Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Často zpomalený notebook

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Často zpomalený notebook

#16 Příspěvek od Diallix »

Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

krysarr
Návštěvník
Návštěvník
Příspěvky: 288
Registrován: 02 bře 2007 12:14
Kontaktovat uživatele:

Re: Často zpomalený notebook

#17 Příspěvek od krysarr »

Operaci jsem provedl, ale log se neobjevil. Resp. ve vedlejším okně (Results) OTM psalo něco ve smyslu, že to bylo úspěšné.
Dá se nějak ověřit, jestli je to hotové?

Děkuji

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Často zpomalený notebook

#18 Příspěvek od Diallix »

Jasne, mozeme to overit.

Dajte sem nove logy z FRST a ADDITION
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

krysarr
Návštěvník
Návštěvník
Příspěvky: 288
Registrován: 02 bře 2007 12:14
Kontaktovat uživatele:

Re: Často zpomalený notebook

#19 Příspěvek od krysarr »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-05.2019 01
Ran by fbart (administrator) on DESKTOP-1NAN9QR (HP HP ProBook 450 G4) (06-05-2019 13:04:47)
Running from C:\Users\fbart\Desktop
Loaded Profiles: fbart (Available Profiles: fbart)
Platform: Windows 10 Home Version 1803 17134.706 (X64) Language: Czech (Czech Republic)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe
(Avid Technology, Inc. -> Avid Technology, Inc.) C:\Program Files\Avid\Cloud Client Services\Hub.exe
(Avid Technology, Inc. -> Avid Technology, Inc.) C:\Program Files\Avid\Cloud Client Services\TransportClient.exe
(Avid Technology, Inc.) [File not signed] C:\Program Files\Avid\Pro Tools First\MMERefresh.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Conexant Systems LLC -> Conexant Systems, Inc) C:\Program Files\CONEXANT\Flow\Flow.exe
(Conexant Systems LLC -> Conexant Systems, Inc) C:\Windows\CxSvc\CxAudioSvc.exe
(Conexant Systems LLC -> Conexant) C:\Windows\System32\MicTray64.exe
(Conexant Systems LLC -> Synaptics Incorporated) C:\Windows\System32\SynaMonApp.exe
(DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Hewlett Packard Enterprise Company -> Hewlett Packard Enterprise Company) C:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_b1c728d4cdf312e2\HotKeyServiceUWP.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_b1c728d4cdf312e2\LanWlanWwanSwitchingServiceUWP.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\HPHotkeyNotification.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki130871.inf_amd64_382f7c369d4bf777\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki130871.inf_amd64_382f7c369d4bf777\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki130871.inf_amd64_382f7c369d4bf777\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki130871.inf_amd64_382f7c369d4bf777\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\mdm.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2018-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261000 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [DigidesignMMERefresh] => C:\Program Files\Avid\Pro Tools First\MMERefresh.exe [117760 2018-04-03] (Avid Technology, Inc.) [File not signed]
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110008 2015-12-16] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [500152 2015-12-16] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [O2CZ] => C:\Program Files (x86)\O2\O2CZ\EMMSN.exe [4050632 2009-11-30] (TELEFONICA INVESTIGACION Y DESARROLLO, S.A -> Telefónica I+D) [File not signed]
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-06] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46506040 2019-04-09] (Google LLC -> )
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [AvastBrowserAutoLaunch_A606C3A23F722394777472C3610F9B5A] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1960168 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Drivers32: [vidc.i420] => lvcod64.dll
HKLM\...\Drivers32-x32: [vidc.i420] => lvcodec2.dll
HKLM\...\Drivers32: [VIDC.MPG4] => C:\Windows\SysWOW64\mpg4c32.dll [427520 2000-06-02] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.MP42] => C:\Windows\SysWOW64\mpg4c32.dll [427520 2000-06-02] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.msaudio1] => C:\Windows\SysWOW64\msaud32.acm [305152 2000-06-02] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.sl_anet] => C:\Windows\SysWOW64\sl_anet.acm [102400 2000-06-02] (Sipro Lab Telecom Inc.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-11] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\73.0.1270.86\Installer\chrmstp.exe [2019-04-18] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\...\Authentication\Credential Providers: [{77B7ED10-A641-4766-A428-8B9EE42E830A}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{E85E7D14-653B-4E51-9BC5-E5F9EC9BC51D}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F0C31759-99A6-493E-AD7D-7F69126CDFBC}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F731030D-3272-4D8B-A21A-3940EF268453}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{DCFB2A33-814B-4236-BFBD-FFEA3F528385}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avid Application Manager.lnk [2018-06-26]
ShortcutTarget: Avid Application Manager.lnk -> C:\Program Files\Avid\Application Manager\AvidApplicationManager.exe (Avid Technology, Inc. -> Avid Technology, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2016-10-30]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{0F5EBB0D-DF6D-4DBE-9789-57BF05B3B0FD}\HPlogo_blue.ico () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2018-05-28]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\fbart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lingea Update Center.lnk [2018-10-15]
ShortcutTarget: Lingea Update Center.lnk -> C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe (Lingea s.r.o. -> Lingea) [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02DBD5B0-66A7-4D8E-AAFD-86CF2268CE9D} - System32\Tasks\Opera scheduled Autoupdate 1487236436 => C:\Program Files\Opera\launcher.exe [1465432 2019-04-21] (Opera Software AS -> Opera Software)
Task: {0315D22F-55A8-4872-B593-CBA6743545C8} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-16] (AVAST Software s.r.o. -> AVAST Software)
Task: {174C4ECB-B350-474E-8C12-5493CA1995C4} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {27EFAC5A-4238-42B3-99F9-58F60AAF3F4B} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {2EFE570C-5646-49B0-BE9F-0289BD3C34FB} - System32\Tasks\HPCeeScheduleForfbart => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [99392 2016-05-12] (Hewlett-Packard Company -> HP Development Company, L.P.)
Task: {335888FE-842D-43FA-9F1E-973E8FA2F4E4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [652664 2019-04-17] (HP Inc. -> HP Inc.)
Task: {37307BD8-5962-4A20-833A-414BBCA73D60} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {3EA1838F-2E1F-404E-A428-12579D19FB0F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-06] (Piriform Ltd -> Piriform Ltd)
Task: {468B8D09-A923-4767-A43B-646993EA1D39} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [17335976 2017-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {493ED88C-79E7-4817-9B2A-FE032ABEB371} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13065408 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {4CD52400-C75D-42D4-87D7-47FD9001B222} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-15] (HP Inc. -> )
Task: {52BF5B6B-9A1E-4DD8-8679-986D64AF2F1C} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13065408 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {580E09F1-33A4-47D0-880B-6DA6D1234A59} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1488248 2018-12-10] (HP Inc. -> HP Inc.)
Task: {647DADAE-3A2D-415C-A43C-798163641B11} - System32\Tasks\HP\HP Hotkey Support\Start QLBController Process => C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe
Task: {64BE8376-7ACA-40BE-BD3E-8983E339DCB8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6E63C272-93D0-4442-908D-4D969E42433F} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {7A65C768-3A9D-4C3E-9987-7E6A9360C115} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_Plugin.exe [1456696 2019-04-23] (Adobe Inc. -> Adobe)
Task: {7AFEFC0A-89F4-449A-BFF1-AED1B1683333} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [652664 2019-04-17] (HP Inc. -> HP Inc.)
Task: {8E7956AB-D40A-4D87-929F-5AA741BE2C26} - System32\Tasks\HPJumpStartProvider => C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe [843800 2016-06-02] (HP Inc. -> )
Task: {90C81988-5E72-4517-9E34-A7A2BEECC268} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2925960 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {94333FE9-C5A2-412C-B30A-BFC66C47FF8E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2380088 2019-04-08] (AVAST Software s.r.o. -> AVAST Software)
Task: {98A0AFCD-BB66-4C41-B5EE-F58EC42B9728} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-16] (AVAST Software s.r.o. -> AVAST Software)
Task: {9BF8FCA5-10F7-470D-B2A8-275CC647D078} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [17335976 2017-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {9EE90B85-0196-4354-B491-5C8209A98CE6} - System32\Tasks\HPGenoobeReminder => C:\Program Files (x86)\HP\HP Registration Service\HP GenOOBE\HPGenOOBE.exe [29184 2016-07-12] (HP Inc.) [File not signed]
Task: {A7577C0C-6E6F-455B-B904-811FCEC6C4A0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [219512 2018-12-24] (HP Inc. -> HP Inc.)
Task: {A7BD6D58-F6CD-4CA7-B62D-9BC47BA713E0} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13065408 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {B71CFCFD-CB4E-4B23-A05C-6232CAF3FAEF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1488248 2018-12-10] (HP Inc. -> HP Inc.)
Task: {BD5A8FA8-06EA-446B-A5F8-180A99237DD3} - System32\Tasks\Microsoft\Windows\Conexant\MicTray => C:\Windows\System32\MicTray64.exe [2783824 2017-09-04] (Conexant Systems LLC -> Conexant)
Task: {C0943444-04AE-40F8-9147-632FB768A488} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {C5F9CB36-D3C0-40DB-B8DA-A6C46660DEE4} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {CC6F76B6-B8E9-403E-BC19-39A576103DE0} - System32\Tasks\Microsoft\Windows\Conexant\SynaMonApp => C:\Windows\System32\SynaMonApp.exe [178256 2018-02-06] (Conexant Systems LLC -> Synaptics Incorporated)
Task: {D5FC89ED-7624-467D-A8C7-81884247CC38} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_pepper.exe [1452600 2019-04-14] (Adobe Inc. -> Adobe)
Task: {D9D3A91E-D2FF-4BDF-A822-840E7219A399} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)
Task: {DB5698B8-F53E-460C-B487-EA5F32D1821E} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1960168 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
Task: {DD4BA823-4399-441B-8BE9-A3BBA7DC588A} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1960168 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
Task: {E5BFA798-558A-4305-98C9-7B9DE9B86B1E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForfbart.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll => No File
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{5e93018d-e819-411c-a382-4ff97e6c7ce1}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{7191fe23-5f29-4c83-8116-0cf877ca686d}: [DhcpNameServer] 192.168.10.254
Tcpip\..\Interfaces\{8a386b75-748c-4b9a-b485-10037ff1581d}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{ffa86dba-3d82-4856-9162-fbb0cf3ea26b}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-04] (Hewlett-Packard Company -> HP Inc.)
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-08-05] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-04] (Hewlett-Packard Company -> HP Inc.)
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-08-05] (pdfforge GmbH -> pdfforge GmbH)
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation) [File not signed]
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]

FireFox:
========
FF DefaultProfile: 5idlmvdg.default
FF ProfilePath: C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\5idlmvdg.default [2019-05-06]
FF Session Restore: Mozilla\Firefox\Profiles\5idlmvdg.default -> is enabled.
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\5idlmvdg.default\Extensions\sp@avast.com.xpi [2019-04-02] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/sp/update.json]
FF Extension: (Avast Online Security) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\5idlmvdg.default\Extensions\wrc@avast.com.xpi [2019-04-29]
FF Extension: (Docs Online Viewer) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\5idlmvdg.default\Extensions\{bfb54675-2fd9-4e22-949d-c36333aff6b5}.xpi [2017-03-03]
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-12-29] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_171.dll [2019-04-23] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_171.dll [2019-04-23] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-09-19] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-09-19] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-09-19] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-09-19] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-12-19] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-12-19] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-08-05] (pdfforge GmbH -> pdfforge GmbH)
FF Plugin HKU\S-1-5-21-2002658774-1703651359-3694545506-1002: @lingea.com/x-lingea-translate -> C:\Program Files (x86)\Common Files\Lingea Shared\LG_Mozilla.dll [2014-04-18] (Lingea s.r.o.) [File not signed]
FF Plugin HKU\S-1-5-21-2002658774-1703651359-3694545506-1002: @zoom.us/ZoomVideoPlugin -> C:\Users\fbart\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2018-08-15] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.helpforenglish.cz/","hxxps://www.ox ... e&ie=UTF-8"
CHR DefaultSearchURL: Default -> hxxps://www.helpforenglish.cz/
CHR Profile: C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default [2019-05-03]
CHR Extension: (Slides) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-18]
CHR Extension: (Docs) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18]
CHR Extension: (Google Drive) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-31]
CHR Extension: (YouTube) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-31]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-18]
CHR Extension: (Sheets) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-18]
CHR Extension: (Google Docs Offline) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-23]
CHR Extension: (Avast Online Security) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-05-03]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-10-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-16]
CHR Extension: (Gmail) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-03]
CHR Extension: (Chrome Media Router) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-18]
CHR HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ligocpecgmjonmijmlompafnhnpgjccd] - C:\Program Files (x86)\Lingea\Lexicon5\syst\LG_Chrome.crx [2016-12-26]

Opera:
=======
OPR Extension: (MyJDownloader Browser Extension) - C:\Users\fbart\AppData\Roaming\Opera Software\Opera Stable\Extensions\fbclnkmbcmdfamfeaagadifibbongnmf [2019-02-28]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6660888 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-16] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [362488 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-16] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R2 AvidHubService; C:\Program Files\Avid\Cloud Client Services\Hub.exe [2299208 2017-11-09] (Avid Technology, Inc. -> Avid Technology, Inc.)
R2 AvidTransportClient; C:\Program Files\Avid\Cloud Client Services\TransportClient.exe [7067464 2017-11-09] (Avid Technology, Inc. -> Avid Technology, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7923888 2017-10-12] (Microsoft Corporation -> Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11401312 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11401312 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2651840 2019-04-11] (Comodo Security Solutions, Inc. -> COMODO)
R2 CxAudioSvc; C:\WINDOWS\CxSvc\CxAudioSvc.exe [43632 2018-03-13] (Conexant Systems LLC -> Conexant Systems, Inc)
S4 CxUtilSvc; C:\WINDOWS\CxSvc\CxUtilSvc.exe [149104 2018-01-02] (Conexant Systems LLC -> Conexant Systems, Inc.)
R2 DigiRefresh; C:\Program Files\Avid\Pro Tools First\MMERefresh.exe [117760 2018-04-03] (Avid Technology, Inc.) [File not signed]
S3 digiSPTIService64; C:\Program Files\Avid\Pro Tools First\digisptiservice64.exe [197632 2018-04-03] (Avid Technology, Inc.) [File not signed]
R2 DpHost; c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe [527296 2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [567888 2016-08-11] (Hewlett Packard Enterprise Company -> Hewlett-Packard Company)
R2 fpCsEvtSvc; C:\WINDOWS\system32\fpCSEvtSvc.exe [29544 2018-07-19] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_b1c728d4cdf312e2\HotKeyServiceUWP.exe [674208 2018-10-29] (HP Inc. -> HP Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [892928 2016-06-02] (HP Inc.) [File not signed]
R2 HpDamServiceHost; c:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe [20376 2016-08-09] (Hewlett Packard Enterprise Company -> Hewlett Packard Enterprise Company)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [459800 2016-06-02] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1083200 2016-12-22] (HP Inc. -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc. -> HP Inc.)
S4 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2016-06-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 ibtsiva; C:\WINDOWS\System32\ibtsiva.exe [529912 2018-12-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [775904 2018-09-14] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [705760 2018-09-14] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 IntelAudioService; C:\WINDOWS\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe [204888 2017-11-21] (Intel(R) Smart Sound Technology -> Intel)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [218176 2018-11-16] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_b1c728d4cdf312e2\LanWlanWwanSwitchingServiceUWP.exe [583584 2018-10-29] (HP Inc. -> HP Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [310880 2018-09-05] (Intel Corporation -> )
S4 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2438880 2016-12-29] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-12-29] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-12-29] (pdfforge GmbH -> pdfforge GmbH)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [263720 2018-06-26] (Synaptics Incorporated -> Synaptics Incorporated)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [90976 2018-07-19] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-08-15] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-08-15] (Microsoft Corporation -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4059744 2018-09-05] (Intel Corporation -> Intel® Corporation)
S3 AvastSecureBrowserElevationService; "C:\Program Files (x86)\AVAST Software\Browser\Application\73.0.1270.86\elevation_service.exe" [X]
S2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [55696 2018-08-31] (HP Inc. -> HP)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [254128 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196000 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320624 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57888 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-09] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [257832 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166848 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112520 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88160 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1031000 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [476776 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [220640 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [385848 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17872 2019-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [43416 2019-03-18] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [849048 2019-03-18] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [51672 2019-03-18] (Comodo Security Solutions, Inc. -> COMODO)
R3 CnxtHdAudService; C:\WINDOWS\system32\drivers\CHDRT64ISST.sys [2275280 2018-04-12] (Conexant Systems LLC -> Conexant Systems Inc.)
S3 DAMDrv; C:\WINDOWS\system32\DRIVERS\DAMDrv64.sys [76432 2016-08-11] (Hewlett Packard Enterprise Company -> Hewlett-Packard Enterpise Company)
S3 ewusbmbb; C:\WINDOWS\System32\drivers\ewusbwwan.sys [421376 2010-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_hwusbdev; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [117248 2010-07-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 FFUsbAudio; C:\WINDOWS\system32\DRIVERS\ffusbaudio.sys [53080 2011-10-31] (Focusrite Audio Engineering Limited -> Focusrite Audio Engineering Ltd.)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [42384 2018-08-31] (HP Inc. -> HP)
R3 HpqKbFiltr; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys [49184 2018-10-20] (HP Inc. -> HP Inc.)
R3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [86016 2011-01-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwdatacard; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [221312 2010-12-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [114304 2016-12-29] (Huawei Technologies Co., Ltd.) [File not signed]
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [199192 2018-05-11] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [134280 2019-03-18] (Comodo Security Solutions, Inc. -> COMODO)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63256 2018-08-30] (Comodo Security Solutions, Inc. -> COMODO)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8723648 2018-10-12] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvbl.inf_amd64_41597edff49ff122\nvlddmkm.sys [15764008 2018-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [937728 2016-06-20] (Realtek Semiconductor Corp -> Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [777944 2016-05-21] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [416472 2016-05-18] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S3 rtux64w10; C:\WINDOWS\System32\drivers\rtux64w10.sys [348672 2018-04-12] (Microsoft Windows -> Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [46120 2018-06-26] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [1063520 2017-04-06] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
R3 VBAudioVACMME; C:\WINDOWS\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46584 2018-08-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [340008 2018-08-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-08-15] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35568 2018-08-31] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-03 22:57 - 2019-05-03 22:57 - 000000000 ____D C:\_OTM
2019-05-02 08:46 - 2019-05-02 08:46 - 000522240 _____ (OldTimer Tools) C:\Users\fbart\Desktop\OTM.exe
2019-04-25 08:34 - 2019-04-25 08:34 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-04-23 09:57 - 2019-05-03 18:56 - 000003710 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-04-18 09:31 - 2019-04-18 09:31 - 000003856 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-04-18 09:31 - 2019-04-18 09:31 - 000003272 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-04-12 19:49 - 2019-05-03 22:56 - 000607170 _____ C:\WINDOWS\ntbtlog.txt
2019-04-12 19:49 - 2019-05-03 22:56 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-04-12 17:57 - 2019-04-25 08:34 - 000000077 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum
2019-04-10 14:59 - 2019-04-02 10:21 - 007520136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-04-10 14:59 - 2019-04-02 10:21 - 000735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-04-10 14:59 - 2019-04-02 10:01 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-04-10 14:59 - 2019-04-02 07:04 - 006572120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-04-10 14:59 - 2019-04-02 07:04 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-04-10 14:58 - 2019-04-02 14:38 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-04-10 14:58 - 2019-04-02 14:33 - 001634912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-04-10 14:58 - 2019-04-02 14:33 - 000719984 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-04-10 14:58 - 2019-04-02 14:19 - 012730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-04-10 14:58 - 2019-04-02 14:19 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-04-10 14:58 - 2019-04-02 14:18 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-04-10 14:58 - 2019-04-02 14:16 - 001030144 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-04-10 14:58 - 2019-04-02 14:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-04-10 14:58 - 2019-04-02 14:13 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-04-10 14:58 - 2019-04-02 14:12 - 003643904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-04-10 14:58 - 2019-04-02 14:12 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-04-10 14:58 - 2019-04-02 14:11 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-04-10 14:58 - 2019-04-02 14:11 - 001857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-04-10 14:58 - 2019-04-02 14:11 - 001662976 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-04-10 14:58 - 2019-04-02 14:10 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-04-10 14:58 - 2019-04-02 14:10 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-04-10 14:58 - 2019-04-02 11:25 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-04-10 14:58 - 2019-04-02 11:25 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-04-10 14:58 - 2019-04-02 11:11 - 011919360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-04-10 14:58 - 2019-04-02 11:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-04-10 14:58 - 2019-04-02 11:10 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-04-10 14:58 - 2019-04-02 11:08 - 002889216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-04-10 14:58 - 2019-04-02 11:07 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-04-10 14:58 - 2019-04-02 11:07 - 001586688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-04-10 14:58 - 2019-04-02 11:06 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-04-10 14:58 - 2019-04-02 10:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-04-10 14:58 - 2019-04-02 10:24 - 000135184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-04-10 14:58 - 2019-04-02 10:23 - 001023800 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-04-10 14:58 - 2019-04-02 10:22 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-04-10 14:58 - 2019-04-02 10:22 - 000567592 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-04-10 14:58 - 2019-04-02 10:22 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-04-10 14:58 - 2019-04-02 10:21 - 002822160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-04-10 14:58 - 2019-04-02 10:21 - 002467536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-04-10 14:58 - 2019-04-02 10:20 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-04-10 14:58 - 2019-04-02 10:20 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-04-10 14:58 - 2019-04-02 10:19 - 009083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-04-10 14:58 - 2019-04-02 10:19 - 000793400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-04-10 14:58 - 2019-04-02 10:19 - 000786080 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-04-10 14:58 - 2019-04-02 10:19 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-04-10 14:58 - 2019-04-02 09:53 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-04-10 14:58 - 2019-04-02 09:53 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-04-10 14:58 - 2019-04-02 09:51 - 003399680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-04-10 14:58 - 2019-04-02 09:50 - 007591936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-04-10 14:58 - 2019-04-02 09:50 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-04-10 14:58 - 2019-04-02 09:49 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-04-10 14:58 - 2019-04-02 09:49 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-04-10 14:58 - 2019-04-02 09:48 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-04-10 14:58 - 2019-04-02 09:48 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-04-10 14:58 - 2019-04-02 09:48 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-04-10 14:58 - 2019-04-02 09:47 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-04-10 14:58 - 2019-04-02 09:47 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-04-10 14:58 - 2019-04-02 09:46 - 002174976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-04-10 14:58 - 2019-04-02 09:45 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-04-10 14:58 - 2019-04-02 09:44 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-04-10 14:58 - 2019-04-02 09:44 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-04-10 14:58 - 2019-04-02 09:44 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-04-10 14:58 - 2019-04-02 09:43 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-04-10 14:58 - 2019-04-02 08:22 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-04-10 14:58 - 2019-04-02 07:05 - 001989544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-04-10 14:58 - 2019-04-02 07:04 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-04-10 14:58 - 2019-04-02 07:04 - 000581832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-04-10 14:58 - 2019-04-02 06:56 - 022018048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-04-10 14:58 - 2019-04-02 06:50 - 019404800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-04-10 14:58 - 2019-04-02 06:43 - 005788160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-04-10 14:58 - 2019-04-02 06:43 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-04-10 14:58 - 2019-04-02 06:43 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-04-10 14:58 - 2019-04-02 06:42 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-04-10 14:58 - 2019-04-02 06:41 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-04-10 14:58 - 2019-04-02 06:41 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-04-10 14:58 - 2019-04-02 06:41 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-04-10 14:58 - 2019-04-02 06:40 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-04-10 14:58 - 2019-04-02 06:40 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-04-10 14:58 - 2019-03-16 14:54 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-04-10 14:58 - 2019-03-16 11:03 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-04-10 14:58 - 2019-03-14 16:52 - 003933296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-04-10 14:58 - 2019-03-14 16:51 - 000157192 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-04-10 14:58 - 2019-03-14 16:35 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfoext.dll
2019-04-10 14:58 - 2019-03-14 16:34 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-04-10 14:58 - 2019-03-14 16:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-04-10 14:58 - 2019-03-14 16:33 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-04-10 14:58 - 2019-03-14 16:33 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-04-10 14:58 - 2019-03-14 16:31 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-04-10 14:58 - 2019-03-14 16:30 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-04-10 14:58 - 2019-03-14 16:30 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-04-10 14:58 - 2019-03-14 16:29 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-04-10 14:58 - 2019-03-14 16:28 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2019-04-10 14:58 - 2019-03-14 16:08 - 003611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-04-10 14:58 - 2019-03-14 15:56 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-04-10 14:58 - 2019-03-14 15:55 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-04-10 14:58 - 2019-03-14 15:53 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2019-04-10 14:58 - 2019-03-14 15:53 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-04-10 14:58 - 2019-03-14 15:53 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-04-10 14:58 - 2019-03-14 15:52 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
2019-04-10 14:58 - 2019-03-14 10:57 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-04-10 14:58 - 2019-03-14 10:56 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-04-10 14:58 - 2019-03-14 10:38 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-04-10 14:58 - 2019-03-14 10:38 - 000090360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-04-10 14:58 - 2019-03-14 10:37 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-04-10 14:58 - 2019-03-14 10:37 - 002256248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-04-10 14:58 - 2019-03-14 10:37 - 001171568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-04-10 14:58 - 2019-03-14 10:28 - 000152072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-04-10 14:58 - 2019-03-14 10:27 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-04-10 14:58 - 2019-03-14 10:27 - 000097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-04-10 14:58 - 2019-03-14 10:26 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-04-10 14:58 - 2019-03-14 10:26 - 002768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-04-10 14:58 - 2019-03-14 10:26 - 002421048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-04-10 14:58 - 2019-03-14 10:26 - 001457576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-04-10 14:58 - 2019-03-14 10:26 - 001258688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-04-10 14:58 - 2019-03-14 10:26 - 001140984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-04-10 14:58 - 2019-03-14 10:26 - 001014344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-04-10 14:58 - 2019-03-14 10:26 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-04-10 14:58 - 2019-03-14 10:26 - 000481048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-04-10 14:58 - 2019-03-14 10:26 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-04-10 14:58 - 2019-03-14 10:22 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-04-10 14:58 - 2019-03-14 10:20 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-04-10 14:58 - 2019-03-14 10:19 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-04-10 14:58 - 2019-03-14 10:19 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-04-10 14:58 - 2019-03-14 10:18 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-04-10 14:58 - 2019-03-14 10:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-04-10 14:58 - 2019-03-14 10:18 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-04-10 14:58 - 2019-03-14 10:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-04-10 14:58 - 2019-03-14 10:17 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-04-10 14:58 - 2019-03-14 10:17 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-04-10 14:58 - 2019-03-14 10:17 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-04-10 14:58 - 2019-03-14 10:17 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-04-10 14:58 - 2019-03-14 10:17 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcmapi.dll
2019-04-10 14:58 - 2019-03-14 10:17 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-04-10 14:58 - 2019-03-14 10:16 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-04-10 14:58 - 2019-03-14 10:16 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-04-10 14:58 - 2019-03-14 10:15 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-04-10 14:58 - 2019-03-14 10:15 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-04-10 14:58 - 2019-03-14 10:15 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
2019-04-10 14:58 - 2019-03-14 10:15 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-04-10 14:58 - 2019-03-14 10:14 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-04-10 14:58 - 2019-03-14 10:14 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-04-10 14:58 - 2019-03-14 10:14 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-04-10 14:58 - 2019-03-14 10:14 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-04-10 14:58 - 2019-03-14 10:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-04-10 14:58 - 2019-03-14 10:14 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-04-10 14:58 - 2019-03-14 10:14 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-04-10 14:58 - 2019-03-14 10:13 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2019-04-10 14:58 - 2019-03-14 10:13 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-04-10 14:58 - 2019-03-14 10:13 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-04-10 14:58 - 2019-03-14 10:01 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-04-10 14:58 - 2019-03-14 09:58 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-04-10 14:58 - 2019-03-14 09:58 - 002509824 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-04-10 14:58 - 2019-03-14 09:58 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-04-10 14:58 - 2019-03-14 09:57 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-04-10 14:58 - 2019-03-14 09:57 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-04-10 14:58 - 2019-03-14 09:56 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-04-10 14:58 - 2019-03-14 09:56 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-04-10 14:58 - 2019-03-14 09:56 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-04-10 14:58 - 2019-03-14 09:56 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-04-10 14:58 - 2019-03-14 09:56 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-04-10 14:58 - 2019-03-14 09:55 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-04-10 14:58 - 2019-03-14 09:55 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-04-10 14:58 - 2019-03-14 09:55 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-04-10 14:58 - 2019-03-14 09:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-04-10 14:58 - 2019-03-14 09:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-04-10 14:58 - 2019-03-14 09:55 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2019-04-10 14:58 - 2019-03-14 09:55 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll
2019-04-10 14:58 - 2019-03-14 09:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-04-10 14:58 - 2019-03-14 09:55 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-04-10 14:58 - 2019-03-14 09:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-04-10 14:58 - 2019-03-14 09:55 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-04-10 14:58 - 2019-03-14 09:54 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-04-10 14:58 - 2019-03-14 09:54 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-04-10 14:58 - 2019-03-14 09:54 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-04-10 14:58 - 2019-03-14 09:54 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-04-10 14:58 - 2019-03-14 09:54 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-04-10 14:58 - 2019-03-14 09:54 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-04-10 14:58 - 2019-03-14 09:54 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-04-10 14:58 - 2019-03-14 09:54 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-04-10 14:58 - 2019-03-14 09:54 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-04-10 14:58 - 2019-03-14 09:54 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-04-10 14:58 - 2019-03-14 09:53 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-04-10 14:58 - 2019-03-14 09:53 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-04-10 14:58 - 2019-03-14 09:53 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-04-10 14:58 - 2019-03-14 09:53 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-10 14:58 - 2019-03-14 09:52 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-04-10 14:58 - 2019-03-14 09:52 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-04-10 14:58 - 2019-03-14 09:52 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-04-10 14:58 - 2019-03-14 09:52 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-04-10 14:58 - 2019-03-14 09:51 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-04-10 14:58 - 2019-03-14 09:51 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-04-10 14:58 - 2019-03-14 09:51 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2019-04-10 14:58 - 2019-03-14 09:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2019-04-10 14:58 - 2019-03-14 09:50 - 001410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-04-10 14:58 - 2019-03-14 09:50 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-04-10 14:58 - 2019-03-14 09:50 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-04-10 14:58 - 2019-03-14 09:50 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-04-10 14:58 - 2019-03-14 09:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-04-10 14:58 - 2019-03-14 09:50 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-04-10 14:58 - 2019-03-14 09:50 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-04-10 14:58 - 2019-03-14 09:50 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-04-10 14:58 - 2019-03-14 03:57 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-04-10 14:58 - 2019-03-14 03:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-04-10 14:58 - 2019-03-14 03:57 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-04-10 14:58 - 2019-03-14 03:57 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-04-10 14:58 - 2019-03-14 03:57 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-04-08 15:36 - 2019-04-08 15:37 - 000000000 ____D C:\Users\fbart\AppData\Local\Intel

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-06 13:06 - 2018-10-22 17:46 - 000047045 _____ C:\Users\fbart\Desktop\FRST.txt
2019-05-06 13:04 - 2019-03-17 14:01 - 000000000 ____D C:\Users\fbart\Desktop\FRST-OlderVersion
2019-05-06 13:04 - 2018-10-22 17:48 - 002430464 _____ (Farbar) C:\Users\fbart\Desktop\FRST64.exe
2019-05-06 13:04 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-06 13:04 - 2017-12-01 23:30 - 000000000 ____D C:\FRST
2019-05-06 13:04 - 2016-12-30 21:15 - 000000000 ____D C:\Users\fbart\Documents\Lexicon
2019-05-06 13:04 - 2016-12-20 23:41 - 000000000 ____D C:\Users\fbart\AppData\LocalLow\Mozilla
2019-05-06 13:03 - 2018-05-28 18:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-03 23:05 - 2018-05-28 18:06 - 001881544 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-03 23:05 - 2018-04-12 17:50 - 000784238 _____ C:\WINDOWS\system32\perfh005.dat
2019-05-03 23:05 - 2018-04-12 17:50 - 000181610 _____ C:\WINDOWS\system32\perfc005.dat
2019-05-03 23:05 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-05-03 22:59 - 2018-10-12 10:50 - 000000000 ___RD C:\Users\fbart\Google Drive
2019-05-03 22:59 - 2018-08-14 19:08 - 000000000 ____D C:\Users\fbart\AppData\Local\CrashDumps
2019-05-03 22:58 - 2018-11-15 12:53 - 000000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForfbart.job
2019-05-03 22:58 - 2018-05-28 18:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-03 22:58 - 2017-06-12 19:12 - 000000000 ____D C:\ProgramData\NVIDIA
2019-05-03 22:58 - 2016-12-20 23:34 - 000000000 __SHD C:\Users\fbart\IntelGraphicsProfiles
2019-05-03 22:57 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-05-03 22:57 - 2017-06-12 19:13 - 000000000 ____D C:\ProgramData\Synaptics
2019-05-03 22:36 - 2016-12-26 17:31 - 000000000 ____D C:\Users\fbart\AppData\Roaming\vlc
2019-05-03 18:56 - 2018-11-15 12:53 - 000002802 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForfbart
2019-05-03 18:56 - 2018-09-06 16:28 - 000003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-05-03 18:56 - 2018-05-28 18:14 - 000003584 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-05-03 18:56 - 2018-05-28 18:14 - 000003306 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1487236436
2019-05-03 18:56 - 2018-05-28 18:14 - 000003262 _____ C:\WINDOWS\System32\Tasks\HPGenoobeReminder
2019-05-03 18:56 - 2018-05-28 18:14 - 000002862 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2002658774-1703651359-3694545506-1002
2019-05-03 18:56 - 2018-05-28 18:14 - 000002502 _____ C:\WINDOWS\System32\Tasks\HPEA3JOBS
2019-05-03 18:56 - 2018-05-28 18:14 - 000002428 _____ C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2019-05-03 18:56 - 2018-05-28 18:14 - 000002252 _____ C:\WINDOWS\System32\Tasks\HPJumpStartProvider
2019-05-03 18:56 - 2018-05-28 18:14 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-05-03 18:56 - 2018-05-28 18:14 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-05-03 18:16 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-05-03 18:15 - 2016-12-27 23:07 - 000302624 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2019-05-03 11:43 - 2016-12-21 00:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2019-05-03 11:41 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-03 11:36 - 2018-05-28 18:14 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-05-02 08:38 - 2018-03-09 18:09 - 000000000 ____D C:\Users\fbart\AppData\Local\Packages
2019-05-02 08:34 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-04-30 12:22 - 2016-12-27 23:22 - 000000000 ____D C:\Users\fbart\AppData\Local\ElevatedDiagnostics
2019-04-25 08:34 - 2019-02-13 08:51 - 000257832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-04-25 08:34 - 2019-01-14 15:47 - 000254128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-04-25 08:34 - 2019-01-09 13:05 - 000320624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-04-25 08:34 - 2019-01-09 13:05 - 000196000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-04-25 08:34 - 2019-01-09 13:05 - 000057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-04-25 08:34 - 2019-01-09 13:05 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-04-25 08:34 - 2018-10-24 00:01 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-04-25 08:34 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-25 08:34 - 2018-03-09 11:33 - 001031000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-04-25 08:34 - 2018-03-09 11:33 - 000476776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-04-25 08:34 - 2018-03-09 11:33 - 000385848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-04-25 08:34 - 2018-03-09 11:33 - 000220640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-04-25 08:34 - 2018-03-09 11:33 - 000205400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-04-25 08:34 - 2018-03-09 11:33 - 000166848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-04-25 08:34 - 2018-03-09 11:33 - 000112520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-04-25 08:34 - 2018-03-09 11:33 - 000088160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-04-24 15:09 - 2018-05-28 18:39 - 000000000 ____D C:\Users\fbart\AppData\Local\D3DSCache
2019-04-24 08:21 - 2018-10-12 10:47 - 000002040 _____ C:\Users\Public\Desktop\Google Slides.lnk
2019-04-24 08:21 - 2018-10-12 10:47 - 000002038 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2019-04-24 08:21 - 2018-10-12 10:47 - 000002028 _____ C:\Users\Public\Desktop\Google Docs.lnk
2019-04-24 08:21 - 2018-10-12 10:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-04-23 09:59 - 2016-12-21 00:40 - 000000000 ____D C:\Users\fbart\AppData\Local\Adobe
2019-04-23 09:57 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-04-23 09:57 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-04-23 08:39 - 2017-06-28 14:38 - 000001074 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera browser.lnk
2019-04-23 08:39 - 2017-02-16 11:12 - 000000000 ____D C:\Program Files\Opera
2019-04-21 16:32 - 2017-01-09 22:48 - 000007602 _____ C:\Users\fbart\AppData\Local\Resmon.ResmonCfg
2019-04-21 13:01 - 2018-05-28 18:06 - 000002420 _____ C:\Users\fbart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-21 13:01 - 2016-12-20 23:37 - 000000000 ___RD C:\Users\fbart\OneDrive
2019-04-18 09:31 - 2018-04-16 17:25 - 000002465 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-04-18 09:31 - 2018-04-16 17:25 - 000002430 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-04-14 15:45 - 2018-10-22 19:44 - 000000769 _____ C:\Users\fbart\Desktop\Fixlog.txt
2019-04-12 19:44 - 2016-12-20 23:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-04-12 19:44 - 2016-12-20 23:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-04-12 13:44 - 2016-12-20 23:40 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-04-12 13:42 - 2018-05-28 18:00 - 000474160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-04-12 13:41 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-12 13:41 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-04-12 13:41 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-04-11 15:17 - 2016-09-15 01:07 - 000988504 _____ (COMODO) C:\WINDOWS\system32\guard64.dll
2019-04-11 15:17 - 2016-09-15 01:07 - 000746888 _____ (COMODO) C:\WINDOWS\SysWOW64\guard32.dll
2019-04-11 15:17 - 2016-09-15 01:07 - 000052896 _____ (COMODO) C:\WINDOWS\system32\cmdcsr.dll
2019-04-11 15:15 - 2016-09-15 01:05 - 000514752 _____ (COMODO) C:\WINDOWS\system32\cmdvrt64.dll
2019-04-11 15:13 - 2016-09-15 01:02 - 000373952 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdvrt32.dll
2019-04-11 09:30 - 2016-12-31 23:30 - 000002268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-11 09:30 - 2016-12-31 23:30 - 000002227 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-10 15:03 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-10 14:57 - 2016-12-22 20:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-10 14:53 - 2016-12-22 20:42 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-04-08 15:33 - 2019-02-14 10:38 - 000000000 ____D C:\Users\fbart\AppData\LocalLow\Temp
2019-04-06 12:47 - 2018-10-22 17:51 - 000061371 _____ C:\Users\fbart\Desktop\Addition.txt

==================== Files in the root of some directories =======

2018-06-26 22:25 - 2018-06-26 22:25 - 000000861 _____ () C:\Users\fbart\AppData\Roaming\Avid_CCS_Service_Stop.log
2017-01-09 22:48 - 2019-04-21 16:32 - 000007602 _____ () C:\Users\fbart\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-05.2019 01
Ran by fbart (06-05-2019 13:06:28)
Running from C:\Users\fbart\Desktop
Windows 10 Home Version 1803 17134.706 (X64) (2018-05-28 16:14:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2002658774-1703651359-3694545506-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2002658774-1703651359-3694545506-503 - Limited - Disabled)
fbart (S-1-5-21-2002658774-1703651359-3694545506-1002 - Administrator - Enabled) => C:\Users\fbart
Guest (S-1-5-21-2002658774-1703651359-3694545506-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2002658774-1703651359-3694545506-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: COMODO Firewall (Disabled) {A60587C6-B28F-3D1C-0869-12ED515CC3C3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.171 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.171 - Adobe)
AIR Xpand!2 (HKLM\...\{69A89482-FEC4-4E34-97F9-46BB287D0953}) (Version: 2018.1.0.1440 - AIR Music Technology)
Aktualizace NVIDIA 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.0 - NVIDIA Corporation)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 386.07 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.4.2374 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 73.0.1270.86 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
Avid Application Manager (HKLM\...\{DB470A08-EBBF-40F8-8950-0355F1E2F256}) (Version: 18.3.0.17995 - Avid Technology, Inc.)
Avid Cloud Client Services (HKLM\...\{66E7D4F4-F044-428D-A734-59138A626A52}) (Version: 2.4.0.15 - Avid Technology, Inc.)
Avid Effects (HKLM\...\{F53B2C5A-9739-425A-B74C-E8D94DF2EFB5}) (Version: 18.4.0.317 - Avid Technology, Inc.)
Avid Pro Tools First (HKLM\...\{71F2FFB9-F4A3-49D4-AFF7-7B3B40CF61B6}) (Version: 18.4.0.317 - Avid Technology, Inc.)
Backup and Sync from Google (HKLM\...\{F9EEDE46-6409-4ECC-8AB6-7062464987A4}) (Version: 3.43.4275.9540 - Google, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CDex - Digital Audio CD Extractor and Converter (HKLM-x32\...\CDex) (Version: 1.82.0.2016 - CDex.mu)
COMODO Firewall (HKLM\...\{C7C71F0C-4CC1-4B17-943C-96E5196DDA74}) (Version: 12.0.0.6818 - COMODO Security Solutions Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant ISST Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 9.0.196.60 - Conexant)
CPUID CPU-Z 1.86 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.86 - CPUID, Inc.)
CrystalDiskMark 5.2.0 (HKLM\...\CrystalDiskMark5_is1) (Version: 5.2.0 - Crystal Dew World)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.6016 - CyberLink Corp.)
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version: - Softland)
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Focusrite USB Audio Driver 1.10 (HKLM\...\Focusrite USB Audio Driver_is1) (Version: 1.10 - Focusrite Audio Engineering Ltd.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.3.0.10826 - Foxit Software Inc.)
Free DOCX To DOC Converter (HKLM-x32\...\{775F4A03-DF72-4122-88F4-2D2549FB05F0}) (Version: 1.0.0 - Media Freeware)
Free Slideshow Maker (3.5.4.0) (HKLM-x32\...\Free Slideshow Maker_is1) (Version: 3.5.4.0 - Amazing Studio)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 9.0.0.2116 - HP Inc.)
HP Device Access Manager (HKLM\...\{766ED263-4CA0-4D2F-9FA8-717827F718D6}) (Version: 8.3.16.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{3efaef38-ee9e-4421-bea3-e0a4d835d3f4}) (Version: 5.1.20088 - HP Inc.)
HP ESU for Microsoft Windows 10 (HKLM-x32\...\{94D0EB60-8B2F-4A80-BA74-3D312434415F}) (Version: 11.2.2 - HP)
HP JumpStart Bridge (HKLM-x32\...\{6B4A5299-4837-485A-B71D-7F1CE6F8F018}) (Version: 1.0.0.143 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{0F5EBB0D-DF6D-4DBE-9789-57BF05B3B0FD}) (Version: 1.0.145.0 - HP Inc.)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8357.5639 - HP Inc.)
HP SoftPaq Download Manager (HKLM-x32\...\{92db00b4-c4ee-4893-bc4e-8be6548b2742}) (Version: 4.3.4.0 - HP)
HP Software Setup (HKLM-x32\...\{C968E860-054F-490F-95C6-C9A29601459E}) (Version: 9.2.2 - HP)
HP Support Assistant (HKLM-x32\...\{39C8BE76-CF6A-466F-8618-0B52CC4CA0FC}) (Version: 8.7.50.3 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{2B5A1E68-6617-406D-B797-5DAB5B4630B8}) (Version: 12.10.49.21 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.26 - HP Inc.)
HP System Default Settings (HKLM-x32\...\{E570B9C2-9A83-4938-BBD5-0A8C068083C1}) (Version: 1.2.3.1 - HP INC)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Universal Camera Driver (HKLM-x32\...\{8B204728-0D90-48BE-97C0-BBEDDFDFA83C}) (Version: 3.5.8.11 - SunplusIT)
Intel(R) Chipset Device Software (HKLM-x32\...\{aaa7f0fb-02dc-4576-beef-7d24842c5fbe}) (Version: 10.1.1.32 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6472 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.0.2.1044 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{3920BCB0-23AA-4D0D-93E5-404692DAF9D2}) (Version: 19.00.1621.3340 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Lingea Lexicon 5 (HKLM-x32\...\Lexicon5) (Version: - Lingea s.r.o.)
Microsoft Office XP Professional s aplikací FrontPage (HKLM-x32\...\{90280405-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.11 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\OneDriveSetup.exe) (Version: 19.043.0304.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 RC Redistributable (x86) - 14.10.24728 (HKLM-x32\...\{38602f72-a7f8-456b-84e5-6e200dc99917}) (Version: 14.10.24728.0 - Microsoft Corporation)
Movavi Slideshow Maker 3 (HKLM-x32\...\Movavi Slideshow Maker 3) (Version: 3.0.0 - Movavi)
Mozilla Firefox 66.0.3 (x64 en-GB) (HKLM\...\Mozilla Firefox 66.0.3 (x64 en-GB)) (Version: 66.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 66.0.3.7038 - Mozilla)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
NVIDIA Ovladač 3D Vision 386.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 386.07 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 386.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 386.07 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
O2 (HKLM-x32\...\O2CZ) (Version: - O2)
Opera Stable 55.0.2994.61 (HKLM-x32\...\Opera 55.0.2994.61) (Version: 55.0.2994.61 - Opera Software)
Opera Stable 58.0.3135.132 (HKLM-x32\...\Opera 58.0.3135.132) (Version: 58.0.3135.132 - Opera Software)
Ovládací panel NVIDIA 386.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 386.07 - NVIDIA Corporation) Hidden
PACE License Support Win64 (HKLM\...\{15ADFA42-BA79-47e4-945F-A8A997FB990C}) (Version: 4.0.3.2024 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{15ADFA42-BA79-47e4-945F-A8A997FB990C}) (Version: 4.0.3.2024 - PACE Anti-Piracy, Inc.)
PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.26.25466 - pdfforge GmbH)
PDF Architect 4 Asian Fonts Pack (HKLM\...\{E15E5BA3-68C2-4B55-8D38-4DBB3F9B21DD}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 Convert Module (HKLM\...\{58B672CE-84B3-4FCD-B2BC-85D6832081AF}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 Create Module (HKLM\...\{72B9DF2C-76FA-40B5-A469-16EAB159CE72}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 Edit Module (HKLM\...\{BDF7326B-7ED4-4034-B867-F4E88D4E628B}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 Forms Module (HKLM\...\{BBBB75A5-1B4B-404F-B441-C59E29AC887E}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 Insert Module (HKLM\...\{F9417A7E-A44D-4318-B479-56D2533F01F8}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 OCR Module (HKLM\...\{DCD772BD-5EE9-4B00-B976-5EC52C022981}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 Review Module (HKLM\...\{64D4BCF9-C439-4CBF-8E35-AF14C867F9A2}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 Secure Module (HKLM\...\{357F5B29-55DD-4799-B85A-C4C5F9CF061F}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 View Module (HKLM\...\{03E04B47-9270-4613-8D7E-DA4AD2B259A0}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PdfMerge (HKLM-x32\...\{238BE990-A412-4129-A434-D03B1A9E396E}) (Version: 1.22.0 - PdfMerge)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.131 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.9.422.2016 - Realtek)
Skype version 8.37 (HKLM-x32\...\Skype_is1) (Version: 8.37 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.8.30 - Synaptics Incorporated)
Synaptics WBF Fingerprint Reader (HKLM\...\{FE645EDA-C5B2-4CF3-B9E7-AFABD5710EEF}) (Version: 4.5.335.0 - Synaptics)
SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 7.6.74.0 - 2BrightSparks)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{A9AE164B-A435-4458-A2BF-178365A73505}) (Version: 1.12.0.0 - Microsoft Corporation) Hidden
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Weeny Free Audio Cutter 1.5 (HKLM-x32\...\Weeny Free Audio Cutter_is1) (Version: - Weeny Software)
Weeny Free PDF Cutter 1.4 (HKLM-x32\...\Weeny Free PDF Cutter_is1) (Version: - Weeny Software)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
WMPKeys (HKLM-x32\...\{5D4B3647-9842-4875-B081-EF8D98C02865}) (Version: 1.2.0.0 - lazymf and kbept)
Zoom (HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-12-18] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2018-09-26] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-04-09] (Google LLC -> Google)
ContextMenuHandlers1: [PDFArchitect4_ManagerExt] -> {3AECFCB3-8472-48E9-BC7B-5A3CD945C886} => C:\Program Files\PDF Architect 4\creator-context-menu.dll [2016-08-05] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-12-18] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-04-09] (Google LLC -> Google)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki130871.inf_amd64_382f7c369d4bf777\igfxDTCM.dll [2019-01-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2018-09-26] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-10-12 10:16 - 2017-12-19 21:05 - 000339256 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\_nvstapisvr64.dll
2016-07-19 11:57 - 2016-07-19 11:57 - 000339968 _____ (Crossmatch, Inc.) [File not signed] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPDevice2.dll
2016-07-19 12:01 - 2016-07-19 12:01 - 000454144 _____ (Crossmatch, Inc.) [File not signed] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPDevice5.dll
2018-04-03 18:53 - 2018-04-03 18:53 - 000117760 _____ (Avid Technology, Inc.) [File not signed] c:\program files\avid\pro tools first\mmerefresh.exe
2001-02-23 10:07 - 2001-02-23 10:07 - 000270336 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
2016-07-19 12:00 - 2016-07-19 12:00 - 000384512 _____ (Crossmatch, Inc.) [File not signed] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPCPFelica.dll
2016-07-19 11:13 - 2016-07-19 11:13 - 000220160 _____ (RFIDeas) [File not signed] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\pcProxAPI.dll
2019-04-15 19:55 - 2019-04-15 19:55 - 001610240 _____ (Conexant Systems, Inc) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Flow\fa9d0c5fceb5e7abde54a3e3bcc87e92\Flow.ni.exe
2018-10-09 07:04 - 2017-09-18 13:21 - 001431552 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\CONEXANT\Flow\x64\SQLite.Interop.dll
2019-05-03 22:58 - 2019-05-03 22:58 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\python27.dll
2019-05-03 22:58 - 2019-05-03 22:58 - 000113664 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\_ctypes.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000080896 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\bz2.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 001792512 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\_hashlib.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000128512 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\win32api.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000137728 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\pywintypes27.dll
2019-05-03 22:58 - 2019-05-03 22:58 - 000548864 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\pythoncom27.dll
2019-05-03 22:58 - 2019-05-03 22:58 - 000689664 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\unicodedata.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000438784 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\win32com.shell.shell.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 001489408 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\wx._core_.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\wxbase30u_vc90_x64.dll
2019-05-03 22:58 - 2019-05-03 22:58 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\wxbase30u_net_vc90_x64.dll
2019-05-03 22:58 - 2019-05-03 22:58 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\wxmsw30u_core_vc90_x64.dll
2019-05-03 22:58 - 2019-05-03 22:58 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\wxmsw30u_adv_vc90_x64.dll
2019-05-03 22:58 - 2019-05-03 22:58 - 001007104 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\wx._gdi_.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 001039872 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\wx._windows_.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\wxmsw30u_html_vc90_x64.dll
2019-05-03 22:58 - 2019-05-03 22:58 - 001325056 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\wx._controls_.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000916992 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\wx._misc_.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 001084416 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\pysqlite2._sqlite.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000149504 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\win32file.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000136192 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\win32security.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000007680 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\hashobjs_ext.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000020992 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\thumbnails_ext.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000118784 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\usb_ext.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000047616 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\_socket.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 002224640 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\_ssl.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000014848 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\common.time34.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000023040 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\win32event.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000034304 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\windows.conditional.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000020480 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\windows.winwrap.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000110080 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\windows.volumes.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000223232 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\win32gui.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000173568 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\_elementtree.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000169472 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\pyexpat.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000048128 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\win32inet.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000103424 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\wx._html2.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\wxmsw30u_webview_vc90_x64.dll
2019-05-03 22:58 - 2019-05-03 22:58 - 000046080 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\_psutil_windows.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000011776 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\win32crypt.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000301568 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\PIL._imaging.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000032256 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\_multiprocessing.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 005752320 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\cello.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000026112 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\_yappi.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000044032 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\win32process.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000027648 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\win32pipe.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000010752 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\select.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000029696 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\win32pdh.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000038400 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\windows.connectivity.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000073216 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\windows.device_monitor.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000020480 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\win32profile.pyd
2019-05-03 22:58 - 2019-05-03 22:58 - 000026624 _____ () [File not signed] C:\Users\fbart\AppData\Local\Temp\_MEI108282\win32ts.pyd
2017-04-03 22:16 - 2017-04-03 22:16 - 000098304 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\PXF\PXFPlugin.acf
2017-11-09 16:22 - 2017-11-09 16:22 - 001780224 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\TransportCog.acf
2017-04-03 22:13 - 2017-04-03 22:13 - 000099840 _____ (Avid Technology, Inc.) [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\PXF\ACFString.avx
2017-11-09 16:25 - 2017-11-09 16:25 - 002073088 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\ProjectSyncInterfaceCog.acf
2017-11-09 16:24 - 2017-11-09 16:24 - 002758144 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\ProjectSyncCog.acf
2017-11-09 16:19 - 2017-11-09 16:19 - 004383744 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\NetworkInterfaceCog.acf
2017-11-09 16:27 - 2017-11-09 16:27 - 001701376 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\FileMgrCog.acf
2017-11-09 16:28 - 2017-11-09 16:28 - 002012160 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\CompressionCog.acf
2017-11-09 16:23 - 2017-11-09 16:23 - 002041856 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\AvidAssetInterfaceCog.acf
2017-11-09 16:21 - 2017-11-09 16:21 - 004502528 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\AvidAssetCog.acf
2017-11-09 16:27 - 2017-11-09 16:27 - 002111488 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\AssetDeliveryInterfaceCog.acf
2017-11-09 16:30 - 2017-11-09 16:30 - 004942848 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\AssetDeliveryCog.acf
2016-09-02 10:01 - 2016-06-02 12:43 - 000892928 _____ (HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
2017-03-03 10:52 - 2017-03-03 10:53 - 012485120 _____ () [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.228.0_x64__v10z8vjag6ke6\HPJumpStart.dll
2019-04-15 21:10 - 2019-04-15 21:10 - 000113152 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\HPJumpStartBridge\c74ec0691e38dfdc10612d36e1687977\HPJumpStartBridge.ni.exe
2019-04-15 19:57 - 2019-04-15 19:57 - 000120320 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\2c8b6f444da0e3150187f6d26999066a\BRIDGECommon.ni.dll
2019-04-15 21:10 - 2019-04-15 21:10 - 000110080 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\765d9da1d04fb1e1e82552bd18ea0db5\BridgeExtension.ni.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SET7C3C.tmp:$CmdTcID [130]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2019-01-04 10:32 - 000000827 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\Control Panel\Desktop\\Wallpaper -> c:\users\fbart\appdata\roaming\microsoft\windows photo viewer\windows photo viewer wallpaper.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: CxMonSvc => 2
MSCONFIG\Services: CxUtilSvc => 2
MSCONFIG\Services: FoxitReaderService => 2
MSCONFIG\Services: HPTouchpointAnalyticsService => 2
MSCONFIG\Services: PDF Architect 4 => 3
MSCONFIG\Services: PDF Architect 4 CrashHandler => 3
MSCONFIG\Services: PDF Architect 4 Creator => 2
MSCONFIG\Services: SkypeUpdate => 2
HKLM\...\StartupApproved\StartupFolder: => "Avid Application Manager.lnk"
HKLM\...\StartupApproved\Run: => "DigidesignMMERefresh"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "O2CZ"
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\StartupApproved\StartupFolder: => "Lingea Update Center.lnk"
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\StartupApproved\Run: => "Skype for Desktop"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{69363CBA-B7AD-48F2-9E95-D15CC644BF75}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{741FC9D5-21EF-49B6-A414-9A043727C774}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{0274FE66-2F18-48DB-80B7-B41B61B644DC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{E9268421-CF6B-4134-99FB-0A7D24B26D85}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{30287EF4-C3C0-47ED-8E39-C0D546051C7D}] => (Allow) C:\Program Files\Avid\Cloud Client Services\Hub.exe (Avid Technology, Inc. -> Avid Technology, Inc.)
FirewallRules: [{16DF23C8-46AD-414D-8CBD-070E67AF32CA}] => (Allow) C:\Program Files\Avid\Cloud Client Services\TransportClient.exe (Avid Technology, Inc. -> Avid Technology, Inc.)
FirewallRules: [{1F0681D2-902A-42CD-A8FE-DD8F3A31DF50}] => (Allow) C:\Program Files\Avid\Application Manager\jre\bin\java.exe
FirewallRules: [{7FACE430-6E50-44E1-B0F2-C4363AF67676}] => (Allow) C:\Program Files\Avid\Application Manager\AvidApplicationManager.exe (Avid Technology, Inc. -> Avid Technology, Inc.)
FirewallRules: [{66C4C618-B149-497F-B06F-098070513160}] => (Allow) C:\Program Files\Avid\Application Manager\AvidAppManHelper.exe (Avid Technology, Inc.) [File not signed]
FirewallRules: [{7CF9D905-8017-4C04-924E-D574AA388477}] => (Allow) C:\Program Files\Opera\55.0.2994.44\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{93543409-6CA8-4039-A8FC-797D754BBACD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{3F3D06FD-A1CB-4B64-80D3-DD0BEDF5A325}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{AB7A072F-3D79-4945-B6C2-2F1B1110E95E}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{C78EF2BD-6B06-4E19-B78D-0AAF2B88E559}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{67CA56C9-8518-4E50-8190-79804AE51376}] => (Allow) C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.)
FirewallRules: [{554A601E-836D-4B1D-9056-C7C5BF1CC7E2}] => (Allow) C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.)
FirewallRules: [{6B5E9738-6505-48F2-BC67-FB1074EA3180}] => (Allow) C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.)
FirewallRules: [{EE23C2E2-7DBF-4524-8702-127828CB43A9}] => (Allow) C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.)
FirewallRules: [{47F5A09B-2F3B-4238-B4CD-A17E1831F494}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{18586248-2882-4F5D-B6BA-8CA6B16AA77E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EE8FA4E5-C563-4A30-9910-8C4DF2E45B09}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{4E516BE0-D77D-40D0-BE7C-6AEF3186F7C1}D:\software\skype portable\skype portable\app\skype\phone\skype.exe] => (Allow) D:\software\skype portable\skype portable\app\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{A44ED964-FA70-4155-B08F-B0AE65979054}D:\software\skype portable\skype portable\app\skype\phone\skype.exe] => (Allow) D:\software\skype portable\skype portable\app\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7AEDE718-557E-48E6-82B8-2FAECC401099}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{58FBD3BB-171D-4252-8AF7-DD2D162F2871}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5402E08D-7E06-499C-9B1D-478A97DC3872}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E9BC5D6B-C3C1-4578-A702-D035B070794A}] => (Allow) C:\Program Files\Opera\58.0.3135.127\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{6B9CB373-1298-47E2-81D8-8889912344F6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{34524805-A2BB-46A7-8FE1-64A6C7CDCAFF}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{89D5B407-CEB9-40AB-B424-9B791DAF37EE}] => (Allow) C:\Program Files\Opera\58.0.3135.132\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

14-04-2019 15:33:38 Windows Update
14-04-2019 15:34:03 Windows Update
18-04-2019 08:36:02 Windows Update
18-04-2019 08:36:32 Windows Update
23-04-2019 08:38:17 Windows Update
23-04-2019 08:38:43 Windows Update
26-04-2019 11:33:43 Windows Update
26-04-2019 11:34:04 Windows Update
02-05-2019 08:36:43 Windows Update
02-05-2019 08:37:19 Windows Update
03-05-2019 11:41:58 COMODO Firewall Binary update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/03/2019 10:59:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AvastBrowser.exe, version: 73.0.1270.86, time stamp: 0x5caec9d0
Faulting module name: propsys.dll, version: 7.0.17134.619, time stamp: 0x2bbc57d3
Exception code: 0xc0000409
Fault offset: 0x00061568
Faulting process ID: 0x30f4
Faulting application start time: 0x01d501f320792996
Faulting application path: C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
Faulting module path: C:\WINDOWS\system32\propsys.dll
Report ID: a3fa66d9-7349-4d4e-8197-a87fa6bf32bd
Faulting package full name:
Faulting package-relative application ID:

Error: (05/03/2019 10:59:29 PM) (Source: CertEnroll) (EventID: 87) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment for WORKGROUP\DESKTOP-1NAN9QR$ via https://IFX-KeyId-9c7df5a91c3d49bbe7378 ... s/Aik/scep failed:

SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request. TPM firmware needs update."}
HTTP/1.1 400 Bad Request
Cache-Control: no-cache
Date: Fri, 03 May 2019 20:55:48 GMT
Pragma: no-cache
Content-Length: 101
Content-Type: application/json; charset=utf-8
Expires: -1
x-ms-request-id: 522f1360-fb26-4663-ab6f-62dbf1ee0b62
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff

Method: POST(7093ms)
Stage: SubmitDone
Chybná žádost (400) 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)

Error: (05/03/2019 06:17:31 PM) (Source: CertEnroll) (EventID: 87) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment for WORKGROUP\DESKTOP-1NAN9QR$ via https://IFX-KeyId-9c7df5a91c3d49bbe7378 ... s/Aik/scep failed:

SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request. TPM firmware needs update."}
HTTP/1.1 400 Bad Request
Cache-Control: no-cache
Date: Fri, 03 May 2019 16:13:49 GMT
Pragma: no-cache
Content-Length: 101
Content-Type: application/json; charset=utf-8
Expires: -1
x-ms-request-id: 7d9c5b12-888f-4ea5-adc0-e05b4cf7f9eb
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff

Method: POST(8093ms)
Stage: SubmitDone
Chybná žádost (400) 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)

Error: (05/03/2019 06:15:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider CisWmi attempted to register query "SELECT * FROM CisFileRatingChange" whose target class "CisFileRatingChange" in //./root/cis namespace does not exist. The query will be ignored.

Error: (05/03/2019 06:15:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider CisWmi attempted to register query "SELECT * FROM CisStatusChange" whose target class "CisStatusChange" in //./root/cis namespace does not exist. The query will be ignored.

Error: (05/03/2019 06:15:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider CisWmi attempted to register query "SELECT * FROM CisNotification" whose target class "CisNotification" in //./root/cis namespace does not exist. The query will be ignored.

Error: (05/03/2019 06:15:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider CisWmi attempted to register query "SELECT * FROM FwAlert" whose target class "FwAlert" in //./root/cis namespace does not exist. The query will be ignored.

Error: (05/03/2019 06:15:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider CisWmi attempted to register query "SELECT * FROM DfAlert" whose target class "DfAlert" in //./root/cis namespace does not exist. The query will be ignored.


System errors:
=============
Error: (05/06/2019 01:07:06 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1NAN9QR)
Description: The specifické pro aplikaci permission settings do not grant Místní Aktivace permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-1NAN9QR\fbart SID (S-1-5-21-2002658774-1703651359-3694545506-1002) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.

Error: (05/06/2019 01:07:01 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-1NAN9QR)
Description: DCOM got error "2" attempting to start the service AvastSecureBrowserElevationService with arguments "Není k dispozici" in order to run the server:
{620A093F-79D3-4CAB-8CAD-EB1A39A8C0A2}

Error: (05/06/2019 01:07:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Avast Secure Browser Elevation Service service failed to start due to the following error:
The system cannot find the file specified.

Error: (05/06/2019 01:04:31 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1NAN9QR)
Description: The specifické pro aplikaci permission settings do not grant Místní Aktivace permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user DESKTOP-1NAN9QR\fbart SID (S-1-5-21-2002658774-1703651359-3694545506-1002) from address LocalHost (pomocí LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

Error: (05/03/2019 11:14:29 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1NAN9QR)
Description: The specifické pro aplikaci permission settings do not grant Místní Aktivace permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user DESKTOP-1NAN9QR\fbart SID (S-1-5-21-2002658774-1703651359-3694545506-1002) from address LocalHost (pomocí LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

Error: (05/03/2019 11:04:19 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070103: Intel(R) Corporation - System - 11/28/2017 12:00:00 AM - 9.21.0.3109.

Error: (05/03/2019 11:04:13 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070103: Intel(R) Corporation - System - 11/18/2017 12:00:00 AM - 9.21.0.3109.

Error: (05/03/2019 10:58:59 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1NAN9QR)
Description: The specifické pro aplikaci permission settings do not grant Místní Aktivace permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-1NAN9QR\fbart SID (S-1-5-21-2002658774-1703651359-3694545506-1002) from address LocalHost (pomocí LRPC) running in the application container Není k dispozici SID (Není k dispozici). This security permission can be modified using the Component Services administrative tool.


Windows Defender:
===================================
Date: 2018-08-19 09:15:01.844
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {2A497109-B6D9-4CF1-90F5-5D532C6579B6}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-08-18 18:04:34.150
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {74958731-29F4-46FF-AEF9-ED1F3D796BB2}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-08-17 23:13:14.398
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {DBBC6F99-2C05-4938-9D08-A6F9762C6890}
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===================================

Date: 2019-05-06 13:06:56.215
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-05-06 13:04:17.265
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-05-06 13:04:17.069
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-05-03 23:58:49.097
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-05-03 23:58:49.001
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-05-03 23:21:16.130
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-05-03 23:04:00.698
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-05-03 23:01:09.105
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: HP P85 Ver. 01.23 07/18/2018
Motherboard: HP 8231
Processor: Intel(R) Core(TM) i3-7100U CPU @ 2.40GHz
Percentage of memory in use: 42%
Total physical RAM: 8087.75 MB
Available physical RAM: 4626.13 MB
Total Virtual: 18087.75 MB
Available Virtual: 14200.06 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:115.8 GB) (Free:18.11 GB) NTFS
Drive d: (DATADRIVE0) (Fixed) (Total:931.39 GB) (Free:464.4 GB) NTFS
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.99 GB) FAT32

\\?\Volume{1532cc42-a376-4a1d-ad75-ec2e3685ecd2}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.42 GB) NTFS
\\?\Volume{bdf633c2-e540-4d69-87dc-642dd9dc7c05}\ (SYSTEM) (Fixed) (Total:0.35 GB) (Free:0.25 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: CB272412)

Partition: GPT.

==================== End of Addition.txt ============================

krysarr
Návštěvník
Návštěvník
Příspěvky: 288
Registrován: 02 bře 2007 12:14
Kontaktovat uživatele:

Re: Často zpomalený notebook

#20 Příspěvek od krysarr »

Ještě mne napadla jedna věc, která může souviset s předešlým (jak se tak dívám na konec LOGU, kde je vypsaná kapacita disku): Můj SSD disk ukazuje mnohem vyšší zaplnění, než zabírají reálně data. A to samozřejmě počítám i skryté a systémové soubory. Prostě mi chybí min. nějakých 40 GB. :-o

Díky!

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Často zpomalený notebook

#21 Příspěvek od Diallix »

nakaza tam stale je.

:arrow: Chodte do nudzoveho reezimu.

:arrow: Vpnite v nom Avast

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:
CreateRestorePoint:


C:\WINDOWS\system32\Drivers\SET7C3C.tmp
C:\WINDOWS\SysWOW64\indexeddbserver.dll
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll => No File
S3 AvastSecureBrowserElevationService; "C:\Program Files (x86)\AVAST Software\Browser\Application\73.0.1270.86\elevation_service.exe" [X]
S2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [X]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SET7C3C.tmp:$CmdTcID [130]

EmptyTemp:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

krysarr
Návštěvník
Návštěvník
Příspěvky: 288
Registrován: 02 bře 2007 12:14
Kontaktovat uživatele:

Re: Často zpomalený notebook

#22 Příspěvek od krysarr »

Musel jsem akci provést 2x, poprvé se v Nouzovém režimu nedokázala stáhnout aktualizace programu.

AKCE #1

Fix result of Farbar Recovery Scan Tool (x64) Version: 04-05.2019 01
Ran by fbart (10-05-2019 20:10:16) Run:5
Running from C:\Users\fbart\Desktop
Loaded Profiles: fbart (Available Profiles: fbart)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
CloseProcesses
CreateRestorePoint


CWINDOWSsystem32DriversSET7C3C.tmp
CWINDOWSSysWOW64indexeddbserver.dll
FF HKLMSOFTWAREPoliciesMozillaFirefox Restriction ==== ATTENTION
Task CWINDOWSTasksCreateExplorerShellUnelevatedTask.job = CWINDOWSexplorer.exe
Winsock Catalog5-x64 07 CProgram FilesBonjourmdnsNSP.dll = No File
S3 AvastSecureBrowserElevationService; CProgram Files (x86)AVAST SoftwareBrowserApplication73.0.1270.86elevation_service.exe [X]
S2 Bonjour Service; CProgram FilesBonjourmDNSResponder.exe [X]
AlternateDataStreams CWINDOWSsystem32cdpreference.exe$CmdTcID [64]
AlternateDataStreams CWINDOWSSysWOW64indexeddbserver.dll$CmdTcID [64]
AlternateDataStreams CWINDOWSsystem32DriversSET7C3C.tmp$CmdTcID [130]

EmptyTemp
*****************

CloseProcesses => Error: No automatic fix found for this entry.
CreateRestorePoint => Error: No automatic fix found for this entry.
CWINDOWSsystem32DriversSET7C3C.tmp => Error: No automatic fix found for this entry.
CWINDOWSSysWOW64indexeddbserver.dll => Error: No automatic fix found for this entry.
Task CWINDOWSTasksCreateExplorerShellUnelevatedTask.job = CWINDOWSexplorer.exe => Error: No automatic fix found for this entry.
Winsock Catalog5-x64 07 CProgram FilesBonjourmdnsNSP.dll = No File => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\AvastSecureBrowserElevationService => removed successfully
AvastSecureBrowserElevationService => service removed successfully
HKLM\System\CurrentControlSet\Services\Bonjour Service => removed successfully
Bonjour Service => service removed successfully
AlternateDataStreams CWINDOWSsystem32cdpreference.exe$CmdTcID [64] => Error: No automatic fix found for this entry.
AlternateDataStreams CWINDOWSSysWOW64indexeddbserver.dll$CmdTcID [64] => Error: No automatic fix found for this entry.
AlternateDataStreams CWINDOWSsystem32DriversSET7C3C.tmp$CmdTcID [130] => Error: No automatic fix found for this entry.
EmptyTemp => Error: No automatic fix found for this entry.

==== End of Fixlog 20:10:16 ====




AKCE #2
Fix result of Farbar Recovery Scan Tool (x64) Version: 08-05.2019
Ran by fbart (10-05-2019 20:19:28) Run:6
Running from C:\Users\fbart\Desktop
Loaded Profiles: fbart (Available Profiles: fbart)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:


C:\WINDOWS\system32\Drivers\SET7C3C.tmp
C:\WINDOWS\SysWOW64\indexeddbserver.dll
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll => No File
S3 AvastSecureBrowserElevationService; "C:\Program Files (x86)\AVAST Software\Browser\Application\73.0.1270.86\elevation_service.exe" [X]
S2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [X]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SET7C3C.tmp:$CmdTcID [130]

EmptyTemp:
*****************

Processes closed successfully.
Error: Restore point can only be created in normal mode.
C:\WINDOWS\system32\Drivers\SET7C3C.tmp => moved successfully
C:\WINDOWS\SysWOW64\indexeddbserver.dll => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000007 => removed successfully
AvastSecureBrowserElevationService => service not found.
Bonjour Service => service not found.
C:\WINDOWS\system32\cdpreference.exe => ":$CmdTcID" ADS removed successfully
"C:\WINDOWS\SysWOW64\indexeddbserver.dll" => ":$CmdTcID" ADS not found.
"C:\WINDOWS\system32\Drivers\SET7C3C.tmp" => ":$CmdTcID" ADS not found.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16926432 B
Java, Flash, Steam htmlcache => 1152 B
Windows/system/drivers => 8522233 B
Edge => 0 B
Chrome => 257678367 B
Firefox => 952824951 B
Opera => 62267896 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 5414 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
fbart => 151997613 B

RecycleBin => 84062 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:20:30 ====

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Často zpomalený notebook

#23 Příspěvek od Diallix »

Ako je na tom pocitac?
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

krysarr
Návštěvník
Návštěvník
Příspěvky: 288
Registrován: 02 bře 2007 12:14
Kontaktovat uživatele:

Re: Často zpomalený notebook

#24 Příspěvek od krysarr »

V této chvíli je to dobré, děkuji.

Ten log tedy vypadá čistě?

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Často zpomalený notebook

#25 Příspěvek od Diallix »

Ano, subory zmazalo, ADS tiez. Podla mna ok
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

krysarr
Návštěvník
Návštěvník
Příspěvky: 288
Registrován: 02 bře 2007 12:14
Kontaktovat uživatele:

Re: Často zpomalený notebook

#26 Příspěvek od krysarr »

Děkuji moc! :)

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Často zpomalený notebook

#27 Příspěvek od Diallix »

Nemate zac :]]
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Odpovědět