Často zpomalený notebook
Napsal: 17 bře 2019 14:13
Notebook, který není hardwarově nejpomalejší (i3 / 8GB RAM / SSD), se docela často zadrhává (CPU je na 100 %).
Potřebuji zároveň využívat Office a internet (FF + Chrome). Mívám otevřeno kolem 30 - 50 panelů.
Při psaní ve Wordu dochází ve vypjatých situacích k zpožděnému zápisu, webové stránky se otvírají s extrémním zpožděním (několik minut).
To vše se děje často, ale ne trvale.
Chtěl bych vědět, zda jsem jenom příliš náročný a chci po něm moc věcí najednou, nebo je někde něco špatně. Neběží např. v pozadí těžba kryptoměny?
Děkuji
P.S.: Před pár měsíci jsem řešil stejný problém zde:
https://forum.viry.cz/viewtopic.php?f=13&t=154920
----------
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by fbart (administrator) on DESKTOP-1NAN9QR (17-03-2019 13:01:46)
Running from C:\Users\fbart\Desktop
Loaded Profiles: fbart (Available Profiles: fbart)
Platform: Windows 10 Home Version 1803 17134.590 (X64) Language: Czech (Czech Republic)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\igfxCUIService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_b1c728d4cdf312e2\HotKeyServiceUWP.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_b1c728d4cdf312e2\LanWlanWwanSwitchingServiceUWP.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Conexant Systems LLC -> Conexant Systems, Inc) C:\Windows\CxSvc\CxAudioSvc.exe
(Avid Technology, Inc.) [File not signed] C:\Program Files\Avid\Pro Tools First\MMERefresh.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\IntelCpHDCPSvc.exe
(Conexant Systems LLC -> Conexant Systems, Inc.) C:\Windows\CxSvc\CxUtilSvc.exe
(DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(PACE Anti-Piracy, Inc. -> PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\IntelCpHeciSvc.exe
(DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\HPHotkeyNotification.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Conexant Systems LLC -> Conexant) C:\Windows\System32\MicTray64.exe
(Conexant Systems LLC -> Synaptics Incorporated) C:\Windows\System32\SynaMonApp.exe
(DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\igfxEM.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Conexant Systems LLC -> Conexant Systems, Inc) C:\Program Files\CONEXANT\Flow\Flow.exe
(Conexant Systems LLC -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SmartAudio3.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(Google Inc -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
(Google Inc -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Avid Technology, Inc. -> Avid Technology, Inc.) C:\Program Files\Avid\Cloud Client Services\Hub.exe
(Avid Technology, Inc. -> Avid Technology, Inc.) C:\Program Files\Avid\Cloud Client Services\TransportClient.exe
(HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Hewlett Packard Enterprise Company -> Hewlett Packard Enterprise Company) C:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Foxit Software Incorporated -> Foxit Corporation) C:\Users\fbart\AppData\Roaming\Foxit Software\Addon\Foxit Reader\FoxitReaderUpdater.exe
(Conexant Systems, Inc) [File not signed] C:\Program Files\CONEXANT\SA3\HP-NB-AIO\CnxtNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11231.20192.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11231.20192.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\OpenWith.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19011.19410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2018-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1598144 2018-12-17] (Comodo Security Solutions, Inc. -> COMODO)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [DigidesignMMERefresh] => C:\Program Files\Avid\Pro Tools First\MMERefresh.exe [117760 2018-04-03] (Avid Technology, Inc.) [File not signed]
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110008 2015-12-16] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [500152 2015-12-16] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [O2CZ] => C:\Program Files (x86)\O2\O2CZ\EMMSN.exe [4050632 2009-11-30] (TELEFONICA INVESTIGACION Y DESARROLLO, S.A -> Telefónica I+D) [File not signed]
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4251336 2018-10-10] (Comodo Security Solutions, Inc. -> COMODO)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe, <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-06] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46504696 2018-12-07] (Google Inc -> )
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\fbart\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\fbart\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\RunOnce: [Uninstall 19.002.0107.0008\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\fbart\AppData\Local\Microsoft\OneDrive\19.002.0107.0008\amd64"
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\RunOnce: [Uninstall 19.002.0107.0008] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\fbart\AppData\Local\Microsoft\OneDrive\19.002.0107.0008"
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_pepper.exe [1452544 2019-02-18] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Drivers32: [vidc.i420] => lvcod64.dll
HKLM\...\Drivers32-x32: [vidc.i420] => lvcodec2.dll
HKLM\...\Drivers32: [VIDC.MPG4] => C:\Windows\SysWOW64\mpg4c32.dll [427520 2000-06-02] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.MP42] => C:\Windows\SysWOW64\mpg4c32.dll [427520 2000-06-02] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.msaudio1] => C:\Windows\SysWOW64\msaud32.acm [305152 2000-06-02] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.sl_anet] => C:\Windows\SysWOW64\sl_anet.acm [102400 2000-06-02] (Sipro Lab Telecom Inc.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.75\Installer\chrmstp.exe [2019-03-13] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\72.0.1174.121\Installer\chrmstp.exe [2019-03-11] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\...\Authentication\Credential Providers: [{77B7ED10-A641-4766-A428-8B9EE42E830A}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{E85E7D14-653B-4E51-9BC5-E5F9EC9BC51D}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F0C31759-99A6-493E-AD7D-7F69126CDFBC}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F731030D-3272-4D8B-A21A-3940EF268453}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{DCFB2A33-814B-4236-BFBD-FFEA3F528385}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avid Application Manager.lnk [2018-06-26]
ShortcutTarget: Avid Application Manager.lnk -> C:\Program Files\Avid\Application Manager\AvidApplicationManager.exe (Avid Technology, Inc. -> Avid Technology, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2016-10-30]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{0F5EBB0D-DF6D-4DBE-9789-57BF05B3B0FD}\HPlogo_blue.ico () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2018-05-28]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\fbart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lingea Update Center.lnk [2018-10-15]
ShortcutTarget: Lingea Update Center.lnk -> C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe (Lingea s.r.o. -> Lingea) [File not signed]
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{5e93018d-e819-411c-a382-4ff97e6c7ce1}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{7191fe23-5f29-4c83-8116-0cf877ca686d}: [DhcpNameServer] 192.168.10.254
Tcpip\..\Interfaces\{8a386b75-748c-4b9a-b485-10037ff1581d}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{ffa86dba-3d82-4856-9162-fbb0cf3ea26b}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-04] (Hewlett-Packard Company -> HP Inc.)
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-08-05] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-04] (Hewlett-Packard Company -> HP Inc.)
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-08-05] (pdfforge GmbH -> pdfforge GmbH)
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation) [File not signed]
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
FireFox:
========
FF DefaultProfile: 5idlmvdg.default
FF ProfilePath: C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\5idlmvdg.default [2019-03-17]
FF Session Restore: Mozilla\Firefox\Profiles\5idlmvdg.default -> is enabled.
FF Extension: (Avast SafePrice) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\5idlmvdg.default\Extensions\sp@avast.com.xpi [2018-04-09] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/sp/update.json]
FF Extension: (Avast Online Security) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\5idlmvdg.default\Extensions\wrc@avast.com.xpi [2019-01-29]
FF Extension: (Docs Online Viewer) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\5idlmvdg.default\Extensions\{bfb54675-2fd9-4e22-949d-c36333aff6b5}.xpi [2017-03-03]
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-12-29] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll [2017-11-07] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-11-07] (Adobe Systems Incorporated -> )
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-09-19] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-09-19] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-09-19] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-09-19] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-12-19] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-12-19] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-08-05] (pdfforge GmbH -> pdfforge GmbH)
FF Plugin HKU\S-1-5-21-2002658774-1703651359-3694545506-1002: @lingea.com/x-lingea-translate -> C:\Program Files (x86)\Common Files\Lingea Shared\LG_Mozilla.dll [2014-04-18] (Lingea s.r.o.) [File not signed]
FF Plugin HKU\S-1-5-21-2002658774-1703651359-3694545506-1002: @zoom.us/ZoomVideoPlugin -> C:\Users\fbart\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2018-08-15] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://www.helpforenglish.cz/search/?q=nep%C5% ... %99e%C4%8D
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default [2019-03-17]
CHR Extension: (Slides) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-18]
CHR Extension: (Docs) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18]
CHR Extension: (Google Drive) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-31]
CHR Extension: (YouTube) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-31]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-18]
CHR Extension: (Sheets) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-18]
CHR Extension: (Google Docs Offline) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-23]
CHR Extension: (Avast Online Security) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-02-27]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-10-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-16]
CHR Extension: (Gmail) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-31]
CHR Extension: (Chrome Media Router) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-13]
CHR HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ligocpecgmjonmijmlompafnhnpgjccd] - C:\Program Files (x86)\Lingea\Lexicon5\syst\LG_Chrome.crx [2016-12-26]
Opera:
=======
OPR Extension: (MyJDownloader Browser Extension) - C:\Users\fbart\AppData\Roaming\Opera Software\Opera Stable\Extensions\fbclnkmbcmdfamfeaagadifibbongnmf [2019-02-28]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-16] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-16] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\72.0.1174.121\elevation_service.exe [1070600 2019-03-06] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R2 AvidHubService; C:\Program Files\Avid\Cloud Client Services\Hub.exe [2299208 2017-11-09] (Avid Technology, Inc. -> Avid Technology, Inc.)
R2 AvidTransportClient; C:\Program Files\Avid\Cloud Client Services\TransportClient.exe [7067464 2017-11-09] (Avid Technology, Inc. -> Avid Technology, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7923888 2017-10-12] (Microsoft Corporation -> Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10736912 2019-02-11] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2018-12-17] (Comodo Security Solutions, Inc. -> COMODO)
R2 CxAudioSvc; C:\WINDOWS\CxSvc\CxAudioSvc.exe [43632 2018-03-13] (Conexant Systems LLC -> Conexant Systems, Inc)
R4 CxUtilSvc; C:\WINDOWS\CxSvc\CxUtilSvc.exe [149104 2018-01-02] (Conexant Systems LLC -> Conexant Systems, Inc.)
R2 DigiRefresh; C:\Program Files\Avid\Pro Tools First\MMERefresh.exe [117760 2018-04-03] (Avid Technology, Inc.) [File not signed]
S3 digiSPTIService64; C:\Program Files\Avid\Pro Tools First\digisptiservice64.exe [197632 2018-04-03] (Avid Technology, Inc.) [File not signed]
R2 DpHost; c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe [527296 2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [567888 2016-08-11] (Hewlett Packard Enterprise Company -> Hewlett-Packard Company)
R2 fpCsEvtSvc; C:\WINDOWS\system32\fpCSEvtSvc.exe [29544 2018-07-19] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_b1c728d4cdf312e2\HotKeyServiceUWP.exe [674208 2018-10-29] (HP Inc. -> HP Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [892928 2016-06-02] (HP Inc.) [File not signed]
R2 HpDamServiceHost; c:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe [20376 2016-08-09] (Hewlett Packard Enterprise Company -> Hewlett Packard Enterprise Company)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [459800 2016-06-02] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1083200 2016-12-22] (HP Inc. -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc. -> HP Inc.)
S4 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2016-06-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 ibtsiva; C:\WINDOWS\System32\ibtsiva.exe [541896 2018-07-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [775904 2018-09-14] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [705760 2018-09-14] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 IntelAudioService; C:\WINDOWS\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe [204888 2017-11-21] (Intel(R) Smart Sound Technology -> Intel)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044680 2018-10-10] (Comodo Security Solutions, Inc. -> COMODO)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [218176 2018-11-16] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_b1c728d4cdf312e2\LanWlanWwanSwitchingServiceUWP.exe [583584 2018-10-29] (HP Inc. -> HP Inc.)
S2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [310880 2018-09-05] (Intel Corporation -> )
S4 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2438880 2016-12-29] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-12-29] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-12-29] (pdfforge GmbH -> pdfforge GmbH)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [263720 2018-06-26] (Synaptics Incorporated -> Synaptics Incorporated)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [90976 2018-07-19] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-08-15] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-08-15] (Microsoft Corporation -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4059744 2018-09-05] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u https://activation.paceap.com/InitiateActivation [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [55696 2018-08-31] (HP Inc. -> HP)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [225680 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196072 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320696 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57960 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-09] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249672 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167304 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034432 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474456 2019-02-15] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216784 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379952 2019-03-11] (AVAST Software s.r.o. -> AVAST Software)
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17944 2018-05-23] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [44056 2018-05-23] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [832032 2018-05-23] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50768 2018-05-23] (Comodo Security Solutions, Inc. -> COMODO)
R3 CnxtHdAudService; C:\WINDOWS\system32\drivers\CHDRT64ISST.sys [2275280 2018-04-12] (Conexant Systems LLC -> Conexant Systems Inc.)
S3 DAMDrv; C:\WINDOWS\system32\DRIVERS\DAMDrv64.sys [76432 2016-08-11] (Hewlett Packard Enterprise Company -> Hewlett-Packard Enterpise Company)
S3 ewusbmbb; C:\WINDOWS\System32\drivers\ewusbwwan.sys [421376 2010-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_hwusbdev; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [117248 2010-07-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 FFUsbAudio; C:\WINDOWS\system32\DRIVERS\ffusbaudio.sys [53080 2011-10-31] (Focusrite Audio Engineering Limited -> Focusrite Audio Engineering Ltd.)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [42384 2018-08-31] (HP Inc. -> HP)
R3 HpqKbFiltr; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys [49184 2018-10-20] (HP Inc. -> HP Inc.)
R3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [86016 2011-01-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwdatacard; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [221312 2010-12-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [114304 2016-12-29] (Huawei Technologies Co., Ltd.) [File not signed]
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [199192 2018-05-10] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [134400 2018-05-23] (Comodo Security Solutions, Inc. -> COMODO)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63256 2018-08-29] (Comodo Security Solutions, Inc. -> COMODO)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8723648 2018-10-12] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvbl.inf_amd64_41597edff49ff122\nvlddmkm.sys [15764008 2018-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [937728 2016-06-20] (Realtek Semiconductor Corp -> Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [777944 2016-05-20] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [416472 2016-05-18] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [46120 2018-06-26] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [1063520 2017-04-06] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
R3 VBAudioVACMME; C:\WINDOWS\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46584 2018-08-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [340008 2018-08-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-08-15] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35568 2018-08-31] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-03-17 13:01 - 2019-03-17 13:01 - 000000000 ____D C:\Users\fbart\Desktop\FRST-OlderVersion
2019-03-15 10:27 - 2019-03-15 10:27 - 000000000 ____D C:\WINDOWS\LastGood
2019-03-13 08:56 - 2019-03-13 08:56 - 000000000 ____D C:\Users\fbart\AppData\Roaming\PDF Producer
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-03-17 13:04 - 2018-10-22 16:46 - 000040757 _____ C:\Users\fbart\Desktop\FRST.txt
2019-03-17 13:01 - 2018-10-22 16:48 - 002434048 _____ (Farbar) C:\Users\fbart\Desktop\FRST64.exe
2019-03-17 13:01 - 2017-12-01 22:30 - 000000000 ____D C:\FRST
2019-03-17 13:00 - 2017-01-09 21:48 - 000007606 _____ C:\Users\fbart\AppData\Local\Resmon.ResmonCfg
2019-03-17 13:00 - 2016-12-30 20:15 - 000000000 ____D C:\Users\fbart\Documents\Lexicon
2019-03-17 13:00 - 2016-12-27 22:22 - 000000000 ____D C:\Users\fbart\AppData\Local\ElevatedDiagnostics
2019-03-17 12:59 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-17 12:59 - 2016-12-26 16:31 - 000000000 ____D C:\Users\fbart\AppData\Roaming\vlc
2019-03-17 11:15 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-03-15 16:47 - 2018-05-28 17:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-03-15 15:38 - 2018-08-14 18:08 - 000000000 ____D C:\Users\fbart\AppData\Local\CrashDumps
2019-03-15 10:27 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-03-15 10:27 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-03-15 10:27 - 2017-06-12 18:13 - 000000000 ____D C:\ProgramData\Synaptics
2019-03-15 09:31 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-03-15 09:31 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-03-14 13:49 - 2018-12-19 14:33 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-14 13:49 - 2018-12-19 14:33 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-14 13:49 - 2018-11-15 11:53 - 000002802 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForfbart
2019-03-14 13:49 - 2018-11-15 11:53 - 000000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForfbart.job
2019-03-14 13:49 - 2018-09-06 15:28 - 000003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-03-14 13:49 - 2018-05-28 17:14 - 000003584 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-03-14 13:49 - 2018-05-28 17:14 - 000003306 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1487236436
2019-03-14 13:49 - 2018-05-28 17:14 - 000003262 _____ C:\WINDOWS\System32\Tasks\HPGenoobeReminder
2019-03-14 13:49 - 2018-05-28 17:14 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2002658774-1703651359-3694545506-1002
2019-03-14 13:49 - 2018-05-28 17:14 - 000002502 _____ C:\WINDOWS\System32\Tasks\HPEA3JOBS
2019-03-14 13:49 - 2018-05-28 17:14 - 000002352 _____ C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2019-03-14 13:49 - 2018-05-28 17:14 - 000002252 _____ C:\WINDOWS\System32\Tasks\HPJumpStartProvider
2019-03-14 13:49 - 2018-05-28 17:14 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-03-14 13:49 - 2018-05-28 17:14 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-03-14 08:58 - 2018-05-28 17:14 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-03-13 16:42 - 2016-12-31 22:30 - 000002268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-13 16:42 - 2016-12-31 22:30 - 000002227 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-03-13 12:54 - 2016-12-22 19:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-03-13 12:24 - 2016-12-22 19:42 - 127411920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-03-11 14:05 - 2018-05-28 17:06 - 000002420 _____ C:\Users\fbart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-03-11 14:05 - 2016-12-20 22:37 - 000000000 ___RD C:\Users\fbart\OneDrive
2019-03-11 14:02 - 2018-04-16 16:25 - 000002465 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-03-11 14:02 - 2018-04-16 16:25 - 000002430 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-03-11 13:56 - 2018-03-09 10:33 - 000379952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-03-08 11:37 - 2018-05-28 17:06 - 001881544 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-03-08 11:37 - 2018-04-12 16:50 - 000784238 _____ C:\WINDOWS\system32\perfh005.dat
2019-03-08 11:37 - 2018-04-12 16:50 - 000181610 _____ C:\WINDOWS\system32\perfc005.dat
2019-03-07 08:48 - 2016-04-02 03:17 - 000000000 ____D C:\ProgramData\Package Cache
2019-03-07 08:47 - 2016-10-29 23:39 - 000000000 ____D C:\ProgramData\Intel
2019-03-07 08:46 - 2017-11-07 11:55 - 000000000 ____D C:\SWSetup
2019-03-07 08:46 - 2016-10-29 23:26 - 000000000 ____D C:\ProgramData\HP
2019-03-03 22:13 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-03-03 20:36 - 2018-10-12 09:50 - 000000000 ___RD C:\Users\fbart\Google Drive
2019-03-03 20:36 - 2016-12-20 22:41 - 000000000 ____D C:\Users\fbart\AppData\LocalLow\Mozilla
2019-03-03 20:36 - 2016-12-20 22:40 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-03-03 20:36 - 2016-12-20 22:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-03 20:36 - 2016-12-20 22:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-03-03 20:35 - 2018-05-28 17:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-03-03 20:35 - 2017-06-12 18:12 - 000000000 ____D C:\ProgramData\NVIDIA
2019-03-03 20:35 - 2016-12-20 22:34 - 000000000 __SHD C:\Users\fbart\IntelGraphicsProfiles
2019-03-03 20:34 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-03-03 20:34 - 2016-12-26 16:39 - 000000000 ____D C:\Program Files\WinRAR
2019-03-03 17:54 - 2018-04-12 00:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-03-03 17:54 - 2018-04-12 00:41 - 000179608 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-01 19:16 - 2016-12-26 16:39 - 000000000 ____D C:\Users\fbart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-03-01 19:16 - 2016-12-26 16:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-03-01 11:56 - 2018-02-15 10:00 - 000000000 ____D C:\Program Files\rempl
2019-02-28 18:26 - 2017-11-28 10:12 - 000000000 ____D C:\Users\fbart\AppData\Local\JDownloader v2.0
2019-02-28 16:15 - 2017-02-16 10:12 - 000000000 ____D C:\Program Files\Opera
2019-02-28 16:14 - 2017-06-28 13:38 - 000001074 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera browser.lnk
2019-02-19 09:53 - 2018-05-28 17:39 - 000000000 ____D C:\Users\fbart\AppData\Local\D3DSCache
2019-02-18 21:41 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-02-18 21:41 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-02-18 21:41 - 2016-12-20 23:40 - 000000000 ____D C:\Users\fbart\AppData\Local\Adobe
2019-02-18 20:40 - 2018-05-28 17:00 - 000474160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-02-18 20:39 - 2016-12-20 22:45 - 000000000 ____D C:\Program Files\CCleaner
2019-02-18 20:38 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-02-18 20:38 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-02-18 20:38 - 2018-04-12 00:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-02-18 20:38 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-18 20:38 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-18 20:38 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-15 14:02 - 2018-03-09 10:33 - 000474456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
==================== Files in the root of some directories =======
2018-06-26 21:25 - 2018-06-26 21:25 - 000000861 _____ () C:\Users\fbart\AppData\Roaming\Avid_CCS_Service_Stop.log
2017-01-09 21:48 - 2019-03-17 13:00 - 000007606 _____ () C:\Users\fbart\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-05-28 17:00
==================== End of FRST.txt ============================
Potřebuji zároveň využívat Office a internet (FF + Chrome). Mívám otevřeno kolem 30 - 50 panelů.
Při psaní ve Wordu dochází ve vypjatých situacích k zpožděnému zápisu, webové stránky se otvírají s extrémním zpožděním (několik minut).
To vše se děje často, ale ne trvale.
Chtěl bych vědět, zda jsem jenom příliš náročný a chci po něm moc věcí najednou, nebo je někde něco špatně. Neběží např. v pozadí těžba kryptoměny?
Děkuji
P.S.: Před pár měsíci jsem řešil stejný problém zde:
https://forum.viry.cz/viewtopic.php?f=13&t=154920
----------
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by fbart (administrator) on DESKTOP-1NAN9QR (17-03-2019 13:01:46)
Running from C:\Users\fbart\Desktop
Loaded Profiles: fbart (Available Profiles: fbart)
Platform: Windows 10 Home Version 1803 17134.590 (X64) Language: Czech (Czech Republic)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\igfxCUIService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_b1c728d4cdf312e2\HotKeyServiceUWP.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_b1c728d4cdf312e2\LanWlanWwanSwitchingServiceUWP.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Conexant Systems LLC -> Conexant Systems, Inc) C:\Windows\CxSvc\CxAudioSvc.exe
(Avid Technology, Inc.) [File not signed] C:\Program Files\Avid\Pro Tools First\MMERefresh.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\IntelCpHDCPSvc.exe
(Conexant Systems LLC -> Conexant Systems, Inc.) C:\Windows\CxSvc\CxUtilSvc.exe
(DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(PACE Anti-Piracy, Inc. -> PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\IntelCpHeciSvc.exe
(DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\HPHotkeyNotification.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Conexant Systems LLC -> Conexant) C:\Windows\System32\MicTray64.exe
(Conexant Systems LLC -> Synaptics Incorporated) C:\Windows\System32\SynaMonApp.exe
(DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\igfxEM.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Conexant Systems LLC -> Conexant Systems, Inc) C:\Program Files\CONEXANT\Flow\Flow.exe
(Conexant Systems LLC -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SmartAudio3.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(Google Inc -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
(Google Inc -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Avid Technology, Inc. -> Avid Technology, Inc.) C:\Program Files\Avid\Cloud Client Services\Hub.exe
(Avid Technology, Inc. -> Avid Technology, Inc.) C:\Program Files\Avid\Cloud Client Services\TransportClient.exe
(HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Hewlett Packard Enterprise Company -> Hewlett Packard Enterprise Company) C:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Foxit Software Incorporated -> Foxit Corporation) C:\Users\fbart\AppData\Roaming\Foxit Software\Addon\Foxit Reader\FoxitReaderUpdater.exe
(Conexant Systems, Inc) [File not signed] C:\Program Files\CONEXANT\SA3\HP-NB-AIO\CnxtNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11231.20192.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11231.20192.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\OpenWith.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19011.19410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2018-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1598144 2018-12-17] (Comodo Security Solutions, Inc. -> COMODO)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [DigidesignMMERefresh] => C:\Program Files\Avid\Pro Tools First\MMERefresh.exe [117760 2018-04-03] (Avid Technology, Inc.) [File not signed]
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110008 2015-12-16] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [500152 2015-12-16] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [O2CZ] => C:\Program Files (x86)\O2\O2CZ\EMMSN.exe [4050632 2009-11-30] (TELEFONICA INVESTIGACION Y DESARROLLO, S.A -> Telefónica I+D) [File not signed]
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4251336 2018-10-10] (Comodo Security Solutions, Inc. -> COMODO)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe, <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-06] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46504696 2018-12-07] (Google Inc -> )
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\fbart\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\fbart\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\RunOnce: [Uninstall 19.002.0107.0008\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\fbart\AppData\Local\Microsoft\OneDrive\19.002.0107.0008\amd64"
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\RunOnce: [Uninstall 19.002.0107.0008] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\fbart\AppData\Local\Microsoft\OneDrive\19.002.0107.0008"
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_pepper.exe [1452544 2019-02-18] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Drivers32: [vidc.i420] => lvcod64.dll
HKLM\...\Drivers32-x32: [vidc.i420] => lvcodec2.dll
HKLM\...\Drivers32: [VIDC.MPG4] => C:\Windows\SysWOW64\mpg4c32.dll [427520 2000-06-02] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.MP42] => C:\Windows\SysWOW64\mpg4c32.dll [427520 2000-06-02] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.msaudio1] => C:\Windows\SysWOW64\msaud32.acm [305152 2000-06-02] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.sl_anet] => C:\Windows\SysWOW64\sl_anet.acm [102400 2000-06-02] (Sipro Lab Telecom Inc.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.75\Installer\chrmstp.exe [2019-03-13] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\72.0.1174.121\Installer\chrmstp.exe [2019-03-11] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\...\Authentication\Credential Providers: [{77B7ED10-A641-4766-A428-8B9EE42E830A}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{E85E7D14-653B-4E51-9BC5-E5F9EC9BC51D}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F0C31759-99A6-493E-AD7D-7F69126CDFBC}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F731030D-3272-4D8B-A21A-3940EF268453}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{DCFB2A33-814B-4236-BFBD-FFEA3F528385}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avid Application Manager.lnk [2018-06-26]
ShortcutTarget: Avid Application Manager.lnk -> C:\Program Files\Avid\Application Manager\AvidApplicationManager.exe (Avid Technology, Inc. -> Avid Technology, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2016-10-30]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{0F5EBB0D-DF6D-4DBE-9789-57BF05B3B0FD}\HPlogo_blue.ico () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2018-05-28]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\fbart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lingea Update Center.lnk [2018-10-15]
ShortcutTarget: Lingea Update Center.lnk -> C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe (Lingea s.r.o. -> Lingea) [File not signed]
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{5e93018d-e819-411c-a382-4ff97e6c7ce1}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{7191fe23-5f29-4c83-8116-0cf877ca686d}: [DhcpNameServer] 192.168.10.254
Tcpip\..\Interfaces\{8a386b75-748c-4b9a-b485-10037ff1581d}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{ffa86dba-3d82-4856-9162-fbb0cf3ea26b}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-04] (Hewlett-Packard Company -> HP Inc.)
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-08-05] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-04] (Hewlett-Packard Company -> HP Inc.)
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-08-05] (pdfforge GmbH -> pdfforge GmbH)
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation) [File not signed]
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
FireFox:
========
FF DefaultProfile: 5idlmvdg.default
FF ProfilePath: C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\5idlmvdg.default [2019-03-17]
FF Session Restore: Mozilla\Firefox\Profiles\5idlmvdg.default -> is enabled.
FF Extension: (Avast SafePrice) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\5idlmvdg.default\Extensions\sp@avast.com.xpi [2018-04-09] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/sp/update.json]
FF Extension: (Avast Online Security) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\5idlmvdg.default\Extensions\wrc@avast.com.xpi [2019-01-29]
FF Extension: (Docs Online Viewer) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\5idlmvdg.default\Extensions\{bfb54675-2fd9-4e22-949d-c36333aff6b5}.xpi [2017-03-03]
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-12-29] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll [2017-11-07] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-11-07] (Adobe Systems Incorporated -> )
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-09-19] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-09-19] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-09-19] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-09-19] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-12-19] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-12-19] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-08-05] (pdfforge GmbH -> pdfforge GmbH)
FF Plugin HKU\S-1-5-21-2002658774-1703651359-3694545506-1002: @lingea.com/x-lingea-translate -> C:\Program Files (x86)\Common Files\Lingea Shared\LG_Mozilla.dll [2014-04-18] (Lingea s.r.o.) [File not signed]
FF Plugin HKU\S-1-5-21-2002658774-1703651359-3694545506-1002: @zoom.us/ZoomVideoPlugin -> C:\Users\fbart\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2018-08-15] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://www.helpforenglish.cz/search/?q=nep%C5% ... %99e%C4%8D
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default [2019-03-17]
CHR Extension: (Slides) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-18]
CHR Extension: (Docs) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18]
CHR Extension: (Google Drive) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-31]
CHR Extension: (YouTube) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-31]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-18]
CHR Extension: (Sheets) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-18]
CHR Extension: (Google Docs Offline) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-23]
CHR Extension: (Avast Online Security) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-02-27]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-10-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-16]
CHR Extension: (Gmail) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-31]
CHR Extension: (Chrome Media Router) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-13]
CHR HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ligocpecgmjonmijmlompafnhnpgjccd] - C:\Program Files (x86)\Lingea\Lexicon5\syst\LG_Chrome.crx [2016-12-26]
Opera:
=======
OPR Extension: (MyJDownloader Browser Extension) - C:\Users\fbart\AppData\Roaming\Opera Software\Opera Stable\Extensions\fbclnkmbcmdfamfeaagadifibbongnmf [2019-02-28]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-16] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-16] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\72.0.1174.121\elevation_service.exe [1070600 2019-03-06] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R2 AvidHubService; C:\Program Files\Avid\Cloud Client Services\Hub.exe [2299208 2017-11-09] (Avid Technology, Inc. -> Avid Technology, Inc.)
R2 AvidTransportClient; C:\Program Files\Avid\Cloud Client Services\TransportClient.exe [7067464 2017-11-09] (Avid Technology, Inc. -> Avid Technology, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7923888 2017-10-12] (Microsoft Corporation -> Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10736912 2019-02-11] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2018-12-17] (Comodo Security Solutions, Inc. -> COMODO)
R2 CxAudioSvc; C:\WINDOWS\CxSvc\CxAudioSvc.exe [43632 2018-03-13] (Conexant Systems LLC -> Conexant Systems, Inc)
R4 CxUtilSvc; C:\WINDOWS\CxSvc\CxUtilSvc.exe [149104 2018-01-02] (Conexant Systems LLC -> Conexant Systems, Inc.)
R2 DigiRefresh; C:\Program Files\Avid\Pro Tools First\MMERefresh.exe [117760 2018-04-03] (Avid Technology, Inc.) [File not signed]
S3 digiSPTIService64; C:\Program Files\Avid\Pro Tools First\digisptiservice64.exe [197632 2018-04-03] (Avid Technology, Inc.) [File not signed]
R2 DpHost; c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe [527296 2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [567888 2016-08-11] (Hewlett Packard Enterprise Company -> Hewlett-Packard Company)
R2 fpCsEvtSvc; C:\WINDOWS\system32\fpCSEvtSvc.exe [29544 2018-07-19] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_b1c728d4cdf312e2\HotKeyServiceUWP.exe [674208 2018-10-29] (HP Inc. -> HP Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [892928 2016-06-02] (HP Inc.) [File not signed]
R2 HpDamServiceHost; c:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe [20376 2016-08-09] (Hewlett Packard Enterprise Company -> Hewlett Packard Enterprise Company)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [459800 2016-06-02] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1083200 2016-12-22] (HP Inc. -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc. -> HP Inc.)
S4 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2016-06-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 ibtsiva; C:\WINDOWS\System32\ibtsiva.exe [541896 2018-07-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [775904 2018-09-14] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [705760 2018-09-14] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 IntelAudioService; C:\WINDOWS\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe [204888 2017-11-21] (Intel(R) Smart Sound Technology -> Intel)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044680 2018-10-10] (Comodo Security Solutions, Inc. -> COMODO)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [218176 2018-11-16] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_b1c728d4cdf312e2\LanWlanWwanSwitchingServiceUWP.exe [583584 2018-10-29] (HP Inc. -> HP Inc.)
S2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [310880 2018-09-05] (Intel Corporation -> )
S4 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2438880 2016-12-29] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-12-29] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-12-29] (pdfforge GmbH -> pdfforge GmbH)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [263720 2018-06-26] (Synaptics Incorporated -> Synaptics Incorporated)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [90976 2018-07-19] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-08-15] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-08-15] (Microsoft Corporation -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4059744 2018-09-05] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u https://activation.paceap.com/InitiateActivation [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [55696 2018-08-31] (HP Inc. -> HP)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [225680 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196072 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320696 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57960 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-09] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249672 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167304 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034432 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474456 2019-02-15] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216784 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379952 2019-03-11] (AVAST Software s.r.o. -> AVAST Software)
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17944 2018-05-23] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [44056 2018-05-23] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [832032 2018-05-23] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50768 2018-05-23] (Comodo Security Solutions, Inc. -> COMODO)
R3 CnxtHdAudService; C:\WINDOWS\system32\drivers\CHDRT64ISST.sys [2275280 2018-04-12] (Conexant Systems LLC -> Conexant Systems Inc.)
S3 DAMDrv; C:\WINDOWS\system32\DRIVERS\DAMDrv64.sys [76432 2016-08-11] (Hewlett Packard Enterprise Company -> Hewlett-Packard Enterpise Company)
S3 ewusbmbb; C:\WINDOWS\System32\drivers\ewusbwwan.sys [421376 2010-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_hwusbdev; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [117248 2010-07-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 FFUsbAudio; C:\WINDOWS\system32\DRIVERS\ffusbaudio.sys [53080 2011-10-31] (Focusrite Audio Engineering Limited -> Focusrite Audio Engineering Ltd.)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [42384 2018-08-31] (HP Inc. -> HP)
R3 HpqKbFiltr; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys [49184 2018-10-20] (HP Inc. -> HP Inc.)
R3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [86016 2011-01-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwdatacard; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [221312 2010-12-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [114304 2016-12-29] (Huawei Technologies Co., Ltd.) [File not signed]
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [199192 2018-05-10] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [134400 2018-05-23] (Comodo Security Solutions, Inc. -> COMODO)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63256 2018-08-29] (Comodo Security Solutions, Inc. -> COMODO)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8723648 2018-10-12] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvbl.inf_amd64_41597edff49ff122\nvlddmkm.sys [15764008 2018-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [937728 2016-06-20] (Realtek Semiconductor Corp -> Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [777944 2016-05-20] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [416472 2016-05-18] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [46120 2018-06-26] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [1063520 2017-04-06] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
R3 VBAudioVACMME; C:\WINDOWS\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46584 2018-08-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [340008 2018-08-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-08-15] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35568 2018-08-31] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-03-17 13:01 - 2019-03-17 13:01 - 000000000 ____D C:\Users\fbart\Desktop\FRST-OlderVersion
2019-03-15 10:27 - 2019-03-15 10:27 - 000000000 ____D C:\WINDOWS\LastGood
2019-03-13 08:56 - 2019-03-13 08:56 - 000000000 ____D C:\Users\fbart\AppData\Roaming\PDF Producer
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-03-17 13:04 - 2018-10-22 16:46 - 000040757 _____ C:\Users\fbart\Desktop\FRST.txt
2019-03-17 13:01 - 2018-10-22 16:48 - 002434048 _____ (Farbar) C:\Users\fbart\Desktop\FRST64.exe
2019-03-17 13:01 - 2017-12-01 22:30 - 000000000 ____D C:\FRST
2019-03-17 13:00 - 2017-01-09 21:48 - 000007606 _____ C:\Users\fbart\AppData\Local\Resmon.ResmonCfg
2019-03-17 13:00 - 2016-12-30 20:15 - 000000000 ____D C:\Users\fbart\Documents\Lexicon
2019-03-17 13:00 - 2016-12-27 22:22 - 000000000 ____D C:\Users\fbart\AppData\Local\ElevatedDiagnostics
2019-03-17 12:59 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-17 12:59 - 2016-12-26 16:31 - 000000000 ____D C:\Users\fbart\AppData\Roaming\vlc
2019-03-17 11:15 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-03-15 16:47 - 2018-05-28 17:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-03-15 15:38 - 2018-08-14 18:08 - 000000000 ____D C:\Users\fbart\AppData\Local\CrashDumps
2019-03-15 10:27 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-03-15 10:27 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-03-15 10:27 - 2017-06-12 18:13 - 000000000 ____D C:\ProgramData\Synaptics
2019-03-15 09:31 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-03-15 09:31 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-03-14 13:49 - 2018-12-19 14:33 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-14 13:49 - 2018-12-19 14:33 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-14 13:49 - 2018-11-15 11:53 - 000002802 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForfbart
2019-03-14 13:49 - 2018-11-15 11:53 - 000000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForfbart.job
2019-03-14 13:49 - 2018-09-06 15:28 - 000003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-03-14 13:49 - 2018-05-28 17:14 - 000003584 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-03-14 13:49 - 2018-05-28 17:14 - 000003306 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1487236436
2019-03-14 13:49 - 2018-05-28 17:14 - 000003262 _____ C:\WINDOWS\System32\Tasks\HPGenoobeReminder
2019-03-14 13:49 - 2018-05-28 17:14 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2002658774-1703651359-3694545506-1002
2019-03-14 13:49 - 2018-05-28 17:14 - 000002502 _____ C:\WINDOWS\System32\Tasks\HPEA3JOBS
2019-03-14 13:49 - 2018-05-28 17:14 - 000002352 _____ C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2019-03-14 13:49 - 2018-05-28 17:14 - 000002252 _____ C:\WINDOWS\System32\Tasks\HPJumpStartProvider
2019-03-14 13:49 - 2018-05-28 17:14 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-03-14 13:49 - 2018-05-28 17:14 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-03-14 08:58 - 2018-05-28 17:14 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-03-13 16:42 - 2016-12-31 22:30 - 000002268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-13 16:42 - 2016-12-31 22:30 - 000002227 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-03-13 12:54 - 2016-12-22 19:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-03-13 12:24 - 2016-12-22 19:42 - 127411920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-03-11 14:05 - 2018-05-28 17:06 - 000002420 _____ C:\Users\fbart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-03-11 14:05 - 2016-12-20 22:37 - 000000000 ___RD C:\Users\fbart\OneDrive
2019-03-11 14:02 - 2018-04-16 16:25 - 000002465 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-03-11 14:02 - 2018-04-16 16:25 - 000002430 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-03-11 13:56 - 2018-03-09 10:33 - 000379952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-03-08 11:37 - 2018-05-28 17:06 - 001881544 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-03-08 11:37 - 2018-04-12 16:50 - 000784238 _____ C:\WINDOWS\system32\perfh005.dat
2019-03-08 11:37 - 2018-04-12 16:50 - 000181610 _____ C:\WINDOWS\system32\perfc005.dat
2019-03-07 08:48 - 2016-04-02 03:17 - 000000000 ____D C:\ProgramData\Package Cache
2019-03-07 08:47 - 2016-10-29 23:39 - 000000000 ____D C:\ProgramData\Intel
2019-03-07 08:46 - 2017-11-07 11:55 - 000000000 ____D C:\SWSetup
2019-03-07 08:46 - 2016-10-29 23:26 - 000000000 ____D C:\ProgramData\HP
2019-03-03 22:13 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-03-03 20:36 - 2018-10-12 09:50 - 000000000 ___RD C:\Users\fbart\Google Drive
2019-03-03 20:36 - 2016-12-20 22:41 - 000000000 ____D C:\Users\fbart\AppData\LocalLow\Mozilla
2019-03-03 20:36 - 2016-12-20 22:40 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-03-03 20:36 - 2016-12-20 22:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-03 20:36 - 2016-12-20 22:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-03-03 20:35 - 2018-05-28 17:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-03-03 20:35 - 2017-06-12 18:12 - 000000000 ____D C:\ProgramData\NVIDIA
2019-03-03 20:35 - 2016-12-20 22:34 - 000000000 __SHD C:\Users\fbart\IntelGraphicsProfiles
2019-03-03 20:34 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-03-03 20:34 - 2016-12-26 16:39 - 000000000 ____D C:\Program Files\WinRAR
2019-03-03 17:54 - 2018-04-12 00:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-03-03 17:54 - 2018-04-12 00:41 - 000179608 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-01 19:16 - 2016-12-26 16:39 - 000000000 ____D C:\Users\fbart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-03-01 19:16 - 2016-12-26 16:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-03-01 11:56 - 2018-02-15 10:00 - 000000000 ____D C:\Program Files\rempl
2019-02-28 18:26 - 2017-11-28 10:12 - 000000000 ____D C:\Users\fbart\AppData\Local\JDownloader v2.0
2019-02-28 16:15 - 2017-02-16 10:12 - 000000000 ____D C:\Program Files\Opera
2019-02-28 16:14 - 2017-06-28 13:38 - 000001074 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera browser.lnk
2019-02-19 09:53 - 2018-05-28 17:39 - 000000000 ____D C:\Users\fbart\AppData\Local\D3DSCache
2019-02-18 21:41 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-02-18 21:41 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-02-18 21:41 - 2016-12-20 23:40 - 000000000 ____D C:\Users\fbart\AppData\Local\Adobe
2019-02-18 20:40 - 2018-05-28 17:00 - 000474160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-02-18 20:39 - 2016-12-20 22:45 - 000000000 ____D C:\Program Files\CCleaner
2019-02-18 20:38 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-02-18 20:38 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-02-18 20:38 - 2018-04-12 00:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-02-18 20:38 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-18 20:38 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-18 20:38 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-15 14:02 - 2018-03-09 10:33 - 000474456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
==================== Files in the root of some directories =======
2018-06-26 21:25 - 2018-06-26 21:25 - 000000861 _____ () C:\Users\fbart\AppData\Roaming\Avid_CCS_Service_Stop.log
2017-01-09 21:48 - 2019-03-17 13:00 - 000007606 _____ () C:\Users\fbart\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-05-28 17:00
==================== End of FRST.txt ============================