1ac64a72-8e7c-404b-a428-163b7739372e
Task: {7576D4BD-18CB-4002-B2BB-E5CD0E59DC73} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [137072 2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {75D62E8F-0B42-41FB-A186-65AE866700B6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8307120 2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {7D695D0D-7798-4A4D-A109-5F4676DED0AA} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {7E12010E-CFC6-404B-AC3D-A8D5B0CBF403} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4791064 2022-03-17] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 1f961344-a86e-45d1-81cb-2722699fee93
Task: {8145331A-C6B8-4DE5-89EC-85790D76C890} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {8BEF427B-8263-49BB-B3A5-5ADA19051374} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe (No File)
Task: {9653903F-7F36-4592-86A4-CDB77AF0EC76} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-11] (Google LLC -> Google LLC)
Task: {9DF2EB2A-4D17-4330-9461-5D8C793C9D5B} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\Windows\system32\gpupdate.exe [53248 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {A0CD714F-F37C-4D18-AE78-8FE626BF57AD} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4992280 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
Task: {A4A59830-F4D3-470F-A8F9-D769207846C0} - System32\Tasks\S-1-5-21-315978714-1530173223-4211313467-1723\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (No File)
Task: {A50EA7C3-0DCF-49E7-A2D4-3A150B0C4EF9} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1596312 2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A67DE7FE-597C-4C26-933A-C12A2FCB2988} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {AEC18D0C-BF4C-4968-A48A-DFFEA99D3C9C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-11] (Google LLC -> Google LLC)
Task: {BA5D0DF0-76C5-422E-958D-42D9295EAC70} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {BE823640-6AAD-4ED2-96D0-CAC1743110C7} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {CBE4F2F1-18C7-4014-AB35-E499C632AE7A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8307120 2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Antivirus Emergency Update" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CreateExplorerShellUnelevatedTask" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\Dell SupportAssistAgent AutoUpdate" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore1d7ba36d77c6604" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(20): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(21): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(22): schtasks.exe -> /Change /TN "\OneDrive Reporting Task-S-1-5-21-1664701216-379068115-2624813269-1001" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(23): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-12-1-3063163100-1313087218-1108411322-350980306" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(24): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-1664701216-379068115-2624813269-1001" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(25): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-315978714-1530173223-4211313467-1723" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(26): schtasks.exe -> /Change /TN "\USER_ESRV_SVC_QUEENCREEK" /ENABLE
Task: {CC07AD5F-1918-44A3-9728-AD298FB1AD76} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(27): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {D33C55C1-8581-4987-A22C-4D895D3755AB} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4103816 2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {D80D1755-9351-4A8F-A710-6DA326683455} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [137072 2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {D8E42D54-9A12-4297-BE9D-9C1F89F69A64} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation)
Task: {E4F908C6-AF91-45D5-A64F-628C50B9F75E} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation)
Task: {F59760A0-6004-43FD-A1BB-2B125C319D12} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {FBFBC443-BF92-4E2A-8DBB-936B722BF7AB} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\Windows\system32\gpupdate.exe [53248 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
Task: {FC5082FB-5D42-415B-98EC-B85F62285365} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339472 2022-02-03] (Nvidia Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.0 account.zoner.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{3b8ddc94-c4f5-424a-8372-5cf90ed6e3f8}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4b130dab-321a-4041-b525-8add95e0427b}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d45d8283-cba9-48e4-9593-148fb376ca32}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{e1735eeb-c22d-48f4-a9b6-d3386b227d21}: [DhcpNameServer] 192.168.77.162
Tcpip\..\Interfaces\{e7ca5f04-a2ac-4010-ab60-1506a47d728f}: [DhcpNameServer] 192.168.1.254

Edge:
=======
Edge Profile: C:\Users\jirik\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-17]
Edge Extension: (Microsoft Power Automate) - C:\Users\jirik\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\njjljiblognghfjfpcdpdbpbfcmhgafg [2022-02-15]
Edge HKU\S-1-5-21-1664701216-379068115-2624813269-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [njjljiblognghfjfpcdpdbpbfcmhgafg]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1664701216-379068115-2624813269-1001: @kb-ext.cz/PKIComponent -> C:\Users\jirik\AppData\Roaming\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll [2020-12-03] (KOMERCNI BANKA A.S. -> Komerční banka, a.s.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default [2022-03-22]
CHR Notifications: Default -> hxxps://app.freelo.cz; hxxps://app.gotowebinar.com; hxxps://calendar.google.com; hxxps://meet.google.com; hxxps://messages.google.com; hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://10.1.10.90/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/","hxxp://www.google.com/"
CHR Extension: (Prezentace) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-08-21]
CHR Extension: (Dokumenty) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-08-21]
CHR Extension: (Disk Google) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-08-21]
CHR Extension: (Read on reMarkable) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfhkfdnddlhfippjbflipboognpdpoeh [2021-10-27]
CHR Extension: (YouTube) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-08-21]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-01-12]
CHR Extension: (Video Downloader for Vimeo) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgmcdpfpkoildicgacgldinemhgmcbgp [2022-02-08]
CHR Extension: (Komponenta pro aplikaci BUSINESS 24) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmnbkaminnbffdjkdlahealilagcdfdi [2021-10-04]
CHR Extension: (Blue-White) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpdppflofbnccceeefenhhokdcaipacc [2021-08-21]
CHR Extension: (Tabulky) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-08-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-17]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-03-08]
CHR Extension: (Microsoft Power Automate) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjgfobnenmnljakmhboildkafdkicala [2022-03-07]
CHR Extension: (Microsoft Editor: kontrola pravopisu a gramatiky) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpaiobkfhnonedkhhfjpmhdalgeoebfa [2022-03-16]
CHR Extension: (Cisco Webex Extension) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2022-02-24]
CHR Extension: (Grammarly for Chrome) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-03-07]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-02-14]
CHR Extension: (AVG Online Security) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbmoafcmbajniiapeidgficgifbfmjfo [2021-11-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-21]
CHR Extension: (Gmail) - C:\Users\jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-08-21]
CHR HKU\S-1-5-21-1664701216-379068115-2624813269-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gjgfobnenmnljakmhboildkafdkicala]
CHR HKU\S-1-5-21-1664701216-379068115-2624813269-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 ApHidMonitorService; C:\WINDOWS\system32\DellTPad\HidMonitorSvc.exe [863632 2019-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Alps Electric Co., Ltd.)
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8483920 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [564504 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1957144 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [563992 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [15443224 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11649952 2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
S4 dcevt64; C:\Program Files\Dell\Command Monitor\dataeng\bin\dsm_sa_eventmgr64.exe [631856 2021-09-07] (Dell Inc -> Dell Inc.)
S4 dcstor64; C:\Program Files\Dell\Command Monitor\dataeng\bin\dsm_sa_datamgr64.exe [878128 2021-09-07] (Dell Inc -> Dell Inc.)
S4 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [436256 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)
S4 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3847712 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)
S4 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [462880 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.)
S4 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [50888 2021-06-24] (Dell Inc -> )
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{2546AB0A-C1FA-45BD-8036-834025BEA937} [45368 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
R2 DellFFDPWmiService; C:\WINDOWS\System32\drivers\DellFFDPWmiService.exe [32528 2020-02-17] ("STMicroelectronics Srl" -> )
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [39352 2022-02-22] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [181176 2022-02-22] (Intel Corporation -> Intel)
R2 hostcontrolsvc; C:\WINDOWS\System32\bcmHostControlService.exe [832848 2021-12-01] (Broadcom Inc -> Broadcom Corporation)
R2 hoststoragesvc; C:\WINDOWS\System32\bcmHostStorageService.exe [169296 2021-12-01] (Broadcom Inc -> Broadcom Corporation)
S4 MicrosoftSearchInBing; C:\Program Files (x86)\Microsoft\Microsoft Search in Bing\MicrosoftSearchInBing.exe [21376 2020-04-20] (Microsoft Corporation -> )
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [45368 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 PDFsam Enhanced 7; C:\Program Files\PDFsam Enhanced 7\activation-service.exe [3210648 2021-11-03] (Sober Lemur S.a.s. di Vacondio Andrea -> Andrea Vacondio)
S3 PDFsam Enhanced 7 Creator; C:\Program Files\PDFsam Enhanced 7\creator-ws.exe [514456 2021-11-03] (Sober Lemur S.a.s. di Vacondio Andrea -> Andrea Vacondio)
S3 PDFsam Enhanced 7 Update Service; C:\Program Files\PDFsam Enhanced 7\update-service.exe [267672 2021-11-03] (Sober Lemur S.a.s. di Vacondio Andrea -> Andrea Vacondio)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [9608984 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6187016 2022-03-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182296 2021-06-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2021-06-23] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2021-06-23] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 TbtP2pShortcutService; C:\WINDOWS\TbtP2pShortcutService.exe [254112 2021-07-14] (Intel Corporation -> Intel Corporation)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12912936 2021-11-16] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 ushupgradesvc; C:\WINDOWS\System32\bcmUshUpgradeService.exe [314192 2021-12-01] (Broadcom Inc -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WMIRegistrationService; C:\WINDOWS\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe [538736 2021-10-05] (Intel Corporation -> Intel Corporation)
S4 dcpm-notify; "C:\Program Files\Dell\CommandPowerManager\NotifyService.exe" [X]
S4 Dell Hardware Support; "C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe" [X]
S4 Dell SupportAssist Remediation; "C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe" [X]
S4 DellClientManagementService; "C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe" [X]
S3 era-updater; "C:\ProgramData\ESET\RemoteAdministrator\Agent\EraAgentApplicationData\Data\UpdaterService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_07d057a43ab2de16\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_07d057a43ab2de16\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S4 SupportAssistAgent; "C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ApHidfiltrService; C:\WINDOWS\System32\drivers\ApHidfiltrSW.sys [360848 2019-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Alps Electric Co., Ltd.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [228928 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [370752 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2022-03-17] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [269440 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [546320 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [855336 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [551920 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215920 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2022-03-17] (Avast Software s.r.o. -> AVAST Software)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [59008 2022-03-17] (Avast Software s.r.o. -> Avast Software)
S3 avgTap; C:\WINDOWS\System32\drivers\avgTap.sys [54888 2021-12-24] (AVG Technologies CZ, s.r.o. -> The OpenVPN Project)
S3 DBUtilDrv2; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys [24968 2022-01-31] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dlcdcncm; C:\WINDOWS\System32\drivers\dlcdcncm62_x64.sys [90344 2020-04-28] (DISPLAYLINK (UK) LIMITED -> DisplayLink Corp.)
S3 dlusbaudio; C:\WINDOWS\System32\drivers\dlusbaudio_x64.sys [238320 2017-05-29] (DISPLAYLINK -> DisplayLink Corp.)
R1 googledrivefs3688; C:\WINDOWS\System32\DRIVERS\googledrivefs3688.sys [381456 2022-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
S3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [110904 2022-01-28] (Microsoft Windows -> Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R3 rtump64x64; C:\WINDOWS\System32\drivers\rtump64x64.sys [962600 2021-09-22] (Realtek Semiconductor Corp. -> Realtek Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167432 2021-06-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43536 2021-06-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48520 2021-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435424 2021-11-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-07] (Microsoft Windows -> Microsoft Corporation)
R3 WiMan; C:\WINDOWS\System32\DriverStore\FileRepository\wiman.inf_amd64_f54d0a27ac206b8c\WiMan\WiMan.sys [167992 2021-10-05] (Intel Corporation -> Intel Corporation)
U1 aswbdisk; no ImagePath
S1 netfilter2; system32\drivers\netfilter2.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-22 11:52 - 2022-03-22 11:52 - 002364928 _____ (Farbar) C:\Users\jirik\Desktop\FRST64.exe
2022-03-22 11:51 - 2022-03-22 11:51 - 000000000 ___HD C:\$AV_ASW
2022-03-22 11:51 - 2022-03-22 11:51 - 000000000 ____D C:\Users\jirik\Desktop\FRST-OlderVersion
2022-03-22 10:56 - 2022-03-22 10:56 - 000059057 _____ C:\Users\jirik\Downloads\Ihre_Unterlagen_vom_11_03_2022_13_45.PDF
2022-03-19 19:02 - 2022-03-19 19:03 - 000000000 ____D C:\AdwCleaner
2022-03-19 19:01 - 2022-03-19 19:01 - 008540344 _____ (Malwarebytes) C:\Users\jirik\Desktop\AdwCleaner.exe
2022-03-19 19:01 - 2022-03-19 19:01 - 002443448 _____ (Malwarebytes) C:\Users\jirik\Downloads\MBSetup.exe
2022-03-18 11:43 - 2022-03-18 11:43 - 000426836 _____ C:\Users\jirik\Downloads\20220315135838800.pdf
2022-03-18 11:25 - 2022-03-18 11:25 - 000018122 _____ C:\Users\jirik\Downloads\Souhrnny_prehled_penezenek.xlsx
2022-03-18 10:32 - 2022-03-18 10:32 - 007414611 _____ C:\Users\jirik\Downloads\Smlouva o koupi nemovité věci_Takaner_BYTY portfolio BETA.pdf
2022-03-17 14:59 - 2022-03-19 19:07 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2022-03-17 14:59 - 2022-03-17 14:59 - 000059008 _____ (Avast Software) C:\WINDOWS\system32\Drivers\aswVpnRdr.sys
2022-03-17 14:59 - 2022-03-17 14:59 - 000036120 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2022-03-17 14:59 - 2022-03-17 14:59 - 000002115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SecureLine VPN.lnk
2022-03-17 14:59 - 2022-03-17 14:59 - 000002091 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Cleanup Premium.lnk
2022-03-17 14:42 - 2022-03-17 14:44 - 000062964 _____ C:\Users\jirik\Desktop\Addition.txt
2022-03-17 14:41 - 2022-03-22 11:53 - 000051804 _____ C:\Users\jirik\Desktop\FRST.txt
2022-03-17 14:40 - 2022-03-22 11:53 - 000000000 ____D C:\FRST
2022-03-17 14:33 - 2022-03-17 14:35 - 000000000 ____D C:\ProgramData\AVG
2022-03-17 14:32 - 2022-03-17 14:32 - 004146112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgremoverx.exe
2022-03-17 14:27 - 2022-03-17 14:32 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-03-17 14:25 - 2022-03-17 14:25 - 014519408 _____ (AVG Technologies CZ, s.r.o.) C:\Users\jirik\Downloads\avgclear.exe
2022-03-17 14:08 - 2022-03-17 14:59 - 000000000 ____D C:\Users\jirik\AppData\Roaming\Avast Software
2022-03-17 14:08 - 2022-03-17 14:08 - 000002166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2022-03-17 14:08 - 2022-03-17 14:08 - 000000000 ____D C:\Users\jirik\AppData\Local\Avast Software
2022-03-17 14:07 - 2022-03-22 08:58 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-03-17 14:07 - 2022-03-17 14:59 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2022-03-17 14:07 - 2022-03-17 14:59 - 000000000 ____D C:\Program Files\Avast Software
2022-03-17 14:07 - 2022-03-17 14:07 - 000855336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-03-17 14:07 - 2022-03-17 14:07 - 000551920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-03-17 14:07 - 2022-03-17 14:07 - 000546320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-03-17 14:07 - 2022-03-17 14:07 - 000370752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-03-17 14:07 - 2022-03-17 14:07 - 000340760 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-03-17 14:07 - 2022-03-17 14:07 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-03-17 14:07 - 2022-03-17 14:07 - 000269440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-03-17 14:07 - 2022-03-17 14:07 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-03-17 14:07 - 2022-03-17 14:07 - 000228928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-03-17 14:07 - 2022-03-17 14:07 - 000215920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-03-17 14:07 - 2022-03-17 14:07 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-03-17 14:07 - 2022-03-17 14:07 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-03-17 14:07 - 2022-03-17 14:07 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-03-17 14:07 - 2022-03-17 14:07 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-03-17 14:07 - 2022-03-17 14:07 - 000021936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2022-03-17 14:06 - 2022-03-19 19:07 - 000000000 ____D C:\ProgramData\Avast Software
2022-03-17 14:06 - 2022-03-17 14:06 - 000259872 _____ (AVAST Software) C:\Users\jirik\Downloads\avast_premium_security_setup_online (1).exe
2022-03-17 14:05 - 2022-03-17 14:05 - 000259872 _____ (AVAST Software) C:\Users\jirik\Downloads\avast_premium_security_setup_online.exe
2022-03-17 14:03 - 2022-03-17 14:03 - 000000000 ____D C:\WINDOWS\Panther
2022-03-17 14:02 - 2022-03-17 14:02 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000075-000000.txt
2022-03-17 13:50 - 2022-03-17 13:50 - 000087025 _____ C:\Users\jirik\Downloads\CHC_Účetní_deník_2021.xlsx
2022-03-17 10:21 - 2022-03-17 10:21 - 000031138 _____ C:\Users\jirik\Downloads\CHC_Obratová_předvaha_analyticky_2021.xlsx
2022-03-16 13:27 - 2022-03-16 13:27 - 000056096 _____ C:\Users\jirik\Downloads\zalohova_9220362.pdf
2022-03-16 11:12 - 2022-03-16 11:12 - 003764463 _____ C:\Users\jirik\Downloads\2022_B11_Letak_terminy.pdf
2022-03-11 07:22 - 2022-03-11 07:27 - 000011964 _____ C:\Users\jirik\Desktop\příkazy 11.03.2022.xlsx
2022-03-10 13:34 - 2022-03-10 13:34 - 000000000 ____D C:\Users\jirik\AppData\LocalLow\NVIDIA
2022-03-10 10:49 - 2022-03-10 10:49 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000074-000000.txt
2022-03-10 10:34 - 2022-03-10 10:34 - 000015016 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-03-10 10:32 - 2022-03-10 10:32 - 000000000 ___HD C:\$WinREAgent
2022-03-07 21:06 - 2022-03-07 21:18 - 000000000 ____D C:\Users\jirik\Desktop\TB 20220307
2022-03-03 08:33 - 2022-03-03 08:33 - 000000000 ____D C:\Users\jirik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\reMarkable
2022-03-03 08:32 - 2022-03-03 08:33 - 000000000 ____D C:\Program Files (x86)\reMarkable
2022-02-24 09:47 - 2022-02-24 11:00 - 000000000 __SHD C:\Users\jirik\Documents\cache
2022-02-24 09:46 - 2022-03-17 13:58 - 000000000 ____D C:\Users\jirik\AppData\Local\WebEx
2022-02-24 09:46 - 2022-02-24 09:46 - 000000000 ____D C:\Users\jirik\AppData\Roaming\Mozilla
2022-02-24 07:11 - 2022-02-24 07:11 - 000001516 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2022-02-22 07:13 - 2022-03-17 14:01 - 000000000 ____D C:\Users\jirik\Downloads\podpisové stránky PH

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-22 11:21 - 2021-08-15 09:13 - 000000000 ____D C:\Users\jirik\AppData\Local\Packages
2022-03-22 11:02 - 2020-05-11 18:10 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-22 10:54 - 2021-10-26 05:02 - 000000000 ____D C:\Users\jirik\AppData\Local\WhatsApp
2022-03-22 10:54 - 2021-08-21 10:26 - 000000000 ____D C:\Users\jirik\AppData\Roaming\WhatsApp
2022-03-22 10:12 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-22 10:05 - 2021-10-05 23:21 - 001715176 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-03-22 10:05 - 2021-10-05 22:29 - 000725838 _____ C:\WINDOWS\system32\perfh005.dat
2022-03-22 10:05 - 2021-10-05 22:29 - 000150784 _____ C:\WINDOWS\system32\perfc005.dat
2022-03-22 10:05 - 2021-06-05 13:09 - 000000000 ____D C:\WINDOWS\INF
2022-03-22 09:53 - 2021-08-21 11:01 - 000000000 ___RD C:\Users\jirik\CZECH HOME CAPITAL Services, s.r.o
2022-03-22 09:31 - 2021-08-21 11:27 - 000000000 ___RD C:\Users\jirik\OneDrive - CZECH HOME CAPITAL Services, s.r.o
2022-03-22 09:30 - 2021-08-15 09:16 - 000000000 ___RD C:\Users\jirik\OneDrive
2022-03-22 09:30 - 2021-06-05 13:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-22 09:14 - 2021-08-21 10:20 - 000000000 ____D C:\Users\jirik\AppData\Local\D3DSCache
2022-03-22 09:05 - 2021-06-05 13:10 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-22 08:58 - 2021-10-05 23:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-22 08:58 - 2019-10-22 23:36 - 000000000 ____D C:\ProgramData\NVIDIA
2022-03-22 08:53 - 2020-05-11 18:10 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-03-22 08:52 - 2021-08-23 07:34 - 000000000 __SHD C:\Users\jirik\IntelGraphicsProfiles
2022-03-19 19:07 - 2021-10-05 23:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-19 19:07 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\ServiceState
2022-03-19 19:07 - 2020-05-31 14:44 - 000012288 ___SH C:\DumpStack.log.tmp
2022-03-19 19:07 - 2020-04-29 22:37 - 000718843 _____ C:\WINDOWS\system32\CVFirmwareUpgradeLog.txt
2022-03-19 19:07 - 2020-04-29 22:37 - 000000000 ____D C:\Intel
2022-03-19 19:06 - 2021-06-05 13:01 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2022-03-19 19:03 - 2021-08-21 10:19 - 000000000 ____D C:\Users\jirik\Documents\Dell
2022-03-19 19:03 - 2019-10-22 23:35 - 000000000 ____D C:\ProgramData\Dell
2022-03-19 19:03 - 2019-10-22 23:33 - 000000000 ____D C:\Program Files\Dell
2022-03-19 19:03 - 2019-10-22 23:33 - 000000000 ____D C:\Program Files (x86)\Dell
2022-03-19 18:25 - 2020-09-10 15:39 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-18 16:44 - 2021-10-11 06:19 - 000000000 ____D C:\Users\jirik\AppData\Local\CrashDumps
2022-03-17 15:06 - 2020-05-12 09:52 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-03-17 15:05 - 2021-10-05 23:21 - 000003030 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2022-03-17 15:05 - 2021-10-05 23:21 - 000002664 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2022-03-17 15:04 - 2021-10-06 07:55 - 000003212 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-03-17 15:04 - 2021-10-06 07:54 - 000003044 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-03-17 15:04 - 2021-10-06 07:54 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-03-17 15:04 - 2021-10-06 07:54 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-03-17 15:04 - 2021-10-06 07:54 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-03-17 15:04 - 2021-10-06 07:54 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-03-17 15:04 - 2021-10-06 07:54 - 000002804 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-03-17 14:59 - 2021-11-08 16:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2022-03-17 14:59 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-03-17 14:54 - 2019-10-22 23:37 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2022-03-17 14:37 - 2022-02-01 07:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\PowerToys
2022-03-17 14:37 - 2022-01-04 10:08 - 000000000 ____D C:\Users\jirik\Documents\CHC
2022-03-17 14:36 - 2021-11-08 07:06 - 000000000 ____D C:\Program Files\Common Files\AVG
2022-03-17 14:35 - 2021-11-08 07:07 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2022-03-17 14:34 - 2021-12-24 11:36 - 000000000 ____D C:\Program Files (x86)\AVG
2022-03-17 14:08 - 2022-01-18 11:50 - 000000000 ____D C:\Users\jirik\AppData\Roaming\Kastner software
2022-03-17 14:08 - 2022-01-18 11:50 - 000000000 ____D C:\ProgramData\KASTNER software
2022-03-17 14:07 - 2021-06-05 13:10 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-03-17 14:03 - 2022-02-14 13:39 - 000002588 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2022-03-17 14:03 - 2021-10-11 05:39 - 000003214 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7ba36d77c6604
2022-03-17 14:03 - 2021-10-06 07:55 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-03-17 14:03 - 2021-10-06 07:54 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-03-17 14:03 - 2021-10-05 23:21 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-03-17 14:03 - 2021-10-05 23:21 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-17 14:03 - 2021-10-05 23:21 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-03-17 14:03 - 2021-10-05 23:21 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-03-17 14:03 - 2021-10-05 23:21 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-03-17 14:03 - 2021-10-05 23:21 - 000003042 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2022-03-17 14:03 - 2021-10-05 23:21 - 000002882 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-12-1-3063163100-1313087218-1108411322-350980306
2022-03-17 14:03 - 2021-10-05 23:21 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-315978714-1530173223-4211313467-1723
2022-03-17 14:03 - 2021-10-05 23:21 - 000002678 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2022-03-17 14:03 - 2020-05-11 19:23 - 000000000 ____D C:\Program Files\WinRAR
2022-03-17 13:59 - 2021-12-24 11:43 - 000000000 ____D C:\Users\jirik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-03-17 13:59 - 2021-11-08 07:07 - 000003992 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2022-03-17 13:59 - 2020-05-11 19:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-03-17 13:59 - 2019-10-22 23:49 - 000000000 ____D C:\ProgramData\Packages
2022-03-17 10:19 - 2021-12-13 06:21 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1664701216-379068115-2624813269-1001
2022-03-17 10:19 - 2021-10-26 09:54 - 000003368 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1664701216-379068115-2624813269-1001
2022-03-17 10:19 - 2021-10-26 09:54 - 000002385 _____ C:\Users\jirik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-03-16 13:01 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\Registration
2022-03-16 09:54 - 2019-10-22 23:38 - 000000000 ____D C:\Program Files\Microsoft Office
2022-03-11 09:38 - 2021-11-23 09:38 - 000000000 ____D C:\ProgramData\boost_interprocess
2022-03-11 09:38 - 2021-11-23 09:37 - 000000000 ____D C:\Users\jirik\AppData\Roaming\PDFsam Enhanced 7
2022-03-11 08:29 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-10 11:22 - 2021-12-01 16:59 - 000002404 _____ C:\Users\jirik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams (work or school).lnk
2022-03-10 10:49 - 2021-06-05 15:30 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-03-10 10:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-10 10:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-10 10:49 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-10 10:38 - 2021-02-20 15:27 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-03-10 10:38 - 2020-05-11 18:16 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-10 10:35 - 2020-05-11 18:16 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-03-10 10:34 - 2021-10-05 23:18 - 003102208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-03-10 10:32 - 2021-10-11 08:13 - 000000000 ____D C:\Program Files\dotnet
2022-03-10 10:32 - 2019-10-22 23:34 - 000000000 ____D C:\ProgramData\Package Cache
2022-03-10 09:01 - 2021-11-08 08:17 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-03-09 17:15 - 2021-08-21 10:19 - 000000000 ____D C:\Users\jirik\Documents\SB RED files
2022-03-09 17:09 - 2021-08-21 10:19 - 000000000 ____D C:\Users\jirik\Documents\Shikun
2022-03-09 15:44 - 2022-01-20 17:13 - 004194305 _____ C:\WINDOWS\SysWOW64\lil.log.old
2022-03-01 00:36 - 2021-06-21 16:55 - 000504136 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2022-03-01 00:36 - 2021-06-21 16:55 - 000491848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-02-24 07:11 - 2019-10-22 23:35 - 000000000 ____D C:\Program Files (x86)\Intel

==================== Files in the root of some directories ========

2021-10-06 08:00 - 2021-10-06 08:00 - 000007601 _____ () C:\Users\jirik\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2022-03-14 11:09
==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-03-2022
Ran by jirik (22-03-2022 11:54:05)
Running from C:\Users\jirik\Desktop
Microsoft Windows 11 Pro Version 21H2 22000.556 (X64) (2021-10-05 22:22:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1664701216-379068115-2624813269-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1664701216-379068115-2624813269-503 - Limited - Disabled)
Guest (S-1-5-21-1664701216-379068115-2624813269-501 - Limited - Disabled)
jirik (S-1-5-21-1664701216-379068115-2624813269-1001 - Administrator - Enabled) => C:\Users\jirik
WDAGUtilityAccount (S-1-5-21-1664701216-379068115-2624813269-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
FW: Avast Antivirus (Disabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.001.20085 - Adobe)
Aplikácie Microsoft 365 pre veľké organizácie - sk-sk (HKLM\...\O365ProPlusRetail - sk-sk) (Version: 16.0.14931.20132 - Microsoft Corporation)
Aplikacje Microsoft 365 dla przedsiębiorstw - pl-pl (HKLM\...\O365ProPlusRetail - pl-pl) (Version: 16.0.14931.20132 - Microsoft Corporation)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.61.1 - Asmedia Technology)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 22.1.11664.6516 - Avast Software)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 22.2.6003 - Avast Software)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.16.5987.3798 - Avast Software)
AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1188.1 - AVG Technologies) Hidden
DefaultPackMSI (HKLM-x32\...\{D066B018-448B-40C5-9034-259BBCC49351}) (Version: 4.6.2.0 - Microsoft) Hidden
Dell 2155 Color MFP Scanner Driver (HKLM-x32\...\{40989F6C-18D8-4EE1-9B79-3D6FD2893EE9}) (Version: 1.0.2.2 - Dell Inc.)
Dell Command | Monitor (HKLM\...\{91E79414-DB41-4030-9A13-E133EE30F1D5}) (Version: 10.6.0.150 - Dell Inc.)
Dell Command | Update for Windows Universal (HKLM\...\{4CCADC13-F3AE-454F-B724-33F6D4E52022}) (Version: 4.4.0 - Dell Inc.)
Dell ControlVault Host Components Installer 64 bit (HKLM\...\{3C37C528-723A-4CA5-A867-AADF00DC0C06}) (Version: 5.8.30.51 - Broadcom Limited)
Dell Digital Delivery Services (HKLM-x32\...\{560DFD4A-23E2-45DD-A223-A4B3FA356913}) (Version: 4.0.92.0 - Dell Inc.)
Dell PointStick Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.3201.101.307 - ALPS ELECTRIC CO., LTD.)
Dell Printer Software (HKLM-x32\...\{105F3CE5-FE55-408E-BF30-E78F85BA0B12}) (Version: 1.00.000 - Dell Inc.)
Dell SupportAssist (HKLM\...\{E0659C89-D276-4B77-A5EC-A8F2F042E78F}) (Version: 3.10.4.18 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{08E7C8D5-F2B5-4F09-B0EA-F28913BEFDB0}) (Version: 5.5.1.16143 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{2a8bafd6-22ae-4d0e-87a4-686b2a4a2ab0}) (Version: 5.5.1.16143 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{E9E87628-7D88-4557-9A80-49B2B4A81460}) (Version: 5.4.1.14954 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{ef6a1215-d616-4e4f-9453-525ed9903031}) (Version: 5.4.1.14954 - Dell Inc.)
dch_setup (HKLM-x32\...\{0A5C4FC7-C229-464C-A042-1DB2352152B6}) (Version: 1.47.0.0 - elrazdah) Hidden
Documentation Manager (HKLM\...\{885E5716-698F-47E6-9ABD-87260B6C80F7}) (Version: 21.80.2.1 - Intel Corporation) Hidden
Documentation Manager (HKLM\...\{E6D708BA-9130-4926-AA3E-AEBB5DE1E60B}) (Version: 22.110.1.1 - Intel Corporation) Hidden
Dynamic Application Loader Host Interface Service (HKLM\...\{0AFA46DB-6E86-479E-BF66-B25C29324A5F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
eObčanka (HKLM\...\{45F6BE7F-4C79-4E99-A6C8-63919DFF6F87}) (Version: 3.1.1.19123 - MONET+, a.s. pro Ministerstvo vnitra České republiky)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 55.0.3.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 99.0.4844.82 - Google LLC)
Intel Driver && Support Assistant (HKLM-x32\...\{24ED9BA6-04C1-4F09-AB37-A7DC5ECDE6ED}) (Version: 22.1.8.8 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{88B98508-2D8F-46F1-90AD-557BE40C7067}) (Version: 2.4.07642 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.5.10103.7263 - Intel Corporation)
Intel(R) Graphics Driver Software (HKLM-x32\...\{124d91b2-2d97-4cc4-9ee7-2d2182a0884a}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{18b616d9-4adb-4666-82ce-a8a4337bd269}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{2028abfa-7954-482c-a38b-3d1f1dbbdfcf}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{2e312ef6-e0d3-4dc4-bce3-1fc8264ddb12}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{34989299-2d34-4a1b-baa2-4de4fafbb4d0}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{3772486f-d832-4cf7-b6f6-ba5d4d746da6}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{48d1bf71-f60f-4827-b977-16efdbae0c7a}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{899f8bb6-99cd-4f33-a004-c70d9ec22260}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{8a13c1a0-15ca-4939-92ea-9a745169ba28}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{9454a0e6-0762-48ec-b153-2a75b252d1fb}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{a3052cfa-e19e-4092-a8e5-264f6d84442c}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{b0307f85-280a-491f-8f69-4678e4100558}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{bd73e01d-c055-4533-8bc3-1f9489e66168}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{c49f9463-8ca3-4422-82b0-c06c7a9640ed}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{ee09a6a7-c9c8-43cf-a6c0-ec07b3567e5b}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{fb198756-7be7-4730-8f2e-282d5e71e412}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{37942a92-9e3f-4d70-9b5c-5955cbc54505}) (Version: 10.1.18121.8164 - Intel(R) Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2141.15.0.2511 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2020.7 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00002110-0220-1029-84C8-B8D95FA3C8C3}) (Version: 22.110.2.1 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{5604a897-b259-42f9-80fa-d71081fad4a6}) (Version: 22.1.8.8 - Intel)
Intel® Software Installer (HKLM-x32\...\{094650cc-6461-47bb-96c0-4ec910a08b94}) (Version: 22.110.1.1 - Intel Corporation) Hidden
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.14931.20132 - Microsoft Corporation)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.14931.20132 - Microsoft Corporation)
Microsoft 365 - hu-hu (HKLM\...\O365HomePremRetail - hu-hu) (Version: 16.0.14931.20132 - Microsoft Corporation)
Microsoft 365 - pl-pl (HKLM\...\O365HomePremRetail - pl-pl) (Version: 16.0.14931.20132 - Microsoft Corporation)
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.14931.20132 - Microsoft Corporation)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.14931.20132 - Microsoft Corporation)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.14931.20132 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 99.0.1150.46 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 99.0.1150.46 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\OneDriveSetup.exe) (Version: 22.050.0306.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1664701216-379068115-2624813269-500\...\OneDriveSetup.exe) (Version: 21.205.1003.0005 - Microsoft Corporation)
Microsoft Search in Bing (HKLM-x32\...\{C17F6DEF-D34C-4B75-97E1-D81062408B4A}) (Version: 2.0.2 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\Teams) (Version: 1.5.00.5967 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1664701216-379068115-2624813269-500\...\Teams) (Version: 1.4.00.26376 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{4812E2CC-BAA9-49AE-B310-DA845882322B}) (Version: 4.66.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.23 (x64) (HKLM-x32\...\{d2f91fed-8a18-4071-b8d3-22606fa9a9f6}) (Version: 3.1.23.31022 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.15 (x64) (HKLM-x32\...\{1e198010-5aa4-4fa4-b886-a31eb45f4661}) (Version: 5.0.15.31016 - Microsoft Corporation)
Nagyvállalati Microsoft 365-alkalmazások - hu-hu (HKLM\...\O365ProPlusRetail - hu-hu) (Version: 16.0.14931.20132 - Microsoft Corporation)
NVIDIA FrameView SDK 1.2.7321.30900954 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7321.30900954 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.0.84 - NVIDIA Corporation)
NVIDIA Graphics Driver 511.79 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 511.79 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20094 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13801.20638 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13801.20638 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0415-1000-0000000FF1CE}) (Version: 16.0.14931.20072 - Microsoft Corporation) Hidden
OptaneDowngradeGuard (HKLM\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden
PDFsam Basic (HKLM\...\{7784962D-70CC-4C26-B020-FF05D4280846}) (Version: 4.2.2.0 - Sober Lemur S.a.s. di Vacondio Andrea)
PDFsam Enhanced 7 (HKLM-x32\...\PDFsam Enhanced 7) (Version: 7.0.49.2295 - Sober Lemur S.a.s. di Vacondio Andrea)
PDFsam Enhanced 7 Edit Module (HKLM\...\{63380AAA-0783-42BC-B807-471E0BC00907}) (Version: 7.0.70.15196 - Andrea Vacondio) Hidden
PDFsam Enhanced 7 OCR Module (HKLM\...\{5D758ECE-77BA-400F-8F4C-42C93BEA6C1D}) (Version: 7.0.70.15196 - Andrea Vacondio) Hidden
PDFsam Enhanced 7 View Module (HKLM\...\{A1DD96C4-2ADF-4A7E-AA8B-D9362106B553}) (Version: 7.0.70.15196 - Andrea Vacondio) Hidden
PowerToys (Preview) (HKLM\...\{76DF3D62-A29E-4060-87DC-EA8B4A78FA62}) (Version: 0.55.0 - Microsoft Corporation) Hidden
PowerToys (Preview) x64 (HKLM-x32\...\{ad2fbc9a-2620-48c9-a9a2-3f7da9490620}) (Version: 0.55.0 - Microsoft Corporation)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9228.1 - Realtek Semiconductor Corp.)
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.2299 - Realtek Semiconductor Corp.)
Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.48.914.2021 - Realtek)
reMarkable (HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\reMarkable) (Version: 2.12.1 - reMarkable)
rM2 Template Helper (HKLM-x32\...\{3D58910F-6BC2-4105-B6B4-DE4FEA1761BC}) (Version: 1.0.0 - freeremarkabletools.com) Hidden
rM2 Template Helper and Custom Screens (HKLM-x32\...\rM2 Template Helper 1.0.0) (Version: 1.0.0 - freeremarkabletools.com)
RstDowngradeGuard (HKLM\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Samsung DeX (HKLM-x32\...\{43409A91-7C1A-4D28-B628-AD78F09DA3F0}) (Version: 2.4.0.27 - Samsung Electronics Co., Ltd.) Hidden
Samsung DeX (HKLM-x32\...\{a306c372-6ec4-43f0-b372-b1de15b0e935}) (Version: 2.4.0.27 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.46.0 - Samsung Electronics Co., Ltd.)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0093 - ST Microelectronics)
ST Microelectronics 3 Axis Digital Accelerometer Solution version 4.10.0104 (HKLM\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}_is1) (Version: 4.10.0104 - ST Microelectronics)
STORMWARE POHODA Klient CZ Komplet (HKLM-x32\...\{5F510E0B-E5D1-4DA1-B61D-4BC90D23828C}) (Version: 12500.181 - STORMWARE)
STORMWARE POHODA Klient CZ Komplet (HKLM-x32\...\{E6E1B035-4E22-4B17-8D99-2EBDEEBFF7F8}) (Version: 12804.4 - STORMWARE)
TbtLegacyPlug (HKLM-x32\...\{488D2737-A8BE-4F2A-8A9B-AEFF2DB8833F}) (Version: 18.0.0.0 - elrazdah) Hidden
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.4461 - Microsoft Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.24.5 - TeamViewer)
Thunderbolt™ Software (HKLM-x32\...\{6653e751-8a5d-4ba0-b13d-c3a212e9cd67}) (Version: 1.47.0.0 - Intel(R) Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WhatsApp (HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\WhatsApp) (Version: 2.2208.14 - WhatsApp)
WiFi Password Revealer (HKLM-x32\...\WiFi Password Revealer_is1) (Version: 1.0.0.13 - Magical Jelly Bean)
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (dg_ssudbus) USB (12/02/2015 2.12.1.0) (HKLM\...\85A33267F12961AF9ED9AE799DEDA5E62BEA236F) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (ssudmdm) Modem (12/02/2015 2.12.1.0) (HKLM\...\88ED314360B98E6E82E7CC3201FAEB4A9FD291B4) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (WinUSB) AndroidUsbDeviceClass (12/02/2015 2.12.1.0) (HKLM\...\701281E8283E9E3681220099A9DA5013A5A437AF) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)
ZPS 19 CZ v.19.2004.2.245 - 04.05.2020 (HKLM-x32\...\ZPS 19 CZ v.19.2004.2.245 - 04.05.2020) (Version: v.19.2004.2.245 - 04.05.2020 - Libbi)

Packages:
=========
Canon Office Printer Utility -> C:\Program Files\WindowsApps\34791E63.CanonOfficePrinterUtility_12.7.0.0_x64__6e5tt8cgb93ep [2021-11-08] (Canon Inc.)
Dell Command | Update -> C:\Program Files\WindowsApps\DellInc.DellCommandUpdate_4.4.18.0_x86__htrsf667h5kn2 [2021-11-04] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.92.0_x64__htrsf667h5kn2 [2022-03-22] (Dell Inc)
Dell Document Hub -> C:\Program Files\WindowsApps\DellPrinter.DellDocumentHub_1.7.0.6_x64__nmdn7k89bxsn6 [2021-09-29] (DELL GLOBAL B.V. (SINGAPORE BRANCH))
Dell Free Fall Data Protection -> C:\Program Files\WindowsApps\STMicroelectronicsMEMS.DellFreeFallDataProtection_1.0.27.0_x64__rp6h1c31mfy1y [2021-12-29] (STMICROELECTRONICS S.R.L.)
Dell PointStick -> C:\Program Files\WindowsApps\cirquecorporation.dellpointstick_10.3.1.0_x64__kjn5yvbh8sxt4 [2021-08-15] (Cirque Corporation)
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.10.10.0_x64__htrsf667h5kn2 [2021-11-09] (Dell Inc)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.10.7.0_x64__htrsf667h5kn2 [2022-01-31] (Dell Inc)
Intel(R) Management and Security Status -> C:\Program Files\WindowsApps\AppUp.IntelManagementandSecurityStatus_2116.0.159.0_x64__8j3eq9eme6ctt [2022-03-22] (INTEL CORP) [Startup Task]
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt [2022-03-22] (INTEL CORP) [Startup Task]
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1024.0_x64__8j3eq9eme6ctt [2022-02-10] (INTEL CORP)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1420.6.106.0_x64__8xx8rvfyw5nnt [2022-03-02] (Facebook Inc) [Startup Task]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.1817.0_x64__8wekyb3d8bbwe [2021-12-16] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.2180.0_x64__8wekyb3d8bbwe [2022-02-28] (Microsoft Studios) [MS Ad]
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-11-04] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-02-14] (NVIDIA Corp.)
Power Automate -> C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_10.0.3129.0_x64__8wekyb3d8bbwe [2022-02-22] (Microsoft Corporation) [Startup Task]
RICOH Driver Utility -> C:\Program Files\WindowsApps\3EA2211E.RICOHDriverUtility_4.7.0.0_x86__fxme7667cy4q4 [2022-01-28] (Ricoh Company, Ltd.)
Thunderbolt™ Control Center -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.34.0_x64__8j3eq9eme6ctt [2021-11-04] (INTEL CORP)
Waves MaxxAudio Pro for Dell 2019 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell2019_2.0.54.0_x64__fh4rh281wavaa [2021-08-15] (Waves Audio)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2208.14.0_x64__cv1g1gvanyjgm [2022-03-22] (WhatsApp Inc.)
Windows Package Manager Source (winget) -> C:\Program Files\WindowsApps\Microsoft.Winget.Source_2021.1011.703.66_neutral__8wekyb3d8bbwe [2021-10-11] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2022-03-17] (0)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1664701216-379068115-2624813269-1001_Classes\CLSID\{04271989-C4D2-07B5-E5A9-CCE76A6F03B0} -> [OneDrive - CZECH HOME CAPITAL Services, s.r.o] => C:\Users\jirik\OneDrive - CZECH HOME CAPITAL Services, s.r.o [2021-08-21 11:27]
CustomCLSID: HKU\S-1-5-21-1664701216-379068115-2624813269-1001_Classes\CLSID\{04271989-C4D2-52C0-35FB-9D3B27E996B2} -> [CZECH HOME CAPITAL Services, s.r.o] => C:\Users\jirik\CZECH HOME CAPITAL Services, s.r.o [2021-08-21 11:01]
CustomCLSID: HKU\S-1-5-21-1664701216-379068115-2624813269-1001_Classes\CLSID\{07665729-6243-4746-95b7-79579308d1b2}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.PdfPreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1664701216-379068115-2624813269-1001_Classes\CLSID\{0BAD39CB-DD3E-4F21-9156-649B0156C28E}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_b4d0b189ff2aba03\WavesSvc64.exe (Waves Inc -> Waves Audio Ltd.)
CustomCLSID: HKU\S-1-5-21-1664701216-379068115-2624813269-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\jirik\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22026.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1664701216-379068115-2624813269-1001_Classes\CLSID\{36B27788-A8BB-4698-A756-DF9F11F64F84}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.SvgThumbnailProvider.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1664701216-379068115-2624813269-1001_Classes\CLSID\{45769bcc-e8fd-42d0-947e-02beef77a1f5}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.MarkdownPreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1664701216-379068115-2624813269-1001_Classes\CLSID\{8BC8AFC2-4E7C-4695-818E-8C1FFDCEA2AF}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.StlThumbnailProvider.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1664701216-379068115-2624813269-1001_Classes\CLSID\{afbd5a44-2520-4ae0-9224-6cfce8fe4400}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.MonacoPreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1664701216-379068115-2624813269-1001_Classes\CLSID\{BCC13D15-9720-4CC4-8371-EA74A274741E}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.PdfThumbnailProvider.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1664701216-379068115-2624813269-1001_Classes\CLSID\{BFEE99B4-B74D-4348-BCA5-E757029647FF}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.GcodeThumbnailProvider.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1664701216-379068115-2624813269-1001_Classes\CLSID\{dd5cacda-7c2e-4997-a62a-04a597b58f76}\localserver32 -> "C:\Program Files\PowerToys\modules\launcher\PowerLauncher.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-1664701216-379068115-2624813269-1001_Classes\CLSID\{ddee2b8a-6807-48a6-bb20-2338174ff779}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.SvgPreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1664701216-379068115-2624813269-1001_Classes\CLSID\{ec52dea8-7c9f-4130-a77b-1737d0418507}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.GcodePreviewHandler.comhost.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_b31ddd6f2a24807e\OptaneShellExt.dll [2021-02-09] (Intel(R) Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-03-17] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-03-17] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-03-17] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => -> No File
ContextMenuHandlers1: [Long-Term Docs Signer] -> {8B7B7594-9951-4D5A-BBCC-EB9AEE81CB12} => -> No File
ContextMenuHandlers1: [PDFsamEnhanced7_ManagerExt] -> {91D6DCFE-A19D-41CC-8940-46C21D26CF83} => C:\Program Files\PDFsam Enhanced 7\context-menu.dll [2021-11-03] (Sober Lemur S.a.s. di Vacondio Andrea -> Andrea Vacondio)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-03-17] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_b31ddd6f2a24807e\OptaneShellExt.dll [2021-02-09] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers3: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Program Files\PowerToys\modules\PowerRename\PowerToys.PowerRenameExt.dll [2022-01-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_07d057a43ab2de16\nvshext.dll [2022-02-10] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-03-17] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => -> No File

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-04-22 07:31 - 2021-04-22 07:31 - 005745664 _____ () [File not signed] C:\Program Files (x86)\Intel\Driver and Support Assistant\irmfuu_module.dll
2020-07-09 06:49 - 2010-06-29 14:22 - 000373760 _____ (Hewlett-Packard) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1006S.DLL
2021-12-06 08:04 - 2021-12-06 08:04 - 042859520 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3407.0_x64__8j3eq9eme6ctt\IGCC.dll
2019-10-22 23:38 - 2019-10-22 23:38 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems64.dll
2019-10-22 23:38 - 2019-10-22 23:38 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2019-10-22 23:38 - 2019-10-22 23:38 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2022-02-24 07:54 - 2022-02-24 07:54 - 003864576 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\1cf4295c15101db684576474e0b8a99d\Newtonsoft.Json.ni.dll
2021-05-21 07:12 - 2021-05-21 07:12 - 000130048 _____ (Sam Grogan) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Driver and Support Assistant\NotifyIconWin32.dll
2022-02-24 07:54 - 2022-02-24 07:54 - 000591872 _____ (Serilog Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Serilog\c5f5b1ce40f1785c7ad7a84a7ff7e70f\Serilog.ni.dll
2022-02-18 07:59 - 2022-02-18 07:59 - 000104448 _____ (Serilog Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Serilog.Sinks.File\1aba4bb2e66d08a62a8dbeaeffcff650\Serilog.Sinks.File.ni.dll
2022-02-18 07:59 - 2022-02-18 07:59 - 000782336 _____ (Serilog Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Serilog\f4e7647fa7b084281b743da93735b0f1\Serilog.ni.dll
2020-06-30 14:37 - 2020-06-30 14:37 - 000460288 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files\PDFsam Enhanced 7\libcurl.dll
2020-05-12 10:52 - 2018-09-27 13:20 - 000090112 _____ (Xerox Corporation) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\x5print.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1664701216-379068115-2624813269-1001\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-1664701216-379068115-2624813269-1001\Software\Classes\.cmd: => <==== ATTENTION

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1664701216-379068115-2624813269-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-1664701216-379068115-2624813269-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-1664701216-379068115-2624813269-1001 -> DefaultScope {16CE290B-F459-401D-B46F-B8E98FCE9D58} URL =
SearchScopes: HKU\S-1-5-21-1664701216-379068115-2624813269-1001 -> {16CE290B-F459-401D-B46F-B8E98FCE9D58} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-03-14] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\mojebanka.cz -> hxxps://etrading.mojebanka.cz
IE trusted site: HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\mojeplatba.cz -> hxxps://www.mojeplatba.cz
IE trusted site: HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\sharepoint.com -> hxxps://czhomecapital-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2020-05-25 08:45 - 000000859 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 account.zoner.com

2020-05-11 19:49 - 2020-10-18 13:27 - 000000509 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1664701216-379068115-2624813269-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jirik\Pictures\PlWDsd.jpg
HKU\S-1-5-21-1664701216-379068115-2624813269-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Dell\Win LTBLUE 1920x1200.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "AVG Secure VPN.lnk"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "CNAP3 Launcher"
HKLM\...\StartupApproved\Run: => "TuneupUI.exe"
HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\StartupApproved\Run: => "Samsung DeX"
HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-1664701216-379068115-2624813269-1001\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-1664701216-379068115-2624813269-500\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-1664701216-379068115-2624813269-500\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{67980830-AA5A-4ECB-8532-E56BC0476F91}C:\users\jirik\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jirik\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{D503EAEE-F962-4DA3-9487-9B10004B6209}C:\users\jirik\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jirik\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{72F795B0-D6B6-4DE0-89E0-D2438AD825E6}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{1689BB4D-6CB4-4468-A4E6-59A5CDEDDFD7}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{5750731D-D068-43EC-85E8-08D094417EBF}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{36EB50B5-747D-4645-9120-B5EA641B0A1A}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{C068F240-EE20-4261-A0DE-DE4B73D0FADD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7CEE3769-1E66-43DA-9877-BF8DADA81F16}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B66A3B1C-8C48-4629-9F26-813DAC9C97AB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B18D7152-4CC5-475A-B805-38E0A937312D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{918DD0C7-E638-4202-A0A5-A74B782CA410}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE (Software 2000 Limited) [File not signed]
FirewallRules: [{CC1B9AEE-D46D-4556-8E6A-7275473F9D85}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE (Software 2000 Limited) [File not signed]
FirewallRules: [{332839C6-6673-4894-993E-4BE7CA2F67D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{0760B7A5-498C-49F7-896C-35D25BBBC8E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{789006B1-1283-4748-9798-26130C859BE0}C:\program files (x86)\remarkable\remarkable.exe] => (Allow) C:\program files (x86)\remarkable\remarkable.exe (reMarkable) [File not signed]
FirewallRules: [UDP Query User{2E4D4556-928A-4693-990E-4B92235ECD71}C:\program files (x86)\remarkable\remarkable.exe] => (Allow) C:\program files (x86)\remarkable\remarkable.exe (reMarkable) [File not signed]
FirewallRules: [TCP Query User{3C1B8618-6D69-4623-AE90-F636320B33AA}C:\program files (x86)\remarkable\remarkable.exe] => (Allow) C:\program files (x86)\remarkable\remarkable.exe (reMarkable) [File not signed]
FirewallRules: [UDP Query User{847F5FEB-938E-43A8-8E73-6B2F24E8DB4A}C:\program files (x86)\remarkable\remarkable.exe] => (Allow) C:\program files (x86)\remarkable\remarkable.exe (reMarkable) [File not signed]
FirewallRules: [{61D57555-5D9F-4EEE-B1AF-EC34CF46466A}] => (Allow) C:\Users\jirik\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{2CF7C2F1-76C3-4661-A657-C2E82B09DF05}] => (Allow) C:\Users\jirik\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{70A9A759-1A2C-46FF-AECE-4970D01F796C}] => (Allow) C:\Users\jirik\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{B9A14284-E0DC-4754-B0D2-456AFB2DEB8E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{929BD1FD-B140-4A2A-B5FF-C7644E0CD0B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{026CEB0A-E5C6-47C8-A216-52A652322674}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AB862ABD-C445-418D-B27C-661E804F7A4F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7F3AF721-16A7-40AF-8D8E-8D1EDF8383F2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A57C9D83-E6C8-4A08-8767-284DF79AD0DC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{56B3F8E5-A1E1-47AC-8EF5-6ACE5ED748DE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FF978E91-15ED-4FA7-927E-24B7B340B847}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0047F015-DEF8-4BF1-B026-C3841CB072DE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0E4DD107-D54D-43F2-8316-634151FAC938}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2CC4F186-2E16-432C-AAFC-FF140602E5C7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{83B13197-DFE9-461D-AC13-F619FA23C703}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5F9CCEF7-38E8-4E88-9B84-39B68F9401CC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{E7EB86C9-8F3A-4FB3-819F-ABC9224DBA56}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{2224B638-BC96-4EBD-B8B7-8623FD1B4094}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{414859D6-D7FB-4011-8950-1AB121F02006}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{E070CCFB-C935-4660-BE98-075FDE68A953}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{281D0455-CAE5-439D-A2D4-01ABF17FAB52}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{F70F1B93-C72B-419E-8719-18F0648FB69A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{C77EDD6A-340A-4A6C-AF37-B1D40BFA69AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{5BD23CA1-D848-4E4A-B16F-A8CA4EF04B50}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{403CEBAB-E478-45F7-92C4-B3729928F991}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{CF94EC02-849C-4F0D-BB5E-FBCC66AAA321}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9E2C0215-3FA2-42D3-89F0-B29C9684DD74}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0745D3C8-1B5B-442C-9116-F6A5E83AED17}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{886FE31B-DAAD-43C1-A0D9-9234BA420839}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2A4C97EF-7C8A-4152-B67D-9AFF55DEC666}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6DB0CA9F-500E-4708-895E-7CF07FE80F67}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{85A36E87-E785-41B4-ABE0-2345CBF4E825}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A2C263F3-F49A-42C3-AA35-5EAB8167EDE8}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22055.502.1226.2344_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7442CC5B-B144-49F3-8A93-74868B411DDF}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22055.502.1226.2344_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5EEF0D0F-1D40-47C1-AC72-DB712EEFE85D}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C87A2016-AC54-40AB-B110-17BE64D75418}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{52B28FB4-1E3D-4349-9E2D-F88A1C9B896B}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F4718ECC-95F8-4FA3-B9C4-F917AB472BC8}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{463E310C-EC0E-49B7-9D99-31762614544A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\99.0.1150.46\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B94B209F-582A-4884-A600-CB730ED365D0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8D77C66E-9A84-4C5A-BC71-8F62B965D55D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{89096EF6-FEA6-4284-93F5-9C9ABB9A9A37}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{67BA7FE0-E5D9-42BE-8AEF-8A0E2AA1FFCA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4B085439-A32D-4992-BDFD-B748F508B071}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{39E55338-211D-4B0D-93C5-4BA61F531474}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ADEE13D2-3454-4193-B83D-29297146B9F8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5B6ACEBF-5A2F-4F82-B039-B975785AD734}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D8103AA6-8352-49C5-9FE3-AA40D0519A03}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AAA9CB5C-8E28-4040-8AC4-042C09C81509}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7F20B4F2-CE45-4705-9AC5-B3C430F05AA8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{18F30A3D-6097-4315-ADEF-592F03B6C172}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1B87A989-75F1-4DAF-AC79-A5EADF353A77}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

22-03-2022 10:00:24 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/18/2022 04:44:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DellCommandUpdate.exe, version: 4.4.0.18, time stamp: 0x61657fe9
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00007ff95a888129
Faulting process id: 0x146c
Faulting application start time: 0x01d83adf055b9b23
Faulting application path: C:\Program Files\WindowsApps\DellInc.DellCommandUpdate_4.4.18.0_x86__htrsf667h5kn2\DCU.Classic\DellCommandUpdate.exe
Faulting module path: unknown
Report Id: f18a0847-efec-462e-b4a0-6a78d517d68f
Faulting package full name: DellInc.DellCommandUpdate_4.4.18.0_x86__htrsf667h5kn2
Faulting package-relative application ID: xC127EC8377A94AB49B6B084C44082B2Fx

Error: (03/18/2022 04:44:15 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: DellCommandUpdate.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
at Dell.DCU.App..ctor()
at Dell.DCU.App.Main()

Error: (03/18/2022 11:18:32 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: User hive is loaded by another process (Registry Lock) Process name: C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe, PID: 6816, ProfSvc PID: 1988.

Error: (03/18/2022 11:18:32 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: User hive is loaded by another process (Registry Lock) Process name: C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe, PID: 6816, ProfSvc PID: 1988.

Error: (03/17/2022 02:18:51 PM) (Source: MsiInstaller) (EventID: 11606) (User: KLICKADELL)
Description: Produkt: STORMWARE POHODA Klient CZ - Chyba 1606. Nelze získat přístup k umístění v síti \\192.168.33.3\POHODA.

Error: (03/17/2022 02:18:50 PM) (Source: MsiInstaller) (EventID: 11606) (User: KLICKADELL)
Description: Produkt: STORMWARE POHODA Klient CZ - Chyba 1606. Nelze získat přístup k umístění v síti \\192.168.33.3\POHODA.

Error: (03/17/2022 02:17:32 PM) (Source: MsiInstaller) (EventID: 11606) (User: KLICKADELL)
Description: Produkt: STORMWARE POHODA Klient CZ - Chyba 1606. Nelze získat přístup k umístění v síti \\192.168.33.3\POHODA.

Error: (03/17/2022 02:17:32 PM) (Source: MsiInstaller) (EventID: 11606) (User: KLICKADELL)
Description: Produkt: STORMWARE POHODA Klient CZ - Chyba 1606. Nelze získat přístup k umístění v síti \\192.168.33.3\POHODA.


System errors:
=============
Error: (03/22/2022 08:52:32 AM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{E7CA5F04-A2AC-4010-AB60-1506A47D728F} because another computer on the network has the same name. The server could not start.

Error: (03/22/2022 08:52:22 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Miniport Microsoft Wi-Fi Direct Virtual Adapter #3, {737084e5-037e-4e66-8793-b0ab43310c31}, had event 74

Error: (03/20/2022 07:57:27 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{E7CA5F04-A2AC-4010-AB60-1506A47D728F} because another computer on the network has the same name. The server could not start.

Error: (03/20/2022 07:56:59 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Miniport USB3-0-to-Multi-Function-Adapter, {4b130dab-321a-4041-b525-8add95e0427b}, had event 73

Error: (03/20/2022 07:56:58 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Miniport Microsoft Wi-Fi Direct Virtual Adapter #3, {737084e5-037e-4e66-8793-b0ab43310c31}, had event 74

Error: (03/19/2022 07:21:36 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{4B130DAB-321A-4041-B525-8ADD95E0427B} because another computer on the network has the same name. The server could not start.

Error: (03/19/2022 07:21:17 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{E7CA5F04-A2AC-4010-AB60-1506A47D728F} because another computer on the network has the same name. The server could not start.

Error: (03/19/2022 07:07:42 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{4B130DAB-321A-4041-B525-8ADD95E0427B} because another computer on the network has the same name. The server could not start.


Windows Defender:
================Event[0]

Date: 2022-03-17 14:32:22
Description:
Funkce Ochrana v reálném čase u prohledávání Microsoft Defender Antivirus zjistila chybu a došlo k jejímu selhání.
Funkce: On Access
Kód chyby: 0x8007043c
Popis chyby: This service cannot be started in Safe Mode
Důvod: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2022-03-17 14:31:34
Description:
Microsoft Defender Antivirus narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.616.0
Zdroj aktualizace: Microsoft Update Server
Typ bezpečnostních informací: AntiVirus
Typ aktualizace: Full
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x80240022
Popis chyby: The program can't check for definition updates.

Date: 2022-03-17 14:31:34
Description:
Microsoft Defender Antivirus narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.616.0
Zdroj aktualizace: Microsoft Update Server
Typ bezpečnostních informací: AntiVirus
Typ aktualizace: Full
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x80240022
Popis chyby: The program can't check for definition updates.

Date: 2021-11-07 12:19:13
Description:
Microsoft Defender Antivirus narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.576.0
Zdroj aktualizace: Microsoft Update Server
Typ bezpečnostních informací: AntiVirus
Typ aktualizace: Full
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x80240022
Popis chyby: The program can't check for definition updates.

CodeIntegrity:
===============
Date: 2022-03-22 08:53:12
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\EdgeWebView\Application\99.0.1150.46\msedgewebview2.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Microsoft signing level requirements.

Date: 2022-03-20 19:57:38
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\EdgeWebView\Application\99.0.1150.39\msedgewebview2.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. 1.17.0 12/08/2021
Motherboard: Dell Inc. 0Y8H01
Processor: Intel(R) Core(TM) i5-9400H CPU @ 2.50GHz
Percentage of memory in use: 44%
Total physical RAM: 32550.16 MB
Available physical RAM: 18089.5 MB
Total Virtual: 37414.16 MB
Available Virtual: 22208.66 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:236.7 GB) (Free:39.41 GB) NTFS
Drive d: (data) (Fixed) (Total:715.41 GB) (Free:714.39 GB) NTFS

\\?\Volume{da98eb80-8faf-4fca-a912-433578d20155}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.25 GB) NTFS
\\?\Volume{089256a1-b47e-4c20-b26e-d0fe6349a5ee}\ (ESP) (Fixed) (Total:0.66 GB) (Free:0.6 GB) FAT32

==================== MBR & Partition Table ====================

==================== End of Addition.txt =======================

Re: prosba preventivní kontrola

Napsal: 22 bře 2022 13:13
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {9653903F-7F36-4592-86A4-CDB77AF0EC76} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-11] (Google LLC -> Google LLC)
Task: {AEC18D0C-BF4C-4968-A48A-DFFEA99D3C9C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-11] (Google LLC -> Google LLC)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {F59760A0-6004-43FD-A1BB-2B125C319D12} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
U1 aswbdisk; no ImagePath
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
CContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => -> No File
ContextMenuHandlers1: [Long-Term Docs Signer] -> {8B7B7594-9951-4D5A-BBCC-EB9AEE81CB12} => -> No File
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => -> No File
SearchScopes: HKU\S-1-5-21-1664701216-379068115-2624813269-1001 -> DefaultScope {16CE290B-F459-401D-B46F-B8E98FCE9D58} URL =
SearchScopes: HKU\S-1-5-21-1664701216-379068115-2624813269-1001 -> {16CE290B-F459-401D-B46F-B8E98FCE9D58} URL =
FirewallRules: [{5F9CCEF7-38E8-4E88-9B84-39B68F9401CC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{E7EB86C9-8F3A-4FB3-819F-ABC9224DBA56}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{2224B638-BC96-4EBD-B8B7-8623FD1B4094}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{414859D6-D7FB-4011-8950-1AB121F02006}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: prosba preventivní kontrola

Napsal: 23 bře 2022 08:16
od Dzura
akce provedena. Fixlog viz níže. Bylo tam vidět něco, čemu se v budoucnu vyhnout, aby se problém se zatíženým systémem neopakoval? Děkuji

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-03-2022
Ran by jirik (23-03-2022 08:00:06) Run:1
Running from C:\Users\jirik\Desktop
Loaded Profiles: jirik & Administrator
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {9653903F-7F36-4592-86A4-CDB77AF0EC76} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-11] (Google LLC -> Google LLC)
Task: {AEC18D0C-BF4C-4968-A48A-DFFEA99D3C9C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-11] (Google LLC -> Google LLC)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {F59760A0-6004-43FD-A1BB-2B125C319D12} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
U1 aswbdisk; no ImagePath
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
CContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => -> No File
ContextMenuHandlers1: [Long-Term Docs Signer] -> {8B7B7594-9951-4D5A-BBCC-EB9AEE81CB12} => -> No File
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => -> No File
SearchScopes: HKU\S-1-5-21-1664701216-379068115-2624813269-1001 -> DefaultScope {16CE290B-F459-401D-B46F-B8E98FCE9D58} URL =
SearchScopes: HKU\S-1-5-21-1664701216-379068115-2624813269-1001 -> {16CE290B-F459-401D-B46F-B8E98FCE9D58} URL =
FirewallRules: [{5F9CCEF7-38E8-4E88-9B84-39B68F9401CC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{E7EB86C9-8F3A-4FB3-819F-ABC9224DBA56}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{2224B638-BC96-4EBD-B8B7-8623FD1B4094}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{414859D6-D7FB-4011-8950-1AB121F02006}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => removed successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9653903F-7F36-4592-86A4-CDB77AF0EC76}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9653903F-7F36-4592-86A4-CDB77AF0EC76}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AEC18D0C-BF4C-4968-A48A-DFFEA99D3C9C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AEC18D0C-BF4C-4968-A48A-DFFEA99D3C9C}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F59760A0-6004-43FD-A1BB-2B125C319D12}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F59760A0-6004-43FD-A1BB-2B125C319D12}" => removed successfully
C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ESET Security Shell => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Long-Term Docs Signer => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\ESET Security Shell => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\ESET Security Shell => removed successfully
"HKU\S-1-5-21-1664701216-379068115-2624813269-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-1664701216-379068115-2624813269-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{16CE290B-F459-401D-B46F-B8E98FCE9D58} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5F9CCEF7-38E8-4E88-9B84-39B68F9401CC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E7EB86C9-8F3A-4FB3-819F-ABC9224DBA56}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2224B638-BC96-4EBD-B8B7-8623FD1B4094}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{414859D6-D7FB-4011-8950-1AB121F02006}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 6553600 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12310267 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 47688531 B
Edge => 0 B
Chrome => 7224221119 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
jiri_k => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 611342 B
NetworkService => 617998 B
jirik => 1105667224 B
Administrator => 1108274258 B
jiri.klicka => 1108274258 B

RecycleBin => 216106 B
EmptyTemp: => 9.9 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 23-03-2022 08:13:56)


Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected

==== End of Fixlog 08:13:56 ====

Re: prosba preventivní kontrola

Napsal: 23 bře 2022 10:36
od Rudy
Smazáno. Nastala nějaká změna?

Re: prosba preventivní kontrola

Napsal: 23 bře 2022 12:27
od Dzura
Pocitově tam nějaké zlepšení je, že počítač tolik nefuní. Každopádně po vymazání ubylo několik GB ze systémového disku C:, spustilo se velké zatížení ntb a v realnem čase během pár sekund tak těch pár několik GB bylo načteno zpět.
OneDrive v průzkumníku stále velice pomalý bez změny
V Task Manageru nyní největší zatížení procesoru služba Windows Search viz příloha.
Zkusím pár týdnů testovat a kdyžtak budu muset zkusit něco razantnějšího

Každopádně děkuji za pomoc

Re: prosba preventivní kontrola

Napsal: 23 bře 2022 13:34
od Rudy
Můžete zkusit otevřít msconfig:
Přík. řádek>(napsat) msconfig>odentrovat
Na záložce "Po spuštění" a "Služby" odstranit zatžítka u všech ne-microsoftích položek s vyjímkou antiviru a ovladačů. Nastavení uložte a restartujte.