Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
danek
Návštěvník
Návštěvník
Příspěvky: 245
Registrován: 29 zář 2014 22:07

Kontrola logu

#1 Příspěvek od danek »

Dobrý den,

prosím o kontrolu logu, zdá se mi, že počítač má nějak vysokou spotřebu energie hlavně při spuštění Mozilla Firefoxu.

Děkuji.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logu

#2 Příspěvek od Rudy »

Zdravím!
Až log dodáte, zkontroluji ho. :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

danek
Návštěvník
Návštěvník
Příspěvky: 245
Registrován: 29 zář 2014 22:07

Re: Kontrola logu

#3 Příspěvek od danek »

Zde je log z FRST a níže i addition.txt:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-04-2021
Ran by Dan (administrator) on JILM (HP HP Pavilion x360 Convertible 14-dh0xxx) (28-04-2021 11:58:35)
Running from C:\Users\danie\Desktop
Loaded Profiles: Dan & Iva & Filip & SAS
Platform: Windows 10 Home Version 2004 19041.928 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\CDViewer.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\ssonsvr.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfica32.exe
(GoPro Media, Inc. -> ) C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_eb7ea98d07646ece\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_eb7ea98d07646ece\x64\TouchpointGpuInfo.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\DiagsCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\SysInfoCap.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.9.1548.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6eefa7742d2487c3\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6eefa7742d2487c3\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_f75fa513cf0ccec1\esif_uf.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_944ac9a3321ebe76\RstMwService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_667c6615c75bd143\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_14a5bb6045f923bf\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_14a5bb6045f923bf\IntelCpHeciSvc.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_29a6dc809538b640\aesm_service.exe
(Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_a93205b6238060e4\lib\SocketHeciServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(SentryBay Limited -> Mozilla Corporation) C:\Program Files (x86)\SentryBay\ArmoredClient.exe
(SentryBay Limited -> SentryBay) C:\Program Files (x86)\SentryBay\Armored Client\Armored Client.exe
(SentryBay Limited -> SentryBay) C:\Program Files (x86)\SentryBay\Armored Client\configtray.exe
(SentryBay Limited -> SentryBay) C:\Program Files (x86)\SentryBay\Armored Client\service.exe
(SentryBay Limited -> SentryBay) C:\Program Files (x86)\SentryBay\Armored Client\session.exe
(SentryBay Limited -> SentryBay) C:\Program Files (x86)\SentryBay\Update\SentryBayUpdate.exe
(Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [EzTiltPenSrvc] => C:\Program Files\ELAN\EzTiltPen\EzTiltPenAgent.exe [238280 2019-04-22] (ELAN Microelectronics Corporation -> ELAN) [File not signed]
HKLM\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-04-18] (Realtek Semiconductor Corp. -> Realtek)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [118496 2021-04-23] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [2429664 2021-03-10] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [DriverUpdUI.exe] => C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe [2878176 2021-04-10] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2859928 2020-08-19] (Corel Corporation -> Corel Corporation)
HKLM\...\Run: [WinZip FAH] => C:\Program Files\WinZip\FAHConsole.exe [436704 2020-08-19] (Corel Corporation -> WinZip Computing, S.L.)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1941368 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1941368 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1941368 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\Run: [466F9362F8D864522CA0247FF83233AA5403792B._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\danie\AppData\Local\Microsoft\Teams\Update.exe [2453728 2021-04-16] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\Run: [CiscoSpark] => C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webex\Webex.lnk [1475 2021-03-04] () [File not signed]
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\danie\AppData\Local\WebEx\CiscoWebExStart.exe [2837720 2021-03-27] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\MountPoints2: {25e3f2bc-6ddd-11ea-819d-c0b5d7e075b8} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\MountPoints2: {6eefae1f-8c73-11eb-832f-c2b5d7e075b7} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-93754314-3111490570-4120607304-1015\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1941368 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-93754314-3111490570-4120607304-1015\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Iva\AppData\Local\Microsoft\Teams\Update.exe [2452656 2021-02-02] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-93754314-3111490570-4120607304-1017\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1941368 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-93754314-3111490570-4120607304-1386\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe /thfirstsetup
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3050 J610 series): C:\WINDOWS\system32\HPDiscoPM9311.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\90.0.4430.93\Installer\chrmstp.exe [2021-04-27] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2021-03-19]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2020-10-07]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)
BootExecute: autocheck autochk * icarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0159F5C9-FF6F-429F-B544-E5012E2A3E54} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5255600 2021-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {179BB404-F79F-433D-B311-D6764B5957F3} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2859928 2020-08-19] (Corel Corporation -> Corel Corporation)
Task: {1EE21FA8-BFA2-40E6-BFC7-E94D314D01E8} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141160 2021-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {3D42D910-30A3-4952-9E46-6DFD03FB113D} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4699872 2021-04-23] (Avast Software s.r.o. -> AVAST Software)
Task: {4474904E-5FA5-4856-B659-4CE37874FBEB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {4474904E-5FA5-4856-B659-4CE37874FBEB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {4474904E-5FA5-4856-B659-4CE37874FBEB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {4474904E-5FA5-4856-B659-4CE37874FBEB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {4474904E-5FA5-4856-B659-4CE37874FBEB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\RtkAudUService64_BG" /ENABLE
Task: {4474904E-5FA5-4856-B659-4CE37874FBEB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\SentryBayUpdateTaskMachineCore" /ENABLE
Task: {4474904E-5FA5-4856-B659-4CE37874FBEB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\SentryBayUpdateTaskMachineUA" /ENABLE
Task: {4474904E-5FA5-4856-B659-4CE37874FBEB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {4B843749-2454-4F39-B076-E7E088F6F9E7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {4FC30DB0-5D8D-4FBC-BE3C-64E77E954445} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248792 2021-04-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {61206386-D307-4890-BFD8-60FC33CC5E90} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4665568 2021-04-10] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 346fde62-9570-4365-96e8-45d6a5ee28e3
Task: {67EFB312-4726-443B-830B-1748E8AE011E} - System32\Tasks\SentryBayUpdateTaskMachineCore => C:\Program Files (x86)\SentryBay\Update\SentryBayUpdate.exe [149512 2021-02-09] (SentryBay Limited -> SentryBay)
Task: {6DD77523-3DB6-466D-BBD7-066FE545F706} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4731616 2021-03-18] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 01a4b0e3-0a4b-4911-b95a-7a902180a277
Task: {75A86C2E-68EB-45FE-9BFD-888AF11BEF25} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [135000 2020-10-01] (HP Inc. -> HP Inc.)
Task: {90B9C207-932A-4A4C-B561-5CBAEBAA292E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-22] (Google LLC -> Google LLC)
Task: {919ECE32-6FEB-40BD-BDED-E37BAACB9776} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\RtkAudUService64.exe [1141544 2020-09-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {9485F796-8ED3-4681-9D0A-7D0FD5BD95B7} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-04-21] (Mozilla Corporation -> Mozilla Foundation)
Task: {9A1FA14D-EA23-47D5-BC0A-BD54DFF3B6EF} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {9CFC1269-4331-4D56-9A7E-557F474E585B} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4665568 2021-03-10] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid dff818f1-8add-4d0c-a509-de2121ec3343
Task: {A5BC104A-69E2-479F-B977-D66394565874} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [5493472 2021-03-29] (Avast Software s.r.o. -> Avast Software)
Task: {AB5EF077-0DDE-49E4-B683-A6E5B8171C8E} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2859928 2020-08-19] (Corel Corporation -> Corel Corporation)
Task: {B4DF6EA7-3271-45F2-842A-F171A0D658D0} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [5493472 2021-03-16] (Avast Software s.r.o. -> Avast Software)
Task: {B8F75C33-311C-43D1-8BF7-02174FF2A51A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5255600 2021-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC9DC3C3-8BDF-4B41-A19F-8EFA0A2171A2} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2884984 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {D2F4CE50-3456-4EB8-A41F-A4AEC7FC6607} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-22] (Google LLC -> Google LLC)
Task: {D39F169A-E483-4675-BC2E-48D49FFEB63B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141160 2021-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {D5764289-0BAE-4D3F-930C-785B69B2999C} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2859928 2020-08-19] (Corel Corporation -> Corel Corporation)
Task: {E43CC5BF-43F8-4DAA-8BF3-BA8F07C83F1B} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [5493472 2021-03-08] (Avast Software s.r.o. -> Avast Software)
Task: {E7062AF5-D0F1-4E96-8BA6-B8BDCDD4FE11} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248792 2021-04-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {F57C7304-7620-40A9-A5E8-0535EB2E18BD} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1191136 2021-03-18] (Avast Software s.r.o. -> AVAST Software)
Task: {FA992740-D279-4EF6-B88C-F479E2A7DCB7} - System32\Tasks\SentryBayUpdateTaskMachineUA => C:\Program Files (x86)\SentryBay\Update\SentryBayUpdate.exe [149512 2021-02-09] (SentryBay Limited -> SentryBay)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\SentryBayUpdateTaskMachineCore.job => C:\Program Files (x86)\SentryBay\Update\SentryBayUpdate.exe
Task: C:\WINDOWS\Tasks\SentryBayUpdateTaskMachineUA.job => C:\Program Files (x86)\SentryBay\Update\SentryBayUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.11.254 79.98.72.27 79.98.72.2
Tcpip\..\Interfaces\{082f372d-431e-48b2-b9bd-127e8bf4a128}: [DhcpNameServer] 192.168.11.254 79.98.72.27 79.98.72.2
Tcpip\..\Interfaces\{319facf1-c9ca-44a0-b2f9-b15813f65d0a}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{bc508dde-ec9c-40ee-bc47-8a3b67925bee}: [NameServer] 100.120.128.1
Tcpip\..\Interfaces\{c6c67d0a-14ee-46f0-a5bd-6c2dbc95ae39}: [DhcpNameServer] 172.168.0.5

Edge:
=======
DownloadDir: C:\Users\danie\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2021-04-28]

FireFox:
========
FF DefaultProfile: gorjaooa.default
FF ProfilePath: C:\Users\danie\AppData\Roaming\Mozilla\Firefox\Profiles\gorjaooa.default [2020-10-02]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\danie\AppData\Roaming\Mozilla\Firefox\Profiles\gorjaooa.default\Extensions\sp@avast.com.xpi [2019-10-02]
FF ProfilePath: C:\Users\danie\AppData\Roaming\Mozilla\Firefox\Profiles\y61xj8xk.default-release [2021-04-28]
FF Session Restore: Mozilla\Firefox\Profiles\y61xj8xk.default-release -> is enabled.
FF Extension: (Cisco Webex Extension) - C:\Users\danie\AppData\Roaming\Mozilla\Firefox\Profiles\y61xj8xk.default-release\Extensions\ciscowebexstart1@cisco.com.xpi [2021-03-30]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-03-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-03-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.sentrybay.com/SentryBay Update;version=8 -> C:\Program Files (x86)\SentryBay\Update\1.0.0.13544\npSentryBayOneClick8.dll [2021-02-09] (SentryBay Limited -> SentryBay)
FF Plugin ProgramFiles/Appdata: C:\Users\danie\AppData\Roaming\mozilla\plugins\npatgpc.dll [2020-12-17]
StartMenuInternet: Firefox-CEDE86F0486F9A4E - C:\Program Files (x86)\SentryBay\ArmoredClient.exe

Chrome:
=======
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default [2021-04-27]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Prezentace) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-10-02]
CHR Extension: (Dokumenty) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-10-02]
CHR Extension: (Disk Google) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-22]
CHR Extension: (YouTube) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-10-02]
CHR Extension: (Tabulky) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-10-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-20]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-04-19]
CHR Extension: (Cisco Webex Extension) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2021-04-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-22]
CHR Extension: (Gmail) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-22]
CHR Extension: (Chrome Media Router) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-27]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7894040 2021-04-23] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [606944 2021-04-23] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1281760 2021-04-23] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [356064 2021-04-23] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56920 2021-04-23] (Avast Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [12414176 2021-03-10] (Avast Software s.r.o. -> AVAST Software)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8788392 2021-04-07] (Microsoft Corporation -> Microsoft Corporation)
R2 CWAUpdaterService; C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe [40544 2020-03-12] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [5906144 2021-04-10] (Avast Software s.r.o. -> AVAST Software)
S2 epinjectsvc; C:\Program Files (x86)\SentryBay\EntryProtect\inject.exe [498216 2019-07-22] (SentryBay Limited -> SentryBay)
S4 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\FileSyncHelper.exe [2218872 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [38328 2018-08-31] (GoPro Media, Inc. -> )
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\AppHelperCap.exe [731152 2021-03-24] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\DiagsCap.exe [728608 2021-03-24] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\NetworkCap.exe [728608 2021-03-24] (HP Inc. -> HP Inc.)
S4 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d9cbd6bbac564232\x64\SysInfoCap.exe [729608 2021-03-24] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_eb7ea98d07646ece\x64\TouchpointAnalyticsClientService.exe [480280 2021-03-17] (HP Inc. -> HP Inc.)
S4 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\OneDriveUpdaterService.exe [2603368 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
S2 sbupdate; C:\Program Files (x86)\SentryBay\Update\SentryBayUpdate.exe [149512 2021-02-09] (SentryBay Limited -> SentryBay)
R2 SECUREACCESSSYSTEM; C:\Program Files (x86)\SentryBay\Armored Client\service.exe [5601200 2020-06-16] (SentryBay Limited -> SentryBay)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [8059104 2021-03-18] (Avast Software s.r.o. -> AVAST Software)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [212192 2021-04-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365024 2021-04-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250336 2021-04-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99288 2021-04-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17352 2021-04-23] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41296 2021-04-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [180448 2021-04-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522384 2021-04-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107792 2021-04-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82872 2021-04-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850632 2021-04-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467720 2021-04-23] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215352 2021-04-23] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2020-09-13] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326992 2021-04-23] (Avast Software s.r.o. -> AVAST Software)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [59312 2020-09-13] (Avast Software s.r.o. -> Avast Software)
R2 entryprotectdrv; C:\Program Files (x86)\SentryBay\EntryProtect\entryprotect.sys [61480 2019-07-22] (SentryBay Limited -> SentryBay)
R1 epinject6; C:\Program Files (x86)\SentryBay\EntryProtect\epinject.sys [154664 2019-07-22] (SentryBay Limited -> )
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [25024 2019-04-18] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 vbdenum; C:\WINDOWS\System32\drivers\vbdenum.sys [119432 2019-12-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-28 11:49 - 2021-04-28 11:59 - 000033488 _____ C:\Users\danie\Desktop\FRST.txt
2021-04-28 11:42 - 2021-04-28 11:42 - 002298368 _____ (Farbar) C:\Users\danie\Desktop\FRST64.exe
2021-04-28 08:43 - 2021-04-28 08:59 - 000000000 ____D C:\Users\SAS\AppData\Local\Citrix
2021-04-28 08:43 - 2021-04-28 08:43 - 000000000 ____D C:\Users\SAS\AppData\Roaming\ICAClient
2021-04-28 08:43 - 2021-04-28 08:43 - 000000000 ____D C:\Users\SAS\AppData\Local\VirtualStore
2021-04-28 08:42 - 2021-04-28 10:29 - 000000000 ____D C:\Users\SAS\AppData\Roaming\SentryBay
2021-04-28 08:42 - 2021-04-28 08:45 - 000000000 ____D C:\Users\SAS\AppData\Local\Mozilla
2021-04-28 08:42 - 2021-04-28 08:42 - 000000000 ____D C:\Users\SAS\AppData\Roaming\Mozilla
2021-04-28 08:42 - 2021-04-28 08:42 - 000000000 ____D C:\Users\SAS\AppData\LocalLow\Intel
2021-04-28 08:42 - 2021-04-28 08:42 - 000000000 ____D C:\Users\SAS\AppData\Local\SentryBay
2021-04-28 08:20 - 2021-04-28 08:20 - 000000020 ___SH C:\Users\SAS\ntuser.ini
2021-04-28 08:20 - 2021-04-28 08:20 - 000000000 _SHDL C:\Users\SAS\Soubory cookie
2021-04-28 08:20 - 2021-04-28 08:20 - 000000000 _SHDL C:\Users\SAS\AppData\Local\Data aplikací
2021-04-28 08:20 - 2021-04-28 08:20 - 000000000 ____D C:\Users\SAS
2021-04-27 22:11 - 2011-10-24 21:00 - 000046135 _____ C:\Users\danie\Desktop\Jonathan.Livingston.Seagull.srt
2021-04-27 22:10 - 2011-10-24 20:45 - 1475090438 _____ C:\Users\danie\Desktop\Jonathan.Livingston.Seagull.avi
2021-04-24 22:49 - 2021-04-24 22:49 - 000540944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-23 17:35 - 2021-04-23 17:35 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-04-23 17:35 - 2021-04-23 17:35 - 000215352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-04-23 16:57 - 2021-04-23 17:00 - 2140938238 _____ C:\Users\danie\Downloads\Pripad Collini cz dabing (2019).mkv
2021-04-23 16:40 - 2021-04-23 16:43 - 2081317814 _____ C:\Users\danie\Downloads\Riders of Justice _ Rytíři spravedlnosti (2020) CZ titul 1920x1080p.mkv
2021-04-22 21:30 - 2021-04-22 21:34 - 3115524043 _____ C:\Users\danie\Downloads\Mission Impossible-Narod grazlu _ Mission Impossible - Rogue Nation ( 2015) USA Akčni Cz dab 1080p HD.mkv
2021-04-21 23:41 - 2021-04-21 23:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-04-21 22:50 - 2021-04-22 20:56 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-04-21 12:01 - 2021-04-28 08:27 - 000721892 _____ C:\WINDOWS\system32\perfh019.dat
2021-04-21 12:01 - 2021-04-28 08:27 - 000143018 _____ C:\WINDOWS\system32\perfc019.dat
2021-04-21 12:01 - 2021-04-21 12:01 - 000340720 _____ C:\WINDOWS\system32\perfi019.dat
2021-04-21 12:01 - 2021-04-21 12:01 - 000041686 _____ C:\WINDOWS\system32\perfd019.dat
2021-04-21 12:01 - 2021-04-21 12:01 - 000000000 ____D C:\WINDOWS\SysWOW64\ru
2021-04-21 12:01 - 2021-04-21 12:01 - 000000000 ____D C:\WINDOWS\system32\ru
2021-04-21 10:38 - 2021-04-21 10:38 - 000043871 _____ C:\Users\danie\Downloads\1231582670227_4_1132_20210407.pdf
2021-04-21 10:38 - 2021-04-21 10:38 - 000040315 _____ C:\Users\danie\Downloads\512153471777_2_5501_20201231.pdf
2021-04-21 10:38 - 2021-04-21 10:38 - 000037196 _____ C:\Users\danie\Downloads\512153471777_4_1142_20210409.pdf
2021-04-21 10:37 - 2021-04-21 10:37 - 000039669 _____ C:\Users\danie\Downloads\1155297550267_4_1132_20210407.pdf
2021-04-21 10:36 - 2021-04-21 10:36 - 000045529 _____ C:\Users\danie\Downloads\1078943630207_4_1132_20210409.pdf
2021-04-17 21:42 - 2021-04-17 21:45 - 1867915873 _____ C:\Users\danie\Downloads\SMRTONOSNA PAST 3 [1995] HD.mkv
2021-04-17 21:37 - 2021-04-17 21:42 - 3301093592 _____ C:\Users\danie\Downloads\Válka policajtu-Krimi-2004-CZ-adriatic.mkv
2021-04-15 19:22 - 2021-04-15 19:22 - 000000000 ____D C:\Users\Iva\AppData\Roaming\Hewlett-Packard
2021-04-15 19:21 - 2021-04-15 19:21 - 000000000 ____D C:\Users\Iva\AppData\Local\Google
2021-04-15 09:44 - 2021-04-15 09:44 - 000906049 _____ C:\Users\danie\Downloads\slben-seznam-dokument-k-va-hypotce.eml
2021-04-15 09:43 - 2021-04-15 09:43 - 000556455 _____ C:\Users\danie\Downloads\Potvrzeni_o_vysi_prijmu.pdf
2021-04-15 09:43 - 2021-04-15 09:43 - 000101741 _____ C:\Users\danie\Downloads\Jak_na_pr evedeni _hypote ky_do_Air_Bank.pdf
2021-04-14 21:48 - 2011-10-24 21:00 - 000046135 _____ C:\Users\danie\Downloads\Jonathan.Livingston.Seagull.srt
2021-04-14 21:48 - 2011-10-24 20:45 - 1475090438 _____ C:\Users\danie\Downloads\Jonathan.Livingston.Seagull.avi
2021-04-14 21:45 - 2021-04-14 21:47 - 1457377966 _____ C:\Users\danie\Downloads\Jonathan Livingston Seagull_CZ_subs.zip
2021-04-14 21:30 - 2021-04-14 21:33 - 1899377515 _____ C:\Users\danie\Downloads\Raya a drak 2021 CZ dabing.mkv
2021-04-14 18:29 - 2021-04-14 18:29 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-14 18:29 - 2021-04-14 18:29 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-14 18:29 - 2021-04-14 18:29 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-13 21:01 - 2021-04-13 21:02 - 734191008 _____ C:\Users\danie\Downloads\Dannyho parťáci 2.avi
2021-04-12 20:43 - 2016-04-13 18:04 - 1635952777 _____ C:\Users\danie\Downloads\Mládí-_-La-Giovinezza-_-Youth-2015,-CZ.mkv
2021-04-12 20:41 - 2021-04-12 20:49 - 3317441236 _____ C:\Users\danie\Downloads\Dannyho partaci 1 - Ocean's Eleven 1 (2001)(720p)(CZ).mkv
2021-04-12 20:34 - 2021-04-12 20:40 - 789476870 _____ C:\Users\danie\Downloads\Pulnocni nebe-2020-CZ-dabing..avi
2021-04-12 13:20 - 2021-04-12 13:25 - 2399803161 _____ C:\Users\danie\Downloads\(1969)_Kamaradi_S01_ TV_serial.mkv
2021-04-12 13:02 - 2021-04-12 13:06 - 1635953014 _____ C:\Users\danie\Downloads\La Giovinezza (Mládí) (2015) CZ dab.rar
2021-04-12 13:01 - 2021-04-12 13:03 - 550277206 _____ C:\Users\danie\Downloads\Ave Caesar (2016) CZ dabing.mp4
2021-04-07 19:23 - 2021-04-07 19:23 - 000058614 _____ C:\Users\danie\Downloads\2021-03-08-3620366108-sluzby_v_mobilni_siti-d-702178282.pdf
2021-04-07 16:08 - 2021-04-07 23:03 - 000223225 _____ C:\Users\danie\Desktop\Currencies 2019-21.xlsx
2021-04-07 09:37 - 2021-04-07 09:38 - 1225124236 _____ C:\Users\danie\Downloads\Nadejna mlada zena-Promising Young Woman-2020-AAC.2.0-720p.H.264-1280x544-cz title vlozene vypinatelne.mkv
2021-04-07 09:33 - 2021-04-07 09:35 - 1085879594 _____ C:\Users\danie\Downloads\Minari (2020) CZ titulky NOVINKA.mkv.https __ulozto.cz_ partner=20075616.mkv
2021-04-06 19:13 - 2021-04-06 19:58 - 000185684 _____ C:\Users\danie\Downloads\Afternoon_Run 1502.gpx
2021-04-06 19:13 - 2021-04-06 19:13 - 000038112 _____ C:\Users\danie\Downloads\Afternoon_Run 1548 druhá půlka.gpx
2021-04-06 19:13 - 2021-04-06 19:13 - 000017027 _____ C:\Users\danie\Downloads\Evening_Run 1616.gpx
2021-04-06 19:13 - 2021-04-06 19:13 - 000009918 _____ C:\Users\danie\Downloads\Evening_Run 1610.gpx
2021-04-06 19:12 - 2021-04-06 19:34 - 000197864 _____ C:\Users\danie\Downloads\Afternoon_Run 1549.gpx
2021-04-05 21:59 - 2021-04-05 22:02 - 2055572613 _____ C:\Users\danie\Downloads\Duše _ Soul.2020.1080p.CZ.titulky.mkv
2021-04-05 21:53 - 2021-04-05 21:58 - 3363803589 _____ C:\Users\danie\Downloads\Ma Rainey – matka blues (USA, 2020, George C. Wolfe) NF.1080p.WEB-DL.AC3.5.1.Atmos.EN.CZ.sub.mkv
2021-04-05 21:50 - 2021-04-05 21:52 - 1347905612 _____ C:\Users\danie\Downloads\Pod jedním stromem _ Undir trénu _ Under the Tree 2017, ICE - EN tit - CZ tit.mkv
2021-04-05 15:33 - 2021-04-28 11:29 - 000000000 ____D C:\Users\danie\AppData\Roaming\vlc
2021-04-05 15:33 - 2021-04-05 15:33 - 000000923 _____ C:\Users\Public\Desktop\VLC media player.lnk
2021-04-05 15:33 - 2021-04-05 15:33 - 000000923 _____ C:\ProgramData\Desktop\VLC media player.lnk
2021-04-05 15:33 - 2021-04-05 15:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2021-04-05 15:33 - 2021-04-05 15:33 - 000000000 ____D C:\Program Files\VideoLAN
2021-04-05 15:32 - 2021-04-05 15:33 - 042585440 _____ C:\Users\danie\Downloads\vlc-3.0.12-win64.exe
2021-04-05 14:41 - 2021-04-05 14:44 - 1220251040 _____ C:\Users\danie\Downloads\Yesterday 2019, CZ.mkv
2021-04-05 14:40 - 2021-01-19 00:56 - 026679112 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll
2021-04-05 14:40 - 2021-01-19 00:56 - 013521736 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll
2021-04-05 14:40 - 2021-01-19 00:56 - 001789704 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-04-05 14:40 - 2021-01-19 00:56 - 001789704 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-04-05 14:40 - 2021-01-19 00:56 - 001385752 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-04-05 14:40 - 2021-01-19 00:56 - 001385752 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-04-05 14:40 - 2021-01-19 00:56 - 001096312 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-04-05 14:40 - 2021-01-19 00:56 - 001096312 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-04-05 14:40 - 2021-01-19 00:56 - 000949368 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-04-05 14:40 - 2021-01-19 00:56 - 000949368 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-04-05 14:40 - 2021-01-19 00:56 - 000507744 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-04-05 14:40 - 2021-01-19 00:56 - 000427872 _____ C:\WINDOWS\system32\ze_loader.dll
2021-04-05 14:40 - 2021-01-19 00:56 - 000370528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-04-05 14:40 - 2021-01-19 00:56 - 000306568 _____ C:\WINDOWS\system32\libmfxhw64.dll
2021-04-05 14:40 - 2021-01-19 00:56 - 000254480 _____ C:\WINDOWS\SysWOW64\libmfxhw32.dll
2021-04-05 14:40 - 2021-01-19 00:56 - 000171528 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2021-04-05 14:40 - 2021-01-19 00:56 - 000148832 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2021-04-05 14:40 - 2021-01-19 00:56 - 000146816 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2021-04-05 14:36 - 2021-04-05 14:43 - 2691450040 _____ C:\Users\danie\Desktop\Země nomádů (2020)Cz.Titulky.mkv
2021-04-04 22:39 - 2021-04-04 22:45 - 2249727668 _____ C:\Users\danie\Downloads\Velká nádhera - 2013.avi
2021-04-04 22:38 - 2021-04-04 22:43 - 2556834790 _____ C:\Users\danie\Downloads\Následky lásky (The Consequences of Love, Itálie, 2004, Paolo Sorrentino) TV.rip.720p.AC3.CZ.tit.mkv
2021-04-02 00:43 - 2021-04-02 00:43 - 002552400 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_dcap_quoteverify.dll
2021-04-02 00:43 - 2021-04-02 00:43 - 002248216 _____ (Intel Corporation) C:\WINDOWS\system32\qve.signed.dll
2021-04-02 00:43 - 2021-04-02 00:43 - 000703064 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_quote_ex.dll
2021-04-02 00:43 - 2021-04-02 00:43 - 000702040 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_epid.dll
2021-04-02 00:43 - 2021-04-02 00:43 - 000696920 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_launch.dll
2021-04-02 00:43 - 2021-04-02 00:43 - 000169544 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_dcap_ql.dll
2021-04-02 00:43 - 2021-04-02 00:43 - 000107608 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_urts.dll
2021-04-02 00:43 - 2021-04-02 00:43 - 000058952 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_enclave_common.dll
2021-04-02 00:43 - 2021-04-02 00:43 - 000050256 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_platform.dll
2021-04-02 00:43 - 2021-04-02 00:43 - 000039000 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\sgx_uae_service.dll
2021-04-02 00:42 - 2021-04-02 00:42 - 000271400 _____ (Intel Corporation) C:\WINDOWS\system32\pce.signed.dll
2021-04-02 00:42 - 2021-04-02 00:42 - 000250936 _____ (Intel Corporation) C:\WINDOWS\system32\qe3.signed.dll
2021-03-31 21:56 - 2021-03-31 21:59 - 1905038799 _____ C:\Users\danie\Downloads\Resident Evil 1. 2002 (M21).mkv
2021-03-31 13:52 - 2021-03-31 13:56 - 2382440914 _____ C:\Users\danie\Downloads\Chlast - Druk 2020 AB 1080p. Cz tit drama novinka novinky.mkv
2021-03-31 11:42 - 2021-03-31 11:42 - 023214656 _____ (HP Inc.) C:\Users\danie\Downloads\sp112150 (1).exe
2021-03-31 11:34 - 2021-03-31 11:35 - 023214656 _____ (HP Inc.) C:\Users\danie\Downloads\sp112150.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-28 11:58 - 2021-02-09 11:05 - 000000000 ____D C:\FRST
2021-04-28 11:53 - 2021-03-23 22:41 - 000038356 _____ C:\Users\danie\Desktop\Addition.txt
2021-04-28 11:33 - 2021-03-22 12:35 - 000003460 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-28 11:33 - 2021-03-22 12:35 - 000003236 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-28 11:33 - 2021-02-09 09:59 - 000003466 _____ C:\WINDOWS\system32\Tasks\SentryBayUpdateTaskMachineUA
2021-04-28 11:33 - 2021-02-09 09:59 - 000003242 _____ C:\WINDOWS\system32\Tasks\SentryBayUpdateTaskMachineCore
2021-04-28 11:33 - 2021-02-09 09:59 - 000000990 _____ C:\WINDOWS\Tasks\SentryBayUpdateTaskMachineUA.job
2021-04-28 11:33 - 2021-02-09 09:59 - 000000986 _____ C:\WINDOWS\Tasks\SentryBayUpdateTaskMachineCore.job
2021-04-28 11:33 - 2020-09-14 13:26 - 000003572 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-28 11:33 - 2020-09-14 13:26 - 000003348 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-04-28 11:33 - 2020-09-14 13:26 - 000002374 _____ C:\WINDOWS\system32\Tasks\RtkAudUService64_BG
2021-04-28 11:33 - 2020-09-14 13:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-04-28 11:26 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-28 11:10 - 2020-09-14 13:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-28 10:39 - 2019-09-23 21:28 - 000000000 ____D C:\Users\danie\AppData\Local\Packages
2021-04-28 08:43 - 2020-03-09 23:31 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-28 08:42 - 2020-06-03 07:22 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-28 08:42 - 2020-03-09 23:31 - 000000000 ____D C:\Users\danie\AppData\LocalLow\Mozilla
2021-04-28 08:42 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-28 08:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-28 08:27 - 2020-09-14 13:27 - 002569992 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-28 08:27 - 2019-12-07 16:41 - 000718922 _____ C:\WINDOWS\system32\perfh005.dat
2021-04-28 08:27 - 2019-12-07 16:41 - 000155082 _____ C:\WINDOWS\system32\perfc005.dat
2021-04-28 08:27 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-28 08:19 - 2020-09-14 13:26 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2021-04-28 08:19 - 2020-09-14 13:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-28 08:19 - 2020-09-14 13:19 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-28 08:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-04-28 08:19 - 2019-09-30 22:37 - 000000000 ____D C:\ProgramData\AVAST Software
2021-04-28 08:19 - 2019-08-09 00:05 - 000000000 ____D C:\Intel
2021-04-27 22:53 - 2019-12-07 11:03 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2021-04-27 08:41 - 2021-03-22 12:35 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-27 08:41 - 2021-03-22 12:35 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-04-27 08:41 - 2021-03-22 12:35 - 000002213 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-04-27 08:06 - 2020-09-14 13:26 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-04-23 17:35 - 2020-10-15 20:02 - 000180448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-04-23 17:35 - 2020-04-03 16:11 - 000850632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-04-23 17:35 - 2020-04-03 16:11 - 000522384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-04-23 17:35 - 2020-04-03 16:11 - 000467720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-04-23 17:35 - 2020-04-03 16:11 - 000365024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-04-23 17:35 - 2020-04-03 16:11 - 000326992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-04-23 17:35 - 2020-04-03 16:11 - 000250336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-04-23 17:35 - 2020-04-03 16:11 - 000212192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-04-23 17:35 - 2020-04-03 16:11 - 000107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-04-23 17:35 - 2020-04-03 16:11 - 000099288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-04-23 17:35 - 2020-04-03 16:11 - 000082872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-04-23 17:35 - 2020-04-03 16:11 - 000041296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-04-23 17:35 - 2020-04-03 16:11 - 000017352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-04-23 17:35 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-22 20:56 - 2020-03-09 23:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-04-21 23:41 - 2020-03-09 23:31 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-04-21 23:41 - 2019-09-23 21:42 - 000000000 ____D C:\Users\danie\AppData\Local\PlaceholderTileLogoFolder
2021-04-21 23:40 - 2020-01-04 16:00 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2021-04-21 23:32 - 2020-09-14 13:26 - 000002788 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-04-21 13:54 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-21 13:33 - 2020-07-12 16:18 - 000000000 ____D C:\Users\danie\Desktop\Filip airsoft
2021-04-21 12:58 - 2020-11-13 19:24 - 000000000 ___RD C:\Users\Iva\OneDrive
2021-04-21 12:58 - 2020-01-04 16:00 - 000002179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-21 12:58 - 2020-01-04 16:00 - 000000000 ___RD C:\Users\defaultuser100000\OneDrive
2021-04-21 12:58 - 2019-09-23 21:42 - 000000000 ___RD C:\Users\danie\OneDrive
2021-04-21 12:01 - 2019-12-07 16:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-04-21 12:01 - 2019-12-07 16:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-04-21 12:01 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-04-21 12:01 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-04-21 12:01 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-04-21 12:01 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-04-21 12:01 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-04-21 12:01 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-04-21 12:01 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-04-21 12:01 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-04-21 12:01 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-04-21 12:01 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-04-21 12:01 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-04-21 12:01 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\dsc
2021-04-21 12:01 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-21 12:01 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-21 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-04-21 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-04-21 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-04-21 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-04-21 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-04-21 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-04-21 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-04-21 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-21 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-04-21 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-04-21 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-04-21 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-21 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\IME
2021-04-21 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-04-21 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-04-21 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-04-21 12:01 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-04-21 11:55 - 2019-12-07 16:43 - 000000000 ____D C:\WINDOWS\OCR
2021-04-20 16:43 - 2021-02-03 17:30 - 000015269 _____ C:\Users\danie\Desktop\COVID.xlsx
2021-04-20 12:31 - 2019-05-14 01:54 - 000000000 ____D C:\Program Files\Microsoft Office
2021-04-19 11:10 - 2019-10-02 19:13 - 000000000 ____D C:\Users\danie\AppData\Local\Google
2021-04-16 09:51 - 2020-12-01 13:44 - 000002371 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-04-16 09:51 - 2020-12-01 13:44 - 000002363 _____ C:\Users\danie\Desktop\Microsoft Teams.lnk
2021-04-16 00:17 - 2020-11-14 10:38 - 000000000 ____D C:\Users\Iva\AppData\Local\HP_Inc
2021-04-15 23:59 - 2020-12-17 10:08 - 000000000 ____D C:\Users\danie\AppData\LocalLow\WebEx
2021-04-15 23:59 - 2020-12-17 10:08 - 000000000 ____D C:\Users\danie\AppData\Local\WebEx
2021-04-15 19:22 - 2020-11-13 19:24 - 000000000 ____D C:\Users\Iva\AppData\Local\Packages
2021-04-15 19:21 - 2020-11-13 19:25 - 000000000 __SHD C:\Users\Iva\IntelGraphicsProfiles
2021-04-15 14:11 - 2020-11-13 19:24 - 000000000 ____D C:\Users\Iva
2021-04-15 14:11 - 2020-09-14 13:08 - 000000000 ____D C:\Users\Filip
2021-04-15 11:50 - 2020-12-17 10:09 - 000000000 __SHD C:\Users\danie\Documents\cache
2021-04-14 22:53 - 2020-09-14 13:08 - 000000000 ____D C:\Users\danie
2021-04-14 21:36 - 2020-09-14 12:57 - 000000000 ____D C:\WINDOWS\HoloShell
2021-04-14 21:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-14 21:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-14 21:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-14 21:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-14 21:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-14 21:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-14 21:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-14 21:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-14 18:28 - 2020-09-14 13:21 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-04-14 18:21 - 2019-09-27 00:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-14 18:19 - 2019-09-27 00:43 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-04-13 22:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-04-08 20:37 - 2020-03-20 18:55 - 000000000 ____D C:\Users\danie\AppData\Local\D3DSCache
2021-04-08 20:12 - 2021-01-28 16:28 - 000000000 ____D C:\WINDOWS\Minidump
2021-04-07 13:09 - 2021-02-09 16:40 - 000000000 ____D C:\Users\danie\Desktop\Sken
2021-04-05 19:17 - 2021-03-04 16:02 - 000000000 ____D C:\Users\danie\AppData\Local\CiscoSpark
2021-04-05 15:15 - 2019-08-08 23:59 - 000000000 ____D C:\ProgramData\Intel
2021-04-02 00:43 - 2020-03-05 19:56 - 000128616 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_urts.dll
2021-04-02 00:42 - 2020-03-05 19:56 - 000805992 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_quote_ex.dll
2021-04-02 00:42 - 2020-03-05 19:56 - 000805472 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_epid.dll
2021-04-02 00:42 - 2020-03-05 19:56 - 000800872 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_launch.dll
2021-04-02 00:42 - 2020-03-05 19:56 - 000070760 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_enclave_common.dll
2021-04-02 00:42 - 2020-03-05 19:56 - 000056416 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_platform.dll
2021-04-02 00:42 - 2020-03-05 19:56 - 000040552 _____ (Intel Corporation) C:\WINDOWS\system32\sgx_uae_service.dll
2021-03-31 22:03 - 2021-03-04 16:02 - 000000000 ____D C:\Users\danie\AppData\Local\CiscoSparkLauncher
2021-03-31 15:10 - 2019-09-23 21:40 - 000000000 ____D C:\Users\danie\AppData\Local\ConnectedDevicesPlatform
2021-03-31 13:17 - 2019-09-23 21:40 - 000000000 __SHD C:\Users\danie\IntelGraphicsProfiles
2021-03-31 11:38 - 2019-09-27 07:01 - 000000000 ____D C:\swsetup

==================== Files in the root of some directories ========

2020-01-03 01:19 - 2020-01-03 01:19 - 000002151 _____ () C:\Program Files\GOM Player.lnk
2021-01-24 13:05 - 2021-01-24 13:05 - 000370070 _____ () C:\Users\danie\AppData\Roaming\logo_empire_desktop.ico
2020-04-30 12:58 - 2020-04-30 12:58 - 000006908 _____ () C:\Users\danie\AppData\Local\recently-used.xbel
2020-04-05 13:22 - 2020-04-22 14:01 - 000000286 _____ () C:\Users\danie\AppData\Local\zenmap.exe.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-04-2021
Ran by Dan (28-04-2021 11:59:47)
Running from C:\Users\danie\Desktop
Windows 10 Home Version 2004 19041.928 (X64) (2020-09-14 11:26:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-93754314-3111490570-4120607304-500 - Administrator - Disabled)
Dan (S-1-5-21-93754314-3111490570-4120607304-1001 - Administrator - Enabled) => C:\Users\danie
DefaultAccount (S-1-5-21-93754314-3111490570-4120607304-503 - Limited - Disabled)
Filip (S-1-5-21-93754314-3111490570-4120607304-1017 - Limited - Enabled) => C:\Users\Filip
Guest (S-1-5-21-93754314-3111490570-4120607304-501 - Limited - Disabled)
Iva (S-1-5-21-93754314-3111490570-4120607304-1015 - Limited - Enabled) => C:\Users\Iva
SAS (S-1-5-21-93754314-3111490570-4120607304-1386 - Limited - Enabled) => C:\Users\SAS
WDAGUtilityAccount (S-1-5-21-93754314-3111490570-4120607304-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Armored Client (HKLM-x32\...\{12F2FF45-4DA6-11DF-BFFB-3516A1BE09AA}) (Version: 6.3.4.11189 - SentryBay)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 21.1.9940.2746 - Avast Software)
Avast Driver Updater (HKLM\...\Avast Driver Updater) (Version: 21.1.1299.3898 - Avast Software)
Avast Premium Security (HKLM-x32\...\Avast Antivirus) (Version: 21.3.2459 - Avast Software)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.10.5430.1950 - Avast Software)
Cisco Webex Meetings (HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\ActiveTouchMeetingClient) (Version: 41.3.0 - Cisco Webex LLC)
Citrix Workspace 1912 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 19.12.0.119 - Citrix Systems, Inc.)
Dynamic Application Loader Host Interface Service (HKLM\...\{3252E69D-9075-40FD-A9EF-F6D96091B5BF}) (Version: 1.0.0.0 - Intel Corporation) Hidden
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
EzTiltPen (HKLM\...\{359DAC8D-CE33-4729-84E9-22D3367A44A9}_is1) (Version: 1.0.0.25 - ELAN microelectronics Crop.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.93 - Google LLC)
GoPro Quik (HKLM\...\{AA5F7FCE-311C-46D8-B93A-ABF4DDCAB832}) (Version: 0.1.945 - GoPro, Inc.) Hidden
GoPro Quik (HKLM-x32\...\{a23df978-67ca-4fe3-a740-a7b5ae7ec82f}) (Version: 2.7.0.945 - GoPro, Inc.)
GPS Track Editor (HKLM-x32\...\GpsTrackEditor) (Version: 1.15 (build 141) - MapSphere)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP Software Framework (HKLM-x32\...\{71E18A14-1BDB-4B58-A67F-1BCDA12462FD}) (Version: 7.1.15.1 - HP)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1914.12.0.1255 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{3d2240de-3c21-4e14-84b3-1c6cd02bfab4}) (Version: 10.1.17969.8134 - Intel(R) Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{94979CD2-0904-47DE-A4AC-04F1C4524650}) (Version: 17.2.8.1029 - Intel Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.49 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.13901.20400 - Microsoft Corporation)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 21.052.0314.0001 - Microsoft Corporation)
Microsoft Support and Recovery Assistant (HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\f9a89bd2a46a7606) (Version: 17.0.4058.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\Teams) (Version: 1.4.00.8872 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-93754314-3111490570-4120607304-1015\...\Teams) (Version: 1.4.00.2781 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Mozilla Firefox 88.0 (x64 cs) (HKLM\...\Mozilla Firefox 88.0 (x64 cs)) (Version: 88.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 73.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20400 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20400 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Online Plug-in (HKLM-x32\...\{B955EF60-1259-47BF-9B24-DFC73F71C0EA}) (Version: 19.12.0.119 - Citrix Systems, Inc.) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Self-service Plug-in (HKLM-x32\...\{EAD247BC-48BB-42E7-979A-00D984C80898}) (Version: 19.12.0.51 - Citrix Systems, Inc.) Hidden
SentryBay Update Helper (HKLM-x32\...\{BA38CDB0-B61C-4490-9A9C-92241C05FA33}) (Version: 1.0.0.13544 - SentryBay) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Webex (HKLM\...\{95987FB7-2B32-50CB-9BEF-5174ADD8049E}) (Version: 41.3.0.18143 - Cisco Systems, Inc)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
WinZip 25.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2412D}) (Version: 25.0.14245 - Corel Corporation)
Základní software zařízení HP Deskjet 3050 J610 series (HKLM\...\{A74FCB98-0C9F-4D35-8F81-79BD5AA6A88F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

Packages:
=========
B&O Audio Control -> C:\Program Files\WindowsApps\AD2F1837.BOAudioControl_1.15.226.0_x64__v10z8vjag6ke6 [2021-01-30] (HP Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-04-27] (Microsoft Corporation)
HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_1.3.176.0_x64__dt26b99r8h8gj [2021-01-28] (Realtek Semiconductor Corp)
HP CoolSense -> C:\Program Files\WindowsApps\AD2F1837.HPCoolSense_1.0.6.0_x64__v10z8vjag6ke6 [2019-08-09] (HP Inc.)
HP JumpStarts -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.9.1548.0_x64__v10z8vjag6ke6 [2021-01-28] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.6.8.0_x64__v10z8vjag6ke6 [2021-01-30] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.42.0_x64__v10z8vjag6ke6 [2021-04-28] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_126.2.222.0_x64__v10z8vjag6ke6 [2021-04-28] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.7.290.0_x64__v10z8vjag6ke6 [2021-04-15] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.1.21.0_x64__v10z8vjag6ke6 [2021-01-28] (HP Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2021-02-08] (INTEL CORP)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1015.0_x64__8j3eq9eme6ctt [2021-04-15] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-09-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-09-27] (Microsoft Corporation) [MS Ad]
Microsoft Office Outlook Desktop Integration -> C:\Program Files\WindowsApps\Microsoft.OutlookDesktopIntegrationServices_16009.11426.10000.0_x64__8wekyb3d8bbwe [2019-09-27] (Microsoft Corporation)
Notepads App -> C:\Program Files\WindowsApps\19282JackieLiu.Notepads-Beta_1.4.5.0_x64__echhpq9pdbte8 [2021-04-13] (Jackie Liu)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt [2021-04-28] (INTEL CORP) [Startup Task]
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2021-01-24] (Microsoft Corporation)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.2.5.0_x64__kx24dqmazqk8j [2021-04-28] (Random Salad Games LLC)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-93754314-3111490570-4120607304-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\danie\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20339.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-93754314-3111490570-4120607304-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.WinZipExpressForOffice.dll (Corel Corporation -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_cca4e2e8e38a7600\OptaneShellExt.dll [2020-08-13] (Intel(R) Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-23] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-23] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-23] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2020-08-19] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-23] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_cca4e2e8e38a7600\OptaneShellExt.dll [2020-08-13] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2020-08-19] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.052.0314.0001\amd64\FileSyncShell64.dll [2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-23] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2020-08-19] (Corel Corporation -> WinZip Computing)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\danie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\188f5ec9d11ded56\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2020-02-18 00:23 - 2020-02-18 00:23 - 000118784 _____ (Accusoft Corporation.) [File not signed] C:\Program Files (x86)\Citrix\ICA Client\picn20.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-93754314-3111490570-4120607304-1015\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-93754314-3111490570-4120607304-1015\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {034AB8C8-A73D-4D8B-AA21-D72EAB185BF9} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {034AB8C8-A73D-4D8B-AA21-D72EAB185BF9} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-93754314-3111490570-4120607304-1001 -> {034AB8C8-A73D-4D8B-AA21-D72EAB185BF9} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-03-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2019-12-17] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-03-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2019-12-17] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-06] (Microsoft Corporation -> Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\sharepoint.com -> hxxps://zsmilicov-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-93754314-3111490570-4120607304-1386\...\sharepoint.com -> hxxps://zsmilicov-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2020-10-02 12:33 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKCU\Environment\\Path -> %USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\danie\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\pyramidy.jpg
HKU\S-1-5-21-93754314-3111490570-4120607304-1015\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-93754314-3111490570-4120607304-1017\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\HP Backgrounds\backgroundDefault.jpg
HKU\S-1-5-21-93754314-3111490570-4120607304-1386\Control Panel\Desktop\\Wallpaper -> C:\Users\danie\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\pyramidy.jpg
DNS Servers: 192.168.11.254 - 79.98.72.27
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "Avast SecureLine VPN.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk"
HKLM\...\StartupApproved\Run: => "EzTiltPenSrvc"
HKLM\...\StartupApproved\Run: => "RtlS5Wake"
HKLM\...\StartupApproved\Run: => "WinZip UN"
HKLM\...\StartupApproved\Run: => "WinZip FAH"
HKLM\...\StartupApproved\Run: => "DriverUpdUI.exe"
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\StartupApproved\Run: => "CiscoSpark"
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\StartupApproved\Run: => "CiscoMeetingDaemon"
HKU\S-1-5-21-93754314-3111490570-4120607304-1015\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-93754314-3111490570-4120607304-1015\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-93754314-3111490570-4120607304-1017\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6796E776-83B2-4726-AA38-89B55D0FC281}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A9F5876C-D5DE-484F-AA6F-582CDCF5F6ED}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9F8994AD-4273-4D2B-BC29-DDE97070F36C}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe (GoPro Media, Inc. -> )
FirewallRules: [{1D88F7A8-F47B-4FBC-959F-5A6C6AD6256C}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe (GoPro Media, Inc. -> )
FirewallRules: [{7252D2A9-C491-4EAB-ACD5-0EFDF11DB803}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe (GoPro Media, Inc. -> )
FirewallRules: [{9AD5D310-18E4-45F6-8826-733EA907C78C}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro Quik.exe (GoPro Media, Inc. -> )
FirewallRules: [{D423ED29-F5C4-4474-ABF4-78008D68481A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{09E141F4-FD6B-4F82-9ED4-B13F2A407FAE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{61F31EF7-EF25-44A2-BA66-060ACEA894EE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DCB8CC40-3FD8-4680-8EC4-C737EAF4FF4B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9B4D6FEF-3903-42F5-8373-1879DF4A6984}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{54DEE9A0-4063-400A-ACC7-2AF1964076EE}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{F09CE7F0-630E-43AD-BCBE-74FF49A7B9E0}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{5E33CB96-08CB-48CC-A4DE-20219F82268D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A7152F93-307E-422D-8AF7-DB6EE24738F5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1F2FA9E1-EBE3-4EAB-A801-F265D2AF1282}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D99DB8A4-4F3F-4806-8E78-FC216AABF83F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{65817402-6A7F-489C-A3A2-B645E508E790}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0B395872-F7B2-4720-8C40-C7C18DCBF78F}] => (Allow) C:\Program Files (x86)\SentryBay\ArmoredClient.exe (SentryBay Limited -> Mozilla Corporation)
FirewallRules: [{5BDB5B95-AB82-40D6-B7E0-D94AE984B841}] => (Allow) C:\Program Files (x86)\SentryBay\ArmoredClient.exe (SentryBay Limited -> Mozilla Corporation)
FirewallRules: [{9B4191CF-1A74-4E96-B23B-AA0CD6228D01}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

21-04-2021 11:56:35 Windows Update

==================== Faulty Device Manager Devices ============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (04/28/2021 08:44:10 AM) (Source: ICA Client (Vanadium)) (EventID: 1) (User: )
Description: Event-ID 1

Error: (04/27/2021 01:46:40 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Elements (G:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (04/27/2021 08:06:57 AM) (Source: SentryBay Update) (EventID: 20) (User: NT AUTHORITY)
Description: Event-ID 20

Error: (04/20/2021 02:27:25 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Elements (G:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (04/18/2021 12:36:41 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (04/18/2021 12:36:41 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (04/17/2021 02:00:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: wuaueng.dll (17360,R,98) SUS20ClientDataStore: Při otevírání souboru protokolu C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb00020.log došlo k chybě -1811 (0xfffff8ed).

Error: (04/17/2021 02:00:17 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8152,R,98) SRUJet: Při otevírání souboru protokolu C:\WINDOWS\system32\SRU\SRU003B9.log došlo k chybě -1811 (0xfffff8ed).


System errors:
=============
Error: (04/28/2021 11:33:46 AM) (Source: disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.

Error: (04/27/2021 05:23:43 PM) (Source: DCOM) (EventID: 10010) (User: JILM)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/27/2021 11:59:24 AM) (Source: disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.

Error: (04/25/2021 02:30:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel® SGX AESM byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 3000 milisekund: Restartovat službu.

Error: (04/25/2021 02:30:13 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Intel® SGX AESM byla ukončena s následující chybou:
Nespecifikovaná chyba

Error: (04/24/2021 10:59:06 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Avast Antivirus se po přijetí pokynu pro vypnutí neukončila správně.

Error: (04/21/2021 11:32:03 PM) (Source: DCOM) (EventID: 10010) (User: JILM)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/21/2021 12:10:45 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Avast Antivirus se po přijetí pokynu pro vypnutí neukončila správně.


CodeIntegrity:
===============
Date: 2021-04-28 11:34:19
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Avast Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume4\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-04-28 11:26:46
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\SentryBay\EntryProtect\epclient64.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: Insyde F.07 07/03/2019
Motherboard: HP 85C4
Processor: Intel(R) Core(TM) i5-8265U CPU @ 1.60GHz
Percentage of memory in use: 85%
Total physical RAM: 8013.43 MB
Available physical RAM: 1148.01 MB
Total Virtual: 10189.43 MB
Available Virtual: 1596.95 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:237.26 GB) (Free:41.53 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:930.21 GB) NTFS

\\?\Volume{4b7122c4-c8dd-474c-86b0-9c89f4ce261b}\ () (Fixed) (Total:0.94 GB) (Free:0.08 GB) NTFS
\\?\Volume{73ee637a-f6bf-4282-8ec2-3d4bb3c69d1d}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: A50E1C7D)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 0C9B4EB9)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logu

#4 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\MountPoints2: {25e3f2bc-6ddd-11ea-819d-c0b5d7e075b8} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\MountPoints2: {6eefae1f-8c73-11eb-832f-c2b5d7e075b7} - "E:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {90B9C207-932A-4A4C-B561-5CBAEBAA292E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-22] (Google LLC -> Google LLC)
Task: {D2F4CE50-3456-4EB8-A41F-A4AEC7FC6607} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-22] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

danek
Návštěvník
Návštěvník
Příspěvky: 245
Registrován: 29 zář 2014 22:07

Re: Kontrola logu

#5 Příspěvek od danek »

Zdravím a přikládám log fixlist:

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-04-2021
Ran by Dan (28-04-2021 19:36:41) Run:3
Running from C:\Users\danie\Desktop
Loaded Profiles: Dan & Iva & Filip & SAS
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\MountPoints2: {25e3f2bc-6ddd-11ea-819d-c0b5d7e075b8} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\MountPoints2: {6eefae1f-8c73-11eb-832f-c2b5d7e075b7} - "E:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {90B9C207-932A-4A4C-B561-5CBAEBAA292E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-22] (Google LLC -> Google LLC)
Task: {D2F4CE50-3456-4EB8-A41F-A4AEC7FC6607} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-22] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{25e3f2bc-6ddd-11ea-819d-c0b5d7e075b8} => removed successfully
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6eefae1f-8c73-11eb-832f-c2b5d7e075b7} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{90B9C207-932A-4A4C-B561-5CBAEBAA292E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90B9C207-932A-4A4C-B561-5CBAEBAA292E}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D2F4CE50-3456-4EB8-A41F-A4AEC7FC6607}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D2F4CE50-3456-4EB8-A41F-A4AEC7FC6607}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 66338904 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 2581675 B
Edge => 0 B
Chrome => 39250706 B
Firefox => 1144562109 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 240214 B
NetworkService => 240214 B
danie => 56803175 B
defaultuser100000 => 56803175 B
Iva => 57098600 B
Filip => 57098600 B
SAS => 101065064 B
SAS.JAVOR => 101065064 B
SAS.JILM => 101065064 B

RecycleBin => 1664550866 B
EmptyTemp: => 3.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:37:08 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logu

#6 Příspěvek od Rudy »

Smazáno. Log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

danek
Návštěvník
Návštěvník
Příspěvky: 245
Registrován: 29 zář 2014 22:07

Re: Kontrola logu

#7 Příspěvek od danek »

Super, díky !

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logu

#8 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno