Dobrý večer, používám antivir Kaspersky a při pokusu o spuštění chráněného prohlížeče se okno divoce rozbliká. Mám ještě notebook, který je mi líto vyhodit a vlastně v něm jen aktualizuji systém. V notebooku probíhá vše v pohodě bez blikání se okno spustí. Tak si myslím, že jsem byl napaden nějakým virem, nebo malwarem. Prosím o kontrolu.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-10-2024
Ran by Petr (administrator) on PETR (29-10-2024 19:01:26)
Running from C:\Users\Petr\Desktop\FRST64 (3).exe
Loaded Profiles: Petr
Platform: Microsoft Windows 10 Home Version 22H2 19045.5011 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.19\avp.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.19\avpui.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.18\ksde.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.18\ksdeui.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(cmd.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.19\plugins_nms.exe
(explorer.exe ->) () [File not signed] C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <15>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Viber Media S.a r.l. -> Viber Media S.Ã r.l.) C:\Users\Petr\AppData\Local\Viber\Viber.exe
(QNAP Systems, Inc. -> QNAP) C:\Program Files (x86)\QNAP\Qfinder\QfinderPro.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.19\avp.exe <2>
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.18\ksde.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_3fdc28965142b351\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_3fdc28965142b351\NVWMI\nvWmi64.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Users\Petr\AppData\Local\ViewSonic\RtHubSSContrl.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2440.9.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (QNAP Systems, Inc. -> ) C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269352 2019-04-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (No File)
HKLM\...\Run: [UniConverterUpdateHelper] => C:\Program Files\Wondershare\UniConverter\WSVCUUpdateHelper.exe (No File)
HKLM-x32\...\Run: [OV3_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\FirstStart.exe [55664 2014-11-19] (OLYMPUS IMAGING CORP. -> OLYMPUS IMAGING CORP.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (No File)
HKLM-x32\...\Run: [QfinderPro] => C:\Program Files (x86)\QNAP\Qfinder\QfinderPro.exe [6539600 2024-07-26] (QNAP Systems, Inc. -> QNAP)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1834460780-1804597299-4512973-1001\...\Run: [Namedate] => C:\Nezmeskej\nezmeskej.exe [924160 2011-08-11] (Petr Mazánek (www.nezmeskej.cz, info@nezmeskej.cz, +420608702180)) [File not signed]
HKU\S-1-5-21-1834460780-1804597299-4512973-1001\...\Run: [OV3_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe [420208 2014-11-19] (OLYMPUS IMAGING CORP. -> OLYMPUS IMAGING CORP.)
HKU\S-1-5-21-1834460780-1804597299-4512973-1001\...\Run: [Viber] => C:\Users\Petr\AppData\Local\Viber\Viber.exe [60204376 2024-10-18] (Viber Media S.a r.l. -> Viber Media S.Ã r.l.)
HKU\S-1-5-21-1834460780-1804597299-4512973-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31325464 2023-05-30] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1834460780-1804597299-4512973-1001\...\Run: [Personify ChromaCam] => "C:\Program Files (x86)\Personify\ChromaCam\Personify ChromaCam.exe" (No File)
HKLM\...\Windows x64\Print Processors\HP1100PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1100PP.DLL [74240 2012-08-31] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP7200 series: C:\WINDOWS\system32\CNMLMBA.DLL [389120 2012-04-16] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [359936 2012-03-28] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\HP1100LM: C:\WINDOWS\system32\HP1100LM.DLL [288768 2012-08-31] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [120072 2019-02-22] (pdfforge GmbH) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\130.0.6723.70\Installer\chrmstp.exe [2024-10-26] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 9.3 PE.lnk [2017-06-02]
ShortcutTarget: PHOTOfunSTUDIO 9.3 PE.lnk -> C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Spyder3Utility.lnk [2020-06-27]
ShortcutTarget: Spyder3Utility.lnk -> C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe () [File not signed]
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {9174586E-D8EE-45DD-BB0E-495D66843D5F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.)
Task: {86B75C0B-2F1F-470C-95EB-2D4DA17EC61A} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [31000 2023-05-30] (Garmin International, Inc. -> )
Task: {E0D4E453-441B-47FB-BB87-DCB5805C0182} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{6C19A204-69D4-49BF-A4B5-FE28AF82E978} => C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe [5507168 2024-10-14] (Google LLC -> Google LLC)
Task: {05681E4B-AFF6-4AB7-9236-ACF3FC291BB7} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64976 2024-10-16] (HP Inc. -> HP Inc.)
Task: {30BDA871-0B3A-4602-9B75-EE516FC4E222} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64976 2024-10-16] (HP Inc. -> HP Inc.)
Task: {64799FCE-FB43-482F-99C6-62CD0FC77286} - System32\Tasks\iSCSIAgentAutoStartup => C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe [1741136 2024-07-26] (QNAP Systems, Inc. -> )
Task: {C7524854-7C7D-4F64-BB5A-68FA6369B6B8} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky\upgrade_launcher.exe [728992 2024-10-26] (AO Kaspersky Lab -> AO Kaspersky Lab)
Task: {434F1AA9-EF28-4EE5-9F77-1D8B9005C3D5} - System32\Tasks\Microsoft\Windows\Clip\ClipESU => C:\WINDOWS\system32\clipesu.exe [221680 2024-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {119E7BA2-556A-489D-8CFF-C5C3CCC18174} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {6662012F-97B5-41EC-9073-0997FC4ED638} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {E396BF4A-BF40-49B0-8663-6E5A5677A19A} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {083A6183-4AEF-40C6-8424-1484BF42890F} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {D9335A1C-9788-4545-9A3A-118112B149C5} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {41EB1A5B-C29A-47AC-B28A-654DD9754588} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {A873AE2A-0850-4001-94B6-09262B30B41D} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [672320 2024-10-15] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {53150660-FF1F-4632-9014-8741F4338704} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-1834460780-1804597299-4512973-1001 E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [672320 2024-10-15] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {0838C3D0-581D-4E65-AAA5-0F63D15CD15D} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [34368 2024-10-15] (Mozilla Corporation -> Mozilla Foundation)
Task: {67E96B4E-A3EE-4541-A6E3-C79A7B9F6931} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [974456 2024-02-17] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\nview\/installquiet
Task: {7F17820A-A502-4291-A812-D174513CDF61} - System32\Tasks\Opera scheduled assistant Autoupdate 1656132476 => C:\Users\Petr\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Petr\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {B0F9C9EA-979F-40E8-9E1A-80119D79022F} - System32\Tasks\Opera scheduled Autoupdate 1655300201 => C:\Users\Petr\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {F63F75C0-AE8E-41C2-BCDA-52142F350432} - System32\Tasks\Vypnutí => C:\WINDOWS\system32\shutdown.exe [28160 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> /r
Task: {1CD15590-1D52-4947-BFC8-A640A724AD7D} - System32\Tasks\Zoner.Updater.S-1-5-21-1834460780-1804597299-4512973-1001 => C:\ProgramData\Zoner\Zoner.Installer.Core\updater.exe [1617728 2024-10-26] (ZONER a.s. -> ZONER a.s.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.10.10.1
Tcpip\..\Interfaces\{8fed69d7-919f-40b8-87af-2c9131f793ff}: [DhcpNameServer] 10.10.10.1
Edge:
=======
Edge Profile: C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default [2024-10-28]
Edge Notifications: Default -> hxxps://www.facebook.com
Edge Extension: (Ochrana Kaspersky) - C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2024-05-20]
Edge Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-06]
Edge Extension: (Edge relevant text changes) - C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (EXIF Viewer Pro) - C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mmbhfeiddhndihdjeganjggkmjapkffm [2024-06-01]
Edge Extension: (EXIF Viewer Classic) - C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nafpfdcmppffipmhcpkbplhkoiekndck [2024-05-31]
Edge HKU\S-1-5-21-1834460780-1804597299-4512973-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
FireFox:
========
FF DefaultProfile: y2yxbgy3.default-1538284191859
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\y2yxbgy3.default-1538284191859 [2024-10-29]
FF user.js: detected! => C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\y2yxbgy3.default-1538284191859\user.js [2020-04-10]
FF Homepage: Mozilla\Firefox\Profiles\y2yxbgy3.default-1538284191859 -> hxxps://web.whatsapp.com/|hxxp://www.cagliostro.eu/cagliostro.html|hxxp: ... uzaci.html
FF Notifications: Mozilla\Firefox\Profiles\y2yxbgy3.default-1538284191859 -> hxxps://messages.google.com; hxxps://duo.google.com; hxxps://www.instagram.com; hxxps://cs.xhamsterlive.com; hxxps://cs.stripchat.com; hxxps://vk.com; hxxps://web.whatsapp.com
FF Extension: (Adblock) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\y2yxbgy3.default-1538284191859\Extensions\adblock-remastered@addons.mozilla.org.xpi [2019-11-08]
FF Extension: (Exif Viewer) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\y2yxbgy3.default-1538284191859\Extensions\exif_viewer@mozilla.doslash.org.xpi [2024-04-27]
FF Extension: (Ochrana Kaspersky) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\y2yxbgy3.default-1538284191859\Extensions\light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com.xpi [2024-05-23]
FF Extension: (Screenshot) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\y2yxbgy3.default-1538284191859\Extensions\{905b5cd2-56e0-4eba-9de7-1ab109a2a705}.xpi [2022-11-06]
FF Extension: (ImTranslator: Překladač, Slovník, Hlas) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\y2yxbgy3.default-1538284191859\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2024-10-19]
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [Legacy] [not signed]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-10-01] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: JFGuide -> C:\Program Files (x86)\NetSurveillance\CMS\npGuide.dll [2016-07-04] () [File not signed]
FF Plugin: JFWeb -> C:\Program Files (x86)\NetSurveillance\CMS\npWebPlugin.dll [2016-07-04] () [File not signed]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.14 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.15 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.19 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.20 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.21 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: JFGuide -> C:\Program Files (x86)\NetSurveillance\CMS\npGuide.dll [2016-07-04] () [File not signed]
FF Plugin-x32: JFWeb -> C:\Program Files (x86)\NetSurveillance\CMS\npWebPlugin.dll [2016-07-04] () [File not signed]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2023-01-20] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2023-01-20] <==== ATTENTION
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2024-10-29]
CHR Notifications: Default -> hxxps://messages.google.com; hxxps://twitter.com
CHR Extension: (Ochrana Kaspersky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2024-05-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-04]
CHR Extension: (EXIF Viewer Pro) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbhfeiddhndihdjeganjggkmjapkffm [2024-06-01]
CHR Extension: (EXIF Viewer Classic) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafpfdcmppffipmhcpkbplhkoiekndck [2024-05-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-01-20]
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\System Profile [2023-01-20]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKU\S-1-5-21-1834460780-1804597299-4512973-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKU\S-1-5-21-1834460780-1804597299-4512973-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-1834460780-1804597299-4512973-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Opera:
=======
OPR Profile: C:\Users\Petr\AppData\Roaming\Opera Software\Opera Stable [2023-08-28]
OPR Notifications: Opera Stable -> hxxps://animalpornxxx.me; hxxps://cs.xhamsterlive.com; hxxps://www.instagram.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (SOFT VIDEOS) - C:\Users\Petr\AppData\Roaming\Opera Software\Opera Stable\Extensions\clccnbkobkannekkaneppadcdejepeki [2022-12-04]
OPR Extension: (Video Downloader Prime) - C:\Users\Petr\AppData\Roaming\Opera Software\Opera Stable\Extensions\diefijfleiebcgdkmaefbjehgcokpdjl [2022-08-24]
OPR Extension: (Rich Hints Agent) - C:\Users\Petr\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-07-12]
OPR Extension: (Opera Wallet) - C:\Users\Petr\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-08-05]
OPR Extension: (Aria) - C:\Users\Petr\AppData\Roaming\Opera Software\Opera Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm [2023-08-01]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Petr\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-06-15]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.)
R2 AVP21.19; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.19\avp.exe [32008 2024-10-16] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [441664 2019-07-08] (Digital Wave Ltd -> Digital Wave Ltd)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2020-06-26] (Mixbyte Inc -> Freemake)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [File not signed]
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2024-10-16] (HP Inc. -> HP Inc.)
R2 HPSIService; C:\WINDOWS\system32\HPSIsvc.exe [126880 2012-09-27] (Hewlett-Packard Company -> HP)
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] (Canon Inc. -> )
S3 klvssbridge64_21.19; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.19\x64\vssbridge64.exe [301472 2024-10-16] (AO Kaspersky Lab -> AO Kaspersky Lab)
S2 kpm_service_23.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 23.2\kpm_service.exe [521128 2023-10-16] (AO Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE5.18; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.18\ksde.exe [32008 2024-07-12] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123320 2024-09-24] (The Document Foundation -> The Document Foundation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_3fdc28965142b351\Display.NvContainer\NVDisplay.Container.exe [1274992 2024-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NVWMI; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_3fdc28965142b351\NVWMI\nvWmi64.exe [4518536 2024-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
R2 RealtekHubService; C:\Users\Petr\AppData\Local\ViewSonic\RtHubSSContrl.exe [80352 2019-11-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.2.3.2\WsAppService.exe [416768 2016-06-24] (Wondershare) [File not signed]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 AU8168; C:\WINDOWS\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek Semiconductor Corp -> Realtek)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [245192 2024-10-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-03-07] (Martin Malik - REALiX -> REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 klbackupdisk.K4W-21-19; C:\WINDOWS\system32\DRIVERS\K4W-21-19\klbackupdisk.sys [93208 2024-10-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt.K4W-21-19; C:\WINDOWS\System32\DRIVERS\K4W-21-19\klbackupflt.sys [248880 2024-10-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk.K4W-21-19; C:\WINDOWS\system32\DRIVERS\K4W-21-19\kldisk.sys [109104 2024-10-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [55880 2024-10-16] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt.K4W-21-19; C:\WINDOWS\system32\DRIVERS\K4W-21-19\klflt.sys [712240 2024-10-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse.K4W-21-19; C:\WINDOWS\System32\DRIVERS\K4W-21-19\klgse.sys [857400 2024-10-26] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLHK.K4W-21-19; C:\WINDOWS\system32\DRIVERS\K4W-21-19\klhk.sys [2185568 2024-10-26] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids.K4W-21-19; C:\ProgramData\Kaspersky Lab\AVP21.19\Bases\klids.sys [236440 2024-10-26] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF.K4W-21-19; C:\WINDOWS\System32\DRIVERS\K4W-21-19\klif.sys [1480728 2024-10-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [86064 2024-10-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klkbdflt.K4W-21-19; C:\WINDOWS\system32\DRIVERS\K4W-21-19\klkbdflt.sys [96304 2024-10-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt.K4W-21-19; C:\WINDOWS\system32\DRIVERS\K4W-21-19\klmouflt.sys [91192 2024-10-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd.K4W-21-19; C:\WINDOWS\System32\DRIVERS\K4W-21-19\klpd.sys [58904 2024-10-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt.K4W-21-19; C:\WINDOWS\system32\DRIVERS\K4W-21-19\klpnpflt.sys [85528 2024-10-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltun; C:\WINDOWS\system32\DRIVERS\kltun.sys [92192 2024-07-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_K4W-21-19_arkmon; C:\WINDOWS\System32\Drivers\klupd_K4W-21-19_arkmon.sys [396040 2024-10-26] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_K4W-21-19_klark; C:\WINDOWS\System32\Drivers\klupd_K4W-21-19_klark.sys [362464 2024-10-26] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_K4W-21-19_klbg; C:\WINDOWS\System32\Drivers\klupd_K4W-21-19_klbg.sys [198720 2024-10-26] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_K4W-21-19_mark; C:\WINDOWS\System32\Drivers\klupd_K4W-21-19_mark.sys [265416 2024-10-26] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp.K4W-21-19; C:\WINDOWS\system32\DRIVERS\K4W-21-19\klwtp.sys [547368 2024-10-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps.K4W-21-19; C:\WINDOWS\system32\DRIVERS\K4W-21-19\kneps.sys [385072 2024-10-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2018-12-07] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
U5 PROCMON24; C:\Windows\System32\Drivers\PROCMON24.sys [80264 2023-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals - www.sysinternals.com)
S3 qcusbnet; C:\WINDOWS\System32\drivers\innosusbnet.sys [510976 2012-10-26] (QUALCOMM Incorporated) [File not signed]
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\innosusbser.sys [369792 2012-10-26] (QUALCOMM Incorporated) [File not signed]
R3 RtsUpx; C:\WINDOWS\system32\drivers\RtsUpx.sys [18136 2021-08-12] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S3 Spyder3; C:\WINDOWS\System32\drivers\Spyder3.sys [15360 2010-03-30] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-22] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-22] (Microsoft Windows -> Microsoft Corporation)
S3 WinRing0_1_2_0; D:\temp\tmp892D.tmp [14544 2021-08-22] (Noriyuki MIYAZAKI -> OpenLibSys.org)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-10-29 19:01 - 2024-10-29 19:02 - 000034126 _____ C:\Users\Petr\Desktop\FRST.txt
2024-10-29 19:00 - 2024-10-29 18:59 - 002397696 _____ (Farbar) C:\Users\Petr\Desktop\FRST64 (3).exe
2024-10-28 17:35 - 2024-10-28 17:35 - 109009250 _____ C:\Users\Petr\Desktop\SupportTraces-Kaspersky Standard-21.19.7.527-2024-10-28-17-35-8.zip
2024-10-28 17:03 - 2024-10-29 15:51 - 000222512 _____ C:\WINDOWS\SysWOW64\AppRulesStorage-wal
2024-10-28 17:03 - 2024-10-29 15:51 - 000032768 _____ C:\WINDOWS\SysWOW64\DnsStorage-shm
2024-10-28 17:03 - 2024-10-29 15:51 - 000032768 _____ C:\WINDOWS\SysWOW64\AppRulesStorage-shm
2024-10-28 17:03 - 2024-10-28 17:03 - 000000000 _____ C:\WINDOWS\SysWOW64\DnsStorage-wal
2024-10-26 08:02 - 2024-10-28 17:03 - 000012288 _____ C:\WINDOWS\SysWOW64\AppRulesStorage
2024-10-26 08:02 - 2024-10-26 08:02 - 000012288 _____ C:\WINDOWS\SysWOW64\DnsStorage
2024-10-26 08:02 - 2024-10-26 08:02 - 000003384 _____ C:\WINDOWS\system32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2024-10-26 08:00 - 2024-10-26 08:02 - 000002433 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky.lnk
2024-10-26 08:00 - 2024-10-26 08:02 - 000002274 _____ C:\Users\Public\Desktop\Kaspersky.lnk
2024-10-26 07:58 - 2024-10-26 07:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\K4W-21-19
2024-10-24 13:36 - 2024-10-24 13:36 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-10-16 06:51 - 2024-10-16 06:51 - 000001071 _____ C:\Users\Petr\Desktop\Telegram.lnk
2024-10-09 09:49 - 2024-10-09 09:49 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-10-09 09:49 - 2024-10-09 09:49 - 000002063 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-10-09 06:46 - 2024-10-09 06:46 - 000000000 ___HD C:\$WinREAgent
2024-10-01 07:02 - 2024-10-01 07:02 - 000001165 _____ C:\Users\Public\Desktop\LibreOffice 24.8.lnk
2024-10-01 07:02 - 2024-10-01 07:02 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-10-29 19:02 - 2019-03-23 15:49 - 000000000 ____D C:\FRST
2024-10-29 18:24 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-10-29 18:15 - 2021-01-15 11:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-10-29 16:23 - 2024-04-30 06:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2024-10-29 15:58 - 2021-01-15 11:41 - 001719850 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-10-29 15:58 - 2019-12-07 15:41 - 000730314 _____ C:\WINDOWS\system32\perfh005.dat
2024-10-29 15:58 - 2019-12-07 15:41 - 000149130 _____ C:\WINDOWS\system32\perfc005.dat
2024-10-29 15:58 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-10-29 15:52 - 2021-03-18 17:53 - 000000000 ____D C:\Users\Petr\AppData\Roaming\ViberPC
2024-10-29 15:51 - 2021-01-15 11:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-10-29 15:51 - 2018-12-01 10:53 - 000000000 ____D C:\ProgramData\NVIDIA
2024-10-29 08:01 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-10-29 08:01 - 2015-11-09 13:21 - 000000000 ____D C:\Users\Petr\AppData\Local\Zoner
2024-10-29 07:44 - 2022-02-09 17:03 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-10-29 07:17 - 2021-01-24 16:49 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Telegram Desktop
2024-10-29 07:16 - 2015-11-16 09:52 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2024-10-28 17:49 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-10-28 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-10-28 17:31 - 2021-01-15 11:35 - 000000000 ____D C:\Users\Petr
2024-10-27 06:50 - 2021-12-17 07:43 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-10-26 18:34 - 2020-07-18 07:16 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-10-26 15:24 - 2016-05-16 12:52 - 000000000 ____D C:\ProgramData\Zoner
2024-10-26 09:25 - 2022-09-16 16:20 - 000001584 _____ C:\Users\Petr\Desktop\Zoner Photo Studio X.lnk
2024-10-26 09:25 - 2019-11-18 09:24 - 000001586 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Zoner Photo Studio X.lnk
2024-10-26 08:02 - 2018-04-28 14:20 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2024-10-26 08:02 - 2018-04-28 14:20 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2024-10-26 08:02 - 2017-01-27 16:18 - 000000000 ____D C:\Program Files\Common Files\AV
2024-10-26 08:00 - 2022-02-12 08:59 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-10-26 08:00 - 2022-02-12 08:59 - 000002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-10-26 08:00 - 2018-04-28 14:18 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2024-10-26 07:58 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-10-25 10:09 - 2021-02-26 11:11 - 000000000 ____D C:\ProgramData\boost_interprocess
2024-10-23 06:44 - 2017-12-07 21:42 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages
2024-10-22 14:34 - 2016-06-06 05:59 - 000000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
2024-10-22 06:46 - 2022-08-29 15:35 - 000000000 ____D C:\Users\Petr\AppData\Local\Viber
2024-10-19 06:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2024-10-17 10:19 - 2016-08-25 13:05 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Stellarium
2024-10-16 11:07 - 2024-01-19 15:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2024-10-16 11:07 - 2023-11-14 08:17 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-10-16 06:51 - 2021-01-24 16:49 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2024-10-16 06:20 - 2015-11-09 12:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-10-15 07:15 - 2015-11-09 12:38 - 000001131 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-10-13 06:05 - 2023-10-12 12:49 - 000000000 ____D C:\Program Files\RUXIM
2024-10-11 18:44 - 2018-05-12 07:17 - 000000000 ____D C:\Users\Petr\AppData\Local\D3DSCache
2024-10-10 06:23 - 2021-01-15 11:47 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-10-10 06:23 - 2021-01-15 11:47 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-10-09 12:05 - 2021-01-15 11:33 - 000839368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-10-09 12:04 - 2019-12-07 15:42 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2024-10-09 12:04 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-10-09 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-10-09 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-10-09 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-10-09 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-10-09 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-10-09 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-10-09 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-10-09 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-10-09 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-10-09 06:59 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-10-09 06:55 - 2021-01-15 11:35 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-10-09 06:41 - 2022-09-26 16:05 - 000000000 ____D C:\Program Files (x86)\dotnet
2024-10-09 06:41 - 2016-01-31 16:42 - 000000000 ____D C:\ProgramData\Package Cache
2024-10-09 06:22 - 2015-11-09 13:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-10-09 06:17 - 2015-11-09 13:56 - 201324920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-10-01 07:01 - 2024-02-06 08:43 - 000000000 ____D C:\Program Files\LibreOffice
==================== Files in the root of some directories ========
2016-09-29 18:40 - 2016-09-29 18:41 - 000053055 _____ () C:\Program Files (x86)\CMS Setup Log.txt
2016-09-29 11:50 - 2016-09-29 11:50 - 000007952 _____ () C:\Program Files (x86)\Device Manager Setup Log.txt
2021-06-27 17:18 - 2024-05-31 14:28 - 000000383 _____ () C:\Users\Petr\AppData\Roaming\.ptbt
2023-11-24 18:35 - 2023-11-24 18:35 - 000000285 ___RH () C:\Users\Petr\AppData\Roaming\Empty.html
2024-08-03 18:33 - 2024-08-12 08:31 - 000000797 _____ () C:\Users\Petr\AppData\Roaming\PETR.MTBF.txt
2017-02-09 14:09 - 2017-02-09 14:09 - 000000843 _____ () C:\Users\Petr\AppData\Local\recently-used.xbel
2016-09-22 09:30 - 2016-09-22 09:30 - 000000017 _____ () C:\Users\Petr\AppData\Local\resmon.resmoncfg
2017-05-15 09:05 - 2017-05-15 09:06 - 000000124 _____ () C:\Users\Petr\AppData\Local\Support.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-10-2024
Ran by Petr (29-10-2024 19:05:06)
Running from C:\Users\Petr\Desktop
Microsoft Windows 10 Home Version 22H2 19045.5011 (X64) (2021-01-15 10:47:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1834460780-1804597299-4512973-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1834460780-1804597299-4512973-503 - Limited - Disabled)
Guest (S-1-5-21-1834460780-1804597299-4512973-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1834460780-1804597299-4512973-1005 - Limited - Enabled)
Petr (S-1-5-21-1834460780-1804597299-4512973-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-1834460780-1804597299-4512973-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Kaspersky Internet Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Internet Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
FW: Kaspersky Internet Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 24.003.20180 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601102}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Advanced IP Scanner 2.5.1 (HKLM-x32\...\{A1264137-992D-4163-9158-FC398DD88DA4}) (Version: 2.5.4594.1 - Famatech)
Advanced Port Scanner v1.2 (HKLM-x32\...\Advanced Port Scanner v1.2) (Version: - )
android_driver_install.exe (HKLM-x32\...\android_driver_install_is1) (Version: - android)
ANT Drivers Installer x64 (HKLM\...\{FA7C068D-8079-4C87-ADF9-58779167B48F}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AOMEI Partition Assistant Standard Edition 7.5.1 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
ArcSoft PhotoStudio 5.5 (HKLM-x32\...\{85309D89-7BE9-4094-BB17-24999C6118FC}) (Version: - ArcSoft)
Asian Language And Spelling Dictionaries Support For Adobe Acrobat Reader (HKLM\...\{AC76BA86-7AD7-0000-0000-BC17084FC500}) (Version: 23.008.20421 - Adobe Systems Incorporated)
Autopark (HKLM-x32\...\{C5C62278-B1BA-4615-9B4E-E1688935EF2F}) (Version: 2015.11.0003 - Autologis s.r.o.)
Balabolka (HKLM-x32\...\Balabolka) (Version: 2.15.0.833 - Ilya Morozov)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Google, Inc (androidusb) USB (12/11/2012 1.0.0009.00000) (HKLM\...\8E3B176889FB79CA6FE02DF2D2D6DE38BD9FC9F6) (Version: 12/11/2012 1.0.0009.00000 - Google, Inc)
Balíček ovladače systému Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Balíček ovladače systému Windows - Qualcomm (qcusbnet) Net (10/16/2012 1.0.7.9) (HKLM\...\C03E573DE1B7F7DE10352D707DF6C7E88C0FAA03) (Version: 10/16/2012 1.0.7.9 - Qualcomm)
Balíček ovladače systému Windows - Qualcomm Incorporated (qcusbser) Modem (10/26/2012 2.1.0.3) (HKLM\...\19E621CD1BB015A1069EB53B72E2877DC34F038C) (Version: 10/26/2012 2.1.0.3 - Qualcomm Incorporated)
Balíček ovladače systému Windows - Qualcomm Incorporated (qcusbser) Ports (10/26/2012 2.1.0.3) (HKLM\...\521149B020D2896EF887ED07E9FC74DD0C29C17A) (Version: 10/26/2012 2.1.0.3 - Qualcomm Incorporated)
Balíček ovladače systému Windows - Realtek Semiconductor Corp. (RtkBtFilter) Bluetooth (01/24/2022 1.9.1038.3002) (HKLM\...\E3B040ED000A889D37E43B9550A7CDAA898EED3B) (Version: 01/24/2022 1.9.1038.3002 - Realtek Semiconductor Corp.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Blackmagic RAW Common Components (HKLM\...\{853720AF-81BE-4B04-9700-F32A053917B6}) (Version: 4.2 - Blackmagic Design)
Cable Device Driver Package verze 1,0,0,2 (HKLM-x32\...\{0A7B2832-22E0-4D8C-8BEB-3F24163C75C5}}_is1) (Version: 1,0,0,2 - mediaspects GmbH)
Canon CanoScan Toolbox 5.0 (HKLM-x32\...\CanoScan Toolbox 5.0) (Version: - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
CanonSDK-SE TWAIN (HKLM-x32\...\CanonSDK-SE TWAIN_is1) (Version: - LaserSoft Imaging, Inc.)
CanoScan 8600F (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4804) (Version: - )
CMS (HKLM-x32\...\CMS) (Version: - )
Corel VideoStudio Pro Title Pack (HKLM-x32\...\{1F57FEF3-3E49-4252-B977-B98D3A7C89D0}) (Version: 1.00.0000 - Corel Corporation) Hidden
Corel VideoStudio Pro Title Pack (HKLM-x32\...\{2DD67752-A84F-493D-884B-A857CEE14A88}) (Version: 1.00.0000 - Corel Corporation) Hidden
Corel VideoStudio Pro Title Pack (HKLM-x32\...\{34560654-E7ED-4D0C-B75B-C2DD243A3860}) (Version: 1.00.0000 - Corel Corporation) Hidden
Corel VideoStudio Pro Title Pack (HKLM-x32\...\{466B8FC6-8D80-4DA1-BA2D-EC7094BD3C31}) (Version: 1.00.0000 - Corel Corporation) Hidden
Device Manager (HKLM-x32\...\Device Manager) (Version: - )
Digital Camera Utility 5 (HKLM\...\{3543A4FC-E5BA-4745-994C-3D2BE7841CFC}) (Version: 5.5.0 - RICOH IMAGING COMPANY, LTD.)
EKONOM - účetní a evidenční systém (HKLM-x32\...\{0C83C324-4BB4-4E82-96AA-D9FE4A4D97EE}) (Version: 1.00.0000 - Elisoft, s.r.o.)
Elevated Installer (HKLM-x32\...\{AAA7564C-7422-4DEC-90B9-B6DD2754C229}) (Version: 7.17.1.0 - Garmin Ltd or its subsidiaries) Hidden
FinePixViewer Ver.4.1 (HKLM-x32\...\{24ED4D80-8294-11D5-96CD-0040266301AD}) (Version: - )
Garmin BaseCamp (HKLM-x32\...\{a7339a73-aef7-4ce1-963f-e7396ba18511}) (Version: 4.7.4.0 - Garmin Ltd or its subsidiaries)
Garmin BaseCamp (HKLM-x32\...\{B48BC415-D96D-4676-BAB5-66EFDA0D8D7B}) (Version: 4.7.4.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{a38f15c3-9b37-4025-ac33-cd9f4fe25556}) (Version: 7.17.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{E103FA70-2F14-4F9A-91C3-26B9EA19F812}) (Version: 7.17.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{4e365b8d-ed6f-4316-a1b8-f8762eaed5a0}) (Version: 2.5.8 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{9644C9A2-DB70-40B2-9CD3-E025F9CD867D}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 130.0.6723.70 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Helicon Focus 8.2.2.0 (HKLM\...\Helicon Focus 8_is1) (Version: - Helicon Soft Ltd.)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Hugin (HKLM\...\{4F3E5995-7C21-4F79-816C-AA45E86B8A76}) (Version: 20.19.2 - Hugin developer team)
ImageMixer VCD2 for FinePix (HKLM-x32\...\{934E9442-D305-4ACF-AD87-A6C11D677CB9}) (Version: - )
Infovox Desktop 2.2 (HKLM-x32\...\{52C32940-C538-40CF-8DE9-B91090F49938}) (Version: 2.220.3 - Acapela Group)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Kaspersky (HKLM-x32\...\{9A1A3E64-2461-35F4-A2A9-8DA0EAC66B6D}) (Version: 21.19.7.527 - Kaspersky) Hidden
Kaspersky (HKLM-x32\...\InstallWIX_{9A1A3E64-2461-35F4-A2A9-8DA0EAC66B6D}) (Version: 21.19.7.527 - Kaspersky)
Kaspersky Password Manager (HKLM-x32\...\{8EB91B7C-28B6-453E-8EA8-F1D8BEE3716E}) (Version: 23.2.0.242 - Kaspersky) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{8EB91B7C-28B6-453E-8EA8-F1D8BEE3716E}) (Version: 23.2.0.242 - Kaspersky)
Kaspersky VPN (HKLM-x32\...\{78842D83-A5DB-3DAD-970E-A67A0A41EA83}) (Version: 21.18.5.438 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{78842D83-A5DB-3DAD-970E-A67A0A41EA83}) (Version: 21.18.5.438 - Kaspersky)
Kingston SSD Manager version 1.1.1.8 (HKLM-x32\...\{9A5DD901-0B98-4F2B-9421-B5975014184F}_is1) (Version: 1.1.1.8 - Kingston Digital, Inc)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D18FE9D2-2F54-4C68-A2DE-A59D4A80A9BC}) (Version: 3.1.2109.29003 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LibreOffice 24.8.2.1 (HKLM\...\{2B5B0425-12C7-4D48-ACA8-38CCA3082A81}) (Version: 24.8.2.1 - The Document Foundation)
Microsoft .NET Host - 5.0.17 (x86) (HKLM-x32\...\{54DE7EA9-E391-4BD2-A373-3A72A18EBDB5}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.35 (x86) (HKLM-x32\...\{8E9133B2-E53B-4711-A13D-BDDCFFABE4F9}) (Version: 48.140.21458 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x86) (HKLM-x32\...\{AF01038B-6523-4EA7-9D9E-4F1E2927D88B}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.35 (x86) (HKLM-x32\...\{EDEF1977-65C8-407E-A4AE-5FE3699ACDF2}) (Version: 48.140.21458 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x86) (HKLM-x32\...\{59650A2A-3839-46EC-9D9C-6B3B1C743C55}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.35 (x86) (HKLM-x32\...\{BBEA8EBD-9170-4B66-8343-9A763011DED4}) (Version: 48.140.21458 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 130.0.2849.56 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 130.0.2849.52 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33130 (HKLM-x32\...\{1de5e707-82da-4db6-b810-5d140cc4cbb3}) (Version: 14.38.33130.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33130 (HKLM-x32\...\{2cfeba4a-21f8-4ea7-9927-c5a5c6f13cc9}) (Version: 14.38.33130.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33130 (HKLM\...\{C31777DB-51C1-4B19-9F80-38EF5C1D7C89}) (Version: 14.38.33130 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33130 (HKLM\...\{1CA7421F-A225-4A9C-B320-A36981A2B789}) (Version: 14.38.33130 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33130 (HKLM-x32\...\{5CA9AE7B-2EFC-4F02-81CD-32ABE173C755}) (Version: 14.38.33130 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33130 (HKLM-x32\...\{DF1B52DF-C88E-4DDF-956B-6E7A03327F46}) (Version: 14.38.33130 - Microsoft Corporation) Hidden
Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.17 (x86) (HKLM-x32\...\{098c6ff7-1af1-4c4a-b86f-c60608c98e31}) (Version: 5.0.17.31219 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.17 (x86) (HKLM-x32\...\{0D02D706-44F2-4957-A448-E7259A0B56B9}) (Version: 40.68.31219 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.35 (x86) (HKLM-x32\...\{0963AE98-F2C6-42A0-BF25-F0BC52787B35}) (Version: 48.140.21525 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.35 (x86) (HKLM-x32\...\{6155852e-c88e-4c56-b194-2178353598fb}) (Version: 6.0.35.34113 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x64 (HKLM\...\{680EDA59-9266-44B4-949E-0C24F65DFF82}) (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (HKLM-x32\...\{E3B64CC5-C011-40C0-92BC-7316CD5E5688}) (Version: 10.0.40219.1 - Nokia) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 131.0.3 (x64 cs)) (Version: 131.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 131.0.3.223 - Mozilla)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NetSurveillance (HKLM-x32\...\NetSurveillance) (Version: - )
Nezmeškej (HKU\S-1-5-21-1834460780-1804597299-4512973-1001\...\Nezmeškej) (Version: "3.9.5" - )
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NVIDIA Ovladač HD audia 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 551.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.61 - NVIDIA Corporation)
NVIDIA RTX Desktop Manager 204.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 204.61 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.0.0 - OBS Project)
OLYMPUS Digital Camera Updater (HKLM-x32\...\{D18925CE-5AF9-4394-8EF7-1081FFE7E98B}) (Version: 1.2.0 - OLYMPUS IMAGING CORP.)
OLYMPUS Viewer 3 (HKLM-x32\...\{F0C70F68-E57F-4D76-A012-E20F8E12946E}) (Version: 1.4.1 - OLYMPUS IMAGING CORP.)
Olympus Workspace (HKLM-x32\...\{758E4460-B29F-4391-A4FF-983D994E65AE}) (Version: 1.4.1 - OM Digital Solutions Corporation)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.5.1 - pdfforge GmbH)
PENTAX Digital Camera Utility (HKLM-x32\...\PENTAX Digital Camera Utility) (Version: - )
PHOTOfunSTUDIO 9.3 PE (HKLM-x32\...\{E33B3B6C-5712-4A39-B30D-1391918D920D}) (Version: 9.03.703 - Panasonic Corporation)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.9.0 - Prolific Technology INC)
PSPad editor (HKLM\...\PSPad editor 64bit_is1) (Version: 5.0.6.589 - Jan Fiala)
PSPad editor (HKLM-x32\...\PSPad editor 32bit_is1) (Version: 5.0.7.775 - Jan Fiala)
QNAP Qfinder Pro (HKLM-x32\...\QNAP_FINDER) (Version: 7.11.1.0726 - QNAP Systems, Inc.)
RAW FILE CONVERTER LE (HKLM-x32\...\{D680C913-5955-469D-9D88-C1940F7506D6}) (Version: - )
RawDigger x64 1.3.0.634 (HKLM\...\RawDigger_is1) (Version: 1.3.0.634 - LibRaw,LLC)
RawTherapee verze 5.8 (HKLM\...\RawTherapee5.8_is1) (Version: 5.8 - rawtherapee.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
SilverFast CanonSDK-SE (HKLM-x32\...\SilverFast CanonSDK-SE_is1) (Version: - LaserSoft Imaging, Inc.)
SilverFast SE CD Documentation 6.4.0 (HKLM-x32\...\SilverFast SE CD Documentation_is1) (Version: - LaserSoft Imaging AG)
Spyder3Elite (HKLM-x32\...\Spyder3Elite) (Version: - )
Stellarium 0.19.1.1 (HKLM\...\Stellarium_is1) (Version: 0.19.1.1 - Stellarium team)
Telegram Desktop (HKU\S-1-5-21-1834460780-1804597299-4512973-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 5.6.3 - Telegram FZ-LLC)
TK-Czech_Republic-Basemap (HKLM-x32\...\TK-Czech_Republic-Basemap) (Version: - )
Topaz DeNoise AI (HKLM\...\Topaz DeNoise AI 2.3.3) (Version: 3.7.0 - Topaz Labs LLC)
Topaz Photo AI (HKLM\...\{058B044A-5D2E-4436-B244-64DF27D6FFB9}) (Version: 2.3.2 - Topaz Labs LLC)
Topaz Sharpen AI (HKLM\...\Topaz Sharpen AI 2.1.8) (Version: 4.1.0 - Topaz Labs LLC)
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
Viber (HKLM-x32\...\{D370CC5A-0931-4AAB-9ACB-A885C6F7E1E7}) (Version: 14.9.1.0 - Viber Media S.a.r.l) Hidden
Viber (HKU\S-1-5-21-1834460780-1804597299-4512973-1001\...\{7d71a736-9500-412c-98f9-3516e4dbfd4b}) (Version: 14.9.1.0 - 2010-2021 Viber Media S.a.r.l)
ViewSonic vDisplay Manager2.0 (HKLM-x32\...\{66425BDF-E3B8-4E11-9A1A-CE79BDFB6ABC}) (Version: 2.4.1.15 - ViewSonic ) Hidden
ViewSonic vDisplay Manager2.0 (HKLM-x32\...\InstallShield_{66425BDF-E3B8-4E11-9A1A-CE79BDFB6ABC}) (Version: 2.4.1.15 - ViewSonic )
ViewSonic Windows 10 64bit Signed Files (HKLM-x32\...\{FC47C7A5-BE63-11D5-B7C9-005004566E4D}) (Version: - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.21 - VideoLAN)
WebM Media Foundation Components (HKLM-x32\...\webmmf) (Version: 1.0.1.2 - WebM Project)
WhatsApp (HKU\S-1-5-21-1834460780-1804597299-4512973-1001\...\WhatsApp) (Version: 2.2310.5 - WhatsApp)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Zerene Stacker 1.04T2021-02-16-2045 (HKLM\...\{3C69B65F-770A-444B-8F31-F1ABDAA9D000}_is1) (Version: - Zerene Systems, LLC)
Zoner Photo Studio X CS (HKU\S-1-5-21-1834460780-1804597299-4512973-1001\...\ZPS X) (Version: 19.2409.2.582 - ZONER a.s.)
Zoom (HKU\S-1-5-21-1834460780-1804597299-4512973-1001\...\ZoomUMX) (Version: 5.4.3 (58891.1115) - Zoom Video Communications, Inc.)
ZTE Drivers (HKLM-x32\...\{ACC9984D-E78B-4fcd-BE44-4E3F186DDA33}) (Version: 1.2059.0.12 - )
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-06-15] ()
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.279.200.0_x64__kgqvnymyfvs32 [2024-10-16] (king.com)
CrystalDiskMark Shizuku Edition -> C:\Program Files\WindowsApps\45313CrystalDewWorld.CrystalDiskMark5ShizukuEditio_8.0.13.0_x64__kfjz01bcdaj9c [2024-02-27] (Crystal Dew World)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2024-02-23] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2024-02-23] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_156.1.1125.0_x64__v10z8vjag6ke6 [2024-10-16] (HP Inc.)
Kodi -> C:\Program Files\WindowsApps\XBMCFoundation.Kodi_21.1.500.0_x64__4n2hpmxwrvr6p [2024-08-20] (XBMC Foundation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2024-02-23] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2024-02-23] (Microsoft Corporation) [MS Ad]
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_2.11.8191.0_x64__8wekyb3d8bbwe [2024-09-05] (Microsoft Studios)
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2024-02-23] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2024-02-23] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2024-02-23] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-04-24] (NVIDIA Corp.)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2024-02-23] (Microsoft Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2024-02-23] (Twitter Inc.)
Vyhledávání na webu z Microsoft Bingu -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.1.0.0_x64__8wekyb3d8bbwe [2024-10-26] (Microsoft Corporation)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2440.9.0_x64__cv1g1gvanyjgm [2024-10-12] (WhatsApp Inc.) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1834460780-1804597299-4512973-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> "C:\Users\Petr\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-1834460780-1804597299-4512973-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1834460780-1804597299-4512973-1001_Classes\CLSID\{DF1F7848-595D-4570-8E7C-35F77861C552}\InprocServer32 -> C:\Users\Petr\AppData\Local\Programs\Zoner\ZPS X\binary\Program64\ZpsThumbnailHandler.dll (ZONER a.s. -> )
CustomCLSID: HKU\S-1-5-21-1834460780-1804597299-4512973-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-1834460780-1804597299-4512973-1001_Classes\CLSID\{fa5312d1-0b58-428a-bd93-3b87ef89945d}\localserver32 -> "C:\Program Files\Skylum\Luminar Neo\Luminar Neo.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [Balabolka] -> {6CB83A5A-AA68-4895-9F54-175E789AE149} => C:\Program Files (x86)\Balabolka\BFileExt.dll [2020-04-04] (Ilya Morozov) [File not signed]
ContextMenuHandlers1: [Kaspersky Standard 21.19] -> {05E95079-6931-45C1-AC05-4CC75DB1A236} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.19\x64\shellex.dll [2024-10-26] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2018-11-13] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Standard 21.19] -> {05E95079-6931-45C1-AC05-4CC75DB1A236} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.19\x64\shellex.dll [2024-10-26] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [Kaspersky Standard 21.19] -> {05E95079-6931-45C1-AC05-4CC75DB1A236} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.19\x64\shellex.dll [2024-10-26] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_3fdc28965142b351\nvshext.dll [2024-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [NvQuadroView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2024-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Standard 21.19] -> {05E95079-6931-45C1-AC05-4CC75DB1A236} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.19\x64\shellex.dll [2024-10-26] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1834460780-1804597299-4512973-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nezmeškej\Internetové stránky programu Nezmeškej.lnk -> hxxp://www.nezmeskej.cz
Shortcut: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NetSurveillance\reg.lnk -> C:\Program Files (x86)\NetSurveillance\CMS\reg.bat ()
==================== Loaded Modules (Whitelisted) =============
2010-04-16 10:01 - 2010-04-16 10:01 - 000139264 _____ () [File not signed] C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility Libs\Appearance Pak.dll
2010-04-16 10:01 - 2010-04-16 10:01 - 000266240 _____ () [File not signed] C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility Libs\CGamma.dll
2010-04-16 10:01 - 2010-04-16 10:01 - 000065536 _____ () [File not signed] C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility Libs\CSensor.dll
2010-04-16 10:01 - 2010-04-16 10:01 - 000025600 _____ () [File not signed] C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility Libs\MBSPluginVersionPlugin16042.dll
2010-04-16 10:01 - 2010-04-16 10:01 - 000028672 _____ () [File not signed] C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility Libs\MBSRegistrationPlugin16042.dll
2010-04-16 10:01 - 2010-04-16 10:01 - 000868352 _____ () [File not signed] C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility Libs\RBScript.dll
2010-04-16 10:01 - 2010-04-16 10:01 - 000147456 _____ () [File not signed] C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility Libs\RegEx.dll
2010-04-16 10:01 - 2010-04-16 10:01 - 000098304 _____ () [File not signed] C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility Libs\Shell.dll
2010-04-16 10:01 - 2010-04-16 10:01 - 000762368 _____ () [File not signed] C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility Libs\XML.dll
2024-07-26 03:18 - 2024-07-26 03:18 - 003825664 _____ () [File not signed] c:\program files (x86)\qnap\qfinder\dhconfigsdk.dll
2024-07-26 03:18 - 2024-07-26 03:18 - 019337216 _____ () [File not signed] C:\Program Files (x86)\QNAP\Qfinder\dhnetsdk.dll
2024-07-26 03:18 - 2024-07-26 03:18 - 000176640 _____ () [File not signed] C:\Program Files (x86)\QNAP\Qfinder\quazip.dll
2018-05-09 07:39 - 2012-04-16 04:00 - 000389120 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMLMBA.DLL
2018-04-08 13:24 - 2012-03-28 18:00 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2009-06-24 09:57 - 2009-06-24 09:57 - 000029696 _____ (HP) [File not signed] [File is in use] C:\Program Files (x86)\HP\HPLaserJetService\DebugLogger.dll
2009-06-24 09:57 - 2009-06-24 09:57 - 000032768 _____ (HP) [File not signed] [File is in use] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll
2009-06-24 09:57 - 2009-06-24 09:57 - 000031744 _____ (HP) [File not signed] [File is in use] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll
2016-07-07 14:40 - 2019-02-22 09:31 - 000120072 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2024-07-26 03:19 - 2024-07-26 03:19 - 001265664 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\QNAP\Qfinder\LIBEAY32.dll
2024-07-26 03:19 - 2024-07-26 03:19 - 000274432 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] c:\program files (x86)\qnap\qfinder\ssleay32.dll
2024-07-26 03:19 - 2024-07-26 03:19 - 002229760 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\QNAP\Qfinder\libcrypto-1_1.dll
2024-07-26 03:19 - 2024-07-26 03:19 - 000534528 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\QNAP\Qfinder\libssl-1_1.dll
2024-05-29 10:14 - 2024-05-29 10:14 - 005109232 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\QNAP\Qfinder\Qt5Core.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
SearchScopes: HKU\S-1-5-21-1834460780-1804597299-4512973-1001 -> 1BAB602F6DABA2C74C4986FAF14EF195 URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1834460780-1804597299-4512973-1001 -> 302F0967A7A409F4A3CAB50A33351AEF URL = hxxp://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-1834460780-1804597299-4512973-1001 -> 4901F88B9647C6BE9C7F26C28E1A69A0 URL = hxxp://www.zbozi.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1834460780-1804597299-4512973-1001 -> FE0212FE46E844661C9B8E861B152BCF URL = hxxp://www.mapy.cz/?sourceid=quicksearch_6826& ... earchTerms}
SearchScopes: HKU\S-1-5-21-1834460780-1804597299-4512973-1001 -> {316C7F0E-605F-46AF-BBAD-4E5CA7A5EF76} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-1834460780-1804597299-4512973-1001 -> {3AAF4E7A-8D58-4CC0-9E48-D5C7B2F921CA} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-1834460780-1804597299-4512973-1001 -> {62519E05-71D2-4670-84E1-71254DD02F9C} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-1834460780-1804597299-4512973-1001 -> {80EECFA4-E37D-4BA3-9046-5C2A817C66FE} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1834460780-1804597299-4512973-1001 -> {9745FDED-77F0-4D62-A009-139515B742C4} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1834460780-1804597299-4512973-1001 -> {A4EB0DBF-7D34-4116-A346-963463F44D1C} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1834460780-1804597299-4512973-1001 -> {C5991C52-1821-402A-BD79-0D3E3C2CFEBA} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1834460780-1804597299-4512973-1001 -> {CCA3D3D7-3BC9-4974-94BC-D9109DB3714A} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1834460780-1804597299-4512973-1001 -> {DA513F2E-F275-4C77-9FA5-7F299DB5C5A6} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1834460780-1804597299-4512973-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1834460780-1804597299-4512973-1001\...\sharepoint.com -> hxxps://halln7zz-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-1834460780-1804597299-4512973-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2016-10-31 07:55 - 000000826 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Microsoft\Web Platform Installer\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Common Files\Ulead Systems\MPEG;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\dotnet\
HKU\S-1-5-21-1834460780-1804597299-4512973-1001\Control Panel\Desktop\\Wallpaper -> d:\pictures\r2019\p1040549.jpg
DNS Servers: 10.10.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
Network Binding:
=============
Síť Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys
Připojení k místní síti: Kaspersky VPN -> kltun.sys
KL_KLIM6: Kaspersky Anti-Virus NDIS 6 Filter
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "Exif Launcher.lnk"
HKLM\...\StartupApproved\Run32: => "HPUsageTrackingLEDM"
HKLM\...\StartupApproved\Run32: => "Speechtech TTS 32-bit preload"
HKLM\...\StartupApproved\Run32: => "OV3_Monitor"
HKU\S-1-5-21-1834460780-1804597299-4512973-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-1834460780-1804597299-4512973-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-1834460780-1804597299-4512973-1001\...\StartupApproved\Run: => "Zoner Photo Studio Service 16"
HKU\S-1-5-21-1834460780-1804597299-4512973-1001\...\StartupApproved\Run: => "GarminExpress"
HKU\S-1-5-21-1834460780-1804597299-4512973-1001\...\StartupApproved\Run: => "OV3_Monitor"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{4BF76689-C9BE-43D1-8924-76E00DD7821A}] => (Allow) C:\Users\Petr\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{6CC4B0FC-D59E-4CE7-A4D5-C95F36F2105E}C:\program files (x86)\cms\cms.exe] => (Allow) C:\program files (x86)\cms\cms.exe () [File not signed]
FirewallRules: [TCP Query User{5408445D-98E8-48E5-A9C1-2BA7DD12E2D4}C:\program files (x86)\cms\cms.exe] => (Allow) C:\program files (x86)\cms\cms.exe () [File not signed]
FirewallRules: [UDP Query User{AF33C552-5147-4DBB-B25B-118ADDA722A2}C:\program files (x86)\device manager\devicemanage.exe] => (Allow) C:\program files (x86)\device manager\devicemanage.exe () [File not signed]
FirewallRules: [TCP Query User{95F05FB8-A740-4C96-878E-FE34D5D6C191}C:\program files (x86)\device manager\devicemanage.exe] => (Allow) C:\program files (x86)\device manager\devicemanage.exe () [File not signed]
FirewallRules: [UDP Query User{56D5B18B-06C3-4ED6-9628-5491111825C7}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{A18A8D87-AB7B-443C-8F58-E4E768D5DFA7}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{C476FCD7-F2FD-41AE-B83B-312B07CFC3D2}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{CBBE9CD6-A7AD-48FB-99F3-B064D4F79A4F}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{659278AC-D6A7-4A2C-BE51-895FE21301C5}] => (Allow) C:\Program Files (x86)\Garmin\Express\express.exe (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
FirewallRules: [{7C28AFF3-2D55-49CF-8424-6E1F26355796}] => (Allow) C:\Program Files (x86)\Garmin\Express\express.exe (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
FirewallRules: [{90493BA2-146B-4277-9394-9FCB57ADBCD1}] => (Allow) C:\Program Files (x86)\Garmin\Express\express.exe (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
FirewallRules: [{8E0F8213-16D4-43B5-B88A-6DF04154D65A}] => (Allow) C:\Program Files (x86)\Garmin\Express\express.exe (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
FirewallRules: [{61088E09-84D7-4A0C-8C9E-046508B8F42B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C8E3FAE9-942C-4383-AFCA-C4FF6315AFBA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{C38D2F0F-FB59-4C70-B40E-375C6D865B38}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{1C68BA6B-D36E-46E3-A09D-8AA27DEC9979}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{070BE49C-D32E-49E9-A0FF-221931751914}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{61BD0A1A-FD86-4349-8076-4972260B2F8C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{5301C7DB-C2FD-4217-9F29-6DE053C74D49}C:\program files (x86)\qnap\qfinder\qfinderpro.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinderpro.exe (QNAP Systems, Inc. -> QNAP)
FirewallRules: [UDP Query User{18C97E4A-A76E-46D1-90B8-AB7165300E91}C:\program files (x86)\qnap\qfinder\qfinderpro.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinderpro.exe (QNAP Systems, Inc. -> QNAP)
FirewallRules: [{E802F589-3FFD-4414-B5C9-4679E08540A2}] => (Allow) C:\Users\Petr\AppData\Local\Programs\Opera\101.0.4843.43\opera.exe => No File
FirewallRules: [{10F9E572-CA1A-4DF6-937C-FFD3211B7636}] => (Allow) C:\Users\Petr\AppData\Local\Programs\Opera\102.0.4880.16\opera.exe => No File
FirewallRules: [{4CD92558-0A7E-4ACE-84C0-DFAB338AB580}] => (Allow) C:\Users\Petr\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => No File
FirewallRules: [{64A1F6FA-CE4C-49AD-BDC0-1C8EEF645DC3}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\RM.exe => No File
FirewallRules: [{3B60EEEA-6E88-4F21-9556-C42A3CC795EE}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\RM.exe => No File
FirewallRules: [{5B5579CA-5803-4482-B9A0-5B10B1C32826}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\NGStudio.exe => No File
FirewallRules: [{F862CBC9-AB36-43D0-A57C-BAB7ED27104E}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\NGStudio.exe => No File
FirewallRules: [{D042F362-26D2-433E-B72B-9F2E23A487D4}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\UMI.exe => No File
FirewallRules: [{337D7F3A-B68F-4B5A-BA14-CEFBD2D9CC93}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\UMI.exe => No File
FirewallRules: [{7CF43036-2D9A-42F5-B78F-23509646624E}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe => No File
FirewallRules: [{90E93CB4-FCEE-41A3-B7A2-E5DC19FFA1D5}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe => No File
FirewallRules: [{96FF562B-44A2-4995-A983-2E9C6BB4DF5D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe => No File
FirewallRules: [{8FE7277C-F5F2-4DD1-8360-647912B1C249}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe => No File
FirewallRules: [{2785E762-F143-4427-B375-7CC4C83421CC}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe => No File
FirewallRules: [{5B177A80-2DC5-4EBD-9214-08393CC8B3F5}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe => No File
FirewallRules: [{76931BB2-66F7-4A5C-A65A-6D201501DB34}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{70F426BE-133C-44B8-AB44-6B291A0107AA}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe => No File
FirewallRules: [{F20CF35E-AB0D-4667-BFA2-6C893B9D408F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.130.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F241184B-A18E-40CF-BD07-F3E2ED958002}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.130.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B3CDAF72-E37F-480C-9D2F-12269DA8B06E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.130.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{41569B4E-CDF5-415A-9490-23B199DD6D46}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.130.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{803646EC-E7F4-470E-914E-2939A80EFF1D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{F04AD6BA-565F-415C-9528-7C77ACFED91F}C:\program files (x86)\qnap\qfinder\qfinderpro.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinderpro.exe (QNAP Systems, Inc. -> QNAP)
FirewallRules: [UDP Query User{1103EE90-E5B0-4538-8C04-35CBA0DC543F}C:\program files (x86)\qnap\qfinder\qfinderpro.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinderpro.exe (QNAP Systems, Inc. -> QNAP)
FirewallRules: [{880275BE-4E68-4ABD-9879-42975D29C5A3}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
13-10-2024 13:43:20 Naplánovaný kontrolní bod
22-10-2024 11:55:42 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/29/2024 03:51:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: app_updater.exe, verze: 1.1.5.708, časové razítko: 0x5d22f5b2
Název chybujícího modulu: zlib1.dll, verze: 1.2.8.0, časové razítko: 0x5190dfa0
Kód výjimky: 0xc0000005
Posun chyby: 0x00003650
ID chybujícího procesu: 0xef4
Čas spuštění chybující aplikace: 0x01db2a120c81c022
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
ID zprávy: 2488c653-fe79-40c8-8217-165561559a8d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/29/2024 03:51:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5ef59988
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.5007, časové razítko: 0x0943bdcd
Kód výjimky: 0xe0434352
Posun chyby: 0x001410a2
ID chybujícího procesu: 0xeec
Čas spuštění chybující aplikace: 0x01db2a120c81ab90
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: da831abf-2fa4-4c35-aadf-e0a1923774e1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/29/2024 03:51:35 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeUtilsService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na FreemakeUtilsService.Program.Main(System.String[])
Error: (10/29/2024 06:52:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: app_updater.exe, verze: 1.1.5.708, časové razítko: 0x5d22f5b2
Název chybujícího modulu: zlib1.dll, verze: 1.2.8.0, časové razítko: 0x5190dfa0
Kód výjimky: 0xc0000005
Posun chyby: 0x00003650
ID chybujícího procesu: 0x11d0
Čas spuštění chybující aplikace: 0x01db29c6acbd08a6
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
ID zprávy: 82fa2e5a-47f1-4be9-b919-c685b7945d63
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/29/2024 06:52:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5ef59988
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.5007, časové razítko: 0x0943bdcd
Kód výjimky: 0xe0434352
Posun chyby: 0x001410a2
ID chybujícího procesu: 0x11d8
Čas spuštění chybující aplikace: 0x01db29c6acbd228a
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: a1a8903d-60fe-4fde-bd5b-e1150861e805
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/29/2024 06:52:02 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeUtilsService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na FreemakeUtilsService.Program.Main(System.String[])
Error: (10/29/2024 06:37:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: app_updater.exe, verze: 1.1.5.708, časové razítko: 0x5d22f5b2
Název chybujícího modulu: zlib1.dll, verze: 1.2.8.0, časové razítko: 0x5190dfa0
Kód výjimky: 0xc0000005
Posun chyby: 0x00003650
ID chybujícího procesu: 0x11c8
Čas spuštění chybující aplikace: 0x01db29c482f033a8
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
ID zprávy: 8b4c3869-1c7d-4f84-8e0b-bb19a1df6caa
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/29/2024 06:36:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5ef59988
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.5007, časové razítko: 0x0943bdcd
Kód výjimky: 0xe0434352
Posun chyby: 0x001410a2
ID chybujícího procesu: 0x11ac
Čas spuštění chybující aplikace: 0x01db29c482f00095
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 144649db-67b2-424a-9552-62ce7d2c9c97
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (10/29/2024 05:07:02 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/29/2024 04:17:05 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/29/2024 03:53:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (10/29/2024 03:53:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Google Update (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (10/29/2024 03:51:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Digital Wave Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/29/2024 03:51:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (10/29/2024 03:51:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Freemake Improver bylo dosaženo časového limitu (45000 ms).
Error: (10/29/2024 03:51:35 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba kpm_service_23.2 skončila s následující chybou specifickou pro službu:
%%2147483753
CodeIntegrity:
===============
Date: 2024-10-29 16:17:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky 21.19\x64\com_antivirus.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1616 10/05/2012
Motherboard: ASUSTeK COMPUTER INC. P8Z77-M
Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Percentage of memory in use: 32%
Total physical RAM: 16329.56 MB
Available physical RAM: 11083.67 MB
Total Virtual: 16329.56 MB
Available Virtual: 10344.54 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:222.28 GB) (Free:69.74 GB) (Model: KINGSTON SA400S37240G) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:247.42 GB) (Model: WDC WD10EZEX-08M2NA0) NTFS
Drive f: (32_00_00) (Fixed) (Total:931.51 GB) (Free:201.89 GB) (Model: WDC WD10 EAVS-00D7B1 USB Device) NTFS
Drive h: (VERBATIM HD) (Fixed) (Total:931.28 GB) (Free:102.58 GB) (Model: TOSHIBA MQ01ABD100 USB Device) FAT32
\\?\Volume{dc828bda-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.29 GB) NTFS
\\?\Volume{dc828bda-0000-0000-0000-b0a737000000}\ () (Fixed) (Total:0.5 GB) (Free:0.07 GB) NTFS
\\?\Volume{dc828bda-0000-0000-0010-f2c737000000}\ () (Fixed) (Total:0.44 GB) (Free:0.12 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: DC828BDA)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=516 MB) - (Type=27)
Partition 4: (Not Active) - (Size=455 MB) - (Type=27)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 5CD73566)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: A7847012)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 3 (Size: 931.5 GB) (Disk ID: BB2073AC)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=FAT32)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Vnislav
- Návštěvník
- Příspěvky: 43
- Registrován: 21 kvě 2009 16:33
- Bydliště: Frýdek-Místek
- Kontaktovat uživatele:
Prosím o kontrolu
Vnislav
http://sagitt.net
http://sagitt.net
-
Rudy
- Site Admin
- Příspěvky: 119314
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
Task: {E0D4E453-441B-47FB-BB87-DCB5805C0182} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{6C19A204-69D4-49BF-A4B5-FE28AF82E978} => C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe [5507168 2024-10-14] (Google LLC -> Google LLC)
Task: {B0F9C9EA-979F-40E8-9E1A-80119D79022F} - System32\Tasks\Opera scheduled Autoupdate 1655300201 => C:\Users\Petr\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {B0F9C9EA-979F-40E8-9E1A-80119D79022F} - System32\Tasks\Opera scheduled Autoupdate 1655300201 => C:\Users\Petr\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [No File]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2023-01-20] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2023-01-20] <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-1834460780-1804597299-4512973-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> "C:\Users\Petr\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-1834460780-1804597299-4512973-1001_Classes\CLSID\{fa5312d1-0b58-428a-bd93-3b87ef89945d}\localserver32 -> "C:\Program Files\Skylum\Luminar Neo\Luminar Neo.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{4CD92558-0A7E-4ACE-84C0-DFAB338AB580}] => (Allow) C:\Users\Petr\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => No File
FirewallRules: [{64A1F6FA-CE4C-49AD-BDC0-1C8EEF645DC3}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\RM.exe => No File
FirewallRules: [{3B60EEEA-6E88-4F21-9556-C42A3CC795EE}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\RM.exe => No File
FirewallRules: [{5B5579CA-5803-4482-B9A0-5B10B1C32826}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\NGStudio.exe => No File
FirewallRules: [{F862CBC9-AB36-43D0-A57C-BAB7ED27104E}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\NGStudio.exe => No File
FirewallRules: [{D042F362-26D2-433E-B72B-9F2E23A487D4}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\UMI.exe => No File
FirewallRules: [{337D7F3A-B68F-4B5A-BA14-CEFBD2D9CC93}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\UMI.exe => No File
FirewallRules: [{7CF43036-2D9A-42F5-B78F-23509646624E}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe => No File
FirewallRules: [{90E93CB4-FCEE-41A3-B7A2-E5DC19FFA1D5}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe => No File
FirewallRules: [{96FF562B-44A2-4995-A983-2E9C6BB4DF5D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe => No File
FirewallRules: [{8FE7277C-F5F2-4DD1-8360-647912B1C249}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe => No File
FirewallRules: [{2785E762-F143-4427-B375-7CC4C83421CC}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe => No File
FirewallRules: [{5B177A80-2DC5-4EBD-9214-08393CC8B3F5}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe => No File
FirewallRules: [{76931BB2-66F7-4A5C-A65A-6D201501DB34}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{70F426BE-133C-44B8-AB44-6B291A0107AA}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe => No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Vnislav
- Návštěvník
- Příspěvky: 43
- Registrován: 21 kvě 2009 16:33
- Bydliště: Frýdek-Místek
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Fix result of Farbar Recovery Scan Tool (x64) Version: 29-10-2024
Ran by Petr (29-10-2024 21:40:08) Run:3
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
Task: {E0D4E453-441B-47FB-BB87-DCB5805C0182} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{6C19A204-69D4-49BF-A4B5-FE28AF82E978} => C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe [5507168 2024-10-14] (Google LLC -> Google LLC)
Task: {B0F9C9EA-979F-40E8-9E1A-80119D79022F} - System32\Tasks\Opera scheduled Autoupdate 1655300201 => C:\Users\Petr\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {B0F9C9EA-979F-40E8-9E1A-80119D79022F} - System32\Tasks\Opera scheduled Autoupdate 1655300201 => C:\Users\Petr\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [No File]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2023-01-20] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2023-01-20] <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-1834460780-1804597299-4512973-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> "C:\Users\Petr\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-1834460780-1804597299-4512973-1001_Classes\CLSID\{fa5312d1-0b58-428a-bd93-3b87ef89945d}\localserver32 -> "C:\Program Files\Skylum\Luminar Neo\Luminar Neo.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{4CD92558-0A7E-4ACE-84C0-DFAB338AB580}] => (Allow) C:\Users\Petr\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => No File
FirewallRules: [{64A1F6FA-CE4C-49AD-BDC0-1C8EEF645DC3}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\RM.exe => No File
FirewallRules: [{3B60EEEA-6E88-4F21-9556-C42A3CC795EE}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\RM.exe => No File
FirewallRules: [{5B5579CA-5803-4482-B9A0-5B10B1C32826}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\NGStudio.exe => No File
FirewallRules: [{F862CBC9-AB36-43D0-A57C-BAB7ED27104E}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\NGStudio.exe => No File
FirewallRules: [{D042F362-26D2-433E-B72B-9F2E23A487D4}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\UMI.exe => No File
FirewallRules: [{337D7F3A-B68F-4B5A-BA14-CEFBD2D9CC93}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\UMI.exe => No File
FirewallRules: [{7CF43036-2D9A-42F5-B78F-23509646624E}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe => No File
FirewallRules: [{90E93CB4-FCEE-41A3-B7A2-E5DC19FFA1D5}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe => No File
FirewallRules: [{96FF562B-44A2-4995-A983-2E9C6BB4DF5D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe => No File
FirewallRules: [{8FE7277C-F5F2-4DD1-8360-647912B1C249}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe => No File
FirewallRules: [{2785E762-F143-4427-B375-7CC4C83421CC}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe => No File
FirewallRules: [{5B177A80-2DC5-4EBD-9214-08393CC8B3F5}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe => No File
FirewallRules: [{76931BB2-66F7-4A5C-A65A-6D201501DB34}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{70F426BE-133C-44B8-AB44-6B291A0107AA}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E0D4E453-441B-47FB-BB87-DCB5805C0182}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0D4E453-441B-47FB-BB87-DCB5805C0182}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{6C19A204-69D4-49BF-A4B5-FE28AF82E978} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{6C19A204-69D4-49BF-A4B5-FE28AF82E978}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B0F9C9EA-979F-40E8-9E1A-80119D79022F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0F9C9EA-979F-40E8-9E1A-80119D79022F}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1655300201 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1655300201" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0F9C9EA-979F-40E8-9E1A-80119D79022F}" => not found
"C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1655300201" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1655300201" => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@canon.com/EPPEX => removed successfully
C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js => moved successfully
C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg => moved successfully
HKU\S-1-5-21-1834460780-1804597299-4512973-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000} => removed successfully
HKU\S-1-5-21-1834460780-1804597299-4512973-1001_Classes\CLSID\{fa5312d1-0b58-428a-bd93-3b87ef89945d} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => not found
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4CD92558-0A7E-4ACE-84C0-DFAB338AB580}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{64A1F6FA-CE4C-49AD-BDC0-1C8EEF645DC3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3B60EEEA-6E88-4F21-9556-C42A3CC795EE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5B5579CA-5803-4482-B9A0-5B10B1C32826}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F862CBC9-AB36-43D0-A57C-BAB7ED27104E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D042F362-26D2-433E-B72B-9F2E23A487D4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{337D7F3A-B68F-4B5A-BA14-CEFBD2D9CC93}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7CF43036-2D9A-42F5-B78F-23509646624E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{90E93CB4-FCEE-41A3-B7A2-E5DC19FFA1D5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{96FF562B-44A2-4995-A983-2E9C6BB4DF5D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8FE7277C-F5F2-4DD1-8360-647912B1C249}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2785E762-F143-4427-B375-7CC4C83421CC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5B177A80-2DC5-4EBD-9214-08393CC8B3F5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{76931BB2-66F7-4A5C-A65A-6D201501DB34}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{70F426BE-133C-44B8-AB44-6B291A0107AA}" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 444543384 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 3587181 B
Edge => 0 B
Chrome => 2747602579 B
Firefox => 1245887491 B
Opera => 425802199 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 55 B
systemprofile32 => 55 B
LocalService => 55 B
NetworkService => 55 B
Petr => 43203661 B
RecycleBin => 1097166865 B
EmptyTemp: => 5.6 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 21:52:33 ====
Ran by Petr (29-10-2024 21:40:08) Run:3
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
Task: {E0D4E453-441B-47FB-BB87-DCB5805C0182} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{6C19A204-69D4-49BF-A4B5-FE28AF82E978} => C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe [5507168 2024-10-14] (Google LLC -> Google LLC)
Task: {B0F9C9EA-979F-40E8-9E1A-80119D79022F} - System32\Tasks\Opera scheduled Autoupdate 1655300201 => C:\Users\Petr\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {B0F9C9EA-979F-40E8-9E1A-80119D79022F} - System32\Tasks\Opera scheduled Autoupdate 1655300201 => C:\Users\Petr\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [No File]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2023-01-20] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2023-01-20] <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-1834460780-1804597299-4512973-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> "C:\Users\Petr\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-1834460780-1804597299-4512973-1001_Classes\CLSID\{fa5312d1-0b58-428a-bd93-3b87ef89945d}\localserver32 -> "C:\Program Files\Skylum\Luminar Neo\Luminar Neo.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{4CD92558-0A7E-4ACE-84C0-DFAB338AB580}] => (Allow) C:\Users\Petr\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => No File
FirewallRules: [{64A1F6FA-CE4C-49AD-BDC0-1C8EEF645DC3}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\RM.exe => No File
FirewallRules: [{3B60EEEA-6E88-4F21-9556-C42A3CC795EE}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\RM.exe => No File
FirewallRules: [{5B5579CA-5803-4482-B9A0-5B10B1C32826}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\NGStudio.exe => No File
FirewallRules: [{F862CBC9-AB36-43D0-A57C-BAB7ED27104E}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\NGStudio.exe => No File
FirewallRules: [{D042F362-26D2-433E-B72B-9F2E23A487D4}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\UMI.exe => No File
FirewallRules: [{337D7F3A-B68F-4B5A-BA14-CEFBD2D9CC93}] => (Allow) C:\Program Files\Pinnacle\Studio Trial\programs\UMI.exe => No File
FirewallRules: [{7CF43036-2D9A-42F5-B78F-23509646624E}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe => No File
FirewallRules: [{90E93CB4-FCEE-41A3-B7A2-E5DC19FFA1D5}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe => No File
FirewallRules: [{96FF562B-44A2-4995-A983-2E9C6BB4DF5D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe => No File
FirewallRules: [{8FE7277C-F5F2-4DD1-8360-647912B1C249}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe => No File
FirewallRules: [{2785E762-F143-4427-B375-7CC4C83421CC}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe => No File
FirewallRules: [{5B177A80-2DC5-4EBD-9214-08393CC8B3F5}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe => No File
FirewallRules: [{76931BB2-66F7-4A5C-A65A-6D201501DB34}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{70F426BE-133C-44B8-AB44-6B291A0107AA}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E0D4E453-441B-47FB-BB87-DCB5805C0182}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0D4E453-441B-47FB-BB87-DCB5805C0182}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{6C19A204-69D4-49BF-A4B5-FE28AF82E978} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{6C19A204-69D4-49BF-A4B5-FE28AF82E978}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B0F9C9EA-979F-40E8-9E1A-80119D79022F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0F9C9EA-979F-40E8-9E1A-80119D79022F}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1655300201 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1655300201" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0F9C9EA-979F-40E8-9E1A-80119D79022F}" => not found
"C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1655300201" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1655300201" => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@canon.com/EPPEX => removed successfully
C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js => moved successfully
C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg => moved successfully
HKU\S-1-5-21-1834460780-1804597299-4512973-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000} => removed successfully
HKU\S-1-5-21-1834460780-1804597299-4512973-1001_Classes\CLSID\{fa5312d1-0b58-428a-bd93-3b87ef89945d} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => not found
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4CD92558-0A7E-4ACE-84C0-DFAB338AB580}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{64A1F6FA-CE4C-49AD-BDC0-1C8EEF645DC3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3B60EEEA-6E88-4F21-9556-C42A3CC795EE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5B5579CA-5803-4482-B9A0-5B10B1C32826}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F862CBC9-AB36-43D0-A57C-BAB7ED27104E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D042F362-26D2-433E-B72B-9F2E23A487D4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{337D7F3A-B68F-4B5A-BA14-CEFBD2D9CC93}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7CF43036-2D9A-42F5-B78F-23509646624E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{90E93CB4-FCEE-41A3-B7A2-E5DC19FFA1D5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{96FF562B-44A2-4995-A983-2E9C6BB4DF5D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8FE7277C-F5F2-4DD1-8360-647912B1C249}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2785E762-F143-4427-B375-7CC4C83421CC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5B177A80-2DC5-4EBD-9214-08393CC8B3F5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{76931BB2-66F7-4A5C-A65A-6D201501DB34}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{70F426BE-133C-44B8-AB44-6B291A0107AA}" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 444543384 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 3587181 B
Edge => 0 B
Chrome => 2747602579 B
Firefox => 1245887491 B
Opera => 425802199 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 55 B
systemprofile32 => 55 B
LocalService => 55 B
NetworkService => 55 B
Petr => 43203661 B
RecycleBin => 1097166865 B
EmptyTemp: => 5.6 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 21:52:33 ====
Vnislav
http://sagitt.net
http://sagitt.net
-
Rudy
- Site Admin
- Příspěvky: 119314
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Smazáno. Log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Vnislav
- Návštěvník
- Příspěvky: 43
- Registrován: 21 kvě 2009 16:33
- Bydliště: Frýdek-Místek
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Rudy děkuji, poslal jsem vám drobný příspěvek na provoz, vždy jsi pomohl a i tentokrát jsi s tím měl práci, ale tentokrát se bohužel nepodařilo. Problém s otevřením chráněného prohlížeče při platbách přes internet nadále přetrvává 
Vnislav
http://sagitt.net
http://sagitt.net
-
Rudy
- Site Admin
- Příspěvky: 119314
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Nemáte zač. Co se stane, pokud vypnete Kasperského?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Vnislav
- Návštěvník
- Příspěvky: 43
- Registrován: 21 kvě 2009 16:33
- Bydliště: Frýdek-Místek
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Když Kasperského vypnu, tak se chráněný prohlížeč vypne také, je to součást antiviru, ale ráno jsem zjistil zajímavou skutečnost (možná i příčinu, proč to na notebooku funguje). To blikání okna vzniká jen v plně otevřeném okně. A ono si to pamatuje velikost minule otevřeného okna. Když se mi tedy podaří kliknout v blikajícím okně v pravém horním rohu, kliknout na ikonku zmenšení okna, tak blikání skončí a vše už probíhá standardně.
Přišel jsem na to náhodou, když jsem zkusil chráněné okno otevřít v Edge.
Přišel jsem na to náhodou, když jsem zkusil chráněné okno otevřít v Edge.
Vnislav
http://sagitt.net
http://sagitt.net
-
Rudy
- Site Admin
- Příspěvky: 119314
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
To je možné. Chráněný prohlížeč Kaspersky neznám. Díky za nasměrování.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26
Platform: x64 Windows 10 (Pro), 10.0.19045.5073 (ReleaseId: 2009), Service Pack: 0
Time: 03.11.2024 - 19:43 (UTC+01:00)
Language: OS: Czech (0x405). Display: Czech (0x405). Non-Unicode: Czech (0x405)
Elevated: Yes
Ran by: lenha (group: Administrator) on PRACOVNA-PC, FirstRun: yes
Chrome: 130.0.6723.92
Internet Explorer: 11.0.19041.4355
Default: "C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1 (Avast Secure Browser)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AntiTrackSvc.exe
1 C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe
3 C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe
1 C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\Ekag20nt.exe
1 C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
1 C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
1 C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
1 C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
1 C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
1 C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
1 C:\Program Files (x86)\BraveSoftware\Update\1.3.361.151\BraveCrashHandler.exe
1 C:\Program Files (x86)\BraveSoftware\Update\1.3.361.151\BraveCrashHandler64.exe
1 C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
2 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
1 C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
6 C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\msedgewebview2.exe
5 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
1 C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe
2 C:\Program Files (x86)\eM Client\MailClient.exe
1 C:\Program Files\Avast Software\Avast\AvastNM.exe
1 C:\Program Files\Avast Software\Avast\AvastSvc.exe
4 C:\Program Files\Avast Software\Avast\AvastUI.exe
1 C:\Program Files\Avast Software\Avast\afwServ.exe
1 C:\Program Files\Avast Software\Avast\aswEngSrv.exe
1 C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
1 C:\Program Files\Avast Software\Avast\aswidsagent.exe
1 C:\Program Files\Avast Software\Avast\wsc_proxy.exe
35 C:\Program Files\Avast Software\Browser\Application\AvastBrowser.exe
1 C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
3 C:\Program Files\Avast Software\Cleanup\TuneupUI.exe
3 C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe
1 C:\Program Files\Avast Software\SecureLine VPN\VpnNM.exe
1 C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
7 C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe
1 C:\Program Files\Private Internet Access\pia-service.exe
1 C:\Program Files\Sandboxie\SbieCtrl.exe
1 C:\Program Files\Sandboxie\SbieSvc.exe
1 C:\Program Files\UNi Xonar Audio\Customapp\AsusAudioCenter.exe
1 C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc\AdobeNotificationClient.exe
1 C:\Users\lenha\AppData\Local\Programs\Opera beta\115.0.5322.36\opera_crashreporter.exe
24 C:\Users\lenha\AppData\Local\Programs\Opera beta\opera.exe
1 C:\Users\lenha\AppData\Local\Programs\Zoner\ZPS X\binary\Program64\MediaServer.exe
1 C:\Users\lenha\OneDrive\Plocha\HiJackThis\HiJackThis.exe
1 C:\Windows\SysWOW64\HsMgr.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\CompPkgSrv.exe
1 C:\Windows\System32\DbxSvc.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0407412.inf_amd64_101d3d4e34955a9f\B407018\atieclxx.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0407412.inf_amd64_101d3d4e34955a9f\B407018\atiesrxx.exe
1 C:\Windows\System32\OpenSSH\sshd.exe
5 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\amdfendrsr.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\cmd.exe
3 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\escsvc64.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spool\drivers\x64\3\E_YATIR4E.EXE
1 C:\Windows\System32\spoolsv.exe
79 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
2 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\System\HsMgr64.exe
1 C:\Windows\explorer.exe
1 D:\Program Files\Microvirt\MEmu\MemuService.exe
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: [SuggestionsURL,SuggestionsURLFallback] = http://clients5.google.com/complete/sea ... utEncoding} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: [URL] = http://www.google.com/search?q={searchTerms} - Google
O2 - HKLM\..\BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (file missing)
O2 - HKLM\..\BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\130.0.2849.68\BHO\ie_to_edge_bho_64.dll
O2 - HKLM\..\BHO: Virtual Storage Mount Notification - {2AB64452-BF56-46EB-AB36-C0BCBD63DE90}' - (no file)
O2-32 - HKLM\..\BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\130.0.2849.68\BHO\ie_to_edge_bho.dll
O2-32 - HKLM\..\BHO: Virtual Storage Mount Notification - {2AB64452-BF56-46EB-AB36-C0BCBD63DE90}' - (no file)
O3 - HKLM\..\Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (file missing)
O3-32 - HKLM\..\Toolbar: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O4 - Global User Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk -> C:\Program Files (x86)\Avast Software\SecureLine VPN\Vpn.exe /nogui
O4 - HKCU\..\Run: [CCXProcess] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] = C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIR4E.EXE /EPT "EPLTarget\P0000000000000001" /M "L3050 Series"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_6D574DA12716EFB537B92F0EEBFCAF06] = C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_B35CAAF2922F2B86A8380284712FD151] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start
O4 - HKCU\..\Run: [Opera Next] = C:\Users\lenha\AppData\Local\Programs\Opera beta\opera.exe
O4 - HKCU\..\Run: [SandboxieControl] = C:\Program Files\Sandboxie\SbieCtrl.exe
O4 - HKCU\..\Run: [Zoner Media Server 19] = C:\Users\lenha\AppData\Local\Programs\Zoner\ZPS X\binary\Program64\MediaServer.exe
O4 - HKCU\..\Run: [eM Client] = C:\Program Files (x86)\eM Client\MailClient.exe /startup
O4 - HKCU\..\RunOnce: [Application Restart #0] = C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe --component-updater=url-source=https://go-updater.brave.com/extensions ... extensions --disable-domain-reliability --enable-distillability-service --enable-dom-distiller --lso-url=https://no-thanks.invalid --no-startup-window --origin-trial-public-key=bYUKPJoPnCxeNvu72j4EmPuK7tr1PAC7SHh8ld9Mw3E=,fMS4mpO6buLQ/QMd+zJmxzty/VQ6B1EUZqoCU04zoRU= --prefetch:5 --sync-url=https://sync-v2.brave.com/v2 --variations-insecure-server-url=https://variations.brave.com/seed --variations-server-url=https://variations.brave.com/seed --restore-last-session --restart
O4 - HKCU\..\StartupApproved\Run: [DeepL] = C:\Users\lenha\AppData\Local\DeepL\app-2.7.11979\DeepL.exe --minimized (2024/10/07)
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\lenha\AppData\Local\Discord\Update.exe --processStart Discord.exe (2024/10/07)
O4 - HKCU\..\StartupApproved\Run: [EPSDNMON] = C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE (2022/05/25)
O4 - HKCU\..\StartupApproved\Run: [GarminExpress] = C:\Program Files (x86)\Garmin\Express\express.exe /minimized (2024/10/07)
O4 - HKCU\..\StartupApproved\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\99.0.0.0\GoogleDriveFS.exe --startup_mode (2024/09/25)
O4 - HKCU\..\StartupApproved\Run: [Kryptex] = C:\Users\lenha\AppData\Local\Programs\kryptex-app\Kryptex.exe --from-startup (2024/10/07)
O4 - HKCU\..\StartupApproved\Run: [Microsoft Edge Update] = C:\Users\lenha\AppData\Local\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateCore.exe (2024/10/07)
O4 - HKCU\..\StartupApproved\Run: [OneDriveSetup] = C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (2024/10/07)
O4 - HKCU\..\StartupApproved\Run: [Weto Bulletin] = C:\Weto\Liberta\Program\Weto_Bulletin.exe /c (2024/10/07)
O4 - HKCU\..\StartupApproved\Run: [cz.seznam.software.autoupdate] = C:\Users\lenha\AppData\Roaming\Seznam.cz\szninstall.exe -c (2022/03/04)
O4 - HKCU\..\StartupApproved\Run: [cz.seznam.software.szndesktop] = C:\Users\lenha\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe -q (2022/03/04)
O4 - HKLM\..\Run: [AvastUI.exe] = C:\Program Files\Avast Software\Avast\AvLaunch.exe /gui
O4 - HKLM\..\Run: [Cmaudio8788GX64] = C:\WINDOWS\system\HsMgr64.exe Envoke
O4 - HKLM\..\Run: [Cmaudio8788GX] = C:\WINDOWS\syswow64\HsMgr.exe Envoke
O4 - HKLM\..\Run: [Cmaudio8788] = C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\cmicnfgp.dll,CMICtrlWnd
O4 - HKLM\..\Run: [TuneupUI.exe] = C:\Program Files\Avast Software\Cleanup\TuneupUI.exe /nogui
O4 - HKLM\..\StartupApproved\Run32: [Dropbox] = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup (2024/10/07)
O4 - HKLM\..\StartupApproved\Run32: [EEventManager] = C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (2024/10/07)
O4 - HKLM\..\StartupApproved\Run32: [PDFPrint] = C:\Program Files (x86)\PDF24\pdf24.exe (2024/10/07)
O4 - HKLM\..\StartupApproved\Run32: [PMBVolumeWatcher] = C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe /SysAutoRun (2022/12/18)
O4 - HKLM\..\StartupApproved\Run32: [SPUpDateServerrun] = C:\Program Files (x86)\hik\update_server\startUp.exe (2024/10/07)
O4 - HKLM\..\StartupApproved\Run32: [WDDiscovery] = C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe --autolaunch (2024/10/07)
O4 - HKLM\..\StartupApproved\Run32: [seznam-listicka-distribuce] = C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate (2024/10/07)
O4 - HKLM\..\StartupApproved\Run: [AdobeGCInvoker-1.0] = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (2024/10/07)
O4 - HKLM\..\StartupApproved\Run: [EPPCCMON] = C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE (2024/10/07)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Khadas Tone Control Panel Autostart.lnk -> C:\Program Files\Khadas\Tone Driver\W10_x64\KhadasUsbAudioCpl.exe -hide (2022/05/25)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TUSBAudio Control Panel Autostart.lnk -> C:\Program Files\Thesycon\TUSBAudio Driver EVAL\W10_x64\TUSBAudioCpl.exe -hide (2024/10/07)
O4 - HKU\.DEFAULT\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\99.0.0.0\GoogleDriveFS.exe --startup_mode
O4 - HKU\S-1-5-19\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\99.0.0.0\GoogleDriveFS.exe --startup_mode
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-19\..\StartupApproved\Run: [OneDriveSetup] = C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (2024/10/07)
O4 - HKU\S-1-5-20\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\99.0.0.0\GoogleDriveFS.exe --startup_mode
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-20\..\StartupApproved\Run: [OneDriveSetup] = C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (2024/10/07)
O4-32 - HKLM\..\Run: [Adobe Creative Cloud] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true
O17 - DHCP DNS 1: 192.168.163.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveCloudOverlayIconHandler: GoogleDriveCloudOverlayIconHandler - {A8E52322-8734-481D-A7E2-27B309EF8D56} - C:\Program Files\Google\Drive File Stream\99.0.0.0\drivefsext.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveMirrorBlacklistedOverlayIconHandler: GoogleDriveMirrorBlacklistedOverlayIconHandler - {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} - C:\Program Files\Google\Drive File Stream\99.0.0.0\drivefsext.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDrivePinnedOverlayIconHandler: GoogleDrivePinnedOverlayIconHandler - {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} - C:\Program Files\Google\Drive File Stream\99.0.0.0\drivefsext.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveProgressOverlayIconHandler: GoogleDriveProgressOverlayIconHandler - {C973DA94-CBDF-4E77-81D1-E5B794FBD146} - C:\Program Files\Google\Drive File Stream\99.0.0.0\drivefsext.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ WDDesktopIconOverlay01: WDDesktopIconOverlay_Syncing - {4F8A325E-9DAF-44B8-A825-1A14DFA0FA78} - C:\WINDOWS\system32\mscoree.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ WDDesktopIconOverlay02: WDDesktopIconOverlay_SyncFailed - {0176BDDE-B59A-4A1E-808B-CAD461415CCA} - C:\WINDOWS\system32\mscoree.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ WDDesktopIconOverlay03: WDDesktopIconOverlay_SyncedAndShared - {B65909D1-57AF-41F5-AB94-BEB733F62B35} - C:\WINDOWS\system32\mscoree.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ WDDesktopIconOverlay04: WDDesktopIconOverlay_Synced - {C6C2397D-8238-4332-8935-86C39C7C165F} - C:\WINDOWS\system32\mscoree.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ WDDesktopIconOverlay05: WDDesktopIconOverlay_PrivateShare - {E7B3BCF9-0386-4B5F-AE6A-91B9F1423973} - C:\WINDOWS\system32\mscoree.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ WDDesktopIconOverlay06: WDDesktopIconOverlay_PublicShare - {564EA121-D9DA-485D-82C2-C2ED7BFCCEAD} - C:\WINDOWS\system32\mscoree.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ 01UnsuppModule: UnsuppModule Class - {AEB16659-2125-4ADA-A4AB-45EE21E86469} - C:\Users\lenha\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ 02SyncingModule: SyncingModule Class - {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} - C:\Users\lenha\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ 03SyncedModule: SyncedModule Class - {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} - C:\Users\lenha\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ 04ReadOnlyModule: ReadOnlyModule Class - {A433C3E0-8B24-40EB-93C3-4B10D9959F58} - C:\Users\lenha\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ 05NoPermModule: NoPermModule Class - {C701AD67-3DF0-47C9-89CB-DFA6207BE229} - C:\Users\lenha\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco1: AccExtIco1 Class - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco2: AccExtIco2 Class - {853B7E05-C47D-4985-909A-D0DC5C6D7303} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco3: AccExtIco3 Class - {42D38F2E-98E9-4382-B546-E24E4D6D04BB} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\Avast Software\Avast\ashShell.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveCloudOverlayIconHandler: GoogleDriveCloudOverlayIconHandler - {A8E52322-8734-481D-A7E2-27B309EF8D56} - C:\Program Files\Google\Drive File Stream\99.0.0.0\x86\drivefsext.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveMirrorBlacklistedOverlayIconHandler: GoogleDriveMirrorBlacklistedOverlayIconHandler - {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} - C:\Program Files\Google\Drive File Stream\99.0.0.0\x86\drivefsext.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDrivePinnedOverlayIconHandler: GoogleDrivePinnedOverlayIconHandler - {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} - C:\Program Files\Google\Drive File Stream\99.0.0.0\x86\drivefsext.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveProgressOverlayIconHandler: GoogleDriveProgressOverlayIconHandler - {C973DA94-CBDF-4E77-81D1-E5B794FBD146} - C:\Program Files\Google\Drive File Stream\99.0.0.0\x86\drivefsext.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\00asw: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\Avast Software\Avast\x86\ashShell.dll
O21-32 - HKLM\..\ShellServiceObjectDelayLoad: Virtual Storage Mount Notification [WDFSMountNotificator-wdfsconnect2017] = {2AB64452-BF56-46EB-AB36-C0BCBD63DE90} - C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll
O22 - Task (.job): (Not scheduled) EPSON L3050 Series Update {28431FB6-C211-4263-A211-5F9905F0A5EA}.job - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSR4E.EXE /EXE:"{28431FB6-C211-4263-A211-5F9905F0A5EA}" /F:"Update"
O22 - Task (.job): DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
O22 - Task (.job): DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
O22 - Task: (disabled) (telemetry) \Microsoft\Windows\Customer Experience Improvement Program\Uploader - C:\WINDOWS\system32\WSqmCons.exe -u (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC Reboot (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery Reboot (Microsoft)
O22 - Task: (disabled) AMDAutoUpdate - C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe
O22 - Task: (disabled) ATuning - C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\ATuning.exe
O22 - Task: (disabled) Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: (disabled) AdobeGCInvoker-1.0 - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe -mode=scheduled
O22 - Task: (disabled) AsrAPPShop - C:\Program Files (x86)\ASRock Utility\APP Shop\AsrAPPShop.exe
O22 - Task: (disabled) BraveSoftwareUpdateTaskMachineCore - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /c
O22 - Task: (disabled) BraveSoftwareUpdateTaskMachineUA - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /ua /installsource scheduler
O22 - Task: (disabled) Christmas Task (One-Time) - C:\Program Files (x86)\IObit\IObit Uninstaller\Pub\xmas.exe /xr (file missing)
O22 - Task: (disabled) DropboxUpdateTaskMachineCore - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
O22 - Task: (disabled) DropboxUpdateTaskMachineUA - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
O22 - Task: (disabled) GarminUpdaterTask - C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe
O22 - Task: (disabled) KryptexElevation - C:\Users\lenha\AppData\Local\Programs\kryptex-app\Kryptex.exe
O22 - Task: (disabled) KryptexElevationFromStartup - C:\Users\lenha\AppData\Local\Programs\kryptex-app\Kryptex.exe --from-startup
O22 - Task: (disabled) SoftwareInformerService - C:\Program Files\Software Informer\softinfo.exe -service
O22 - Task: (disabled) StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay
O22 - Task: (disabled) StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe
O22 - Task: (disabled) Tweaking.com - Windows Repair Tray Icon - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
O22 - Task: (disabled) Uninstaller_SkipUac_lenha - C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer
O22 - Task: (disabled) WD Device Agent Task lenha - C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe
O22 - Task: (disabled) WD Discovery Service Task lenha - C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe
O22 - Task: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\WINDOWS\System32\Autopilot.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\WINDOWS\System32\Autopilot.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (disabled) \S-1-5-21-4160050988-2886862043-3056562062-1001\DataSenseLiveTileTask - C:\WINDOWS\System32\DataUsageLiveTileTask.exe
O22 - Task: (disabled) iTop Halloween Task (One-Time) - C:\Program Files\iTop Screen Recorder\Pub\itophalwp23.exe /halw (file missing)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaWallpaperAppDetect - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaWallpaperAppDetect (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft)
O22 - Task: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
O22 - Task: Adobe Uninstaller - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --sapCode=KBRG --productVersion=9.1 --productPlatform=win64 --appletID=AppsPanel_BL --appletVersion=1.0 --appMode=Uninstall
O22 - Task: Avast Secure Browser Heartbeat Task (Hourly) - C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe --type=heartbeat --hourly
O22 - Task: Avast Secure Browser Heartbeat Task (Logon) - C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe --type=heartbeat --logon
O22 - Task: AvastBrowserProtectS-1-5-21-4160050988-2886862043-3056562062-1001 - C:\Program Files\AVAST Software\Browser\Application\AvastBrowserProtect.exe --runonce
O22 - Task: AvastUpdateTaskMachineCore - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /c
O22 - Task: AvastUpdateTaskMachineUA - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /ua /installsource scheduler
O22 - Task: EPSON L3050 Series Update {28431FB6-C211-4263-A211-5F9905F0A5EA} - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSR4E.EXE /EXE:"{28431FB6-C211-4263-A211-5F9905F0A5EA}" /F:"Update"
O22 - Task: MicrosoftEdgeUpdateTaskUserS-1-5-21-4160050988-2886862043-3056562062-1001Core - C:\Users\lenha\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c
O22 - Task: MicrosoftEdgeUpdateTaskUserS-1-5-21-4160050988-2886862043-3056562062-1001UA - C:\Users\lenha\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /ua /installsource scheduler
O22 - Task: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser
O22 - Task: Opera scheduled Autoupdate 1613514748 - C:\Users\TEMP\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (file missing)
O22 - Task: Opera scheduled Autoupdate 1625161053 - C:\Users\TEMP\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (file missing)
O22 - Task: Opera scheduled Autoupdate 1691443487 - C:\Users\lenha\AppData\Local\Programs\Opera beta\autoupdate\opera_autoupdate.exe --scheduledtask --bypasslauncher $(Arg0)
O22 - Task: Opera scheduled assistant Autoupdate 1579852411 - C:\Program Files\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\assistant" $(Arg0) (file missing)
O22 - Task: Opera scheduled assistant Autoupdate 1613514752 - C:\Users\TEMP\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\TEMP\AppData\Local\Programs\Opera\assistant" $(Arg0) (file missing)
O22 - Task: Opera scheduled assistant Autoupdate 1625161061 - C:\Users\TEMP\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\TEMP\AppData\Local\Programs\Opera\assistant" $(Arg0) (file missing)
O22 - Task: Zoner.Updater.S-1-5-21-4160050988-2886862043-3056562062-1001 - C:\ProgramData\Zoner\Zoner.Installer.Core\Updater.exe --silent true
O22 - Task: \Avast Software\Avast Cleanup BugReport - C:\Program Files\Avast Software\Cleanup\AvBugReport.exe --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\Cleanup\log" --guid bdb3cda0-e315-4a8d-aaaa-0656510e1ec8
O22 - Task: \Avast Software\Avast Cleanup Update - C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe /update:avast-tu /silent
O22 - Task: \Avast Software\Avast Emergency Update - C:\Program Files\Avast Software\Avast\AvEmUpdate.exe
O22 - Task: \Avast Software\Avast SecureLine VPN Bug Report - C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\SecureLine VPN\log" --guid 3d202049-042e-47e2-8d7c-8c46606067eb
O22 - Task: \Avast Software\Avast SecureLine VPN Emergency Update - C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe
O22 - Task: \Avast Software\Avast SecureLine VPN Update - C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe /update:avast-vpn /silent
O22 - Task: \Avast Software\AvastAntiTrackPremiumStart - C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe -minimizedBoot
O22 - Task: \Avast Software\Overseer - C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1
O22 - Task: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{53187A67-62C0-4A8E-AFEA-93DADFD39509} - C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe --wake --system
O22 - Task: \Microsoft\Windows\AppListBackup\Backup - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\WINDOWS\system32\AppListBackupLauncher.dll (Microsoft)
O22 - Task: \Microsoft\Windows\AppListBackup\BackupNonMaintenance - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\WINDOWS\system32\AppListBackupLauncher.dll (Microsoft)
O22 - Task: \Microsoft\Windows\AppxDeploymentClient\UCPD velocity - C:\WINDOWS\system32\UCPDMgr.exe (Microsoft)
O22 - Task: \Microsoft\Windows\Clip\ClipESU - C:\WINDOWS\system32\clipesu.exe (Microsoft)
O22 - Task: \Microsoft\Windows\CloudRestore\Backup - {722D0F89-B69C-4700-AE8C-4A44350E4876},$(Arg0) - C:\WINDOWS\System32\CloudRestoreLauncher.dll (Microsoft)
O22 - Task: \Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask - {82AA0895-198A-4C1B-B2D1-C16894218AFB} - C:\WINDOWS\System32\unifiedconsent.dll (Microsoft)
O22 - Task: \Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler - {5AA199A0-1CED-43A5-9B85-3226086738A3} - (no file)
O22 - Task: \Microsoft\Windows\PI\SecureBootEncodeUEFI - C:\WINDOWS\system32\SecureBootEncodeUEFI.exe (Microsoft)
O22 - Task: \Microsoft\Windows\Printing\PrinterCleanupTask - {C56F065E-DE49-4E42-BE7C-305C45609D25} - C:\WINDOWS\System32\PrinterCleanupTask.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Shell\ThemesSyncedImageDownload - {79F8E185-4E45-4B74-8182-02AA430661E4} - C:\WINDOWS\System32\Themes.SsfDownload.ScheduledTask.dll (Microsoft)
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\AC Power Install - C:\WINDOWS\system32\usoclient.exe StartInstall (Microsoft)
O22 - Task: \Microsoft\Windows\WindowsUpdate\RUXIM\PLUGScheduler - C:\Program Files\RUXIM\PLUGscheduler.exe (Microsoft)
O22 - Task: \Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache - {07369A67-07A6-4608-ABEA-379491CB7C46} - C:\Windows\System32\UpdatePolicy.dll (Microsoft)
O23 - Service R2: AMD Crash Defender Service - C:\WINDOWS\System32\amdfendrsr.exe
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\u0407412.inf_amd64_101d3d4e34955a9f\B407018\atiesrxx.exe
O23 - Service R2: AdobeUpdateService - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service R2: Avast AntiTrack Service - (AvastAntiTrackSvc) - C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe
O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\Avast Software\Avast\AvastSvc.exe /runassvc
O23 - Service R2: Avast Cleanup - (CleanupPSvc) - C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
O23 - Service R2: Avast Firewall Service - (avast! Firewall) - C:\Program Files\Avast Software\Avast\afwServ.exe
O23 - Service R2: Avast SecureLine VPN - (SecureLine) - C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
O23 - Service R2: Avast Tools - (avast! Tools) - C:\Program Files\Avast Software\Avast\aswToolsSvc.exe /runassvc
O23 - Service R2: AvastWscReporter - C:\Program Files\Avast Software\Avast\wsc_proxy.exe /runassvc /rpcserver
O23 - Service R2: Avira Optimizer Host - (AviraOptimizerHost) - C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
O23 - Service R2: Avira Updater Service - (AviraUpdaterService) - C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
O23 - Service R2: DbxSvc - C:\WINDOWS\system32\DbxSvc.exe
O23 - Service R2: Epson Scanner Service - (EpsonScanSvc) - C:\WINDOWS\system32\EscSvc64.exe
O23 - Service R2: HuaweiHiSuiteService64.exe - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe -/service
O23 - Service R2: MEmuSVC - D:\Program Files\Microvirt\MEmu\MemuService.exe
O23 - Service R2: Private Internet Access Service - (PrivateInternetAccessService) - C:\Program Files\Private Internet Access\pia-service.exe
O23 - Service R2: Sandboxie Service - (SbieSvc) - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service R2: Wondershare Application Framework Service - (WsAppService) - C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe
O23 - Service R3: aswbIDSAgent - C:\Program Files\Avast Software\Avast\aswidsagent.exe
O23 - Service S2: Aktualizační služba Google (GoogleUpdaterService131.0.6776.0) - (GoogleUpdaterService131.0.6776.0) - C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe --system --windows-service --service=update
O23 - Service S2: Interní aktualizační služba Google (GoogleUpdaterInternalService131.0.6776.0) - (GoogleUpdaterInternalService131.0.6776.0) - C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe --system --windows-service --service=update-internal
O23 - Service S2: Služba Aktualizace Brave (brave) - (brave) - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /svc
O23 - Service S2: Služba Avast Browser Update (avast) - (avast) - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /svc
O23 - Service S2: Služba Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService) - (AvastSecureBrowserElevationService) - C:\Program Files\AVAST Software\Browser\Application\129.0.26740.101\elevation_service.exe
O23 - Service S3: Brave Elevation Service (BraveElevationService) - (BraveElevationService) - C:\Program Files\BraveSoftware\Brave-Browser\Application\130.1.71.121\elevation_service.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\130.0.6723.92\elevation_service.exe
O23 - Service S3: LibreOffice Maintenance Service - (LibreOfficeMaintenance) - C:\Program Files\LibreOffice\program\update_service.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Private Internet Access WireGuard Tunnel - (PrivateInternetAccessWireguard) - C:\Program Files\Private Internet Access\pia-wgservice.exe "C:\Program Files\Private Internet Access\data\wgpia0.conf"
O23 - Service S3: Služba Aktualizace Brave (bravem) - (bravem) - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /medsvc
O23 - Service S3: Služba Avast Browser Update (avastm) - (avastm) - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /medsvc
O23 - Service S3: Služba Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
--
End of file - Time spent: 8,2 sec. - 82126 bytes, CRC32: FFFFFFFF. Sign: 嫧ᖈ
Platform: x64 Windows 10 (Pro), 10.0.19045.5073 (ReleaseId: 2009), Service Pack: 0
Time: 03.11.2024 - 19:43 (UTC+01:00)
Language: OS: Czech (0x405). Display: Czech (0x405). Non-Unicode: Czech (0x405)
Elevated: Yes
Ran by: lenha (group: Administrator) on PRACOVNA-PC, FirstRun: yes
Chrome: 130.0.6723.92
Internet Explorer: 11.0.19041.4355
Default: "C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1 (Avast Secure Browser)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AntiTrackSvc.exe
1 C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe
3 C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe
1 C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\Ekag20nt.exe
1 C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
1 C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
1 C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
1 C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
1 C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
1 C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
1 C:\Program Files (x86)\BraveSoftware\Update\1.3.361.151\BraveCrashHandler.exe
1 C:\Program Files (x86)\BraveSoftware\Update\1.3.361.151\BraveCrashHandler64.exe
1 C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
2 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
1 C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
6 C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\msedgewebview2.exe
5 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
1 C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe
2 C:\Program Files (x86)\eM Client\MailClient.exe
1 C:\Program Files\Avast Software\Avast\AvastNM.exe
1 C:\Program Files\Avast Software\Avast\AvastSvc.exe
4 C:\Program Files\Avast Software\Avast\AvastUI.exe
1 C:\Program Files\Avast Software\Avast\afwServ.exe
1 C:\Program Files\Avast Software\Avast\aswEngSrv.exe
1 C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
1 C:\Program Files\Avast Software\Avast\aswidsagent.exe
1 C:\Program Files\Avast Software\Avast\wsc_proxy.exe
35 C:\Program Files\Avast Software\Browser\Application\AvastBrowser.exe
1 C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
3 C:\Program Files\Avast Software\Cleanup\TuneupUI.exe
3 C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe
1 C:\Program Files\Avast Software\SecureLine VPN\VpnNM.exe
1 C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
7 C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe
1 C:\Program Files\Private Internet Access\pia-service.exe
1 C:\Program Files\Sandboxie\SbieCtrl.exe
1 C:\Program Files\Sandboxie\SbieSvc.exe
1 C:\Program Files\UNi Xonar Audio\Customapp\AsusAudioCenter.exe
1 C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc\AdobeNotificationClient.exe
1 C:\Users\lenha\AppData\Local\Programs\Opera beta\115.0.5322.36\opera_crashreporter.exe
24 C:\Users\lenha\AppData\Local\Programs\Opera beta\opera.exe
1 C:\Users\lenha\AppData\Local\Programs\Zoner\ZPS X\binary\Program64\MediaServer.exe
1 C:\Users\lenha\OneDrive\Plocha\HiJackThis\HiJackThis.exe
1 C:\Windows\SysWOW64\HsMgr.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\CompPkgSrv.exe
1 C:\Windows\System32\DbxSvc.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0407412.inf_amd64_101d3d4e34955a9f\B407018\atieclxx.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0407412.inf_amd64_101d3d4e34955a9f\B407018\atiesrxx.exe
1 C:\Windows\System32\OpenSSH\sshd.exe
5 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\amdfendrsr.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\cmd.exe
3 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\escsvc64.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spool\drivers\x64\3\E_YATIR4E.EXE
1 C:\Windows\System32\spoolsv.exe
79 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
2 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\System\HsMgr64.exe
1 C:\Windows\explorer.exe
1 D:\Program Files\Microvirt\MEmu\MemuService.exe
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: [SuggestionsURL,SuggestionsURLFallback] = http://clients5.google.com/complete/sea ... utEncoding} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: [URL] = http://www.google.com/search?q={searchTerms} - Google
O2 - HKLM\..\BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (file missing)
O2 - HKLM\..\BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\130.0.2849.68\BHO\ie_to_edge_bho_64.dll
O2 - HKLM\..\BHO: Virtual Storage Mount Notification - {2AB64452-BF56-46EB-AB36-C0BCBD63DE90}' - (no file)
O2-32 - HKLM\..\BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\130.0.2849.68\BHO\ie_to_edge_bho.dll
O2-32 - HKLM\..\BHO: Virtual Storage Mount Notification - {2AB64452-BF56-46EB-AB36-C0BCBD63DE90}' - (no file)
O3 - HKLM\..\Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (file missing)
O3-32 - HKLM\..\Toolbar: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O4 - Global User Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk -> C:\Program Files (x86)\Avast Software\SecureLine VPN\Vpn.exe /nogui
O4 - HKCU\..\Run: [CCXProcess] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] = C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIR4E.EXE /EPT "EPLTarget\P0000000000000001" /M "L3050 Series"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_6D574DA12716EFB537B92F0EEBFCAF06] = C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_B35CAAF2922F2B86A8380284712FD151] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start
O4 - HKCU\..\Run: [Opera Next] = C:\Users\lenha\AppData\Local\Programs\Opera beta\opera.exe
O4 - HKCU\..\Run: [SandboxieControl] = C:\Program Files\Sandboxie\SbieCtrl.exe
O4 - HKCU\..\Run: [Zoner Media Server 19] = C:\Users\lenha\AppData\Local\Programs\Zoner\ZPS X\binary\Program64\MediaServer.exe
O4 - HKCU\..\Run: [eM Client] = C:\Program Files (x86)\eM Client\MailClient.exe /startup
O4 - HKCU\..\RunOnce: [Application Restart #0] = C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe --component-updater=url-source=https://go-updater.brave.com/extensions ... extensions --disable-domain-reliability --enable-distillability-service --enable-dom-distiller --lso-url=https://no-thanks.invalid --no-startup-window --origin-trial-public-key=bYUKPJoPnCxeNvu72j4EmPuK7tr1PAC7SHh8ld9Mw3E=,fMS4mpO6buLQ/QMd+zJmxzty/VQ6B1EUZqoCU04zoRU= --prefetch:5 --sync-url=https://sync-v2.brave.com/v2 --variations-insecure-server-url=https://variations.brave.com/seed --variations-server-url=https://variations.brave.com/seed --restore-last-session --restart
O4 - HKCU\..\StartupApproved\Run: [DeepL] = C:\Users\lenha\AppData\Local\DeepL\app-2.7.11979\DeepL.exe --minimized (2024/10/07)
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\lenha\AppData\Local\Discord\Update.exe --processStart Discord.exe (2024/10/07)
O4 - HKCU\..\StartupApproved\Run: [EPSDNMON] = C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE (2022/05/25)
O4 - HKCU\..\StartupApproved\Run: [GarminExpress] = C:\Program Files (x86)\Garmin\Express\express.exe /minimized (2024/10/07)
O4 - HKCU\..\StartupApproved\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\99.0.0.0\GoogleDriveFS.exe --startup_mode (2024/09/25)
O4 - HKCU\..\StartupApproved\Run: [Kryptex] = C:\Users\lenha\AppData\Local\Programs\kryptex-app\Kryptex.exe --from-startup (2024/10/07)
O4 - HKCU\..\StartupApproved\Run: [Microsoft Edge Update] = C:\Users\lenha\AppData\Local\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateCore.exe (2024/10/07)
O4 - HKCU\..\StartupApproved\Run: [OneDriveSetup] = C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (2024/10/07)
O4 - HKCU\..\StartupApproved\Run: [Weto Bulletin] = C:\Weto\Liberta\Program\Weto_Bulletin.exe /c (2024/10/07)
O4 - HKCU\..\StartupApproved\Run: [cz.seznam.software.autoupdate] = C:\Users\lenha\AppData\Roaming\Seznam.cz\szninstall.exe -c (2022/03/04)
O4 - HKCU\..\StartupApproved\Run: [cz.seznam.software.szndesktop] = C:\Users\lenha\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe -q (2022/03/04)
O4 - HKLM\..\Run: [AvastUI.exe] = C:\Program Files\Avast Software\Avast\AvLaunch.exe /gui
O4 - HKLM\..\Run: [Cmaudio8788GX64] = C:\WINDOWS\system\HsMgr64.exe Envoke
O4 - HKLM\..\Run: [Cmaudio8788GX] = C:\WINDOWS\syswow64\HsMgr.exe Envoke
O4 - HKLM\..\Run: [Cmaudio8788] = C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\cmicnfgp.dll,CMICtrlWnd
O4 - HKLM\..\Run: [TuneupUI.exe] = C:\Program Files\Avast Software\Cleanup\TuneupUI.exe /nogui
O4 - HKLM\..\StartupApproved\Run32: [Dropbox] = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup (2024/10/07)
O4 - HKLM\..\StartupApproved\Run32: [EEventManager] = C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (2024/10/07)
O4 - HKLM\..\StartupApproved\Run32: [PDFPrint] = C:\Program Files (x86)\PDF24\pdf24.exe (2024/10/07)
O4 - HKLM\..\StartupApproved\Run32: [PMBVolumeWatcher] = C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe /SysAutoRun (2022/12/18)
O4 - HKLM\..\StartupApproved\Run32: [SPUpDateServerrun] = C:\Program Files (x86)\hik\update_server\startUp.exe (2024/10/07)
O4 - HKLM\..\StartupApproved\Run32: [WDDiscovery] = C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe --autolaunch (2024/10/07)
O4 - HKLM\..\StartupApproved\Run32: [seznam-listicka-distribuce] = C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate (2024/10/07)
O4 - HKLM\..\StartupApproved\Run: [AdobeGCInvoker-1.0] = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (2024/10/07)
O4 - HKLM\..\StartupApproved\Run: [EPPCCMON] = C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE (2024/10/07)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Khadas Tone Control Panel Autostart.lnk -> C:\Program Files\Khadas\Tone Driver\W10_x64\KhadasUsbAudioCpl.exe -hide (2022/05/25)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TUSBAudio Control Panel Autostart.lnk -> C:\Program Files\Thesycon\TUSBAudio Driver EVAL\W10_x64\TUSBAudioCpl.exe -hide (2024/10/07)
O4 - HKU\.DEFAULT\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\99.0.0.0\GoogleDriveFS.exe --startup_mode
O4 - HKU\S-1-5-19\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\99.0.0.0\GoogleDriveFS.exe --startup_mode
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-19\..\StartupApproved\Run: [OneDriveSetup] = C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (2024/10/07)
O4 - HKU\S-1-5-20\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\99.0.0.0\GoogleDriveFS.exe --startup_mode
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-20\..\StartupApproved\Run: [OneDriveSetup] = C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (2024/10/07)
O4-32 - HKLM\..\Run: [Adobe Creative Cloud] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true
O17 - DHCP DNS 1: 192.168.163.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveCloudOverlayIconHandler: GoogleDriveCloudOverlayIconHandler - {A8E52322-8734-481D-A7E2-27B309EF8D56} - C:\Program Files\Google\Drive File Stream\99.0.0.0\drivefsext.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveMirrorBlacklistedOverlayIconHandler: GoogleDriveMirrorBlacklistedOverlayIconHandler - {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} - C:\Program Files\Google\Drive File Stream\99.0.0.0\drivefsext.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDrivePinnedOverlayIconHandler: GoogleDrivePinnedOverlayIconHandler - {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} - C:\Program Files\Google\Drive File Stream\99.0.0.0\drivefsext.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveProgressOverlayIconHandler: GoogleDriveProgressOverlayIconHandler - {C973DA94-CBDF-4E77-81D1-E5B794FBD146} - C:\Program Files\Google\Drive File Stream\99.0.0.0\drivefsext.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ WDDesktopIconOverlay01: WDDesktopIconOverlay_Syncing - {4F8A325E-9DAF-44B8-A825-1A14DFA0FA78} - C:\WINDOWS\system32\mscoree.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ WDDesktopIconOverlay02: WDDesktopIconOverlay_SyncFailed - {0176BDDE-B59A-4A1E-808B-CAD461415CCA} - C:\WINDOWS\system32\mscoree.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ WDDesktopIconOverlay03: WDDesktopIconOverlay_SyncedAndShared - {B65909D1-57AF-41F5-AB94-BEB733F62B35} - C:\WINDOWS\system32\mscoree.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ WDDesktopIconOverlay04: WDDesktopIconOverlay_Synced - {C6C2397D-8238-4332-8935-86C39C7C165F} - C:\WINDOWS\system32\mscoree.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ WDDesktopIconOverlay05: WDDesktopIconOverlay_PrivateShare - {E7B3BCF9-0386-4B5F-AE6A-91B9F1423973} - C:\WINDOWS\system32\mscoree.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ WDDesktopIconOverlay06: WDDesktopIconOverlay_PublicShare - {564EA121-D9DA-485D-82C2-C2ED7BFCCEAD} - C:\WINDOWS\system32\mscoree.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ 01UnsuppModule: UnsuppModule Class - {AEB16659-2125-4ADA-A4AB-45EE21E86469} - C:\Users\lenha\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ 02SyncingModule: SyncingModule Class - {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} - C:\Users\lenha\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ 03SyncedModule: SyncedModule Class - {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} - C:\Users\lenha\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ 04ReadOnlyModule: ReadOnlyModule Class - {A433C3E0-8B24-40EB-93C3-4B10D9959F58} - C:\Users\lenha\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ 05NoPermModule: NoPermModule Class - {C701AD67-3DF0-47C9-89CB-DFA6207BE229} - C:\Users\lenha\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco1: AccExtIco1 Class - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco2: AccExtIco2 Class - {853B7E05-C47D-4985-909A-D0DC5C6D7303} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco3: AccExtIco3 Class - {42D38F2E-98E9-4382-B546-E24E4D6D04BB} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\Avast Software\Avast\ashShell.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveCloudOverlayIconHandler: GoogleDriveCloudOverlayIconHandler - {A8E52322-8734-481D-A7E2-27B309EF8D56} - C:\Program Files\Google\Drive File Stream\99.0.0.0\x86\drivefsext.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveMirrorBlacklistedOverlayIconHandler: GoogleDriveMirrorBlacklistedOverlayIconHandler - {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} - C:\Program Files\Google\Drive File Stream\99.0.0.0\x86\drivefsext.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDrivePinnedOverlayIconHandler: GoogleDrivePinnedOverlayIconHandler - {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} - C:\Program Files\Google\Drive File Stream\99.0.0.0\x86\drivefsext.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveProgressOverlayIconHandler: GoogleDriveProgressOverlayIconHandler - {C973DA94-CBDF-4E77-81D1-E5B794FBD146} - C:\Program Files\Google\Drive File Stream\99.0.0.0\x86\drivefsext.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\00asw: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\Avast Software\Avast\x86\ashShell.dll
O21-32 - HKLM\..\ShellServiceObjectDelayLoad: Virtual Storage Mount Notification [WDFSMountNotificator-wdfsconnect2017] = {2AB64452-BF56-46EB-AB36-C0BCBD63DE90} - C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll
O22 - Task (.job): (Not scheduled) EPSON L3050 Series Update {28431FB6-C211-4263-A211-5F9905F0A5EA}.job - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSR4E.EXE /EXE:"{28431FB6-C211-4263-A211-5F9905F0A5EA}" /F:"Update"
O22 - Task (.job): DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
O22 - Task (.job): DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
O22 - Task: (disabled) (telemetry) \Microsoft\Windows\Customer Experience Improvement Program\Uploader - C:\WINDOWS\system32\WSqmCons.exe -u (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC Reboot (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery Reboot (Microsoft)
O22 - Task: (disabled) AMDAutoUpdate - C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe
O22 - Task: (disabled) ATuning - C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\ATuning.exe
O22 - Task: (disabled) Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: (disabled) AdobeGCInvoker-1.0 - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe -mode=scheduled
O22 - Task: (disabled) AsrAPPShop - C:\Program Files (x86)\ASRock Utility\APP Shop\AsrAPPShop.exe
O22 - Task: (disabled) BraveSoftwareUpdateTaskMachineCore - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /c
O22 - Task: (disabled) BraveSoftwareUpdateTaskMachineUA - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /ua /installsource scheduler
O22 - Task: (disabled) Christmas Task (One-Time) - C:\Program Files (x86)\IObit\IObit Uninstaller\Pub\xmas.exe /xr (file missing)
O22 - Task: (disabled) DropboxUpdateTaskMachineCore - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
O22 - Task: (disabled) DropboxUpdateTaskMachineUA - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
O22 - Task: (disabled) GarminUpdaterTask - C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe
O22 - Task: (disabled) KryptexElevation - C:\Users\lenha\AppData\Local\Programs\kryptex-app\Kryptex.exe
O22 - Task: (disabled) KryptexElevationFromStartup - C:\Users\lenha\AppData\Local\Programs\kryptex-app\Kryptex.exe --from-startup
O22 - Task: (disabled) SoftwareInformerService - C:\Program Files\Software Informer\softinfo.exe -service
O22 - Task: (disabled) StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay
O22 - Task: (disabled) StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe
O22 - Task: (disabled) Tweaking.com - Windows Repair Tray Icon - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
O22 - Task: (disabled) Uninstaller_SkipUac_lenha - C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer
O22 - Task: (disabled) WD Device Agent Task lenha - C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe
O22 - Task: (disabled) WD Discovery Service Task lenha - C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe
O22 - Task: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\WINDOWS\System32\Autopilot.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\WINDOWS\System32\Autopilot.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (disabled) \S-1-5-21-4160050988-2886862043-3056562062-1001\DataSenseLiveTileTask - C:\WINDOWS\System32\DataUsageLiveTileTask.exe
O22 - Task: (disabled) iTop Halloween Task (One-Time) - C:\Program Files\iTop Screen Recorder\Pub\itophalwp23.exe /halw (file missing)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaWallpaperAppDetect - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaWallpaperAppDetect (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft)
O22 - Task: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
O22 - Task: Adobe Uninstaller - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --sapCode=KBRG --productVersion=9.1 --productPlatform=win64 --appletID=AppsPanel_BL --appletVersion=1.0 --appMode=Uninstall
O22 - Task: Avast Secure Browser Heartbeat Task (Hourly) - C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe --type=heartbeat --hourly
O22 - Task: Avast Secure Browser Heartbeat Task (Logon) - C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe --type=heartbeat --logon
O22 - Task: AvastBrowserProtectS-1-5-21-4160050988-2886862043-3056562062-1001 - C:\Program Files\AVAST Software\Browser\Application\AvastBrowserProtect.exe --runonce
O22 - Task: AvastUpdateTaskMachineCore - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /c
O22 - Task: AvastUpdateTaskMachineUA - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /ua /installsource scheduler
O22 - Task: EPSON L3050 Series Update {28431FB6-C211-4263-A211-5F9905F0A5EA} - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSR4E.EXE /EXE:"{28431FB6-C211-4263-A211-5F9905F0A5EA}" /F:"Update"
O22 - Task: MicrosoftEdgeUpdateTaskUserS-1-5-21-4160050988-2886862043-3056562062-1001Core - C:\Users\lenha\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c
O22 - Task: MicrosoftEdgeUpdateTaskUserS-1-5-21-4160050988-2886862043-3056562062-1001UA - C:\Users\lenha\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /ua /installsource scheduler
O22 - Task: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser
O22 - Task: Opera scheduled Autoupdate 1613514748 - C:\Users\TEMP\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (file missing)
O22 - Task: Opera scheduled Autoupdate 1625161053 - C:\Users\TEMP\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (file missing)
O22 - Task: Opera scheduled Autoupdate 1691443487 - C:\Users\lenha\AppData\Local\Programs\Opera beta\autoupdate\opera_autoupdate.exe --scheduledtask --bypasslauncher $(Arg0)
O22 - Task: Opera scheduled assistant Autoupdate 1579852411 - C:\Program Files\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\assistant" $(Arg0) (file missing)
O22 - Task: Opera scheduled assistant Autoupdate 1613514752 - C:\Users\TEMP\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\TEMP\AppData\Local\Programs\Opera\assistant" $(Arg0) (file missing)
O22 - Task: Opera scheduled assistant Autoupdate 1625161061 - C:\Users\TEMP\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\TEMP\AppData\Local\Programs\Opera\assistant" $(Arg0) (file missing)
O22 - Task: Zoner.Updater.S-1-5-21-4160050988-2886862043-3056562062-1001 - C:\ProgramData\Zoner\Zoner.Installer.Core\Updater.exe --silent true
O22 - Task: \Avast Software\Avast Cleanup BugReport - C:\Program Files\Avast Software\Cleanup\AvBugReport.exe --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\Cleanup\log" --guid bdb3cda0-e315-4a8d-aaaa-0656510e1ec8
O22 - Task: \Avast Software\Avast Cleanup Update - C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe /update:avast-tu /silent
O22 - Task: \Avast Software\Avast Emergency Update - C:\Program Files\Avast Software\Avast\AvEmUpdate.exe
O22 - Task: \Avast Software\Avast SecureLine VPN Bug Report - C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\SecureLine VPN\log" --guid 3d202049-042e-47e2-8d7c-8c46606067eb
O22 - Task: \Avast Software\Avast SecureLine VPN Emergency Update - C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe
O22 - Task: \Avast Software\Avast SecureLine VPN Update - C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe /update:avast-vpn /silent
O22 - Task: \Avast Software\AvastAntiTrackPremiumStart - C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe -minimizedBoot
O22 - Task: \Avast Software\Overseer - C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1
O22 - Task: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{53187A67-62C0-4A8E-AFEA-93DADFD39509} - C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe --wake --system
O22 - Task: \Microsoft\Windows\AppListBackup\Backup - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\WINDOWS\system32\AppListBackupLauncher.dll (Microsoft)
O22 - Task: \Microsoft\Windows\AppListBackup\BackupNonMaintenance - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\WINDOWS\system32\AppListBackupLauncher.dll (Microsoft)
O22 - Task: \Microsoft\Windows\AppxDeploymentClient\UCPD velocity - C:\WINDOWS\system32\UCPDMgr.exe (Microsoft)
O22 - Task: \Microsoft\Windows\Clip\ClipESU - C:\WINDOWS\system32\clipesu.exe (Microsoft)
O22 - Task: \Microsoft\Windows\CloudRestore\Backup - {722D0F89-B69C-4700-AE8C-4A44350E4876},$(Arg0) - C:\WINDOWS\System32\CloudRestoreLauncher.dll (Microsoft)
O22 - Task: \Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask - {82AA0895-198A-4C1B-B2D1-C16894218AFB} - C:\WINDOWS\System32\unifiedconsent.dll (Microsoft)
O22 - Task: \Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler - {5AA199A0-1CED-43A5-9B85-3226086738A3} - (no file)
O22 - Task: \Microsoft\Windows\PI\SecureBootEncodeUEFI - C:\WINDOWS\system32\SecureBootEncodeUEFI.exe (Microsoft)
O22 - Task: \Microsoft\Windows\Printing\PrinterCleanupTask - {C56F065E-DE49-4E42-BE7C-305C45609D25} - C:\WINDOWS\System32\PrinterCleanupTask.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Shell\ThemesSyncedImageDownload - {79F8E185-4E45-4B74-8182-02AA430661E4} - C:\WINDOWS\System32\Themes.SsfDownload.ScheduledTask.dll (Microsoft)
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\AC Power Install - C:\WINDOWS\system32\usoclient.exe StartInstall (Microsoft)
O22 - Task: \Microsoft\Windows\WindowsUpdate\RUXIM\PLUGScheduler - C:\Program Files\RUXIM\PLUGscheduler.exe (Microsoft)
O22 - Task: \Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache - {07369A67-07A6-4608-ABEA-379491CB7C46} - C:\Windows\System32\UpdatePolicy.dll (Microsoft)
O23 - Service R2: AMD Crash Defender Service - C:\WINDOWS\System32\amdfendrsr.exe
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\u0407412.inf_amd64_101d3d4e34955a9f\B407018\atiesrxx.exe
O23 - Service R2: AdobeUpdateService - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service R2: Avast AntiTrack Service - (AvastAntiTrackSvc) - C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe
O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\Avast Software\Avast\AvastSvc.exe /runassvc
O23 - Service R2: Avast Cleanup - (CleanupPSvc) - C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
O23 - Service R2: Avast Firewall Service - (avast! Firewall) - C:\Program Files\Avast Software\Avast\afwServ.exe
O23 - Service R2: Avast SecureLine VPN - (SecureLine) - C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
O23 - Service R2: Avast Tools - (avast! Tools) - C:\Program Files\Avast Software\Avast\aswToolsSvc.exe /runassvc
O23 - Service R2: AvastWscReporter - C:\Program Files\Avast Software\Avast\wsc_proxy.exe /runassvc /rpcserver
O23 - Service R2: Avira Optimizer Host - (AviraOptimizerHost) - C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
O23 - Service R2: Avira Updater Service - (AviraUpdaterService) - C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
O23 - Service R2: DbxSvc - C:\WINDOWS\system32\DbxSvc.exe
O23 - Service R2: Epson Scanner Service - (EpsonScanSvc) - C:\WINDOWS\system32\EscSvc64.exe
O23 - Service R2: HuaweiHiSuiteService64.exe - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe -/service
O23 - Service R2: MEmuSVC - D:\Program Files\Microvirt\MEmu\MemuService.exe
O23 - Service R2: Private Internet Access Service - (PrivateInternetAccessService) - C:\Program Files\Private Internet Access\pia-service.exe
O23 - Service R2: Sandboxie Service - (SbieSvc) - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service R2: Wondershare Application Framework Service - (WsAppService) - C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe
O23 - Service R3: aswbIDSAgent - C:\Program Files\Avast Software\Avast\aswidsagent.exe
O23 - Service S2: Aktualizační služba Google (GoogleUpdaterService131.0.6776.0) - (GoogleUpdaterService131.0.6776.0) - C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe --system --windows-service --service=update
O23 - Service S2: Interní aktualizační služba Google (GoogleUpdaterInternalService131.0.6776.0) - (GoogleUpdaterInternalService131.0.6776.0) - C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe --system --windows-service --service=update-internal
O23 - Service S2: Služba Aktualizace Brave (brave) - (brave) - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /svc
O23 - Service S2: Služba Avast Browser Update (avast) - (avast) - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /svc
O23 - Service S2: Služba Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService) - (AvastSecureBrowserElevationService) - C:\Program Files\AVAST Software\Browser\Application\129.0.26740.101\elevation_service.exe
O23 - Service S3: Brave Elevation Service (BraveElevationService) - (BraveElevationService) - C:\Program Files\BraveSoftware\Brave-Browser\Application\130.1.71.121\elevation_service.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\130.0.6723.92\elevation_service.exe
O23 - Service S3: LibreOffice Maintenance Service - (LibreOfficeMaintenance) - C:\Program Files\LibreOffice\program\update_service.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Private Internet Access WireGuard Tunnel - (PrivateInternetAccessWireguard) - C:\Program Files\Private Internet Access\pia-wgservice.exe "C:\Program Files\Private Internet Access\data\wgpia0.conf"
O23 - Service S3: Služba Aktualizace Brave (bravem) - (bravem) - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /medsvc
O23 - Service S3: Služba Avast Browser Update (avastm) - (avastm) - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /medsvc
O23 - Service S3: Služba Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
--
End of file - Time spent: 8,2 sec. - 82126 bytes, CRC32: FFFFFFFF. Sign: 嫧ᖈ
-
Rudy
- Site Admin
- Příspěvky: 119314
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
2radek64 :
Toto je co? Pokud chcete něco řešit, Založte si vlasní topic (nevstupujte do cizího) a dejte log FRST: http://forum.viry.cz/viewtopic.php?f=24&t=132509 se stručným popisem problému.radek64 píše: 03 lis 2024 19:49 Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26
Platform: x64 Windows 10 (Pro), 10.0.19045.5073 (ReleaseId: 2009), Service Pack: 0
Time: 03.11.2024 - 19:43 (UTC+01:00)
Language: OS: Czech (0x405). Display: Czech (0x405). Non-Unicode: Czech (0x405)
Elevated: Yes
Ran by: lenha (group: Administrator) on PRACOVNA-PC, FirstRun: yes
Chrome: 130.0.6723.92
Internet Explorer: 11.0.19041.4355
Default: "C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1 (Avast Secure Browser)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AntiTrackSvc.exe
1 C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe
3 C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe
1 C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\Ekag20nt.exe
1 C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
1 C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
1 C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
1 C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
1 C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
1 C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
1 C:\Program Files (x86)\BraveSoftware\Update\1.3.361.151\BraveCrashHandler.exe
1 C:\Program Files (x86)\BraveSoftware\Update\1.3.361.151\BraveCrashHandler64.exe
1 C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
2 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
1 C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
6 C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\msedgewebview2.exe
5 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
1 C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe
2 C:\Program Files (x86)\eM Client\MailClient.exe
1 C:\Program Files\Avast Software\Avast\AvastNM.exe
1 C:\Program Files\Avast Software\Avast\AvastSvc.exe
4 C:\Program Files\Avast Software\Avast\AvastUI.exe
1 C:\Program Files\Avast Software\Avast\afwServ.exe
1 C:\Program Files\Avast Software\Avast\aswEngSrv.exe
1 C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
1 C:\Program Files\Avast Software\Avast\aswidsagent.exe
1 C:\Program Files\Avast Software\Avast\wsc_proxy.exe
35 C:\Program Files\Avast Software\Browser\Application\AvastBrowser.exe
1 C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
3 C:\Program Files\Avast Software\Cleanup\TuneupUI.exe
3 C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe
1 C:\Program Files\Avast Software\SecureLine VPN\VpnNM.exe
1 C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
7 C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe
1 C:\Program Files\Private Internet Access\pia-service.exe
1 C:\Program Files\Sandboxie\SbieCtrl.exe
1 C:\Program Files\Sandboxie\SbieSvc.exe
1 C:\Program Files\UNi Xonar Audio\Customapp\AsusAudioCenter.exe
1 C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc\AdobeNotificationClient.exe
1 C:\Users\lenha\AppData\Local\Programs\Opera beta\115.0.5322.36\opera_crashreporter.exe
24 C:\Users\lenha\AppData\Local\Programs\Opera beta\opera.exe
1 C:\Users\lenha\AppData\Local\Programs\Zoner\ZPS X\binary\Program64\MediaServer.exe
1 C:\Users\lenha\OneDrive\Plocha\HiJackThis\HiJackThis.exe
1 C:\Windows\SysWOW64\HsMgr.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\CompPkgSrv.exe
1 C:\Windows\System32\DbxSvc.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0407412.inf_amd64_101d3d4e34955a9f\B407018\atieclxx.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0407412.inf_amd64_101d3d4e34955a9f\B407018\atiesrxx.exe
1 C:\Windows\System32\OpenSSH\sshd.exe
5 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\amdfendrsr.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\cmd.exe
3 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\escsvc64.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spool\drivers\x64\3\E_YATIR4E.EXE
1 C:\Windows\System32\spoolsv.exe
79 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
2 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\System\HsMgr64.exe
1 C:\Windows\explorer.exe
1 D:\Program Files\Microvirt\MEmu\MemuService.exe
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: [SuggestionsURL,SuggestionsURLFallback] = http://clients5.google.com/complete/sea ... utEncoding} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: [URL] = http://www.google.com/search?q={searchTerms} - Google
O2 - HKLM\..\BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (file missing)
O2 - HKLM\..\BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\130.0.2849.68\BHO\ie_to_edge_bho_64.dll
O2 - HKLM\..\BHO: Virtual Storage Mount Notification - {2AB64452-BF56-46EB-AB36-C0BCBD63DE90}' - (no file)
O2-32 - HKLM\..\BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\130.0.2849.68\BHO\ie_to_edge_bho.dll
O2-32 - HKLM\..\BHO: Virtual Storage Mount Notification - {2AB64452-BF56-46EB-AB36-C0BCBD63DE90}' - (no file)
O3 - HKLM\..\Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (file missing)
O3-32 - HKLM\..\Toolbar: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O4 - Global User Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk -> C:\Program Files (x86)\Avast Software\SecureLine VPN\Vpn.exe /nogui
O4 - HKCU\..\Run: [CCXProcess] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] = C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIR4E.EXE /EPT "EPLTarget\P0000000000000001" /M "L3050 Series"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_6D574DA12716EFB537B92F0EEBFCAF06] = C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_B35CAAF2922F2B86A8380284712FD151] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start
O4 - HKCU\..\Run: [Opera Next] = C:\Users\lenha\AppData\Local\Programs\Opera beta\opera.exe
O4 - HKCU\..\Run: [SandboxieControl] = C:\Program Files\Sandboxie\SbieCtrl.exe
O4 - HKCU\..\Run: [Zoner Media Server 19] = C:\Users\lenha\AppData\Local\Programs\Zoner\ZPS X\binary\Program64\MediaServer.exe
O4 - HKCU\..\Run: [eM Client] = C:\Program Files (x86)\eM Client\MailClient.exe /startup
O4 - HKCU\..\RunOnce: [Application Restart #0] = C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe --component-updater=url-source=https://go-updater.brave.com/extensions ... extensions --disable-domain-reliability --enable-distillability-service --enable-dom-distiller --lso-url=https://no-thanks.invalid --no-startup-window --origin-trial-public-key=bYUKPJoPnCxeNvu72j4EmPuK7tr1PAC7SHh8ld9Mw3E=,fMS4mpO6buLQ/QMd+zJmxzty/VQ6B1EUZqoCU04zoRU= --prefetch:5 --sync-url=https://sync-v2.brave.com/v2 --variations-insecure-server-url=https://variations.brave.com/seed --variations-server-url=https://variations.brave.com/seed --restore-last-session --restart
O4 - HKCU\..\StartupApproved\Run: [DeepL] = C:\Users\lenha\AppData\Local\DeepL\app-2.7.11979\DeepL.exe --minimized (2024/10/07)
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\lenha\AppData\Local\Discord\Update.exe --processStart Discord.exe (2024/10/07)
O4 - HKCU\..\StartupApproved\Run: [EPSDNMON] = C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE (2022/05/25)
O4 - HKCU\..\StartupApproved\Run: [GarminExpress] = C:\Program Files (x86)\Garmin\Express\express.exe /minimized (2024/10/07)
O4 - HKCU\..\StartupApproved\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\99.0.0.0\GoogleDriveFS.exe --startup_mode (2024/09/25)
O4 - HKCU\..\StartupApproved\Run: [Kryptex] = C:\Users\lenha\AppData\Local\Programs\kryptex-app\Kryptex.exe --from-startup (2024/10/07)
O4 - HKCU\..\StartupApproved\Run: [Microsoft Edge Update] = C:\Users\lenha\AppData\Local\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateCore.exe (2024/10/07)
O4 - HKCU\..\StartupApproved\Run: [OneDriveSetup] = C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (2024/10/07)
O4 - HKCU\..\StartupApproved\Run: [Weto Bulletin] = C:\Weto\Liberta\Program\Weto_Bulletin.exe /c (2024/10/07)
O4 - HKCU\..\StartupApproved\Run: [cz.seznam.software.autoupdate] = C:\Users\lenha\AppData\Roaming\Seznam.cz\szninstall.exe -c (2022/03/04)
O4 - HKCU\..\StartupApproved\Run: [cz.seznam.software.szndesktop] = C:\Users\lenha\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe -q (2022/03/04)
O4 - HKLM\..\Run: [AvastUI.exe] = C:\Program Files\Avast Software\Avast\AvLaunch.exe /gui
O4 - HKLM\..\Run: [Cmaudio8788GX64] = C:\WINDOWS\system\HsMgr64.exe Envoke
O4 - HKLM\..\Run: [Cmaudio8788GX] = C:\WINDOWS\syswow64\HsMgr.exe Envoke
O4 - HKLM\..\Run: [Cmaudio8788] = C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\cmicnfgp.dll,CMICtrlWnd
O4 - HKLM\..\Run: [TuneupUI.exe] = C:\Program Files\Avast Software\Cleanup\TuneupUI.exe /nogui
O4 - HKLM\..\StartupApproved\Run32: [Dropbox] = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup (2024/10/07)
O4 - HKLM\..\StartupApproved\Run32: [EEventManager] = C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (2024/10/07)
O4 - HKLM\..\StartupApproved\Run32: [PDFPrint] = C:\Program Files (x86)\PDF24\pdf24.exe (2024/10/07)
O4 - HKLM\..\StartupApproved\Run32: [PMBVolumeWatcher] = C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe /SysAutoRun (2022/12/18)
O4 - HKLM\..\StartupApproved\Run32: [SPUpDateServerrun] = C:\Program Files (x86)\hik\update_server\startUp.exe (2024/10/07)
O4 - HKLM\..\StartupApproved\Run32: [WDDiscovery] = C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe --autolaunch (2024/10/07)
O4 - HKLM\..\StartupApproved\Run32: [seznam-listicka-distribuce] = C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate (2024/10/07)
O4 - HKLM\..\StartupApproved\Run: [AdobeGCInvoker-1.0] = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (2024/10/07)
O4 - HKLM\..\StartupApproved\Run: [EPPCCMON] = C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE (2024/10/07)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Khadas Tone Control Panel Autostart.lnk -> C:\Program Files\Khadas\Tone Driver\W10_x64\KhadasUsbAudioCpl.exe -hide (2022/05/25)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TUSBAudio Control Panel Autostart.lnk -> C:\Program Files\Thesycon\TUSBAudio Driver EVAL\W10_x64\TUSBAudioCpl.exe -hide (2024/10/07)
O4 - HKU\.DEFAULT\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\99.0.0.0\GoogleDriveFS.exe --startup_mode
O4 - HKU\S-1-5-19\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\99.0.0.0\GoogleDriveFS.exe --startup_mode
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-19\..\StartupApproved\Run: [OneDriveSetup] = C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (2024/10/07)
O4 - HKU\S-1-5-20\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\99.0.0.0\GoogleDriveFS.exe --startup_mode
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-20\..\StartupApproved\Run: [OneDriveSetup] = C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (2024/10/07)
O4-32 - HKLM\..\Run: [Adobe Creative Cloud] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true
O17 - DHCP DNS 1: 192.168.163.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveCloudOverlayIconHandler: GoogleDriveCloudOverlayIconHandler - {A8E52322-8734-481D-A7E2-27B309EF8D56} - C:\Program Files\Google\Drive File Stream\99.0.0.0\drivefsext.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveMirrorBlacklistedOverlayIconHandler: GoogleDriveMirrorBlacklistedOverlayIconHandler - {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} - C:\Program Files\Google\Drive File Stream\99.0.0.0\drivefsext.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDrivePinnedOverlayIconHandler: GoogleDrivePinnedOverlayIconHandler - {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} - C:\Program Files\Google\Drive File Stream\99.0.0.0\drivefsext.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveProgressOverlayIconHandler: GoogleDriveProgressOverlayIconHandler - {C973DA94-CBDF-4E77-81D1-E5B794FBD146} - C:\Program Files\Google\Drive File Stream\99.0.0.0\drivefsext.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ WDDesktopIconOverlay01: WDDesktopIconOverlay_Syncing - {4F8A325E-9DAF-44B8-A825-1A14DFA0FA78} - C:\WINDOWS\system32\mscoree.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ WDDesktopIconOverlay02: WDDesktopIconOverlay_SyncFailed - {0176BDDE-B59A-4A1E-808B-CAD461415CCA} - C:\WINDOWS\system32\mscoree.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ WDDesktopIconOverlay03: WDDesktopIconOverlay_SyncedAndShared - {B65909D1-57AF-41F5-AB94-BEB733F62B35} - C:\WINDOWS\system32\mscoree.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ WDDesktopIconOverlay04: WDDesktopIconOverlay_Synced - {C6C2397D-8238-4332-8935-86C39C7C165F} - C:\WINDOWS\system32\mscoree.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ WDDesktopIconOverlay05: WDDesktopIconOverlay_PrivateShare - {E7B3BCF9-0386-4B5F-AE6A-91B9F1423973} - C:\WINDOWS\system32\mscoree.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ WDDesktopIconOverlay06: WDDesktopIconOverlay_PublicShare - {564EA121-D9DA-485D-82C2-C2ED7BFCCEAD} - C:\WINDOWS\system32\mscoree.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ 01UnsuppModule: UnsuppModule Class - {AEB16659-2125-4ADA-A4AB-45EE21E86469} - C:\Users\lenha\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ 02SyncingModule: SyncingModule Class - {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} - C:\Users\lenha\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ 03SyncedModule: SyncedModule Class - {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} - C:\Users\lenha\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ 04ReadOnlyModule: ReadOnlyModule Class - {A433C3E0-8B24-40EB-93C3-4B10D9959F58} - C:\Users\lenha\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ 05NoPermModule: NoPermModule Class - {C701AD67-3DF0-47C9-89CB-DFA6207BE229} - C:\Users\lenha\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco1: AccExtIco1 Class - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco2: AccExtIco2 Class - {853B7E05-C47D-4985-909A-D0DC5C6D7303} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco3: AccExtIco3 Class - {42D38F2E-98E9-4382-B546-E24E4D6D04BB} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.76.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\Avast Software\Avast\ashShell.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveCloudOverlayIconHandler: GoogleDriveCloudOverlayIconHandler - {A8E52322-8734-481D-A7E2-27B309EF8D56} - C:\Program Files\Google\Drive File Stream\99.0.0.0\x86\drivefsext.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveMirrorBlacklistedOverlayIconHandler: GoogleDriveMirrorBlacklistedOverlayIconHandler - {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} - C:\Program Files\Google\Drive File Stream\99.0.0.0\x86\drivefsext.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDrivePinnedOverlayIconHandler: GoogleDrivePinnedOverlayIconHandler - {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} - C:\Program Files\Google\Drive File Stream\99.0.0.0\x86\drivefsext.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveProgressOverlayIconHandler: GoogleDriveProgressOverlayIconHandler - {C973DA94-CBDF-4E77-81D1-E5B794FBD146} - C:\Program Files\Google\Drive File Stream\99.0.0.0\x86\drivefsext.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.76.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\00asw: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\Avast Software\Avast\x86\ashShell.dll
O21-32 - HKLM\..\ShellServiceObjectDelayLoad: Virtual Storage Mount Notification [WDFSMountNotificator-wdfsconnect2017] = {2AB64452-BF56-46EB-AB36-C0BCBD63DE90} - C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll
O22 - Task (.job): (Not scheduled) EPSON L3050 Series Update {28431FB6-C211-4263-A211-5F9905F0A5EA}.job - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSR4E.EXE /EXE:"{28431FB6-C211-4263-A211-5F9905F0A5EA}" /F:"Update"
O22 - Task (.job): DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
O22 - Task (.job): DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
O22 - Task: (disabled) (telemetry) \Microsoft\Windows\Customer Experience Improvement Program\Uploader - C:\WINDOWS\system32\WSqmCons.exe -u (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC Reboot (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery Reboot (Microsoft)
O22 - Task: (disabled) AMDAutoUpdate - C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe
O22 - Task: (disabled) ATuning - C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\ATuning.exe
O22 - Task: (disabled) Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: (disabled) AdobeGCInvoker-1.0 - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe -mode=scheduled
O22 - Task: (disabled) AsrAPPShop - C:\Program Files (x86)\ASRock Utility\APP Shop\AsrAPPShop.exe
O22 - Task: (disabled) BraveSoftwareUpdateTaskMachineCore - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /c
O22 - Task: (disabled) BraveSoftwareUpdateTaskMachineUA - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /ua /installsource scheduler
O22 - Task: (disabled) Christmas Task (One-Time) - C:\Program Files (x86)\IObit\IObit Uninstaller\Pub\xmas.exe /xr (file missing)
O22 - Task: (disabled) DropboxUpdateTaskMachineCore - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
O22 - Task: (disabled) DropboxUpdateTaskMachineUA - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
O22 - Task: (disabled) GarminUpdaterTask - C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe
O22 - Task: (disabled) KryptexElevation - C:\Users\lenha\AppData\Local\Programs\kryptex-app\Kryptex.exe
O22 - Task: (disabled) KryptexElevationFromStartup - C:\Users\lenha\AppData\Local\Programs\kryptex-app\Kryptex.exe --from-startup
O22 - Task: (disabled) SoftwareInformerService - C:\Program Files\Software Informer\softinfo.exe -service
O22 - Task: (disabled) StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay
O22 - Task: (disabled) StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe
O22 - Task: (disabled) Tweaking.com - Windows Repair Tray Icon - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
O22 - Task: (disabled) Uninstaller_SkipUac_lenha - C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer
O22 - Task: (disabled) WD Device Agent Task lenha - C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe
O22 - Task: (disabled) WD Discovery Service Task lenha - C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe
O22 - Task: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\WINDOWS\System32\Autopilot.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\WINDOWS\System32\Autopilot.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (disabled) \S-1-5-21-4160050988-2886862043-3056562062-1001\DataSenseLiveTileTask - C:\WINDOWS\System32\DataUsageLiveTileTask.exe
O22 - Task: (disabled) iTop Halloween Task (One-Time) - C:\Program Files\iTop Screen Recorder\Pub\itophalwp23.exe /halw (file missing)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaWallpaperAppDetect - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaWallpaperAppDetect (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft)
O22 - Task: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
O22 - Task: Adobe Uninstaller - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --sapCode=KBRG --productVersion=9.1 --productPlatform=win64 --appletID=AppsPanel_BL --appletVersion=1.0 --appMode=Uninstall
O22 - Task: Avast Secure Browser Heartbeat Task (Hourly) - C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe --type=heartbeat --hourly
O22 - Task: Avast Secure Browser Heartbeat Task (Logon) - C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe --type=heartbeat --logon
O22 - Task: AvastBrowserProtectS-1-5-21-4160050988-2886862043-3056562062-1001 - C:\Program Files\AVAST Software\Browser\Application\AvastBrowserProtect.exe --runonce
O22 - Task: AvastUpdateTaskMachineCore - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /c
O22 - Task: AvastUpdateTaskMachineUA - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /ua /installsource scheduler
O22 - Task: EPSON L3050 Series Update {28431FB6-C211-4263-A211-5F9905F0A5EA} - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSR4E.EXE /EXE:"{28431FB6-C211-4263-A211-5F9905F0A5EA}" /F:"Update"
O22 - Task: MicrosoftEdgeUpdateTaskUserS-1-5-21-4160050988-2886862043-3056562062-1001Core - C:\Users\lenha\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c
O22 - Task: MicrosoftEdgeUpdateTaskUserS-1-5-21-4160050988-2886862043-3056562062-1001UA - C:\Users\lenha\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /ua /installsource scheduler
O22 - Task: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser
O22 - Task: Opera scheduled Autoupdate 1613514748 - C:\Users\TEMP\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (file missing)
O22 - Task: Opera scheduled Autoupdate 1625161053 - C:\Users\TEMP\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (file missing)
O22 - Task: Opera scheduled Autoupdate 1691443487 - C:\Users\lenha\AppData\Local\Programs\Opera beta\autoupdate\opera_autoupdate.exe --scheduledtask --bypasslauncher $(Arg0)
O22 - Task: Opera scheduled assistant Autoupdate 1579852411 - C:\Program Files\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\assistant" $(Arg0) (file missing)
O22 - Task: Opera scheduled assistant Autoupdate 1613514752 - C:\Users\TEMP\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\TEMP\AppData\Local\Programs\Opera\assistant" $(Arg0) (file missing)
O22 - Task: Opera scheduled assistant Autoupdate 1625161061 - C:\Users\TEMP\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\TEMP\AppData\Local\Programs\Opera\assistant" $(Arg0) (file missing)
O22 - Task: Zoner.Updater.S-1-5-21-4160050988-2886862043-3056562062-1001 - C:\ProgramData\Zoner\Zoner.Installer.Core\Updater.exe --silent true
O22 - Task: \Avast Software\Avast Cleanup BugReport - C:\Program Files\Avast Software\Cleanup\AvBugReport.exe --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\Cleanup\log" --guid bdb3cda0-e315-4a8d-aaaa-0656510e1ec8
O22 - Task: \Avast Software\Avast Cleanup Update - C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe /update:avast-tu /silent
O22 - Task: \Avast Software\Avast Emergency Update - C:\Program Files\Avast Software\Avast\AvEmUpdate.exe
O22 - Task: \Avast Software\Avast SecureLine VPN Bug Report - C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\SecureLine VPN\log" --guid 3d202049-042e-47e2-8d7c-8c46606067eb
O22 - Task: \Avast Software\Avast SecureLine VPN Emergency Update - C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe
O22 - Task: \Avast Software\Avast SecureLine VPN Update - C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe /update:avast-vpn /silent
O22 - Task: \Avast Software\AvastAntiTrackPremiumStart - C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe -minimizedBoot
O22 - Task: \Avast Software\Overseer - C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1
O22 - Task: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{53187A67-62C0-4A8E-AFEA-93DADFD39509} - C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe --wake --system
O22 - Task: \Microsoft\Windows\AppListBackup\Backup - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\WINDOWS\system32\AppListBackupLauncher.dll (Microsoft)
O22 - Task: \Microsoft\Windows\AppListBackup\BackupNonMaintenance - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\WINDOWS\system32\AppListBackupLauncher.dll (Microsoft)
O22 - Task: \Microsoft\Windows\AppxDeploymentClient\UCPD velocity - C:\WINDOWS\system32\UCPDMgr.exe (Microsoft)
O22 - Task: \Microsoft\Windows\Clip\ClipESU - C:\WINDOWS\system32\clipesu.exe (Microsoft)
O22 - Task: \Microsoft\Windows\CloudRestore\Backup - {722D0F89-B69C-4700-AE8C-4A44350E4876},$(Arg0) - C:\WINDOWS\System32\CloudRestoreLauncher.dll (Microsoft)
O22 - Task: \Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask - {82AA0895-198A-4C1B-B2D1-C16894218AFB} - C:\WINDOWS\System32\unifiedconsent.dll (Microsoft)
O22 - Task: \Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler - {5AA199A0-1CED-43A5-9B85-3226086738A3} - (no file)
O22 - Task: \Microsoft\Windows\PI\SecureBootEncodeUEFI - C:\WINDOWS\system32\SecureBootEncodeUEFI.exe (Microsoft)
O22 - Task: \Microsoft\Windows\Printing\PrinterCleanupTask - {C56F065E-DE49-4E42-BE7C-305C45609D25} - C:\WINDOWS\System32\PrinterCleanupTask.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Shell\ThemesSyncedImageDownload - {79F8E185-4E45-4B74-8182-02AA430661E4} - C:\WINDOWS\System32\Themes.SsfDownload.ScheduledTask.dll (Microsoft)
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\AC Power Install - C:\WINDOWS\system32\usoclient.exe StartInstall (Microsoft)
O22 - Task: \Microsoft\Windows\WindowsUpdate\RUXIM\PLUGScheduler - C:\Program Files\RUXIM\PLUGscheduler.exe (Microsoft)
O22 - Task: \Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache - {07369A67-07A6-4608-ABEA-379491CB7C46} - C:\Windows\System32\UpdatePolicy.dll (Microsoft)
O23 - Service R2: AMD Crash Defender Service - C:\WINDOWS\System32\amdfendrsr.exe
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\u0407412.inf_amd64_101d3d4e34955a9f\B407018\atiesrxx.exe
O23 - Service R2: AdobeUpdateService - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service R2: Avast AntiTrack Service - (AvastAntiTrackSvc) - C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe
O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\Avast Software\Avast\AvastSvc.exe /runassvc
O23 - Service R2: Avast Cleanup - (CleanupPSvc) - C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
O23 - Service R2: Avast Firewall Service - (avast! Firewall) - C:\Program Files\Avast Software\Avast\afwServ.exe
O23 - Service R2: Avast SecureLine VPN - (SecureLine) - C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
O23 - Service R2: Avast Tools - (avast! Tools) - C:\Program Files\Avast Software\Avast\aswToolsSvc.exe /runassvc
O23 - Service R2: AvastWscReporter - C:\Program Files\Avast Software\Avast\wsc_proxy.exe /runassvc /rpcserver
O23 - Service R2: Avira Optimizer Host - (AviraOptimizerHost) - C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
O23 - Service R2: Avira Updater Service - (AviraUpdaterService) - C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
O23 - Service R2: DbxSvc - C:\WINDOWS\system32\DbxSvc.exe
O23 - Service R2: Epson Scanner Service - (EpsonScanSvc) - C:\WINDOWS\system32\EscSvc64.exe
O23 - Service R2: HuaweiHiSuiteService64.exe - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe -/service
O23 - Service R2: MEmuSVC - D:\Program Files\Microvirt\MEmu\MemuService.exe
O23 - Service R2: Private Internet Access Service - (PrivateInternetAccessService) - C:\Program Files\Private Internet Access\pia-service.exe
O23 - Service R2: Sandboxie Service - (SbieSvc) - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service R2: Wondershare Application Framework Service - (WsAppService) - C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe
O23 - Service R3: aswbIDSAgent - C:\Program Files\Avast Software\Avast\aswidsagent.exe
O23 - Service S2: Aktualizační služba Google (GoogleUpdaterService131.0.6776.0) - (GoogleUpdaterService131.0.6776.0) - C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe --system --windows-service --service=update
O23 - Service S2: Interní aktualizační služba Google (GoogleUpdaterInternalService131.0.6776.0) - (GoogleUpdaterInternalService131.0.6776.0) - C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe --system --windows-service --service=update-internal
O23 - Service S2: Služba Aktualizace Brave (brave) - (brave) - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /svc
O23 - Service S2: Služba Avast Browser Update (avast) - (avast) - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /svc
O23 - Service S2: Služba Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService) - (AvastSecureBrowserElevationService) - C:\Program Files\AVAST Software\Browser\Application\129.0.26740.101\elevation_service.exe
O23 - Service S3: Brave Elevation Service (BraveElevationService) - (BraveElevationService) - C:\Program Files\BraveSoftware\Brave-Browser\Application\130.1.71.121\elevation_service.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\130.0.6723.92\elevation_service.exe
O23 - Service S3: LibreOffice Maintenance Service - (LibreOfficeMaintenance) - C:\Program Files\LibreOffice\program\update_service.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Private Internet Access WireGuard Tunnel - (PrivateInternetAccessWireguard) - C:\Program Files\Private Internet Access\pia-wgservice.exe "C:\Program Files\Private Internet Access\data\wgpia0.conf"
O23 - Service S3: Služba Aktualizace Brave (bravem) - (bravem) - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /medsvc
O23 - Service S3: Služba Avast Browser Update (avastm) - (avastm) - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /medsvc
O23 - Service S3: Služba Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
--
End of file - Time spent: 8,2 sec. - 82126 bytes, CRC32: FFFFFFFF. Sign: 嫧ᖈ
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?