Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Comodo zmizelo + záhadně plný disk

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
krysarr
Návštěvník
Návštěvník
Příspěvky: 288
Registrován: 02 bře 2007 12:14
Kontaktovat uživatele:

Comodo zmizelo + záhadně plný disk

#1 Příspěvek od krysarr »

1)
Dnes jsem náhodou zjistil, že se nezobrazuje ikonka Comodo v programech spuštěných na pozadí.
Díval jsem se do běžících procesů a tam něco od Comodo je, ale přijde mi, že ne hlavní proces.

Když jdu do adresáře Comodo a zkouším program ručně spustit, nic se nestane.
Když zkouším program znovu instalovat, hlásí to chybu.

2)
Nyní jsem stahoval FRST a chtěl ho uložit na Plochu, ale hlásilo to, že to není povolené.
To je možná i proto, že na disku C je z nějakého neznámého důvodu momentálně jen 100MB volného prostoru - přitom data (včetně skytých souborů) zabírají jen 85 GB ze 120 (koš je prázdný). Čím to může být?

----------------

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-07-2021 01
Ran by fbart (administrator) on DESKTOP-1NAN9QR (HP HP ProBook 450 G4) (25-07-2021 17:50:14)
Running from D:\SOFTWARE
Loaded Profiles: fbart
Platform: Windows 10 Home Version 20H2 19042.1052 (X64) Language: Czech (Czech Republic) -> English (United Kingdom)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Avid\Sibelius\AvidInspector.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files\Adobe\Adobe Premiere Pro 2021\CEPHtmlEngine\CEPHtmlEngine.exe <12>
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(Adobe Inc. -> Adobe Incorporated) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\RemoteComponents\UPI\ExManCoreLib\AdobeExtensionsService.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Inc. -> Adobe) C:\Program Files\Adobe\Adobe Premiere Pro 2021\Adobe Premiere Pro.exe
(Adobe Inc. -> Adobe) C:\Program Files\Adobe\Adobe Premiere Pro 2021\crashpad_handler.exe
(Adobe Inc. -> Adobe) C:\Program Files\Adobe\Adobe Premiere Pro 2021\dynamiclinkmanager.exe
(Adobe Inc. -> Adobe) C:\Program Files\Adobe\Adobe Premiere Pro 2021\TeamProjectsLocalHub.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Adobe Systems®, Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Audition 1.5\Audition.exe
(Appwork GmbH -> AppWork GmbH) C:\Users\fbart\AppData\Local\JDownloader v2.0\JDownloader2.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Avid Technology, Inc. -> ) C:\Program Files\Avid\Sibelius\Sibelius.exe
(Avid Technology, Inc. -> Avid Technology, Inc.) C:\Program Files\Avid\Cloud Client Services\Hub.exe
(Avid Technology, Inc. -> Avid Technology, Inc.) C:\Program Files\Avid\Cloud Client Services\TransportClient.exe
(Avid Technology, Inc.) [File not signed] C:\Program Files\Avid\Pro Tools First\MMERefresh.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(Conexant Systems LLC.) [File not signed] C:\Windows\CxSvc\CxUtilSvc.exe
(DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitPDFReader.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitPDFReaderUpdateService.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE <2>
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.92\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.92\GoogleCrashHandler64.exe
(Hewlett Packard Enterprise Company -> Hewlett Packard Enterprise Company) C:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_6743249544e6fa49\HotKeyServiceUWP.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_6743249544e6fa49\HPHotkeyNotification.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_6743249544e6fa49\LanWlanWwanSwitchingServiceUWP.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lingea s.r.o. -> Lingea s.r.o.) C:\Program Files (x86)\Lingea\Lexicon5\Lexicon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office10\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <25>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Temp\scoped_dir20712_1314629884\old_msedge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12105.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <13>
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\77.0.4054.203\opera.exe <62>
(Opera Software AS -> Opera Software) C:\Program Files\Opera\77.0.4054.203\opera_crashreporter.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe <2>
(Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe
(Synaptics Incorporated -> Conexant Systems LLC.) C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SmartAudio3.exe
(Synaptics Incorporated -> Conexant Systems LLC.) C:\Windows\CxSvc\CxAudioSvc.exe
(Synaptics Incorporated -> Conexant Systems, Inc) C:\Program Files\CONEXANT\Flow\Flow.exe
(Synaptics Incorporated -> Conexant) C:\Windows\System32\MicTray64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) [File not signed] C:\Windows\System32\SynaMonApp.exe
(The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\QtWebEngineProcess.exe
(VideoLAN -> VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\fbart\AppData\Roaming\Zoom\bin\Zoom.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2018-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [123672 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [DigidesignMMERefresh] => C:\Program Files\Avid\Pro Tools First\MMERefresh.exe [117760 2018-04-03] (Avid Technology, Inc.) [File not signed]
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-07-23] (Adobe Inc. -> )
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [4079824 2021-07-21] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35062912 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49925280 2021-06-18] (Google LLC -> )
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [com.squirrel.Teams.Teams] => C:\Users\fbart\AppData\Local\Microsoft\Teams\Update.exe [2454200 2021-07-20] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2017-01-10] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\doPDF 7 Monitor: C:\windows\system32\dopdfmn7.dll [25920 2016-12-29] (Softland S.R.L. -> Softland)
HKLM\...\Print\Monitors\HPLJ1020LM: C:\windows\system32\zlhp1020.dll [192512 2017-01-10] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\novaPDF 10 Port Monitor: C:\windows\system32\novamn10.dll [18944 2020-04-01] (Softland) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\91.1.10935.164\Installer\chrmstp.exe [2021-07-21] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.164\Installer\chrmstp.exe [2021-07-20] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6782.183\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\...\Authentication\Credential Providers: [{77B7ED10-A641-4766-A428-8B9EE42E830A}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{E85E7D14-653B-4E51-9BC5-E5F9EC9BC51D}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F0C31759-99A6-493E-AD7D-7F69126CDFBC}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F731030D-3272-4D8B-A21A-3940EF268453}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{DCFB2A33-814B-4236-BFBD-FFEA3F528385}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avid Link.lnk [2019-06-24]
ShortcutTarget: Avid Link.lnk -> C:\Program Files\Avid\Avid Link\Avid Link.exe (Avid Technology, Inc. -> Avid Technology, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2016-10-30]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{0F5EBB0D-DF6D-4DBE-9789-57BF05B3B0FD}\HPlogo_blue.ico () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2018-05-28]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\fbart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lingea Update Center.lnk [2018-10-15]
ShortcutTarget: Lingea Update Center.lnk -> C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe (Lingea s.r.o. -> Lingea) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01EF1DF2-7ACD-4525-97BC-0E798A487990} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-13] (Google LLC -> Google LLC)
Task: {0315D22F-55A8-4872-B593-CBA6743545C8} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {174C4ECB-B350-474E-8C12-5493CA1995C4} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
Task: {1A0E7D9A-2E5D-49C7-A1B9-997A203B84D5} - System32\Tasks\doPDF 10 Telemetry => C:\Program Files\Softland\novaPDF 10\Driver\GoogleAnalytics.exe [51504 2020-04-01] (Softland SRL -> )
Task: {1CC38B53-A328-4DB6-AEEB-82D4015A1931} - System32\Tasks\Adobe Creative Cloud => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779504 2021-07-23] (Adobe Inc. -> Adobe Inc.)
Task: {27EFAC5A-4238-42B3-99F9-58F60AAF3F4B} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
Task: {29BC9936-C572-4088-B644-E1FE3EEF31AA} - System32\Tasks\Opera scheduled Autoupdate 1487236436 => C:\Program Files\Opera\launcher.exe [2264784 2021-07-07] (Opera Software AS -> Opera Software)
Task: {335888FE-842D-43FA-9F1E-973E8FA2F4E4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {37307BD8-5962-4A20-833A-414BBCA73D60} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {3EA1838F-2E1F-404E-A428-12579D19FB0F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29136000 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3EF7720D-63F4-48ED-A4EA-A3552C272A1D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Creative Cloud" /ENABLE
Task: {3EF7720D-63F4-48ED-A4EA-A3552C272A1D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\AdobeGCInvoker-1.0" /ENABLE
Task: {3EF7720D-63F4-48ED-A4EA-A3552C272A1D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {3EF7720D-63F4-48ED-A4EA-A3552C272A1D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {3EF7720D-63F4-48ED-A4EA-A3552C272A1D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\doPDF 10 Telemetry" /ENABLE
Task: {3EF7720D-63F4-48ED-A4EA-A3552C272A1D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {3EF7720D-63F4-48ED-A4EA-A3552C272A1D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {3EF7720D-63F4-48ED-A4EA-A3552C272A1D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\HPCeeScheduleForfbart" /ENABLE
Task: {3EF7720D-63F4-48ED-A4EA-A3552C272A1D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\HPEA3JOBS" /ENABLE
Task: {3EF7720D-63F4-48ED-A4EA-A3552C272A1D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {3EF7720D-63F4-48ED-A4EA-A3552C272A1D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore1d74cad21d6d63c" /ENABLE
Task: {3EF7720D-63F4-48ED-A4EA-A3552C272A1D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {3EF7720D-63F4-48ED-A4EA-A3552C272A1D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-2002658774-1703651359-3694545506-1002" /ENABLE
Task: {3EF7720D-63F4-48ED-A4EA-A3552C272A1D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\Opera scheduled assistant Autoupdate 1582720617" /ENABLE
Task: {3EF7720D-63F4-48ED-A4EA-A3552C272A1D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\Opera scheduled Autoupdate 1487236436" /ENABLE
Task: {3EF7720D-63F4-48ED-A4EA-A3552C272A1D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}" /ENABLE
Task: {3EF7720D-63F4-48ED-A4EA-A3552C272A1D} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {468B8D09-A923-4767-A43B-646993EA1D39} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [17335976 2017-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {493ED88C-79E7-4817-9B2A-FE032ABEB371} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
Task: {4CD52400-C75D-42D4-87D7-47FD9001B222} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {52BF5B6B-9A1E-4DD8-8679-986D64AF2F1C} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
Task: {533E2509-ED35-4BC0-A69F-EF9D4F62F8C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-13] (Google LLC -> Google LLC)
Task: {580E09F1-33A4-47D0-880B-6DA6D1234A59} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {647DADAE-3A2D-415C-A43C-798163641B11} - System32\Tasks\HP\HP Hotkey Support\Start QLBController Process => C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe
Task: {6E63C272-93D0-4442-908D-4D969E42433F} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {7936E7DA-8E27-4A5F-A308-0829017C0DB0} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4903192 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
Task: {79691C27-A6DE-402D-AD1E-85A1B9DCFE4F} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {7AFEFC0A-89F4-449A-BFF1-AED1B1683333} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {8BD7EB60-96B4-46BB-A7CB-03B01D2E58F6} - System32\Tasks\Opera scheduled assistant Autoupdate 1582720617 => C:\Program Files\Opera\launcher.exe [2264784 2021-07-07] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
Task: {90D9057E-08E0-4425-A1FA-EDA3A2707D35} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2002658774-1703651359-3694545506-1002 => C:\Users\fbart\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {94333FE9-C5A2-412C-B30A-BFC66C47FF8E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {98A0AFCD-BB66-4C41-B5EE-F58EC42B9728} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {9BF8FCA5-10F7-470D-B2A8-275CC647D078} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [17335976 2017-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {A7577C0C-6E6F-455B-B904-811FCEC6C4A0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {A7BD6D58-F6CD-4CA7-B62D-9BC47BA713E0} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
Task: {AEDE62B3-7526-4A61-B456-A7AFDE9E8132} - System32\Tasks\HPCeeScheduleForfbart => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97656 2018-09-11] (HP Inc. -> HP Inc.)
Task: {B4D7CFBE-DA87-4EFB-B3FA-452BB36FB256} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [690616 2021-06-28] (Mozilla Corporation -> Mozilla Foundation)
Task: {B71CFCFD-CB4E-4B23-A05C-6232CAF3FAEF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {BD0EB86B-ADC0-476E-854A-748D90D679C8} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2284880 2021-07-16] (Avast Software s.r.o. -> AVAST Software)
Task: {BD5A8FA8-06EA-446B-A5F8-180A99237DD3} - System32\Tasks\Microsoft\Windows\Conexant\MicTray => C:\Windows\System32\MicTray64.exe [5009512 2020-06-13] (Synaptics Incorporated -> Conexant)
Task: {C0943444-04AE-40F8-9147-632FB768A488} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
Task: {C5F9CB36-D3C0-40DB-B8DA-A6C46660DEE4} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
Task: {CC6F76B6-B8E9-403E-BC19-39A576103DE0} - System32\Tasks\Microsoft\Windows\Conexant\SynaMonApp => C:\Windows\System32\SynaMonApp.exe [170496 2018-10-30] (Synaptics Incorporated) [File not signed]
Task: {D9D3A91E-D2FF-4BDF-A822-840E7219A399} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
Task: {E483D681-F226-497A-844F-313877BA8D5A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-07-16] (Piriform Software Ltd -> Piriform)
Task: {E5BFA798-558A-4305-98C9-7B9DE9B86B1E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Task: {E7302411-1508-44D7-8596-AC3C28BC26CD} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2284880 2021-07-16] (Avast Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\HPCeeScheduleForfbart.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.10.10.10 10.100.0.100
Tcpip\..\Interfaces\{5e93018d-e819-411c-a382-4ff97e6c7ce1}: [DhcpNameServer] 10.10.10.10 10.100.0.100
Tcpip\..\Interfaces\{8a386b75-748c-4b9a-b485-10037ff1581d}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\fbart\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-25]
Edge Session Restore: Default -> is enabled.

FireFox:
========
FF DefaultProfile: xs1zf06h.default-1602174025168
FF ProfilePath: C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168 [2021-07-25]
FF Session Restore: Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168 -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168 -> hxxps://www.youtube.com; hxxps://aukro.cz
FF Extension: (Facebook Container) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168\Extensions\@contain-facebook.xpi [2021-05-07]
FF Extension: (German Dictionary, extended for Austria) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168\Extensions\de-AT@dictionaries.addons.mozilla.org.xpi [2020-10-08]
FF Extension: (German Dictionary (Switzerland)) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168\Extensions\de-CH@dictionaries.addons.mozilla.org.xpi [2020-10-08]
FF Extension: (German Dictionary) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168\Extensions\de-DE@dictionaries.addons.mozilla.org.xpi [2020-10-08]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168\Extensions\langpack-de@firefox.mozilla.org.xpi [2021-06-07]
FF Extension: (Photon Colors) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168\Extensions\{2c6c94f3-c656-41e9-aa4b-1edba5be9c21}.xpi [2021-06-07]
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-12-29] [Legacy] [not signed]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-07-23] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2021-05-19] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2021-05-19] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2021-05-19] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2021-05-19] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2021-05-19] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-07-23] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-08-05] (pdfforge GmbH -> pdfforge GmbH)
FF Plugin HKU\S-1-5-21-2002658774-1703651359-3694545506-1002: @lingea.com/x-lingea-translate -> C:\Program Files (x86)\Common Files\Lingea Shared\LG_Mozilla.dll [2014-04-18] (Lingea s.r.o.) [File not signed]

Chrome:
=======
CHR Profile: C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default [2021-03-27]
CHR HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\fbart\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2020-06-01]
CHR HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [ligocpecgmjonmijmlompafnhnpgjccd] - C:\Program Files (x86)\Lingea\Lexicon5\syst\LG_Chrome.crx [2016-12-26]

Opera:
=======
OPR Profile: C:\Users\fbart\AppData\Roaming\Opera Software\Opera Stable [2021-07-25]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\fbart\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-06-29]
OPR Extension: (MyJDownloader Browser Extension) - C:\Users\fbart\AppData\Roaming\Opera Software\Opera Stable\Extensions\fbclnkmbcmdfamfeaagadifibbongnmf [2019-02-28]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842480 2021-07-23] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8249936 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [625432 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [373528 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\91.1.10935.164\elevation_service.exe [1421288 2021-07-16] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 AvidHubService; C:\Program Files\Avid\Cloud Client Services\Hub.exe [2299208 2017-11-09] (Avid Technology, Inc. -> Avid Technology, Inc.)
R2 AvidTransportClient; C:\Program Files\Avid\Cloud Client Services\TransportClient.exe [7067464 2017-11-09] (Avid Technology, Inc. -> Avid Technology, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7923888 2017-10-12] (Microsoft Corporation -> Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
R2 CxAudioSvc; C:\WINDOWS\CxSvc\CxAudioSvc.exe [96432 2020-09-08] (Synaptics Incorporated -> Conexant Systems LLC.)
R4 CxUtilSvc; C:\WINDOWS\CxSvc\CxUtilSvc.exe [166400 2019-06-25] (Conexant Systems LLC.) [File not signed]
R2 DigiRefresh; C:\Program Files\Avid\Pro Tools First\MMERefresh.exe [117760 2018-04-03] (Avid Technology, Inc.) [File not signed]
S3 digiSPTIService64; C:\Program Files\Avid\Pro Tools First\digisptiservice64.exe [197632 2018-04-03] (Avid Technology, Inc.) [File not signed]
R2 DpHost; c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe [527296 2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [567888 2016-08-11] (Hewlett Packard Enterprise Company -> Hewlett-Packard Company)
R4 FoxitReaderUpdateService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FoxitPDFReaderUpdateService.exe [2357880 2021-05-18] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 fpCsEvtSvc; C:\WINDOWS\System32\fpCSEvtSvc.exe [22424 2019-05-06] (Microsoft Windows Hardware Compatibility Publisher -> )
S4 gupdate1d62962e9ffe133; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-13] (Google LLC -> Google LLC)
S4 gupdatem1d62962ea02435c; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-13] (Google LLC -> Google LLC)
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_6743249544e6fa49\HotKeyServiceUWP.exe [1526696 2020-12-14] (HP Inc. -> HP Inc.)
R2 HpDamServiceHost; c:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe [20376 2016-08-09] (Hewlett Packard Enterprise Company -> Hewlett Packard Enterprise Company)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1083200 2016-12-22] (HP Inc. -> HP)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_6743249544e6fa49\LanWlanWwanSwitchingServiceUWP.exe [788904 2020-12-14] (HP Inc. -> HP Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [File not signed]
R2 NovaPdf10Server; C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe [52528 2020-04-01] (Softland SRL -> Microsoft)
S4 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2438880 2016-12-29] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-12-29] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-12-29] (pdfforge GmbH -> pdfforge GmbH)
R2 valWBFPolicyService; C:\WINDOWS\System32\valWBFPolicyService.exe [91032 2019-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\NisSrv.exe [2484256 2020-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MsMpEng.exe [103168 2020-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35720 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [216928 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [366616 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250392 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99352 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17328 2021-05-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41352 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [182600 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [524400 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107848 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82912 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851192 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [471920 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215384 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327536 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17576 2019-10-23] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [38880 2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [844000 2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [47104 2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
S3 DAMDrv; C:\WINDOWS\system32\DRIVERS\DAMDrv64.sys [76432 2016-08-11] (Hewlett Packard Enterprise Company -> Hewlett-Packard Enterpise Company)
S3 ewusbmbb; C:\WINDOWS\System32\drivers\ewusbwwan.sys [421376 2010-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_hwusbdev; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [117248 2010-07-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 FFUsbAudio; C:\WINDOWS\System32\drivers\ffusbaudio.sys [53080 2011-10-31] (Focusrite Audio Engineering Limited -> Focusrite Audio Engineering Ltd.)
R3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [86016 2011-01-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwdatacard; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [221312 2010-12-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [114304 2016-12-29] (Huawei Technologies Co., Ltd.) [File not signed]
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [129232 2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63256 2018-08-30] (Comodo Security Solutions, Inc. -> COMODO)
S3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [1063520 2017-04-06] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-06-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [401120 2020-06-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-06-01] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
S3 YMIDUSBW; C:\WINDOWS\system32\drivers\ymidusbx64.sys [43744 2015-07-28] (Yamaha Corporation -> Yamaha Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-07-23 19:00 - 2021-07-23 19:01 - 000000000 ____D C:\Users\fbart\Documents\Adobe
2021-07-23 19:00 - 2021-07-23 19:00 - 000001137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2021.lnk
2021-07-23 19:00 - 2021-07-23 19:00 - 000000000 ____D C:\Users\Public\Documents\Adobe
2021-07-23 18:51 - 2021-07-25 13:26 - 000002672 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-07-23 18:50 - 2021-07-23 18:50 - 000000000 ___RD C:\Users\fbart\Creative Cloud Files
2021-07-23 18:47 - 2021-07-25 13:26 - 000002532 _____ C:\WINDOWS\system32\Tasks\Adobe Creative Cloud
2021-07-23 18:47 - 2021-07-24 22:09 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-07-23 18:47 - 2021-07-23 18:49 - 000000000 ____D C:\ProgramData\Adobe
2021-07-23 18:47 - 2021-07-23 18:47 - 000001393 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2021-07-23 18:47 - 2021-07-23 18:47 - 000001363 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2021-07-23 18:44 - 2021-07-23 19:00 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-07-23 18:44 - 2021-07-23 19:00 - 000000000 ____D C:\Program Files\Adobe
2021-07-20 15:10 - 2021-07-20 15:10 - 000002421 _____ C:\Users\fbart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-07-20 15:10 - 2021-07-20 15:10 - 000002413 _____ C:\Users\fbart\Desktop\Microsoft Teams.lnk
2021-07-20 15:10 - 2021-07-20 15:10 - 000000000 ____D C:\Users\fbart\AppData\Roaming\Teams
2021-07-20 15:09 - 2021-07-20 15:10 - 000000000 ____D C:\Users\fbart\AppData\Local\SquirrelTemp
2021-07-16 15:14 - 2021-07-16 15:14 - 000002039 _____ C:\Users\fbart\Desktop\ASIO4ALL Web Site.lnk
2021-07-16 15:14 - 2021-07-16 15:14 - 000000000 ____D C:\Users\fbart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2021-07-16 15:14 - 2021-07-16 15:14 - 000000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2021-07-16 00:30 - 2021-07-16 00:30 - 000000000 ____D C:\Users\fbart\AppData\Roaming\Overloud
2021-07-16 00:29 - 2021-07-16 00:30 - 000000000 ____D C:\Users\fbart\AppData\Roaming\Cakewalk
2021-07-16 00:24 - 2021-07-16 00:24 - 000000000 ____D C:\Users\Public\Documents\Overloud
2021-07-16 00:14 - 2021-07-24 13:47 - 000000000 ____D C:\ProgramData\Cakewalk
2021-07-16 00:14 - 2021-07-24 13:47 - 000000000 ____D C:\Program Files\Cakewalk
2021-07-16 00:07 - 2021-07-21 12:58 - 000000000 ____D C:\Users\fbart\AppData\Roaming\bandlab-assistant
2021-07-16 00:07 - 2021-07-16 00:30 - 000000000 ____D C:\Users\fbart\Documents\BandLab
2021-07-16 00:07 - 2021-07-16 00:07 - 000002494 _____ C:\Users\fbart\Desktop\BandLab Assistant.lnk
2021-07-16 00:07 - 2021-07-16 00:07 - 000000000 ____D C:\Users\fbart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BandLab Technologies
2021-07-16 00:07 - 2021-07-16 00:07 - 000000000 ____D C:\Users\fbart\AppData\Local\bandlab-assistant-updater
2021-07-14 23:43 - 2021-07-14 23:43 - 000000000 ____D C:\Program Files\Yamaha
2021-07-11 12:07 - 2021-07-11 12:07 - 000002250 _____ C:\Users\Public\Desktop\Foxit PDF Reader.lnk
2021-07-11 12:07 - 2021-07-11 12:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PDF Reader
2021-07-08 23:00 - 2021-07-08 23:00 - 000000112 ___SH C:\bootTel.dat
2021-06-30 11:08 - 2021-07-25 13:26 - 000003274 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d74cad21d6d63c
2021-06-28 15:16 - 2021-06-28 15:16 - 000215384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-06-28 15:16 - 2021-06-28 15:15 - 000339736 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-06-28 14:56 - 2021-05-10 08:52 - 001485616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-06-28 14:56 - 2021-05-10 08:52 - 001144624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-06-28 14:56 - 2021-05-10 08:52 - 000673584 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-06-28 14:56 - 2021-05-10 08:52 - 000668976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-06-28 14:56 - 2021-05-10 08:52 - 000554288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-06-28 14:56 - 2021-05-10 08:52 - 000541488 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-06-28 14:56 - 2021-05-10 08:51 - 002076464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-06-28 14:56 - 2021-05-10 08:51 - 001569048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-06-28 14:56 - 2021-05-10 08:51 - 001482008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6445296.dll
2021-06-28 14:56 - 2021-05-10 08:51 - 000811824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-06-28 14:56 - 2021-05-10 08:51 - 000655152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-06-28 14:56 - 2021-05-10 08:50 - 006684976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-06-28 14:56 - 2021-05-10 08:50 - 005910808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-06-28 14:56 - 2021-05-10 08:50 - 003915032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-06-28 14:56 - 2021-05-10 08:50 - 002375472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-06-28 14:56 - 2021-05-10 08:50 - 001721112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6445296.dll
2021-06-28 14:56 - 2021-05-10 08:47 - 004725296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-06-28 14:17 - 2021-06-28 14:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-06-26 16:26 - 2021-06-26 16:26 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-26 16:26 - 2021-06-26 16:26 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-26 16:26 - 2021-06-26 16:26 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-26 16:26 - 2021-06-26 16:26 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-26 16:26 - 2021-06-26 16:26 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-06-26 16:26 - 2021-06-26 16:26 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-06-26 16:26 - 2021-06-26 16:26 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-26 16:26 - 2021-06-26 16:26 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-26 16:26 - 2021-06-26 16:26 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-26 16:26 - 2021-06-26 16:26 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-26 16:26 - 2021-06-26 16:26 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-26 16:26 - 2021-06-26 16:26 - 000011353 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-26 16:25 - 2021-06-26 16:25 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-26 16:25 - 2021-06-26 16:25 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-26 16:25 - 2021-06-26 16:25 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-26 16:25 - 2021-06-26 16:25 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-26 16:25 - 2021-06-26 16:25 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-26 16:25 - 2021-06-26 16:25 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-07-25 17:51 - 2017-12-01 23:30 - 000000000 ____D C:\FRST
2021-07-25 17:46 - 2019-03-17 14:01 - 000000000 ____D C:\Users\fbart\Desktop\FRST-OlderVersion
2021-07-25 17:42 - 2021-05-19 14:55 - 000002280 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-07-25 17:41 - 2016-12-20 23:45 - 000000000 ____D C:\Program Files\CCleaner
2021-07-25 17:40 - 2021-05-19 14:55 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-07-25 13:58 - 2021-05-19 14:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-07-25 13:27 - 2021-05-19 14:55 - 000003578 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582720617
2021-07-25 13:27 - 2021-05-19 14:55 - 000003366 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1487236436
2021-07-25 13:27 - 2021-05-19 14:55 - 000002488 _____ C:\WINDOWS\system32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2021-07-25 13:27 - 2021-05-19 14:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-07-25 13:26 - 2021-05-19 14:55 - 000003468 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-25 13:26 - 2021-05-19 14:55 - 000003406 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-07-25 13:26 - 2021-05-19 14:55 - 000003244 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-07-25 13:26 - 2021-05-19 14:55 - 000003182 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-07-25 13:26 - 2021-05-19 14:55 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2002658774-1703651359-3694545506-1002
2021-07-25 13:26 - 2021-05-19 14:55 - 000002862 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForfbart
2021-07-25 13:26 - 2021-05-19 14:55 - 000002562 _____ C:\WINDOWS\system32\Tasks\HPEA3JOBS
2021-07-25 13:26 - 2021-05-19 14:55 - 000002416 _____ C:\WINDOWS\system32\Tasks\doPDF 10 Telemetry
2021-07-25 13:26 - 2018-11-15 12:53 - 000000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForfbart.job
2021-07-25 13:26 - 2016-12-26 17:31 - 000000000 ____D C:\Users\fbart\AppData\Roaming\vlc
2021-07-25 11:27 - 2021-05-19 14:55 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-07-25 11:26 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-25 00:45 - 2020-05-13 22:13 - 000000000 ____D C:\Program Files (x86)\Google
2021-07-24 23:59 - 2018-05-28 18:39 - 000000000 ____D C:\Users\fbart\AppData\Local\D3DSCache
2021-07-24 17:56 - 2017-11-28 11:12 - 000000000 ____D C:\Users\fbart\AppData\Local\JDownloader v2.0
2021-07-24 13:39 - 2018-08-14 19:08 - 000000000 ____D C:\Users\fbart\AppData\Local\CrashDumps
2021-07-24 11:43 - 2020-07-07 13:27 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-24 11:43 - 2020-07-07 13:27 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-07-23 19:01 - 2016-12-20 23:34 - 000000000 ____D C:\Users\fbart\AppData\Roaming\Adobe
2021-07-23 19:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-07-23 19:00 - 2016-12-20 23:36 - 000000000 ____D C:\Users\fbart\AppData\Local\NVIDIA
2021-07-23 18:51 - 2016-12-21 00:40 - 000000000 ____D C:\Users\fbart\AppData\Local\Adobe
2021-07-23 18:50 - 2021-05-19 14:45 - 000000000 ____D C:\Users\fbart
2021-07-23 18:50 - 2019-09-27 12:14 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-07-23 18:49 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-23 18:49 - 2018-07-13 14:53 - 000000000 ____D C:\ProgramData\Packages
2021-07-23 18:49 - 2018-03-09 18:09 - 000000000 ____D C:\Users\fbart\AppData\Local\Packages
2021-07-23 18:47 - 2016-04-02 04:17 - 000000000 ____D C:\ProgramData\Package Cache
2021-07-23 13:02 - 2016-12-30 21:15 - 000000000 ____D C:\Users\fbart\Documents\Lexicon
2021-07-21 20:25 - 2018-04-16 17:25 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-07-21 20:25 - 2018-04-16 17:25 - 000002470 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2021-07-20 11:45 - 2020-05-13 22:14 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-07-20 11:45 - 2020-05-13 22:14 - 000002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-07-18 10:52 - 2019-02-01 22:48 - 000000000 ____D C:\ProgramData\Mozilla
2021-07-18 10:50 - 2016-12-20 23:41 - 000000000 ____D C:\Users\fbart\AppData\LocalLow\Mozilla
2021-07-16 22:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-07-15 23:32 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-07-14 23:43 - 2016-09-02 10:01 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-07-14 23:35 - 2018-06-26 22:28 - 000000000 ____D C:\Users\fbart\AppData\Local\Downloaded Installations
2021-07-13 13:39 - 2018-04-16 17:25 - 000000000 ____D C:\Users\fbart\AppData\Local\AVAST Software
2021-07-13 13:14 - 2021-05-19 14:53 - 001797462 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-13 13:14 - 2019-12-07 16:41 - 000756676 _____ C:\WINDOWS\system32\perfh005.dat
2021-07-13 13:14 - 2019-12-07 16:41 - 000167022 _____ C:\WINDOWS\system32\perfc005.dat
2021-07-13 13:09 - 2018-10-12 10:50 - 000000000 ___RD C:\Users\fbart\Google Drive
2021-07-13 13:07 - 2016-12-20 23:34 - 000000000 __SHD C:\Users\fbart\IntelGraphicsProfiles
2021-07-13 13:06 - 2021-05-19 14:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-07-13 13:06 - 2021-05-19 14:41 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-13 13:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-07-13 13:06 - 2017-06-12 19:13 - 000000000 ____D C:\ProgramData\Synaptics
2021-07-13 13:06 - 2017-06-12 19:12 - 000000000 ____D C:\ProgramData\NVIDIA
2021-07-13 13:06 - 2017-02-16 11:12 - 000000000 ____D C:\Program Files\Opera
2021-07-13 13:06 - 2016-10-30 00:18 - 000000000 ____D C:\Intel
2021-07-11 12:07 - 2016-12-29 15:45 - 000000000 ____D C:\Users\fbart\AppData\Roaming\Foxit Software
2021-07-11 12:07 - 2016-12-29 15:44 - 000000000 ____D C:\ProgramData\Foxit Software
2021-07-09 19:57 - 2017-06-28 14:38 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera browser.lnk
2021-07-07 16:15 - 2018-10-12 10:47 - 000002080 _____ C:\Users\Public\Desktop\Google Slides.lnk
2021-07-07 16:15 - 2018-10-12 10:47 - 000002078 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2021-07-07 16:15 - 2018-10-12 10:47 - 000002068 _____ C:\Users\Public\Desktop\Google Docs.lnk
2021-07-07 16:15 - 2018-10-12 10:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2021-06-28 21:05 - 2016-10-30 00:39 - 000000000 ____D C:\ProgramData\Intel
2021-06-28 15:16 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-06-28 15:16 - 2019-01-09 13:05 - 000099352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-06-28 15:16 - 2018-03-09 11:33 - 000327536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-06-28 15:15 - 2020-10-24 18:03 - 000182600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-06-28 15:15 - 2020-04-20 21:08 - 000524400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-06-28 15:15 - 2019-01-14 15:47 - 000366616 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-06-28 15:15 - 2019-01-09 13:05 - 000250392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-06-28 15:15 - 2019-01-09 13:05 - 000035720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-06-28 15:15 - 2018-10-24 00:01 - 000041352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-06-28 15:15 - 2018-03-09 11:33 - 000851192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-06-28 15:15 - 2018-03-09 11:33 - 000471920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-06-28 15:15 - 2018-03-09 11:33 - 000216928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-06-28 15:15 - 2018-03-09 11:33 - 000107848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-06-28 15:15 - 2018-03-09 11:33 - 000082912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-06-28 15:13 - 2016-12-20 23:53 - 000000000 ____D C:\ProgramData\AVAST Software
2021-06-28 15:12 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-06-28 15:12 - 2016-12-20 23:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-06-28 15:12 - 2016-12-20 23:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-06-28 14:56 - 2017-06-12 19:12 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-06-28 14:17 - 2016-12-20 23:40 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-06-28 14:14 - 2021-05-19 14:45 - 000002436 _____ C:\Users\fbart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-06-28 14:14 - 2016-12-20 23:37 - 000000000 ___RD C:\Users\fbart\OneDrive
2021-06-28 14:09 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-28 14:04 - 2021-05-19 14:41 - 000559504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-28 14:02 - 2021-05-19 15:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2021-06-28 14:02 - 2021-05-19 15:16 - 000000000 ____D C:\WINDOWS\en-GB
2021-06-28 14:02 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-28 14:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-28 14:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-28 14:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-06-28 14:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-28 14:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-28 14:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-28 14:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-06-28 14:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-28 14:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-28 14:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-06-28 14:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-28 14:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-26 16:30 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-06-26 16:30 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-26 16:14 - 2020-11-04 12:08 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-26 16:13 - 2016-12-22 20:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-06-26 15:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-06-26 15:49 - 2016-12-22 20:42 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ========

2019-06-24 16:45 - 2019-06-24 16:46 - 002535362 _____ () C:\Users\fbart\AppData\Roaming\AvidLink_Install.log
2018-06-26 22:25 - 2018-06-26 22:25 - 000000861 _____ () C:\Users\fbart\AppData\Roaming\Avid_CCS_Service_Stop.log
2021-07-23 19:06 - 2021-07-23 19:06 - 000000000 _____ () C:\Users\fbart\AppData\Local\oobelibMkey.log
2017-01-09 22:48 - 2021-06-06 10:57 - 000007597 _____ () C:\Users\fbart\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

krysarr
Návštěvník
Návštěvník
Příspěvky: 288
Registrován: 02 bře 2007 12:14
Kontaktovat uživatele:

Re: Comodo zmizelo + záhadně plný disk

#2 Příspěvek od krysarr »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-07-2021 01
Ran by fbart (25-07-2021 17:54:09)
Running from D:\SOFTWARE
Windows 10 Home Version 20H2 19042.1052 (X64) (2021-05-19 12:55:54)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2002658774-1703651359-3694545506-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2002658774-1703651359-3694545506-503 - Limited - Disabled)
fbart (S-1-5-21-2002658774-1703651359-3694545506-1002 - Administrator - Enabled) => C:\Users\fbart
Guest (S-1-5-21-2002658774-1703651359-3694545506-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2002658774-1703651359-3694545506-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: COMODO Firewall (Disabled) {A60587C6-B28F-3D1C-0869-12ED515CC3C3}
FW: COMODO Firewall (Disabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.5.0.617 - Adobe Inc.)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.10 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Adobe Premiere Pro 2021 (HKLM-x32\...\PPRO_15_4) (Version: 15.4 - Adobe Inc.)
AIR Xpand!2 (HKLM\...\{69A89482-FEC4-4E34-97F9-46BB287D0953}) (Version: 2018.1.0.1440 - AIR Music Technology)
Aktualizace NVIDIA 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.0 - NVIDIA Corporation)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.15_Beta2 - tippach engineering)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.5.2470 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 91.1.10935.164 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Avid Cloud Client Services (HKLM\...\{66E7D4F4-F044-428D-A734-59138A626A52}) (Version: 2.4.0.15 - Avid Technology, Inc.)
Avid Effects (HKLM\...\{F53B2C5A-9739-425A-B74C-E8D94DF2EFB5}) (Version: 18.4.0.317 - Avid Technology, Inc.)
Avid Link (HKLM\...\{4865F211-1BDF-42B1-A863-EA828CA43431}) (Version: 19.1.0.315 - Avid Technology, Inc.)
Backup and Sync from Google (HKLM\...\{A0397FA8-34ED-4A41-A8C9-30EE0B89C464}) (Version: 3.56.3802.7766 - Google, Inc.)
BandLab Assistant 8.1.1 (HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\9b08bea4-021c-5f9d-a74e-ac0ceb51fb28) (Version: 8.1.1 - BandLab Technologies)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.83 - Piriform)
CDex - Digital Audio CD Extractor and Converter (HKLM-x32\...\CDex) (Version: 1.82.0.2016 - CDex.mu)
COMODO Firewall (HKLM\...\{C7C71F0C-4CC1-4B17-943C-96E5196DDA74}) (Version: 12.2.2.7098 - COMODO Security Solutions Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant ISST Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 9.0.239.40 - Conexant)
CPUID CPU-Z 1.86 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.86 - CPUID, Inc.)
CrystalDiskMark 5.2.0 (HKLM\...\CrystalDiskMark5_is1) (Version: 5.2.0 - Crystal Dew World)
doPDF (HKLM\...\{FB1982DB-B680-41EE-9B30-43BFFA2D7F33}) (Version: 10.7.124 - Softland) Hidden
doPDF 10 (HKLM-x32\...\{21a6faa3-2645-4c5e-9092-39093ff41d46}) (Version: 10.7.124 - Softland)
doPDF 10 add-in for Microsoft Office (x64) (HKLM\...\{A1C2AAB8-C06D-4593-9A9B-4B3760C019AF}) (Version: 10.7.124 - Softland)
doPDF 10 add-in for Microsoft Office (x86) (HKLM-x32\...\{73503AFE-4AEF-4671-930A-5EC755606EB1}) (Version: 10.7.124 - Softland)
doPDF 10 Printer Driver (HKLM\...\{12D66221-EFBC-4BEF-9382-5C7F33889C91}) (Version: 10.7.124 - Softland)
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version: - Softland)
DoulosSIL 5.000 (HKLM-x32\...\DoulosSIL) (Version: - )
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Focusrite USB Audio Driver 1.10 (HKLM\...\Focusrite USB Audio Driver_is1) (Version: 1.10 - Focusrite Audio Engineering Ltd.)
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 11.0.0.49893 - Foxit Software Inc.)
Free DOCX To DOC Converter (HKLM-x32\...\{775F4A03-DF72-4122-88F4-2D2549FB05F0}) (Version: 1.0.0 - Media Freeware)
Free Slideshow Maker (3.5.4.0) (HKLM-x32\...\Free Slideshow Maker_is1) (Version: 3.5.4.0 - Amazing Studio)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.164 - Google LLC)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 9.0.0.2116 - HP Inc.)
HP Device Access Manager (HKLM\...\{766ED263-4CA0-4D2F-9FA8-717827F718D6}) (Version: 8.3.16.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{3efaef38-ee9e-4421-bea3-e0a4d835d3f4}) (Version: 5.1.20088 - HP Inc.)
HP ESU for Microsoft Windows 10 (HKLM-x32\...\{94D0EB60-8B2F-4A80-BA74-3D312434415F}) (Version: 11.2.2 - HP)
HP JumpStart Bridge (HKLM-x32\...\{6B4A5299-4837-485A-B71D-7F1CE6F8F018}) (Version: 1.0.0.143 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{0F5EBB0D-DF6D-4DBE-9789-57BF05B3B0FD}) (Version: 1.0.145.0 - HP Inc.)
HP SoftPaq Download Manager (HKLM-x32\...\{92db00b4-c4ee-4893-bc4e-8be6548b2742}) (Version: 4.3.4.0 - HP)
HP Software Setup (HKLM-x32\...\{C968E860-054F-490F-95C6-C9A29601459E}) (Version: 9.2.2 - HP)
HP System Default Settings (HKLM-x32\...\{E570B9C2-9A83-4938-BBD5-0A8C068083C1}) (Version: 1.2.3.1 - HP INC)
HP Universal Camera Driver (HKLM-x32\...\{8B204728-0D90-48BE-97C0-BBEDDFDFA83C}) (Version: 3.5.8.11 - SunplusIT)
Intel(R) Chipset Device Software (HKLM-x32\...\{aaa7f0fb-02dc-4576-beef-7d24842c5fbe}) (Version: 10.1.1.32 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1914.12.0.1255 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.0.2.1044 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{3920BCB0-23AA-4D0D-93E5-404692DAF9D2}) (Version: 19.00.1621.3340 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Jihosoft Photo Eraser version 1.2.3.0 (HKLM-x32\...\{7EE52565-A8FC-4DDB-9E97-479EF73F1AA0}_is1) (Version: 1.2.3.0 - Shenzhen Jihosoft CO., LIMITED)
Lingea Lexicon 5 (HKLM-x32\...\Lexicon5) (Version: - Lingea s.r.o.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.55 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 92.0.902.55 - Microsoft Corporation)
Microsoft Office XP Professional s aplikací FrontPage (HKLM-x32\...\{90280405-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.11 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\OneDriveSetup.exe) (Version: 21.109.0530.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Teams) (Version: 1.4.00.16575 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Movavi Slideshow Maker 3 (HKLM-x32\...\Movavi Slideshow Maker 3) (Version: 3.0.0 - Movavi)
Mozilla Firefox 89.0.2 (x64 en-GB) (HKLM\...\Mozilla Firefox 89.0.2 (x64 en-GB)) (Version: 89.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 89.0.2.7843 - Mozilla)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
NVIDIA Ovladače grafiky 452.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 452.96 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
O2 (HKLM-x32\...\O2CZ) (Version: - O2)
Opera Stable 55.0.2994.61 (HKLM-x32\...\Opera 55.0.2994.61) (Version: 55.0.2994.61 - Opera Software)
Opera Stable 77.0.4054.203 (HKLM-x32\...\Opera 77.0.4054.203) (Version: 77.0.4054.203 - Opera Software)
PACE License Support Win64 (HKLM\...\{15ADFA42-BA79-47e4-945F-A8A997FB990C}) (Version: 4.0.3.2024 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{15ADFA42-BA79-47e4-945F-A8A997FB990C}) (Version: 4.0.3.2024 - PACE Anti-Piracy, Inc.)
PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.26.25466 - pdfforge GmbH)
PDF Architect 4 Asian Fonts Pack (HKLM\...\{E15E5BA3-68C2-4B55-8D38-4DBB3F9B21DD}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 Convert Module (HKLM\...\{58B672CE-84B3-4FCD-B2BC-85D6832081AF}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 Create Module (HKLM\...\{72B9DF2C-76FA-40B5-A469-16EAB159CE72}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 Edit Module (HKLM\...\{BDF7326B-7ED4-4034-B867-F4E88D4E628B}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 Forms Module (HKLM\...\{BBBB75A5-1B4B-404F-B441-C59E29AC887E}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 Insert Module (HKLM\...\{F9417A7E-A44D-4318-B479-56D2533F01F8}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 OCR Module (HKLM\...\{DCD772BD-5EE9-4B00-B976-5EC52C022981}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 Review Module (HKLM\...\{64D4BCF9-C439-4CBF-8E35-AF14C867F9A2}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 Secure Module (HKLM\...\{357F5B29-55DD-4799-B85A-C4C5F9CF061F}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 View Module (HKLM\...\{03E04B47-9270-4613-8D7E-DA4AD2B259A0}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PdfMerge (HKLM-x32\...\{238BE990-A412-4129-A434-D03B1A9E396E}) (Version: 1.22.0 - PdfMerge)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.131 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.9.422.2016 - Realtek)
Sibelius (HKLM\...\{62892434-57A6-44E7-9C58-7C248DE6181D}) (Version: 19.1.0.1145 - Avid Technology)
Sibelius OpenType Fonts (HKLM-x32\...\{603AEE7A-6967-4CDB-8528-0CAC729A004B}) (Version: 18.6.0 - Avid)
Skype version 8.37 (HKLM-x32\...\Skype_is1) (Version: 8.37 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.8.32 - Synaptics Incorporated)
Synaptics WBF Fingerprint Reader (HKLM\...\{FE645EDA-C5B2-4CF3-B9E7-AFABD5710EEF}) (Version: 4.5.335.0 - Synaptics)
SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 7.6.74.0 - 2BrightSparks)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{A9AE164B-A435-4458-A2BF-178365A73505}) (Version: 1.12.0.0 - Microsoft Corporation) Hidden
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Weeny Free Audio Cutter 1.5 (HKLM-x32\...\Weeny Free Audio Cutter_is1) (Version: - Weeny Software)
Weeny Free PDF Cutter 1.4 (HKLM-x32\...\Weeny Free PDF Cutter_is1) (Version: - Weeny Software)
Weeny Free Video Cutter 1.4 (HKLM-x32\...\Weeny Free Video Cutter_is1) (Version: - Weeny Software)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Windows Video Editor 2021 (HKLM\...\{9CC29C6A-B5FE-497B-8F23-52A2557A92D9}}_is1) (Version: - VideoWin)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
WMPKeys (HKLM-x32\...\{5D4B3647-9842-4875-B081-EF8D98C02865}) (Version: 1.2.0.0 - lazymf and kbept)
Yamaha USB-MIDI Driver (HKLM\...\{2D488455-3E89-49EF-BA6E-92C2503DC89D}) (Version: 3.1.4.1 - Yamaha Corporation) Hidden
Yamaha USB-MIDI Driver (HKLM-x32\...\InstallShield_{2D488455-3E89-49EF-BA6E-92C2503DC89D}) (Version: 3.1.4.1 - Yamaha Corporation)
Zoom (HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\ZoomUMX) (Version: 5.4.6 (59296.1207) - Zoom Video Communications, Inc.)

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2021-07-23] (Adobe Systems Incorporated)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.228.0_x64__v10z8vjag6ke6 [2020-10-29] (HP Inc.)
HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_7.0.18.0_x64__v10z8vjag6ke6 [2020-11-04] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-05-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-05-19] (Microsoft Corporation) [MS Ad]
Movie Maker : Free Video Editor -> C:\Program Files\WindowsApps\39691Videopix.MovieMakerFreeVideoEditor_1.1.81.0_x64__dxz7h1qnd1pge [2021-05-19] (Videopix)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-11-01] (Microsoft Corporation)
TeamViewer: Remote Control -> C:\Program Files\WindowsApps\TeamViewer.31414B719FA93_15.0.100.0_x86__89446h4zmeyyt [2020-10-29] (TeamViewer)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-12] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2002658774-1703651359-3694545506-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-89BC068FA487} -> [Creative Cloud Files] => C:\Users\fbart\Creative Cloud Files [2021-07-23 18:50]
CustomCLSID: HKU\S-1-5-21-2002658774-1703651359-3694545506-1002_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\fbart\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21063.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2002658774-1703651359-3694545506-1002_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-2002658774-1703651359-3694545506-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-07-23] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-07-23] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-07-23] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-06-18] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-06-18] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-06-18] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-06-28] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-06-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-07-23] (Adobe Inc. -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-06-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-06-18] (Google LLC -> Google)
ContextMenuHandlers1: [PDFArchitect4_ManagerExt] -> {3AECFCB3-8472-48E9-BC7B-5A3CD945C886} => C:\Program Files\PDF Architect 4\creator-context-menu.dll [2016-08-05] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-06-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-06-18] (Google LLC -> Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxDTCM.dll [2020-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2021-04-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-07-23] (Adobe Inc. -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-06-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.MPG4] => C:\Windows\SysWOW64\mpg4c32.dll [427520 2000-06-02] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.MP42] => C:\Windows\SysWOW64\mpg4c32.dll [427520 2000-06-02] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.msaudio1] => C:\Windows\SysWOW64\msaud32.acm [305152 2000-06-02] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.sl_anet] => C:\Windows\SysWOW64\sl_anet.acm [102400 2000-06-02] (Sipro Lab Telecom Inc.) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2017-11-09 16:30 - 2017-11-09 16:30 - 004942848 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\AssetDeliveryCog.acf
2017-11-09 16:27 - 2017-11-09 16:27 - 002111488 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\AssetDeliveryInterfaceCog.acf
2017-11-09 16:21 - 2017-11-09 16:21 - 004502528 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\AvidAssetCog.acf
2017-11-09 16:23 - 2017-11-09 16:23 - 002041856 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\AvidAssetInterfaceCog.acf
2017-11-09 16:28 - 2017-11-09 16:28 - 002012160 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\CompressionCog.acf
2017-11-09 16:27 - 2017-11-09 16:27 - 001701376 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\FileMgrCog.acf
2017-11-09 16:19 - 2017-11-09 16:19 - 004383744 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\NetworkInterfaceCog.acf
2017-11-09 16:24 - 2017-11-09 16:24 - 002758144 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\ProjectSyncCog.acf
2017-11-09 16:25 - 2017-11-09 16:25 - 002073088 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\ProjectSyncInterfaceCog.acf
2017-04-03 22:16 - 2017-04-03 22:16 - 000098304 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\PXF\PXFPlugin.acf
2017-11-09 16:22 - 2017-11-09 16:22 - 001780224 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\TransportCog.acf
2019-06-24 17:17 - 2019-01-21 23:40 - 000002048 _____ () [File not signed] C:\Program Files\Avid\Sibelius\NETAPI32.dll
2019-01-22 11:21 - 2019-01-22 11:21 - 000311808 _____ () [File not signed] C:\Program Files\Avid\Sibelius\portaudio_x64.dll
2019-01-22 11:26 - 2019-01-22 11:26 - 000894976 _____ () [File not signed] C:\Program Files\Avid\Sibelius\taglib.dll
2021-07-24 17:56 - 2021-07-24 17:56 - 005511927 _____ () [File not signed] C:\Users\fbart\AppData\Local\JDownloader v2.0\tmp\7zip\SevenZipJBinding-0EsPGE1ZKaCb\lib7-Zip-JBinding.dll
2021-07-13 13:07 - 2021-07-13 13:07 - 000114176 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\_ctypes.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000172544 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\_elementtree.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 002255872 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\_hashlib.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000032256 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\_multiprocessing.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000046080 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\_psutil_windows.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000047616 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\_socket.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 002825216 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\_ssl.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000026112 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\_yappi.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000080896 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\bz2.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000015872 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\common.time34.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000007680 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\hashobjs_ext.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000301568 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\PIL._imaging.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000168448 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\pyexpat.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 001084416 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\pysqlite2._sqlite.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000548864 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\pythoncom27.dll
2021-07-13 13:07 - 2021-07-13 13:07 - 000137728 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\pywintypes27.dll
2021-07-13 13:07 - 2021-07-13 13:07 - 000010752 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\select.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000020992 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\thumbnails_ext.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000689664 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\unicodedata.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000119808 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\usb_ext.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000128512 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\win32api.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000438784 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\win32com.shell.shell.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000011776 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\win32crypt.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000023040 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\win32event.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000149504 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\win32file.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000223232 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\win32gui.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000048128 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\win32inet.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000029696 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\win32pdh.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000027648 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\win32pipe.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000044032 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\win32process.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000020480 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\win32profile.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000136192 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\win32security.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000026624 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\win32ts.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000034304 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\windows.conditional.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000037888 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\windows.connectivity.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000071680 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\windows.device_monitor.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000103936 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\windows.volumes.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000019968 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\windows.winwrap.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 001325056 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\wx._controls_.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 001489408 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\wx._core_.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 001007104 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\wx._gdi_.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000103424 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\wx._html2.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 000916992 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\wx._misc_.pyd
2021-07-13 13:07 - 2021-07-13 13:07 - 001039872 ____N () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\wx._windows_.pyd
2021-07-24 17:56 - 2021-07-24 17:56 - 000040448 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\proxy_vole7837378436545146828.dll
2004-05-04 14:27 - 2004-05-04 14:27 - 000024064 _____ (Adobe Systems®, Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Audition 1.5\Audit.DLL
2004-05-04 14:52 - 2004-05-04 14:52 - 000002560 _____ (Adobe Systems®, Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Audition 1.5\en_US\ezbus.DLL
2004-05-04 14:56 - 2004-05-04 14:56 - 000015872 _____ (Adobe Systems®, Incorporated) [File not signed] c:\program files (x86)\adobe\audition 1.5\en_US\fullverb.DLL
2004-05-04 14:52 - 2004-05-04 14:52 - 000003072 _____ (Adobe Systems®, Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Audition 1.5\en_US\MackieC.DLL
2004-05-04 14:56 - 2004-05-04 14:56 - 000003584 _____ (Adobe Systems®, Incorporated) [File not signed] c:\program files (x86)\adobe\audition 1.5\en_US\resample.DLL
2004-05-04 14:52 - 2004-05-04 14:52 - 000002560 _____ (Adobe Systems®, Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Audition 1.5\en_US\us224.DLL
2004-05-04 14:52 - 2004-05-04 14:52 - 000002560 _____ (Adobe Systems®, Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Audition 1.5\en_US\us428.DLL
2004-05-04 14:53 - 2004-05-04 14:53 - 000004096 _____ (Adobe Systems®, Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Audition 1.5\en_US\Wavepcm.DLL
2004-05-04 15:01 - 2004-05-04 15:01 - 000072704 _____ (Adobe Systems®, Incorporated) [File not signed] c:\program files (x86)\adobe\audition 1.5\fullverb.xfm
2004-05-04 15:00 - 2004-05-04 15:00 - 000031744 _____ (Adobe Systems®, Incorporated) [File not signed] c:\program files (x86)\adobe\audition 1.5\resample.xfm
2004-05-04 14:53 - 2004-05-04 14:53 - 000035328 _____ (Adobe Systems®, Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Audition 1.5\Wavepcm.flt
2017-04-03 22:13 - 2017-04-03 22:13 - 000099840 _____ (Avid Technology, Inc.) [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\PXF\ACFString.avx
2019-01-22 11:27 - 2019-01-22 11:27 - 000854016 _____ (Avid Technology, Inc.) [File not signed] C:\Program Files\Avid\Sibelius\MP3.dll
2020-12-12 19:25 - 2019-04-22 15:50 - 001370112 _____ (Conexant Systems LLC.) [File not signed] C:\Program Files\Conexant\SA3\HP-NB-AIO\CxHDAudioAPI.dll
2016-07-19 12:00 - 2016-07-19 12:00 - 000384512 _____ (Crossmatch, Inc.) [File not signed] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPCPFelica.dll
2016-07-19 11:57 - 2016-07-19 11:57 - 000339968 _____ (Crossmatch, Inc.) [File not signed] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPDevice2.dll
2016-07-19 12:01 - 2016-07-19 12:01 - 000454144 _____ (Crossmatch, Inc.) [File not signed] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPDevice5.dll
2021-07-23 19:00 - 2021-07-23 19:00 - 000098304 _____ (Diaquest Products LLC) [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro 2021\Pro4OMFdll64.dll
2021-07-23 18:59 - 2021-07-23 18:59 - 000890880 _____ (Diaquest Products LLC.) [File not signed] C:\Program Files\Adobe\Adobe Premiere Pro 2021\DQomfToolkit64.dll
2021-07-24 17:56 - 2021-07-24 17:56 - 000254464 ____N (Java(TM) Native Access (JNA)) [File not signed] C:\Users\fbart\AppData\Local\JDownloader v2.0\tmp\jna\jna1823060786158256823.dll
2008-05-18 19:49 - 2008-05-18 19:49 - 000068096 _____ (lazymf and kbept) [File not signed] C:\Program Files (x86)\WMPKeys\wmpkeys.dll
2016-12-26 23:54 - 2014-04-18 04:10 - 001015808 ____N (Lingea s.r.o.) [File not signed] C:\Program Files (x86)\Lingea\Lexicon5\LibSnd.dll
2001-02-10 05:12 - 2001-02-10 05:12 - 000524339 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\office10\riched20.dll
2000-12-19 21:01 - 2000-12-19 21:01 - 000180224 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Office10\ucs20.dll
2001-01-15 19:32 - 2001-01-15 19:32 - 000325120 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Office10\usp10.dll
2001-01-16 06:55 - 2001-01-16 06:55 - 000163840 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\msdbg2.dll
2001-01-17 14:56 - 2001-01-17 14:56 - 000176128 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\pdm.dll
2001-02-15 07:45 - 2001-02-15 07:45 - 001318912 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\MSONSEXT.DLL
2001-01-22 03:25 - 2001-01-22 03:25 - 000086016 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMWS.DLL
2000-10-30 21:27 - 2000-10-30 21:27 - 000036864 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Microsoft Office\Office10\msostyle.dll
2001-01-03 03:57 - 2001-01-03 03:57 - 000110639 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Microsoft Office\Office10\saext.dll
2019-01-22 11:23 - 2019-01-22 11:23 - 011366400 _____ (Plogue Art et Technologie, Inc.) [File not signed] C:\Program Files\Avid\Sibelius\PlogueEngine_x64.dll
2021-07-13 13:07 - 2021-07-13 13:07 - 003043328 ____N (Python Software Foundation) [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\python27.dll
2016-07-19 11:13 - 2016-07-19 11:13 - 000220160 _____ (RFIDeas) [File not signed] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\pcProxAPI.dll
2020-12-12 19:26 - 2020-03-04 17:16 - 001431552 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\CONEXANT\Flow\x64\SQLite.Interop.dll
2020-04-01 12:29 - 2020-04-01 12:29 - 000018944 _____ (Softland) [File not signed] C:\WINDOWS\System32\novamn10.dll
2019-01-22 11:14 - 2019-01-22 11:14 - 001809920 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Avid\Sibelius\LIBEAY32.dll
2019-01-22 11:14 - 2019-01-22 11:14 - 000349696 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Avid\Sibelius\ssleay32.dll
2019-01-17 14:07 - 2019-01-17 14:07 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\bearer\qgenericbearer.dll
2019-01-17 14:08 - 2019-01-17 14:08 - 000035840 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\iconengines\qsvgicon.dll
2019-01-17 14:07 - 2019-01-17 14:07 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\imageformats\qgif.dll
2019-01-17 14:08 - 2019-01-17 14:08 - 000041472 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\imageformats\qicns.dll
2019-01-17 14:07 - 2019-01-17 14:07 - 000032768 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\imageformats\qico.dll
2019-01-17 14:07 - 2019-01-17 14:07 - 000278016 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\imageformats\qjpeg.dll
2019-01-17 14:08 - 2019-01-17 14:08 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\imageformats\qsvg.dll
2019-01-17 14:08 - 2019-01-17 14:08 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\imageformats\qtga.dll
2019-01-17 14:08 - 2019-01-17 14:08 - 000371712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\imageformats\qtiff.dll
2019-01-17 14:08 - 2019-01-17 14:08 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\imageformats\qwbmp.dll
2019-01-17 14:08 - 2019-01-17 14:08 - 000505856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\imageformats\qwebp.dll
2019-01-17 14:22 - 2019-01-17 14:22 - 000264192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\mediaservice\dsengine.dll
2019-01-17 14:08 - 2019-01-17 14:08 - 001342976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\platforms\qwindows.dll
2019-01-22 11:31 - 2019-01-22 11:31 - 005659136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\Qt5Core.dll
2019-01-17 14:04 - 2019-01-17 14:04 - 006042112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\Qt5Gui.dll
2019-01-17 14:20 - 2019-01-17 14:20 - 000713216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\Qt5Multimedia.dll
2019-01-17 14:20 - 2019-01-17 14:20 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\Qt5MultimediaWidgets.dll
2019-01-17 14:03 - 2019-01-17 14:03 - 001225728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\Qt5Network.dll
2019-01-17 14:06 - 2019-01-17 14:06 - 000322560 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\Qt5OpenGL.dll
2019-01-17 14:06 - 2019-01-17 14:06 - 000320512 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\Qt5PrintSupport.dll
2019-01-17 14:11 - 2019-01-17 14:11 - 003432960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\Qt5Qml.dll
2019-01-17 14:13 - 2019-01-17 14:13 - 003465728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\Qt5Quick.dll
2019-01-17 14:14 - 2019-01-17 14:14 - 000072192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\Qt5QuickWidgets.dll
2019-01-17 14:25 - 2019-01-17 14:25 - 001226240 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\Qt5Script.dll
2019-01-17 14:02 - 2019-01-17 14:02 - 000202240 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\Qt5Sql.dll
2019-01-17 14:08 - 2019-01-17 14:08 - 000334336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\Qt5Svg.dll
2019-01-17 14:18 - 2019-01-17 14:18 - 000111616 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\Qt5WebChannel.dll
2019-01-17 17:40 - 2019-01-17 17:40 - 074359808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\Qt5WebEngineCore.dll
2019-01-17 17:45 - 2019-01-17 17:45 - 000226304 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\Qt5WebEngineWidgets.dll
2019-01-17 14:16 - 2019-01-17 14:16 - 000148992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\Qt5WebSockets.dll
2019-01-17 14:06 - 2019-01-17 14:06 - 005569024 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\Qt5Widgets.dll
2019-01-17 14:01 - 2019-01-17 14:01 - 000193024 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\Qt5Xml.dll
2019-01-17 14:09 - 2019-01-17 14:09 - 002793472 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Sibelius\Qt5XmlPatterns.dll
2021-04-21 17:11 - 2021-04-21 17:11 - 000311808 _____ (tippach engineering) [File not signed] C:\Program Files (x86)\ASIO4ALL v2\asio4all64.dll
2021-07-13 13:07 - 2021-07-13 13:07 - 000202240 ____N (wxWidgets development team) [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\wxbase30u_net_vc90_x64.dll
2021-07-13 13:07 - 2021-07-13 13:07 - 002831872 ____N (wxWidgets development team) [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\wxbase30u_vc90_x64.dll
2021-07-13 13:07 - 2021-07-13 13:07 - 001654784 ____N (wxWidgets development team) [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\wxmsw30u_adv_vc90_x64.dll
2021-07-13 13:07 - 2021-07-13 13:07 - 006542336 ____N (wxWidgets development team) [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\wxmsw30u_core_vc90_x64.dll
2021-07-13 13:07 - 2021-07-13 13:07 - 000773632 ____N (wxWidgets development team) [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\wxmsw30u_html_vc90_x64.dll
2021-07-13 13:07 - 2021-07-13 13:07 - 000137216 ____N (wxWidgets development team) [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI59362\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\DextUVCB_x64.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ZLhp1020.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ZSHP1020.EXE:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DextUVCB.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SPUVCBv64.sys:$CmdTcID [64]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-08-05] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-08-05] (pdfforge GmbH -> pdfforge GmbH)
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation) [File not signed]
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2019-01-04 10:32 - 000000827 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\Control Panel\Desktop\\Wallpaper -> c:\users\fbart\appdata\roaming\microsoft\windows photo viewer\windows photo viewer wallpaper.jpg
DNS Servers: 10.10.10.10 - 10.100.0.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is disabled.

Network Binding:
=============
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)
Wi-Fi: COMODO Internet Security Firewall Driver -> inspect (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: CxMonSvc => 2
MSCONFIG\Services: CxUtilSvc => 2
MSCONFIG\Services: FoxitReaderService => 2
MSCONFIG\Services: FoxitReaderUpdateService => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate1d62962e9ffe133 => 2
MSCONFIG\Services: gupdatem1d62962ea02435c => 3
MSCONFIG\Services: HPTouchpointAnalyticsService => 2
MSCONFIG\Services: PDF Architect 4 => 3
MSCONFIG\Services: PDF Architect 4 CrashHandler => 3
MSCONFIG\Services: PDF Architect 4 Creator => 2
MSCONFIG\Services: SkypeUpdate => 2
HKLM\...\StartupApproved\StartupFolder: => "Avid Application Manager.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Avid Link.lnk"
HKLM\...\StartupApproved\Run: => "DigidesignMMERefresh"
HKLM\...\StartupApproved\Run32: => "O2CZ"
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\StartupApproved\StartupFolder: => "Lingea Update Center.lnk"
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\StartupApproved\Run: => "Skype for Desktop"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{69A89086-06AC-46FC-ACB9-3DF31BA1F028}] => (Allow) C:\Users\fbart\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{6BE8D65A-D76B-4DB8-84B4-C411AA18E771}] => (Allow) C:\Users\fbart\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{DB6E35E8-7C7A-4663-8DE4-0AABEC0A5A2D}] => (Allow) C:\Users\fbart\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{E5D16002-4D79-43FD-B9D3-DC0380C52FE6}D:\software\skype portable 8\skype portable 8.36\skype.exe] => (Allow) D:\software\skype portable 8\skype portable 8.36\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{5C9BBFAA-855A-46F8-A69D-79948FA6C8FA}D:\software\skype portable 8\skype portable 8.36\skype.exe] => (Allow) D:\software\skype portable 8\skype portable 8.36\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{69363CBA-B7AD-48F2-9E95-D15CC644BF75}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{741FC9D5-21EF-49B6-A414-9A043727C774}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{0274FE66-2F18-48DB-80B7-B41B61B644DC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{E9268421-CF6B-4134-99FB-0A7D24B26D85}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{30287EF4-C3C0-47ED-8E39-C0D546051C7D}] => (Allow) C:\Program Files\Avid\Cloud Client Services\Hub.exe (Avid Technology, Inc. -> Avid Technology, Inc.)
FirewallRules: [{16DF23C8-46AD-414D-8CBD-070E67AF32CA}] => (Allow) C:\Program Files\Avid\Cloud Client Services\TransportClient.exe (Avid Technology, Inc. -> Avid Technology, Inc.)
FirewallRules: [{7FACE430-6E50-44E1-B0F2-C4363AF67676}] => (Allow) C:\Program Files\Avid\Application Manager\AvidApplicationManager.exe () [File not signed]
FirewallRules: [{7CF9D905-8017-4C04-924E-D574AA388477}] => (Allow) C:\Program Files\Opera\55.0.2994.44\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{93543409-6CA8-4039-A8FC-797D754BBACD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{3F3D06FD-A1CB-4B64-80D3-DD0BEDF5A325}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [TCP Query User{AB7A072F-3D79-4945-B6C2-2F1B1110E95E}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{C78EF2BD-6B06-4E19-B78D-0AAF2B88E559}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{67CA56C9-8518-4E50-8190-79804AE51376}] => (Allow) C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.)
FirewallRules: [{554A601E-836D-4B1D-9056-C7C5BF1CC7E2}] => (Allow) C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.)
FirewallRules: [{6B5E9738-6505-48F2-BC67-FB1074EA3180}] => (Allow) C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.)
FirewallRules: [{EE23C2E2-7DBF-4524-8702-127828CB43A9}] => (Allow) C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.)
FirewallRules: [{18586248-2882-4F5D-B6BA-8CA6B16AA77E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EE8FA4E5-C563-4A30-9910-8C4DF2E45B09}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{4E516BE0-D77D-40D0-BE7C-6AEF3186F7C1}D:\software\skype portable\skype portable\app\skype\phone\skype.exe] => (Allow) D:\software\skype portable\skype portable\app\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{A44ED964-FA70-4155-B08F-B0AE65979054}D:\software\skype portable\skype portable\app\skype\phone\skype.exe] => (Allow) D:\software\skype portable\skype portable\app\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7AEDE718-557E-48E6-82B8-2FAECC401099}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{58FBD3BB-171D-4252-8AF7-DD2D162F2871}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5402E08D-7E06-499C-9B1D-478A97DC3872}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3165B40D-1467-4483-9DC7-2FD8ADAAE27B}] => (Allow) C:\Program Files\Avid\Avid Link\jre\bin\java.exe
FirewallRules: [{933B3C40-BFE0-4DE4-B71A-E7375E14560C}] => (Allow) C:\Program Files\Avid\Avid Link\Avid Link.exe (Avid Technology, Inc. -> Avid Technology, Inc.)
FirewallRules: [{49B3BA3B-90C8-433C-9CBB-A7D5DEABE51C}] => (Allow) C:\Program Files\Avid\Avid Link\AvidAppManHelper.exe (Avid Technology, Inc. -> Avid Technology, Inc.)
FirewallRules: [{63DCA814-CA2C-49C2-96E2-C0F1D23FF00B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{33891010-7BB4-47DF-852C-574A50A3E08D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0E123161-7EF3-4897-A032-31B8ED79CE32}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D80F8F17-5251-4464-9D58-A89EB5FAC3E3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{645CA910-5A50-435F-9D6F-AB5D6FE3E643}] => (Allow) C:\Program Files\Opera\77.0.4054.172\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{5AAF29CF-64C3-4224-9B1B-CAB61691A125}] => (Allow) C:\Program Files\Opera\77.0.4054.203\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{DE3604FC-A563-4610-AAF1-211B62B74CE0}] => (Allow) C:\Program Files\Cakewalk\Shared Utilities\StartPage\CakewalkStartScreen.exe => No File
FirewallRules: [{802AFE17-2008-4B12-854A-A68DF05312A0}] => (Allow) C:\Program Files\Cakewalk\Shared Utilities\StartPage\CakewalkStartScreen.exe => No File
FirewallRules: [{1222B94A-B8CC-4F08-B174-A1C43E5B283B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{491F9CE4-5282-4DAB-A0AA-D78808A419A8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2FE86AD1-C4F6-4DFE-A432-A29E9A348433}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B75EE768-50AF-4976-8C61-4BB0B318AC0A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F072CFC2-9FAD-45A3-B5B9-A015584808AC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{7BD5A36A-8ABA-4A7F-89DC-D56340F0B724}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B5199056-3301-4E15-B9A3-8DBE13E865E9}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\92.0.902.55\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (07/25/2021 11:28:39 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating Avast Antivirus status to SECURITY_PRODUCT_STATE_ON.

Error: (07/25/2021 11:28:39 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating Avast Antivirus status to SECURITY_PRODUCT_STATE_ON.

Error: (07/25/2021 11:28:39 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating Avast Antivirus status to SECURITY_PRODUCT_STATE_ON.

Error: (07/24/2021 07:48:25 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating Avast Antivirus status to SECURITY_PRODUCT_STATE_ON.

Error: (07/24/2021 07:48:25 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating Avast Antivirus status to SECURITY_PRODUCT_STATE_ON.

Error: (07/24/2021 03:46:06 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating Avast Antivirus status to SECURITY_PRODUCT_STATE_ON.

Error: (07/24/2021 01:46:25 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\WINDOWS\system32\msiexec.exe /V; Description = Removed Avid Pro Tools First.; Error = 0x8004231f).

Error: (07/24/2021 01:39:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vlc.exe, version: 2.2.6.0, time stamp: 0x00000000
Faulting module name: msvcrt.dll, version: 7.0.19041.546, time stamp: 0x7f567a50
Exception code: 0xc0000005
Fault offset: 0x00067eb7
Faulting process ID: 0x7158
Faulting application start time: 0x01d7808077ae36ad
Faulting application path: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
Faulting module path: C:\WINDOWS\System32\msvcrt.dll
Report ID: ab1a7665-323b-4bb0-a255-a05624607913
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (07/25/2021 01:58:30 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR13.

Error: (07/24/2021 12:04:30 AM) (Source: volsnap) (EventID: 25) (User: )
Description: The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time. Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.

Error: (07/23/2021 10:07:18 AM) (Source: Tcpip) (EventID: 4199) (User: )
Description: The system detected an address conflict for IP address 192.168.10.106 with the system
having network hardware address 8C-F1-12-25-11-B3. Network operations on this system may
be disrupted as a result.

Error: (07/22/2021 01:10:03 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.

Error: (07/21/2021 10:26:24 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1NAN9QR)
Description: The server microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.

Error: (07/19/2021 12:38:55 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1NAN9QR)
Description: The server microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.

Error: (07/18/2021 11:02:08 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.

Error: (07/17/2021 11:49:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The COMODO Internet Security Helper Service service terminated unexpectedly. It has done this 3 time(s).


CodeIntegrity:
===============
Date: 2021-07-25 17:58:45
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: HP P85 Ver. 01.23 07/18/2018
Motherboard: HP 8231
Processor: Intel(R) Core(TM) i3-7100U CPU @ 2.40GHz
Percentage of memory in use: 87%
Total physical RAM: 16279.75 MB
Available physical RAM: 2059.69 MB
Total Virtual: 41103.44 MB
Available Virtual: 3463.18 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:115.8 GB) (Free:0.07 GB) NTFS
Drive d: (ProDisk II) (Fixed) (Total:931.5 GB) (Free:10.76 GB) NTFS
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.99 GB) FAT32
Drive g: (Nový svazek) (Fixed) (Total:465.75 GB) (Free:352.76 GB) NTFS

\\?\Volume{1532cc42-a376-4a1d-ad75-ec2e3685ecd2}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.18 GB) NTFS
\\?\Volume{bdf633c2-e540-4d69-87dc-642dd9dc7c05}\ (SYSTEM) (Fixed) (Total:0.35 GB) (Free:0.25 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: A4776A55)

Partition: GPT.

==========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: CC8B6A18)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Comodo zmizelo + záhadně plný disk

#3 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

krysarr
Návštěvník
Návštěvník
Příspěvky: 288
Registrován: 02 bře 2007 12:14
Kontaktovat uživatele:

Re: Comodo zmizelo + záhadně plný disk

#4 Příspěvek od krysarr »

0 nalezených problémů. :)

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-09-29.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-26-2021
# Duration: 00:00:04
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1322 octets] - [29/09/2018 20:12:15]
AdwCleaner[C00].txt - [1468 octets] - [29/09/2018 20:12:50]
AdwCleaner[S01].txt - [1435 octets] - [17/03/2019 14:56:12]
AdwCleaner[C01].txt - [1601 octets] - [17/03/2019 14:58:20]
AdwCleaner[S02].txt - [1494 octets] - [17/03/2019 15:08:06]
AdwCleaner_Debug.log - [210134 octets] - [16/11/2019 20:47:42]
AdwCleaner[S03].txt - [6812 octets] - [16/11/2019 20:48:15]
AdwCleaner[S04].txt - [6873 octets] - [16/11/2019 21:12:12]
AdwCleaner[C04].txt - [7606 octets] - [16/11/2019 21:12:50]
AdwCleaner[S05].txt - [2127 octets] - [18/04/2020 17:06:18]
AdwCleaner[C05].txt - [2341 octets] - [18/04/2020 17:07:10]
AdwCleaner[S06].txt - [2080 octets] - [07/06/2020 16:44:06]
AdwCleaner[C06].txt - [2270 octets] - [07/06/2020 16:46:19]
AdwCleaner[S07].txt - [2202 octets] - [06/09/2020 20:44:01]
AdwCleaner[S08].txt - [2263 octets] - [06/09/2020 20:48:37]
AdwCleaner[S09].txt - [2324 octets] - [22/12/2020 18:21:46]
AdwCleaner[C09].txt - [2514 octets] - [22/12/2020 18:24:20]
AdwCleaner[S10].txt - [2446 octets] - [26/07/2021 19:04:29]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C10].txt ##########

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Comodo zmizelo + záhadně plný disk

#5 Příspěvek od JaRon »

jednorazovo zaskocim:
Total Virtual: 41103.44 MB
Available Virtual: 3463.18 MB
premiestni virtualnu pamat na disk G: - zadaj velkost min/max rovnaku 30000
restart PC
malo by to uvolnit priestor na disku C:
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

krysarr
Návštěvník
Návštěvník
Příspěvky: 288
Registrován: 02 bře 2007 12:14
Kontaktovat uživatele:

Re: Comodo zmizelo + záhadně plný disk

#6 Příspěvek od krysarr »

Děkuji za nápad, ale disk G: byl externí disk, který byl připojen jen dočasně, není ani můj. :)

V příloze posílám náhled, jak vypadá disk C:, třeba Vás něco napadne. :)
Přílohy
TotalCommander.jpg
TotalCommander.jpg (55.95 KiB) Zobrazeno 1269 x

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Comodo zmizelo + záhadně plný disk

#7 Příspěvek od JaRon »

ak to mas cele na 120GB disku, tak nemozes byt taky velkorysy a dat virtulnej pamati 40GB :shock:
nastav virtualnu pamat rucne na C: s velkostou min/max napr. 18000 - restart a skontroluj miesto na disku
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

krysarr
Návštěvník
Návštěvník
Příspěvky: 288
Registrován: 02 bře 2007 12:14
Kontaktovat uživatele:

Re: Comodo zmizelo + záhadně plný disk

#8 Příspěvek od krysarr »

Tak to mne tedy vůbec nenapadlo, dík! :-o

Já to místo vyčlenil v době, kdy jsem měl málo RAM (8GB) a při obyčejné kancelářské činnosti (prohlížeč, Word...) byla RAMka pořád přetížená.
Teď mám 16GB, tak už to můžu zase zmenšit.
A hlavně si zkusím zapamatovat, kam tak "záhadně" mizí místo na disku. :D

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Comodo zmizelo + záhadně plný disk

#9 Příspěvek od JaRon »

FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

krysarr
Návštěvník
Návštěvník
Příspěvky: 288
Registrován: 02 bře 2007 12:14
Kontaktovat uživatele:

Re: Comodo zmizelo + záhadně plný disk

#10 Příspěvek od krysarr »

Teď je to, předpokládám, už v pořádku (pár giga pořád chybí, ale to už se snese :) ).

Děkuji!
Přílohy
TotalCommander2.jpg
TotalCommander2.jpg (81.42 KiB) Zobrazeno 1245 x

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Comodo zmizelo + záhadně plný disk

#11 Příspěvek od JaRon »

par GB moze byt este v bodoch obnovy, ale to by som uz neriesil :)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

krysarr
Návštěvník
Návštěvník
Příspěvky: 288
Registrován: 02 bře 2007 12:14
Kontaktovat uživatele:

Re: Comodo zmizelo + záhadně plný disk

#12 Příspěvek od krysarr »

Díky! :)

A chápu správně, že žádné viry a nákaza se v logu neobjevily? :)

Ještě dodám, že po restartu se Comodo normálně objevilo, takže i toto je v pořádku. :)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Comodo zmizelo + záhadně plný disk

#13 Příspěvek od Rudy »

Viry v PC nebyly. Po této stránce je vše v pořádku. :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

krysarr
Návštěvník
Návštěvník
Příspěvky: 288
Registrován: 02 bře 2007 12:14
Kontaktovat uživatele:

Re: Comodo zmizelo + záhadně plný disk

#14 Příspěvek od krysarr »

Jako vždy moc děkuji za pomoc. Jsem za toto fórum velmi vděčný! :)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Comodo zmizelo + záhadně plný disk

#15 Příspěvek od Rudy »

I za kolegu: nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno