VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-12-2022
Ran by linco (administrator) on DESKTOP-J0PJPO6 (ASUSTeK COMPUTER INC. FX502VE) (05-01-2023 18:18:20)
Running from C:\Users\linco\OneDrive\Počítač
Loaded Profiles: linco
Platform: Microsoft Windows 10 Home Version 22H2 19045.2364 (X64) Language: Čeština (Česká republika) -> Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_98728bfffafc23c2\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_98728bfffafc23c2\igfxEM.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\68.0.2.0\crashpad_handler.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\NordVPN.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Gaijin Network LTD -> Gaijin) C:\Users\linco\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\AsBhcSrv.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (Huawei Technologies Co.,Ltd. -> ) C:\Program Files (x86)\MobileBrServ\mbbService.exe
(services.exe ->) (ICEpower a/s -> ICEpower A/S) C:\Windows\System32\ICEsoundService64.exe
(services.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_98728bfffafc23c2\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_22dff82e7da0099b\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b53c057d22ce6f37\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b53c057d22ce6f37\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_7ed3bacbb0a8cc67\RstMwService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordUpdater\NordUpdateService.exe
(services.exe ->) (nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_e3bf6f587f5b65de\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\spaceman.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [215960 2022-12-07] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [291080 2022-12-14] (Intel Corporation -> Intel)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-12] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-12] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2298117505-976418258-3832342613-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-21-2298117505-976418258-3832342613-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38916432 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2298117505-976418258-3832342613-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-12] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2298117505-976418258-3832342613-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [253816 2022-08-03] (nordvpn s.a. -> TEFINCOM S.A.)
HKU\S-1-5-21-2298117505-976418258-3832342613-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4246376 2022-12-15] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2022-12-12] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\ssm4mPC: C:\Windows\System32\spool\prtprocs\x64\ssm4mpc.dll [61736 2022-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5100 series: CNMLMAD.DLL (No File)
HKLM\...\Print\Monitors\ssm4m Langmon: C:\Windows\system32\ssm4mlm.dll [40744 2022-02-24] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us008 Langmon: C:\Windows\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
GroupPolicy-Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01A86EF8-14C6-4B61-8761-5004BFD5CBA9} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "898fcde7-98a2-4c5c-adb8-abf5fcde5749" --version "6.07.10191" --silent
Task: {090329F7-F04C-4A77-A966-0A444ABF7D0F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {0C280250-8E93-40F4-A619-6FB02D07C7BE} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {0D4FFF2D-9A82-4983-9D66-82F740EA0894} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\linco\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007456 2021-05-13] (ESET, spol. s r.o. -> ESET)
Task: {188876BF-EDEE-4E8A-9387-CE265DA9046E} - System32\Tasks\ASUS Battery Health Charging Notification => C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\BhcMgr.exe [2478776 2016-11-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {2564D4DF-C850-4D58-9434-90FCAFD96E67} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2250576 2022-05-25] (Avast Software s.r.o. -> Avast Software)
Task: {2F7A832B-A73B-4666-A1B5-075270A68845} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {36535DC6-14B1-42EB-A962-BD22196A1949} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617880 2021-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {385AB60D-37E4-4AC8-ACCF-E84849EC9B32} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3464168 2022-11-09] (Intel Corporation -> Intel Corporation)
Task: {42D5785A-35ED-43AA-AFA0-D6A8E6793A5A} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617880 2021-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {4FE10946-A7FF-4118-B9A9-310A4EB98032} - System32\Tasks\ASUS HotfixChecker => C:\Program Files (x86)\ASUS\HotfixChecker\HotfixChecker.exe [153808 2021-09-29] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {5DF0EA91-1CD4-40B0-AE06-8450FA1B0C3C} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {5E10F1B0-A066-4F8E-9881-8E7926C848CF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {669BA5FE-B7DF-4A9D-AF12-4A8603F3A1D5} - System32\Tasks\UMonitor Task => C:\WINDOWS\SysWOW64\UMonit64.exe [61752 2016-08-19] (GENESYS LOGIC, INC. -> )
Task: {6A1DF42B-4775-4EE1-A55F-94814F1C2EF9} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\linco\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007456 2021-05-13] (ESET, spol. s r.o. -> ESET)
Task: {8FD46559-9889-42C0-AC8A-758A322F650D} - System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-2298117505-976418258-3832342613-1001 => C:\Users\linco\AppData\Local\Programs\Messenger\MessengerHelper.exe --lassie (No File)
Task: {93E5DDC2-0730-48D3-9F5F-751A72A2C9CA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {95B6C707-EEC3-4992-9DAE-1C9189872243} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122552 2016-11-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {9AC3B822-A126-4F56-8768-F12E5685B199} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-13] (Adobe Inc. -> Adobe)
Task: {9DE4561B-12A2-4861-B70D-80355F153286} - System32\Tasks\IcarusAvastVpnUpgrade => C:\Program Files\AVAST Software\SecureLine\setup\avast_vpn_online_setup.exe -> /silent /ShowVpnGui=0 /RestartUpdaterTaskName=IcarusAvastVpnUpgrade /RestartUpdaterAppExe="C:\Program Files\AVAST Software\SecureLine\setup\avast_vpn_online_setup.exe"
Task: {A7F1E3F2-3760-4EA8-BFC7-C29A70DC1C9C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-12-09] (Piriform Software Ltd -> Piriform)
Task: {AEB63488-B184-44F6-9A95-2FD682825BE1} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19967504 2016-11-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {B1E4C34C-580C-4944-BA9E-50CE647375F8} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-08-30] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {CBC692EC-F12A-443F-A784-DC3CD736B5AD} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3464168 2022-11-09] (Intel Corporation -> Intel Corporation)
Task: {CC41892C-860D-4898-A9DB-8C98DC996881} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122552 2016-11-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {CE69C94C-3EE0-43CE-8062-E5DB9E5F434B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {CE7E4C26-C67F-4AC4-A77F-1D1481D9BC41} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D7A4511D-C355-4502-8BF3-3294F6B86E82} - System32\Tasks\CCleanerSkipUAC - linco => C:\Program Files\CCleaner\CCleaner.exe [32602448 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {E3F8E3D2-99AC-4850-A4D4-84376441F34F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {EE2CBA86-6B46-46DB-9ECF-21D78966C338} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4954008 2022-12-07] (Avast Software s.r.o. -> AVAST Software)
Task: {F6A95E1B-B8E1-49FB-A8FF-64FE721030E6} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-10-17] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FD275040-5945-4298-8529-5E07DD7AE2BA} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\WpsExternal_20161114022915.job => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 193.162.153.164 194.239.134.83
Tcpip\..\Interfaces\{9272e2bf-6bd5-1513-a95c-605fd4c46776}: [NameServer] 103.86.96.100,103.86.99.100
Tcpip\..\Interfaces\{cb788683-62bb-49bd-a2bd-8c95f035c6d8}: [DhcpNameServer] 193.162.153.164 194.239.134.83
Tcpip\..\Interfaces\{ce166e0c-1abd-4573-a63b-a0ac72c5ca8a}: [DhcpNameServer] 10.66.0.1

FireFox:
========
FF DefaultProfile: zlodulmp.default-1666245238037
FF ProfilePath: C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\zlodulmp.default-1666245238037 [2023-01-05]
FF Session Restore: Mozilla\Firefox\Profiles\zlodulmp.default-1666245238037 -> is enabled.
FF Extension: (AdBlocker Ultimate) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\zlodulmp.default-1666245238037\Extensions\adblockultimate@adblockultimate.net.xpi [2022-10-20]
FF Extension: (To Google Translate) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\zlodulmp.default-1666245238037\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2022-10-23]
FF Extension: (Avast Passwords) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\zlodulmp.default-1666245238037\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2022-10-20] [UpdateUrl:hxxps://pamcdn.avast.com/pamcdn/extensions/firefox/update.json]
FF Extension: (Slovak (SK) Language Pack) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\zlodulmp.default-1666245238037\Extensions\langpack-sk@firefox.mozilla.org.xpi [2023-01-05]
FF Extension: (Avast SafePrice | Porovnanie, ponuky, kupóny) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\zlodulmp.default-1666245238037\Extensions\sp@avast.com.xpi [2022-10-20]
FF Extension: (Avast Online Security & Privacy) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\zlodulmp.default-1666245238037\Extensions\wrc@avast.com.xpi [2022-11-16]
FF Extension: (Plná Peňaženka Líštička Lite) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\zlodulmp.default-1666245238037\Extensions\{5f383f45-0de3-43b3-838c-ea98916167e3}.xpi [2022-11-17]
FF HKLM\...\Firefox\Extensions: [sparalarm@chip.de] - C:\Program Files (x86)\sparalarm\ff\chip_sparalarm-14.39.1-fx.xpi
FF Extension: (CHIP Sparalarm) - C:\Program Files (x86)\sparalarm\ff\chip_sparalarm-14.39.1-fx.xpi [2019-09-11]
FF HKLM-x32\...\Firefox\Extensions: [sparalarm@chip.de] - C:\Program Files (x86)\sparalarm\ff\chip_sparalarm-14.39.1-fx.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-13] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-13] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-13] (Adobe Inc. -> Adobe)
R2 AsBhcService; C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\AsBhcSrv.exe [114360 2016-10-20] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8553880 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [597400 2022-12-07] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2038168 2022-12-07] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [597400 2022-12-07] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [42248 2022-12-14] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [207624 2022-12-14] (Intel Corporation -> Intel)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2022-11-22] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2358800 2022-05-19] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-11-19] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 Mobile Broadband HL Service; C:\Program Files (x86)\MobileBrServ\mbbservice.exe [242264 2016-03-24] (Huawei Technologies Co.,Ltd. -> )
S3 nordsec-threatprotection-service; C:\Program Files\NordVPN\NordSec ThreatProtection\nordsec-threatprotection-service.exe [310136 2021-06-11] (nordvpn s.a. -> TEFINCOM S.A.)
R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2022-11-21] (nordvpn s.a. -> nordvpn S.A.)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [254328 2022-08-03] (nordvpn s.a. -> TEFINCOM S.A.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [15110968 2022-11-24] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_e3bf6f587f5b65de\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_e3bf6f587f5b65de\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [29312 2016-11-14] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R3 AsusHFilter; C:\WINDOWS\System32\drivers\AsusHFilter.sys [30200 2016-12-22] (ASUSTeK Computer Inc. -> )
R3 AsusPTPDrv; C:\WINDOWS\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_314b5cb6bf57f471\AsusPTPFilter.sys [116712 2021-12-02] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [229208 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [391272 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297832 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95960 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39648 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [267888 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [555560 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105248 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80376 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [852000 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [695496 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [212632 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2018-09-05] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318456 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
S3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [136688 2021-12-02] (GENESYS LOGIC, INC. -> Genesys Logic)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R3 iaLPSS2_I2C; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_skl.inf_amd64_363c7132639e12a6\iaLPSS2_I2C_ICL.sys [200456 2020-04-27] (Intel Corporation -> Intel Corporation)
R2 NDivert; C:\Program Files\NordVPN\7.3.9.0\Drivers\NDivert.sys [131472 2022-06-28] (nordvpn s.a. -> Nordvpn S.A.)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [14224 2021-04-02] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [49744 2021-06-13] (nordvpn s.a. -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2020-02-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2020-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-02-12] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29592 2022-03-13] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 cpuz148; \??\C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [X]
S1 nordlwf; \SystemRoot\system32\DRIVERS\nordlwf.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-30 08:04 - 2022-12-30 08:04 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000001-000000.txt
2022-12-21 13:29 - 2022-12-21 13:29 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000000-000000.txt
2022-12-20 10:34 - 2022-12-20 10:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-12-20 08:40 - 2022-12-20 08:40 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2022-12-20 08:40 - 2022-12-20 08:40 - 000000000 ____D C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller
2022-12-20 08:40 - 2022-12-20 08:40 - 000000000 ____D C:\Program Files (x86)\SamsungPrinterLiveUpdate
2022-12-20 08:40 - 2022-02-24 03:56 - 000716136 _____ (Samsung Electronics) C:\WINDOWS\system32\eed_sl.exe
2022-12-20 08:40 - 2022-02-24 03:56 - 000184192 _____ (SS) C:\WINDOWS\system32\ssm4mci.exe
2022-12-20 08:40 - 2022-02-24 03:45 - 000000273 _____ C:\WINDOWS\system32\eed_sl.exe.config
2022-12-20 08:39 - 2022-12-20 08:40 - 000000000 ____D C:\Program Files (x86)\Samsung
2022-12-20 08:39 - 2015-06-10 18:48 - 000094208 ____N C:\WINDOWS\SysWOW64\ssdevm.dll
2022-12-20 08:39 - 2015-06-10 18:48 - 000087552 ____N C:\WINDOWS\system32\ssdevm64.dll
2022-12-20 08:20 - 2022-12-20 08:20 - 000000000 ____D C:\WINDOWS\system32\spool\prtprocs\x64\1
2022-12-19 17:57 - 2022-12-21 13:29 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-12-16 15:40 - 2022-12-16 15:40 - 000001472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2022-12-14 09:22 - 2022-12-14 09:22 - 000000000 ___HD C:\$WinREAgent
2022-12-11 23:25 - 2022-12-11 23:25 - 000000000 ____D C:\ProgramData\FileOpen
2022-12-11 22:24 - 2022-12-11 11:00 - 039126001 _____ C:\Users\linco\OneDrive\Dokumenty\Video WhatsApp 2022-12-11 o 10.47.19.mp4
2022-12-08 23:27 - 2022-12-06 21:49 - 002236992 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-12-08 23:27 - 2022-12-06 21:49 - 002236992 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-12-08 23:27 - 2022-12-06 21:49 - 001642568 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-12-08 23:27 - 2022-12-06 21:49 - 001642568 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-12-08 23:27 - 2022-12-06 21:49 - 001487352 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-12-08 23:27 - 2022-12-06 21:49 - 001444424 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-12-08 23:27 - 2022-12-06 21:49 - 001444424 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-12-08 23:27 - 2022-12-06 21:49 - 001226744 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-12-08 23:27 - 2022-12-06 21:49 - 001168960 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-12-08 23:27 - 2022-12-06 21:49 - 001168960 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-12-08 23:27 - 2022-12-06 21:44 - 000851448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-12-08 23:27 - 2022-12-06 21:44 - 000672760 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-12-08 23:27 - 2022-12-06 21:44 - 000507408 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-12-08 23:27 - 2022-12-06 21:43 - 002163712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-12-08 23:27 - 2022-12-06 21:43 - 001619432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-12-08 23:27 - 2022-12-06 21:43 - 001532456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-12-08 23:27 - 2022-12-06 21:43 - 001191912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-12-08 23:27 - 2022-12-06 21:43 - 000949784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-12-08 23:27 - 2022-12-06 21:43 - 000738344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-12-08 23:27 - 2022-12-06 21:43 - 000734720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-12-08 23:27 - 2022-12-06 21:42 - 012453400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-12-08 23:27 - 2022-12-06 21:42 - 010220584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-12-08 23:27 - 2022-12-06 21:42 - 005891072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-12-08 23:27 - 2022-12-06 21:42 - 005857328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2022-12-08 23:27 - 2022-12-06 21:42 - 003334656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-12-08 23:27 - 2022-12-06 21:42 - 000458280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-12-08 23:27 - 2022-12-06 21:41 - 005817880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-12-08 23:27 - 2022-12-06 05:54 - 000100741 _____ C:\WINDOWS\system32\nvinfo.pb
2022-12-08 23:26 - 2022-12-06 21:41 - 000852984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-12-08 23:26 - 2022-12-06 21:39 - 006514432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-12-07 01:26 - 2022-12-07 01:26 - 000273816 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-12-06 20:25 - 2022-12-06 20:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.4
2022-12-06 20:20 - 2022-12-06 20:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-01-05 18:18 - 2020-08-22 13:05 - 000000000 ____D C:\FRST
2023-01-05 18:17 - 2022-11-16 16:52 - 000000000 ____D C:\Program Files (x86)\Steam
2023-01-05 18:17 - 2018-09-15 20:01 - 000000000 ____D C:\Users\linco\AppData\LocalLow\Mozilla
2023-01-05 18:16 - 2018-09-15 20:01 - 000000000 ____D C:\Users\linco\AppData\Local\AVAST Software
2023-01-05 18:14 - 2022-11-16 21:32 - 000000000 ____D C:\Users\linco\AppData\Roaming\EasyAntiCheat
2023-01-05 18:13 - 2018-09-16 08:56 - 000000000 ____D C:\Users\linco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-01-05 18:13 - 2018-09-15 21:08 - 000000000 ____D C:\Program Files\CCleaner
2023-01-05 18:06 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-05 17:45 - 2022-12-02 10:18 - 000003042 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2023-01-05 17:45 - 2022-12-01 23:17 - 000002678 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2023-01-05 17:45 - 2022-09-20 18:29 - 000003046 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-01-05 17:45 - 2022-09-20 18:29 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-01-05 17:45 - 2022-08-21 22:08 - 000002970 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2023-01-05 17:45 - 2022-08-21 22:08 - 000002604 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2023-01-05 17:45 - 2021-08-18 20:32 - 000002252 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - linco
2023-01-05 17:45 - 2020-06-20 22:03 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-01-05 17:45 - 2020-06-20 22:03 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-01-05 17:45 - 2020-06-20 22:03 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-01-05 17:45 - 2020-06-20 22:03 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-01-05 17:45 - 2020-06-20 22:03 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-01-05 17:45 - 2020-06-20 22:03 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-01-05 17:45 - 2020-06-20 22:03 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-01-05 17:45 - 2020-06-20 22:03 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-01-05 17:45 - 2020-06-20 22:03 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-01-05 17:45 - 2020-06-20 22:03 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-01-05 17:45 - 2020-06-20 22:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2023-01-05 17:33 - 2020-07-31 22:19 - 000000000 ____D C:\Program Files (x86)\Google
2023-01-05 14:00 - 2022-02-08 17:18 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-01-05 12:18 - 2020-06-20 21:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-01-05 08:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-01-05 08:08 - 2018-09-15 19:55 - 000000000 __SHD C:\Users\linco\IntelGraphicsProfiles
2023-01-05 08:08 - 2017-07-04 19:03 - 000000000 ____D C:\ProgramData\NVIDIA
2023-01-04 18:08 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-01-04 11:52 - 2016-11-14 03:29 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-01-03 16:39 - 2020-06-20 22:01 - 002229564 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-01-03 16:39 - 2020-06-20 20:24 - 000460920 _____ C:\WINDOWS\system32\perfh006.dat
2023-01-03 16:39 - 2020-06-20 20:24 - 000081102 _____ C:\WINDOWS\system32\perfc006.dat
2023-01-03 16:39 - 2019-12-07 15:41 - 000709160 _____ C:\WINDOWS\system32\perfh005.dat
2023-01-03 16:39 - 2019-12-07 15:41 - 000145492 _____ C:\WINDOWS\system32\perfc005.dat
2023-01-03 16:35 - 2020-06-20 22:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-01-03 16:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-01-03 16:35 - 2018-09-15 19:59 - 000000000 ____D C:\ProgramData\AVAST Software
2023-01-03 16:35 - 2017-07-04 18:59 - 000000000 ___HD C:\Intel
2023-01-03 13:10 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-01-02 11:41 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-12-30 08:23 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-12-30 08:19 - 2018-09-20 09:59 - 000000000 ____D C:\Users\linco\AppData\Local\D3DSCache
2022-12-30 07:57 - 2017-07-04 18:59 - 000000000 ____D C:\ProgramData\Package Cache
2022-12-21 13:29 - 2018-09-15 20:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-12-21 10:01 - 2017-07-04 19:00 - 000000000 ____D C:\Program Files (x86)\Intel
2022-12-21 09:51 - 2022-10-19 21:08 - 000000000 ____D C:\Users\linco\AppData\Local\NordVPN
2022-12-20 10:36 - 2022-10-19 21:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec
2022-12-20 10:36 - 2022-10-19 21:08 - 000000000 ____D C:\Program Files\NordVPN
2022-12-20 10:34 - 2018-09-19 19:11 - 000000000 ____D C:\Users\linco\AppData\Local\PlaceholderTileLogoFolder
2022-12-20 10:34 - 2018-09-15 20:01 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-12-15 21:50 - 2022-11-20 17:50 - 000000000 ____D C:\Users\linco\AppData\Local\T2GP Launcher
2022-12-15 09:28 - 2020-06-20 22:03 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-12-14 09:31 - 2020-06-20 21:55 - 000651392 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-12-14 09:30 - 2020-06-20 21:55 - 000008192 ___SH C:\DumpStack.log.tmp
2022-12-14 09:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-12-14 09:30 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-12-14 09:21 - 2022-08-21 22:08 - 000000000 ____D C:\Program Files\dotnet
2022-12-14 09:21 - 2018-09-16 13:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-12-14 09:19 - 2018-09-16 13:50 - 148633544 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-12-12 19:40 - 2021-09-21 17:09 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-12-08 23:49 - 2018-09-15 19:59 - 000000000 ____D C:\Users\linco\AppData\Local\NVIDIA
2022-12-07 01:26 - 2020-10-08 22:50 - 000267888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-12-07 01:26 - 2020-04-03 18:31 - 000555560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-12-07 01:26 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-12-07 01:26 - 2019-11-21 16:36 - 000852000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-12-07 01:26 - 2019-11-21 16:36 - 000695496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-12-07 01:26 - 2019-11-21 16:36 - 000391272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-12-07 01:26 - 2019-11-21 16:36 - 000318456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-12-07 01:26 - 2019-11-21 16:36 - 000297832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-12-07 01:26 - 2019-11-21 16:36 - 000229208 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-12-07 01:26 - 2019-11-21 16:36 - 000105248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-12-07 01:26 - 2019-11-21 16:36 - 000095960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-12-07 01:26 - 2019-11-21 16:36 - 000080376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-12-07 01:26 - 2019-11-21 16:36 - 000039648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-12-06 21:39 - 2020-05-31 18:17 - 007645944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-12-06 20:28 - 2018-09-20 17:10 - 000000000 ____D C:\Users\linco\AppData\Local\CrashDumps
2022-12-06 20:04 - 2018-09-15 19:55 - 000000000 ____D C:\Users\linco\AppData\Local\Packages
2022-12-06 19:57 - 2022-11-28 20:29 - 000000000 ____D C:\Users\linco\AppData\Local\slack
2022-12-06 19:57 - 2022-02-24 19:11 - 000000000 ____D C:\Users\linco\AppData\Local\WhatsApp
2022-12-06 19:57 - 2020-12-23 10:05 - 000000000 ____D C:\Users\linco\AppData\Roaming\Slack
2022-12-06 19:57 - 2018-12-05 19:58 - 000000000 ____D C:\Users\linco\AppData\Roaming\WhatsApp
2022-12-06 19:57 - 2018-12-05 19:58 - 000000000 ____D C:\Users\linco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp

==================== Files in the root of some directories ========

2020-11-13 14:22 - 2020-11-13 14:22 - 000000046 _____ () C:\Users\linco\AppData\Roaming\Camdata.ini
2020-11-13 14:22 - 2020-11-13 14:22 - 000000408 _____ () C:\Users\linco\AppData\Roaming\CamLayout.ini
2020-11-13 14:22 - 2020-11-13 14:22 - 000000408 _____ () C:\Users\linco\AppData\Roaming\CamShapes.ini
2020-11-13 14:22 - 2020-11-13 14:22 - 000004536 _____ () C:\Users\linco\AppData\Roaming\CamStudio.cfg
2018-09-15 19:58 - 2019-07-07 10:46 - 000000200 _____ () C:\Users\linco\AppData\Roaming\sp_data.sys
2020-11-13 14:20 - 2020-11-13 14:20 - 000000096 _____ () C:\Users\linco\AppData\Roaming\version2.xml
2020-12-01 10:07 - 2020-12-01 10:07 - 000415507 _____ () C:\Users\linco\AppData\Local\ars.cache
2020-12-01 10:08 - 2020-12-01 10:08 - 001139162 _____ () C:\Users\linco\AppData\Local\census.cache
2020-12-01 09:38 - 2020-12-01 09:38 - 000000036 _____ () C:\Users\linco\AppData\Local\housecall.guid.cache
2020-12-01 09:42 - 2020-12-01 09:42 - 000000010 _____ () C:\Users\linco\AppData\Local\sponge.last.runtime.cache

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-12-2022
Ran by linco (05-01-2023 18:20:49)
Running from C:\Users\linco\OneDrive\Počítač
Microsoft Windows 10 Home Version 22H2 19045.2364 (X64) (2020-06-20 21:03:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2298117505-976418258-3832342613-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2298117505-976418258-3832342613-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2298117505-976418258-3832342613-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2298117505-976418258-3832342613-501 - Limited - Disabled)
linco (S-1-5-21-2298117505-976418258-3832342613-1001 - Administrator - Enabled) => C:\Users\linco
WDAGUtilityAccount (S-1-5-21-2298117505-976418258-3832342613-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Any Video Converter 7.1.6 (HKLM-x32\...\Any Video Converter) (Version: 7.1.6 - Anvsoft)
ASUS Battery Health Charging (HKLM-x32\...\{3A7E73B6-3A04-49ED-811E-CC39F7EA2E34}) (Version: 1.0.0002 - ASUS)
ASUS Input Configuration (HKLM-x32\...\{7DDF7571-64BD-4232-9729-20FF10CE6C62}) (Version: 1.0.3 - ASUS)
ASUS PTP Driver (HKLM-x32\...\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}) (Version: 11.0.16 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.2.0 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0051 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.3.32 - ICEpower a/s)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 22.12.6044 - Avast Software)
Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.)
Blackmagic RAW Common Components (HKLM\...\{94C42023-ECF5-46E6-ACB4-2AED536B205D}) (Version: 2.2 - Blackmagic Design)
CamStudio 2.7.4 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.4 - CamStudio Open Source)
CCleaner (HKLM\...\CCleaner) (Version: 6.07 - Piriform)
CyberLink PhotoDirector 5 (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Documentation Manager (HKLM\...\{30EDBBE7-D455-4B19-B6EC-EF0F4934ABFE}) (Version: 22.180.0.4 - Intel Corporation) Hidden
Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.13 - Blackmagic Design)
FormatFactory 4.4.1.0 (HKLM-x32\...\FormatFactory) (Version: 4.4.1.0 - Free Time)
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 12.1.0.15250 - Foxit Software Inc.)
Genesys USB Mass Storage Device (HKLM-x32\...\{CA7CA513-2531-4801-83C6-CF8FB6C8711A}) (Version: 4.5.1.1.1001 - Genesys Logic)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 68.0.2.0 - Google LLC)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.0.2.301 - )
Intel Driver && Support Assistant (HKLM-x32\...\{E4EC6B50-5A65-41DD-AC35-E1839BF685E8}) (Version: 22.8.50.7 - Intel) Hidden
Intel Security Software Manager (HKLM\...\Intel Security Software Manager) (Version: 1.1.107.0 - Intel Security)
Intel(R) Computing Improvement Program (HKLM\...\{72C2F68E-D34A-4AD8-8006-44480EEBE60A}) (Version: 2.4.08989 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11002.3418 - Intel Corporation)
Intel(R) Graphics Driver Software (HKLM-x32\...\{0a00b776-067b-45c6-996b-8a3360ee56a4}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{1fe0084f-3e2b-4ba9-a4a6-c33f56e7f886}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{d8ebe554-4504-4ade-ada9-8617c4525581}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Chipset Device Software (HKLM\...\{81520FC5-3518-40E9-9803-70CE8A801D07}) (Version: 10.1.1.38 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{177F3AF8-1D9D-4C47-AB82-69571F4630DE}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1035 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{DEDA24FF-BA95-42E7-B914-639D32515511}) (Version: 11.6.0.1035 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7325 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.5.1035 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{45F38D16-2016-4BF1-B7FD-011A2B7570F4}) (Version: 15.2.5.1035 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1643.1 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{AEDB97C8-18E1-4053-B7DD-B66E9531B207}) (Version: 30.100.1643.01 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000190-0220-1033-84C8-B8D95FA3C8C3}) (Version: 22.190.0.2 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{ff7ef6db-5d66-4ebe-827f-09d6cea8ee1e}) (Version: 22.8.50.7 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{5853172b-5520-4089-9ef4-e26c594382b3}) (Version: 19.30.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{224CC1EA-2433-4106-81BA-5D5432B11744}) (Version: 19.30.0.0905 - Intel Corporation) Hidden
Intel® Software Installer (HKLM-x32\...\{5815d801-d03c-4911-a46b-75a331ad7265}) (Version: 22.180.0.4 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (HKLM\...\{75FE588B-F158-4BB3-A283-A8D18E522A52}) (Version: 1.43.301.1 - Intel Corporation) Hidden
IrfanView 4.60 (64-bit) (HKLM\...\IrfanView64) (Version: 4.60 - Irfan Skiljan)
kdenlive (HKLM-x32\...\kdenlive) (Version: 21.12.2 - KDE e.V.)
LibreOffice 7.4.3.2 (HKLM\...\{C724CD98-7AEB-4F85-8C10-9721600CE0DA}) (Version: 7.4.3.2 - The Document Foundation)
Microsoft .NET Core Host - 3.1.32 (x64) (HKLM\...\{8A8E3A04-83BC-4CDE-9259-893B666C1AB1}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.32 (x64) (HKLM\...\{ABC6B3C2-1A8D-4C5E-AC16-C2AE44F02743}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM\...\{A741B803-3F0E-4684-81EF-FC128D15A92C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM-x32\...\{784973c8-d618-4ac8-97ed-1fd52c5bdf2f}) (Version: 3.1.32.31915 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2298117505-976418258-3832342613-1001\...\Teams) (Version: 1.3.00.30866 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{F72EB01C-8051-488C-AB30-848E38D3598B}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{F29F6D90-52BF-4644-9F61-82EFF42A9268}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
MiVue Manager (HKLM-x32\...\{123BDDDC-D02F-4C6E-A011-9CB265E2483E}) (Version: 1.0.33.32 - Mio Technology Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.29.00.03 - Huawei Technologies Co.,Ltd)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 108.0.1 (x64 en-US)) (Version: 108.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0 - Mozilla)
NordUpdater (HKLM\...\{6E35DB82-3D19-4DD6-B8CB-F082815FDE18}_is1) (Version: 1.3.0.160 - Nord Security)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 7.3.9.0 - Nord Security)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.154 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.154 - NVIDIA Corporation)
NVIDIA Grafický ovládač 527.56 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 527.56 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 221102 - Kakao Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9205.1 - Realtek Semiconductor Corp.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.29 (28. 3. 2022) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Skype verzia 8.92 (HKLM-x32\...\Skype_is1) (Version: 8.92 - Skype Technologies S.A.)
sparalarm (HKLM-x32\...\{8571D985-3EF7-4188-BB5A-9FA20ED130B7}) (Version: 1.0.0.0 - Sparalarm)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.36.9 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-4) (Version: 1.0.33.0 - LunarG, Inc.)
Windows Deployment Tools (HKLM-x32\...\{C4443D4E-AC00-CF0E-9519-C9111E83ADBB}) (Version: 10.1.17134.1 - Microsoft)
Windows Driver Package - ASUS (AsusHFilter) HIDClass (12/19/2016 1.0.0.2) (HKLM\...\EEDD19DDF3F0CA7CFA2F4C500D442DD1FEB434F6) (Version: 12/19/2016 1.0.0.2 - ASUS)
Windows Driver Package - ASUS (AsusPTPDrv) HIDClass (09/23/2016 11.0.0.14) (HKLM\...\F95583A62AB902A3FC263F668380483F9E0113CD) (Version: 09/23/2016 11.0.0.14 - ASUS)
Windows Kontrola stavu počítača (HKLM\...\{8D6B9DC1-A437-41E0-8DF1-9F37748394AE}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Windows Kontrola stavu počítača (HKLM\...\{995C446A-850D-44EA-BB71-156C271D9428}) (Version: 3.7.2204.15001 - Microsoft Corporation)
Windows Kontrola stavu počítača (HKLM\...\{B3A734C8-5FD7-40BD-B967-066E29E58EE1}) (Version: 3.3.2110.22002 - Microsoft Corporation)
Windows PE x86 x64 (HKLM-x32\...\{346FC109-E9A8-2224-5726-843C7283E4F7}) (Version: 10.1.17134.1 - Microsoft)
Windows PE x86 x64 wims (HKLM-x32\...\{64FF0563-D6F1-C8E4-56F8-F678D1158C58}) (Version: 10.1.17134.1 - Microsoft)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.2 - ASUSTeK COMPUTER INC.)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)

Packages:
=========
ASUS ZenLink -> C:\Program Files\WindowsApps\B9ECED6F.ZenSync_1.0.7.0_x86__qmba6cd70vzyy [2022-12-05] (ASUSTeK COMPUTER INC.) [MS Ad]
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-08] (Autodesk Inc.)
Bandicut Video Cutter -> C:\Program Files\WindowsApps\BandicamCompany.BandicutVideoCutterFree_3.15.1509.0_x64__4q7dvte5y4xn4 [2020-11-13] (Bandicam Company)
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-06-15] (Microsoft Corporation)
Doplnok pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
eManual -> C:\Program Files\WindowsApps\B9ECED6F.eManual_2.0.3.0_x86__qmba6cd70vzyy [2018-09-15] (ASUSTeK COMPUTER INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
MyASUS-Service Center -> C:\Program Files\WindowsApps\B9ECED6F.MyASUS_3.3.11.0_x86__qmba6cd70vzyy [2018-09-15] (ASUSTeK COMPUTER INC.) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-12-08] (NVIDIA Corp.)
Ovládacie centrum pre grafiku Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt [2022-12-15] (INTEL CORP) [Startup Task]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2018-09-20] (Samsung Electronics Co. Ltd.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-13] (Microsoft Studios) [MS Ad]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2248.9.0_x64__cv1g1gvanyjgm [2022-12-13] (WhatsApp Inc.) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2298117505-976418258-3832342613-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\linco\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20275.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-12-07] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-12-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-12-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-12-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2022-12-12] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_e3bf6f587f5b65de\nvshext.dll [2022-12-06] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-12-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\Windows\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\Windows\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lame] => C:\Windows\system32\lame.ax [245760 2005-08-01] () [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\system32\xvidvfw.dll [139264 2004-07-03] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.LAGS] => C:\Windows\system32\lagarith.dll [216064 2011-12-07] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-06-28 13:26 - 2022-06-28 13:26 - 005998080 _____ () [File not signed] C:\Program Files (x86)\Intel\Driver and Support Assistant\irmfuu_module_win32.dll
2022-11-16 16:58 - 2022-11-10 07:19 - 134859776 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2022-11-16 16:58 - 2022-11-07 11:17 - 000387072 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2022-11-16 16:58 - 2022-11-07 11:17 - 008052736 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2022-12-20 10:36 - 2022-12-21 09:52 - 018967040 _____ () [File not signed] C:\Program Files\NordVPN\7.3.9.0\telio.dll
2022-11-11 18:08 - 2022-11-11 18:08 - 001593344 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll
2022-11-11 18:08 - 2022-11-11 18:08 - 002159616 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2022-11-16 16:58 - 2022-11-07 11:17 - 000992256 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\linco\OneDrive\Dokumenty\5250150778976863471.pdf:shield [403]
AlternateDataStreams: C:\Users\linco\OneDrive\Dokumenty\Dansk konkurrenceevne post OL_langvers(1).pdf:shield [200]
AlternateDataStreams: C:\Users\linco\OneDrive\Dokumenty\Dansk konkurrenceevne post OL_langvers.pdf:shield [197]
AlternateDataStreams: C:\Users\linco\OneDrive\Dokumenty\KAEKmiQg6B.pdf:shield [135]
AlternateDataStreams: C:\Users\linco\OneDrive\Dokumenty\Lønseddel - 01-03-2022 31-03-2022 TIER Mobility Denmark A.PDF:shield [153]
AlternateDataStreams: C:\Users\linco\OneDrive\Dokumenty\rapport(2).pdf:shield [126]
AlternateDataStreams: C:\Users\linco\OneDrive\Dokumenty\SPP_14541894024636_8439145359(1).pdf:shield [976]
AlternateDataStreams: C:\Users\linco\OneDrive\Dokumenty\SPP_14541894024636_8439145359.pdf:shield [991]
AlternateDataStreams: C:\Users\linco\OneDrive\Dokumenty\toyota_auris_1_8_hybrid_life.pdf:shield [182]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-2298117505-976418258-3832342613-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2298117505-976418258-3832342613-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2022-07-29 20:58 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

2021-02-08 20:53 - 2022-07-30 09:34 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\dotnet\
HKU\S-1-5-21-2298117505-976418258-3832342613-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2298117505-976418258-3832342613-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 103.86.96.100 - 103.86.99.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled)
Wi-Fi: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "PDF24"
HKU\S-1-5-21-2298117505-976418258-3832342613-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2298117505-976418258-3832342613-1001\...\StartupApproved\Run: => "Gaijin.Net Updater"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BD32919E-726D-4E21-A078-65E16B9A9101}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{43AE6A5F-63EE-4DA3-9439-784A4DB05534}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{5CB887D8-7A95-4578-8AFC-5E9DFF87EB48}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{9ECF2400-2897-46C8-9E42-7D418C093246}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{101C8101-91A5-4D9D-8282-F9E0898EB8D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{BFC35833-B5B6-4F91-9320-070BB4BF0C42}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{BB3BDD92-C402-43AE-9691-3CC6192EB39D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{A7500D77-F651-44DC-AB54-894899AF73F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{BC7C3394-A3A0-4A32-9A25-0BB3CD42AC81}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{361C8061-5D7A-42BE-AD9C-850EEC74FC06}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BA592D17-9141-4AE9-89DB-3C34FD3E85CC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AFF2A124-8EF8-4189-AA56-5BB42E980100}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{819EDD0F-0C23-4D3E-A142-FA45915FD01F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [TCP Query User{B405641C-3A86-4AE0-9C3A-4420652905B3}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{26868414-D70F-44E1-A26E-06268B8F929A}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0A5A8CCD-F845-40CC-9029-A2DD1D35FCF5}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{654123EA-8EC6-49C1-A280-BCDF7B07CC11}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{1B25746B-674E-4162-AEB1-C6BD73466D50}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{629C4CA0-AA46-45A2-8AD8-83015B5733E1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{32223630-447E-470A-B8BB-59697864F695}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{38A12891-50EA-4659-9195-75443593DC99}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{79B0D1E8-2F43-4F10-912F-95A8F1D67967}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{6C1E1804-FF33-4500-ACE1-20185BC4342B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{EE2ACEFE-AF1F-442E-B36E-B56975EA8A56}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{BADFABD1-475F-414C-98D5-6F43294194ED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{938213ED-28C9-4D63-9FC3-93D39EEB4246}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3699DE5D-1A3A-4C0D-927B-3BE630A82C4B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A230E057-E55F-4024-A4A2-32507359D414}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0A7D7996-646F-4CE5-B13A-47EDD6084C65}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{271886E6-F055-44CC-B6D4-D1BE6A4DC556}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B20FE557-FE95-406E-A170-19385F765467}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{62307108-F923-4800-A7F4-A425487F1703}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{BDC5F3F3-D91F-4E92-B2B0-D06B0BF51093}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{0CB55043-72ED-45CB-96CC-1C6AA74FED13}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{D9FBE4F3-6189-40F1-874C-EB44A823EE56}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{4DFF75BC-94A4-4F60-B581-47EA228E4442}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{D21B6828-64D7-4A04-BA33-2985B0649306}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{B412A4D0-5E24-4660-9BA6-624960CFD348}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{AA41FFBE-1692-4B94-AE9E-196F8207217D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C6D7EB89-18FB-43ED-8623-C555864B8428}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1C4DE68E-B733-4FB4-9EE8-AAEC18634FE2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{97DB9645-3723-4890-9B2C-0A704A8B847D}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\eac_wt_mlauncher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{D531FB7A-81AC-4EC6-9256-0B98AB857862}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\eac_wt_mlauncher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{6A3606D0-BA4B-4B7D-94B9-1F2C173566F6}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [{4441867D-5C00-45A0-97CF-0C74ABEF5114}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [{7DA999E9-5CFF-4FA6-AC1B-DCCEAE56BABD}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DE399E5F-399D-4EFF-AD2F-4499E7C96807}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/05/2023 08:12:12 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-J0PJPO6)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.


System errors:
=============
Error: (01/05/2023 11:25:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Energy Server Service queencreek sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (01/05/2023 08:10:59 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-J0PJPO6)
Description: Unable to start a DCOM Server: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Error: (01/05/2023 08:10:09 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-J0PJPO6)
Description: Unable to start a DCOM Server: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Error: (01/04/2023 09:18:28 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-J0PJPO6)
Description: Unable to start a DCOM Server: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Error: (01/04/2023 09:18:16 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-J0PJPO6)
Description: Unable to start a DCOM Server: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Error: (01/04/2023 08:38:13 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-J0PJPO6)
Description: Unable to start a DCOM Server: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Error: (01/04/2023 08:07:56 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-J0PJPO6)
Description: Unable to start a DCOM Server: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Error: (01/04/2023 08:07:45 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-J0PJPO6)
Description: Unable to start a DCOM Server: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca


CodeIntegrity:
===============
Date: 2023-01-05 17:16:23
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2023-01-05 08:08:39
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. FX502VE.302 04/20/2017
Motherboard: ASUSTeK COMPUTER INC. FX502VE
Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 62%
Total physical RAM: 8076.84 MB
Available physical RAM: 3024.05 MB
Total Virtual: 18828.84 MB
Available Virtual: 10856.12 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:117.73 GB) (Free:37.31 GB) (Model: HFS128G39TND-N210A) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Lagerplads) (Fixed) (Total:928.87 GB) (Free:845.67 GB) (Model: Microsoft Storage Space Device) NTFS

\\?\Volume{b6fa713b-5c5f-4537-b4cf-1d505354f1e4}\ () (Fixed) (Total:0.46 GB) (Free:0.03 GB) NTFS
\\?\Volume{b4096786-284d-4920-bdcb-cbc4c3217fd9}\ (RECOVERY) (Fixed) (Total:0.78 GB) (Free:0.44 GB) NTFS
\\?\Volume{159527f6-9e86-4f7f-994f-012b74f7f252}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 2.

==================== End of Addition.txt =======================

Zdravím"
Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2298117505-976418258-3832342613-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe --startup_mode (No File)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5100 series: CNMLMAD.DLL (No File)
GroupPolicy-Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0C280250-8E93-40F4-A619-6FB02D07C7BE} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
C:\DumpStack.log.tmp
AlternateDataStreams: C:\Users\linco\OneDrive\Dokumenty\5250150778976863471.pdf:shield [403]
AlternateDataStreams: C:\Users\linco\OneDrive\Dokumenty\Dansk konkurrenceevne post OL_langvers(1).pdf:shield [200]
AlternateDataStreams: C:\Users\linco\OneDrive\Dokumenty\Dansk konkurrenceevne post OL_langvers.pdf:shield [197]
AlternateDataStreams: C:\Users\linco\OneDrive\Dokumenty\KAEKmiQg6B.pdf:shield [135]
AlternateDataStreams: C:\Users\linco\OneDrive\Dokumenty\Lønseddel - 01-03-2022 31-03-2022 TIER Mobility Denmark A.PDF:shield [153]
AlternateDataStreams: C:\Users\linco\OneDrive\Dokumenty\rapport(2).pdf:shield [126]
AlternateDataStreams: C:\Users\linco\OneDrive\Dokumenty\SPP_14541894024636_8439145359(1).pdf:shield [976]
AlternateDataStreams: C:\Users\linco\OneDrive\Dokumenty\SPP_14541894024636_8439145359.pdf:shield [991]
AlternateDataStreams: C:\Users\linco\OneDrive\Dokumenty\toyota_auris_1_8_hybrid_life.pdf:shield [182]
SearchScopes: HKU\S-1-5-21-2298117505-976418258-3832342613-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2298117505-976418258-3832342613-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

EmptyTemp:
End

Uložte do C:\Users\linco\OneDrive\Počítač jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Ďakujem pekne !

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-12-2022
Ran by linco (09-01-2023 00:34:19) Run:10
Running from C:\Users\linco\OneDrive\Počítač
Loaded Profiles: defaultuser0 & linco
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2298117505-976418258-3832342613-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe --startup_mode (No File)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5100 series: CNMLMAD.DLL (No File)
GroupPolicy-Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0C280250-8E93-40F4-A619-6FB02D07C7BE} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
C:\DumpStack.log.tmp
AlternateDataStreams: C:\Users\linco\OneDrive\Dokumenty\5250150778976863471.pdf:shield [403]
AlternateDataStreams: C:\Users\linco\OneDrive\Dokumenty\Dansk konkurrenceevne post OL_langvers(1).pdf:shield [200]
AlternateDataStreams: C:\Users\linco\OneDrive\Dokumenty\Dansk konkurrenceevne post OL_langvers.pdf:shield [197]
AlternateDataStreams: C:\Users\linco\OneDrive\Dokumenty\KAEKmiQg6B.pdf:shield [135]
AlternateDataStreams: C:\Users\linco\OneDrive\Dokumenty\Lønseddel - 01-03-2022 31-03-2022 TIER Mobility Denmark A.PDF:shield [153]
AlternateDataStreams: C:\Users\linco\OneDrive\Dokumenty\rapport(2).pdf:shield [126]
AlternateDataStreams: C:\Users\linco\OneDrive\Dokumenty\SPP_14541894024636_8439145359(1).pdf:shield [976]
AlternateDataStreams: C:\Users\linco\OneDrive\Dokumenty\SPP_14541894024636_8439145359.pdf:shield [991]
AlternateDataStreams: C:\Users\linco\OneDrive\Dokumenty\toyota_auris_1_8_hybrid_life.pdf:shield [182]
SearchScopes: HKU\S-1-5-21-2298117505-976418258-3832342613-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2298117505-976418258-3832342613-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-2298117505-976418258-3832342613-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleDriveFS" => removed successfully
HKLM\System\CurrentControlSet\Control\Print\Monitors\Canon BJ Language Monitor MG5100 series => removed successfully
C:\Program Files\Mozilla Firefox\distribution\policies.json => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C280250-8E93-40F4-A619-6FB02D07C7BE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C280250-8E93-40F4-A619-6FB02D07C7BE}" => removed successfully
C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" => removed successfully
C:\DumpStack.log.tmp => moved successfully
C:\Users\linco\OneDrive\Dokumenty\5250150778976863471.pdf => ":shield" ADS removed successfully
C:\Users\linco\OneDrive\Dokumenty\Dansk konkurrenceevne post OL_langvers(1).pdf => ":shield" ADS removed successfully
C:\Users\linco\OneDrive\Dokumenty\Dansk konkurrenceevne post OL_langvers.pdf => ":shield" ADS removed successfully
C:\Users\linco\OneDrive\Dokumenty\KAEKmiQg6B.pdf => ":shield" ADS removed successfully
C:\Users\linco\OneDrive\Dokumenty\Lønseddel - 01-03-2022 31-03-2022 TIER Mobility Denmark A.PDF => ":shield" ADS removed successfully
C:\Users\linco\OneDrive\Dokumenty\rapport(2).pdf => ":shield" ADS removed successfully
C:\Users\linco\OneDrive\Dokumenty\SPP_14541894024636_8439145359(1).pdf => ":shield" ADS removed successfully
C:\Users\linco\OneDrive\Dokumenty\SPP_14541894024636_8439145359.pdf => ":shield" ADS removed successfully
C:\Users\linco\OneDrive\Dokumenty\toyota_auris_1_8_hybrid_life.pdf => ":shield" ADS removed successfully
"HKU\S-1-5-21-2298117505-976418258-3832342613-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2298117505-976418258-3832342613-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12716901 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 327836372 B
Windows/system/drivers => 533704 B
Edge => 0 B
Firefox => 295047710 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 4672 B
NetworkService => 4672 B
defaultuser0 => 4672 B
linco => 35095068 B

RecycleBin => 56801 B
EmptyTemp: => 640.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 00:34:36 ====

Smazáno, log by již měl být OK.