Prosím o kontrolu logu - problikává přík. řádek
Napsal: 24 kvě 2021 17:37
Dobrý den,
už delší dobu pozoruji, že po spuštění systému mi vždy po nepravidelné době problikne CMD okno příkazového řádku, někdy i 2x za sebou. Je to tak rychlé, že nikdy nestihnu přečíst co je obsahem.
Posílám log z FRST.
Děkuji za prověření.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2021
Ran by HP-OMEN (administrator) on DESKTOP-2J4O5S5 (HP OMEN by HP Laptop) (24-05-2021 18:31:12)
Running from C:\Users\HP-OMEN\Desktop
Loaded Profiles: HP-OMEN
Platform: Windows 10 Home Version 2004 19041.985 (X64) Language: Čeština (Česko)
Default browser: Brave
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.3.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe <27>
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
(Facebook Inc) C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\Messenger.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_c111c8dc1ba8768e\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Slack Technologies, Inc. -> Slack Technologies Inc.) C:\Users\HP-OMEN\AppData\Local\slack\app-4.16.1\slack.exe <6>
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.714.0_x86__zpdnekdrzrea0\Spotify.exe <6>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-10-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [118496 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [340440 2021-04-16] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [707624 2018-08-08] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2343376451-2767932507-3490548569-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32721976 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2343376451-2767932507-3490548569-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-11-26] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2343376451-2767932507-3490548569-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\HP-OMEN\AppData\Local\slack\slack.exe [308368 2021-05-19] (Slack Technologies, Inc. -> Slack Technologies Inc.)
HKLM\...\Print\Monitors\36C-0iSeriesPCL Language Monitor: C:\Windows\system32\KOAXJJAL.dll [25504 2020-11-05] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-12] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\90.0.9316.94\Installer\chrmstp.exe [2021-05-05] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\90.1.24.86\Installer\chrmstp.exe [2021-05-21] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\88.0.7842.105\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01C8EAA0-5E79-414E-9858-B20A55357309} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => cmd /c start hpdiags://BCF
Task: {03A12084-5279-4064-982A-AE4CB5C5DC43} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {06C2623D-340E-45E7-8A72-43EBED021E0C} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {0E130614-5525-47D1-AF88-B6CCDBABEECB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1DDC7373-93BF-4C38-9B14-6CE6715DEDA4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {1E007997-DE34-4637-8ADD-5B95CA1BEDE6} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => cmd /c start hpdiags://ABO
Task: {20D600AF-FE52-443D-8CB6-EF1082B2A3E5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {28F78EA0-2FF0-4175-BBC2-F7204E6C1307} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.)
Task: {2BDF9E3A-1042-4AE1-AC70-6FC0D93CA120} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => cmd /c start hpdiags://BHM2
Task: {3A131304-A54A-4325-801C-1127FF8E39FD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3C345500-DF95-4DDD-8236-C86677CE0756} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {3DB790C1-3CCC-43B0-895D-D41BDDA31C93} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {474B424E-1CF0-4BA5-B01C-F6ED7D62EC36} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2018-05-04] (HP Inc. -> HP Inc.)
Task: {4DED6405-D2F8-4D3F-BED9-336F59B3AF8C} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2343376451-2767932507-3490548569-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {5083D466-DECD-4905-9920-ACC55058D6DA} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2229072 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
Task: {5D86163E-34E4-4352-8E77-63C3EC56A836} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => cmd /c start hpdiags://LaunchUI
Task: {62FC85F5-7199-46A8-AFA2-09242D7B0AEB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27165752 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {655CA231-0CB6-47CC-B1B5-B6260D560951} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6D83A2E2-6D3A-4BC0-BCBE-01B594C53982} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {6F74AC7C-337D-4DBB-96D0-5927EA3E3EC6} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {72804E1D-65F6-4F14-B8B7-B63564E94DF1} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => cmd /c start hpdiags://SmartCheckError
Task: {79F905D8-86EF-492C-B81A-3367E4DDA9EF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-10] (Adobe Inc. -> Adobe)
Task: {7EB463B7-73EE-46FB-B2BD-E271FADB9445} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B3FE3D8-BE08-42E1-9624-677D5BC4E09D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8F0A85FA-389D-41D5-8FD7-2BEAD70A8939} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2229072 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
Task: {8F443F0B-DA94-4B3C-A576-11DAB6E7CB95} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {8F873379-B8A9-426A-A8DA-C44A9F9D0F99} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {90BB4BD5-BDBE-4BC5-ABF1-05C232E4F261} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {997B514F-31AE-4092-A968-B936C973E459} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4699872 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
Task: {A3789B3A-3C77-4DAB-9A06-F0ABE50654B7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {A4CFA836-EAB1-4EFE-8314-C1B3B5A579D5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {AAC514B2-5837-4795-8A0D-475FEE752B75} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-09] (Avast Software s.r.o. -> AVAST Software)
Task: {ACCF43F4-E4BB-45ED-B0AB-E47648B82234} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {B3DEFBD4-6052-4A97-BE76-B959AADE7B36} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => cmd /c start hpdiags://BHM1
Task: {B5E5B402-EC30-42DD-AB13-D0A97C579BFB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {B8E26EB7-6BEA-4303-9463-D0BE21EF6C53} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {BB6DC990-2606-4337-AF7B-A2302C0FABD5} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_453_pepper.exe [1498680 2020-11-10] (Adobe Inc. -> Adobe)
Task: {BC52D67D-746B-4D4B-97AD-3E5042F2C073} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C14DDE6B-B134-4132-8D0F-812CF2EE3753} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-02-24] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {C15E0FC6-A931-496E-A483-BC70418896E4} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => cmd /c start hpdiags:
Task: {C1D76223-9C13-4B77-B17E-03F29227FFAC} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => cmd /c start hpdiags://BatteryStatusTest
Task: {C3DA362E-05FB-4E97-BFB7-3ACD4FB048A4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-10] (Google Inc -> Google LLC)
Task: {D0E1D757-97BA-4195-99FD-A689E6EAF386} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-02-24] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {D575434C-92E9-428E-9177-289BD72FBEB7} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D8D2A894-15F0-431E-8E56-D2227C21537B} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => cmd /c start hpdiags://BatteryStatusError
Task: {D9E54BA0-1493-431C-BF0C-50ABA672042B} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DC10FB39-5534-4DF1-B770-E8B479396D29} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {DF7C82C4-EE57-49DD-BA3E-2E0075691CC0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-10] (Google Inc -> Google LLC)
Task: {DFA7E8A5-FB75-49F1-9AD1-20F09DA319A6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [352368 2021-03-26] (HP Inc. -> HP Inc.)
Task: {E48E16EF-E2F6-4AB6-825D-6E3DD6EBCD32} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E799D438-FE0F-4CA8-9685-7E74E0E211D3} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckTest => cmd /c start hpdiags://SmartCheckTest
Task: {EF595914-B15A-4F7B-8747-FD4F96947CBB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-02-16] (Piriform Software Ltd -> Piriform)
Task: {F2E4F27D-E497-49B3-80B3-E66028AFC2A8} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F403D227-468D-4CE2-A526-0C55A38864C6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F96B99A4-2ADE-4BD0-885A-B87094161103} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-09] (Avast Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 8.8.4.4 8.8.8.8
Tcpip\..\Interfaces\{42385fa3-dcb6-4586-9555-113afacea9ce}: [DhcpNameServer] 8.8.4.4 8.8.8.8
Tcpip\..\Interfaces\{9c025835-2d8a-400c-959c-288914851882}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{af4e668a-ae58-4841-b9d4-4b58dff92a9f}: [DhcpNameServer] 10.0.0.138
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\HP-OMEN\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-24]
Edge HomePage: Default -> hxxp://www.seznam.cz/
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-11-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-11-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-09-09] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-09-09] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default [2021-05-24]
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.cz/","hxxp://www.yandex.ru/? ... oogle.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Slides) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-10]
CHR Extension: (Just Black) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2020-08-01]
CHR Extension: (Adblocker for Chrome - NoAds) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\alplpnakfeabeiebipdmaenpmbgknjce [2020-04-15]
CHR Extension: (Docs) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-10]
CHR Extension: (Google Drive) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-10]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-29]
CHR Extension: (Adblock for Youtube™) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2020-10-12]
CHR Extension: (minerBlock) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\emikbbbebcdfohonlaifafnoanocnebl [2021-02-02]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-09]
CHR Extension: (Sheets) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-10]
CHR Extension: (Save to Collect) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\flblmacldekcjcoockeoggionmhflecp [2021-03-16]
CHR Extension: (Google Docs Offline) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-16]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-04-01]
CHR Extension: (No Coin - Block miners on the web!) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojamcfopckidlocpkbelmpjcgmbgjcl [2019-08-10]
CHR Extension: (FormApps Extension) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2019-08-10]
CHR Extension: (HP Network Check Launcher) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2019-08-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-23]
CHR Profile: C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-11-17]
CHR Profile: C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\System Profile [2020-11-17]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [jkfpchpiljkaemlpmpebnglgkomamfeo]
Brave:
=======
BRA Profile: C:\Users\HP-OMEN\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-05-24]
BRA Notifications: Default -> hxxps://calendar.google.com
BRA DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}&t=brave
BRA DefaultSearchKeyword: Default -> :d
BRA DefaultSuggestURL: Default -> hxxps://ac.duckduckgo.com/ac/?q={searchTerms}&type=list
BRA Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\HP-OMEN\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2021-02-24]
BRA Extension: (Save to Collect) - C:\Users\HP-OMEN\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\flblmacldekcjcoockeoggionmhflecp [2021-03-10]
BRA Extension: (FormApps Extension) - C:\Users\HP-OMEN\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2021-02-24]
BRA Extension: (HP Network Check Launcher) - C:\Users\HP-OMEN\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2021-02-24]
BRA Extension: (MetaMask) - C:\Users\HP-OMEN\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2021-05-22]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\HP-OMEN\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-02-24]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\HP-OMEN\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-05-24]
BRA Extension: (Brave NTP sponsored images) - C:\Users\HP-OMEN\AppData\Local\BraveSoftware\Brave-Browser\User Data\efkihffiamafhbhefjaljejgdpkelpal [2021-05-24]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\HP-OMEN\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-05-05]
BRA Extension: (Brave Ad Block Updater (CZE, SVK: EasyList Czech and Slovak)) - C:\Users\HP-OMEN\AppData\Local\BraveSoftware\Brave-Browser\User Data\omkkefoeihpbpebhhbhmjekpnegokpbj [2021-05-24]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\HP-OMEN\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-05-19]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-10] (Adobe Inc. -> Adobe)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7894040 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-09] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [606944 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [356064 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-09] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\90.0.9316.94\elevation_service.exe [1396968 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56920 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-02-24] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-02-24] (Brave Software, Inc. -> BraveSoftware Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4506728 2020-03-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_c111c8dc1ba8768e\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_c111c8dc1ba8768e\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35664 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [212192 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365024 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250336 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99288 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17352 2021-04-27] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41296 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [180448 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522936 2021-05-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107792 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82872 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850632 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467720 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215352 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326992 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
S3 CinemaCamera; C:\WINDOWS\System32\drivers\CinemaCamera.sys [27368 2021-04-22] (WDKTestCert build,131958900460134002 -> Blackmagic Design)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-03-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-03-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-07-25] (Martin Malik - REALiX -> REALiX(tm))
S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [72224 2019-10-17] (SZ DJI Technology Co., Ltd. -> hxxp://libusb-win32.sourceforge.net)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2019-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2014-11-05] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [45024 2018-07-31] (ExprsVPN LLC -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-05-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-19] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-24 18:31 - 2021-05-24 18:31 - 000041623 _____ C:\Users\HP-OMEN\Desktop\FRST.txt
2021-05-24 18:26 - 2021-05-24 18:26 - 002299904 _____ (Farbar) C:\Users\HP-OMEN\Desktop\FRST64.exe
2021-05-24 11:58 - 2021-05-24 11:59 - 000000000 ____D C:\Program Files (x86)\Blackmagic Design
2021-05-24 09:43 - 2021-05-24 09:43 - 004173473 _____ C:\Users\HP-OMEN\Desktop\SOD p. Dolezalova_podepsana.pdf
2021-05-22 12:40 - 2021-05-22 12:53 - 000000000 ____D C:\Users\HP-OMEN\Downloads\The Insider (1999) - 1080p
2021-05-21 19:52 - 2021-05-21 19:52 - 000000000 ____D C:\Users\HP-OMEN\Documents\Captura
2021-05-21 18:47 - 2021-05-21 18:47 - 000000000 ____D C:\Users\HP-OMEN\Documents\ScreenRecorder
2021-05-19 14:47 - 2021-05-19 14:47 - 000000000 ____D C:\Users\HP-OMEN\Downloads\Blackmagic_Camera_Setup_Windows_7.3.1
2021-05-13 19:19 - 2021-05-13 19:19 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-13 19:19 - 2021-05-13 19:19 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-13 19:19 - 2021-05-13 19:19 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-13 19:19 - 2021-05-13 19:19 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-13 19:19 - 2021-05-13 19:19 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-13 19:19 - 2021-05-13 19:19 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-13 19:18 - 2021-05-13 19:18 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-13 19:18 - 2021-05-13 19:18 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-13 19:18 - 2021-05-13 19:18 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-13 19:18 - 2021-05-13 19:18 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-13 19:18 - 2021-05-13 19:18 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-13 19:18 - 2021-05-13 19:18 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-12 20:26 - 2021-05-12 21:27 - 000000000 ____D C:\Users\HP-OMEN\Downloads\Pride and Glory (2008) [1080p]
2021-05-07 11:58 - 2021-05-07 11:58 - 000000000 ____D C:\Users\HP-OMEN\Desktop\coolvetica
2021-05-07 11:57 - 2021-05-07 11:57 - 000000000 ____D C:\Users\HP-OMEN\Desktop\sugo_pro_classic
2021-05-07 11:57 - 2021-05-07 11:57 - 000000000 ____D C:\Users\HP-OMEN\Desktop\gobold
2021-05-06 15:16 - 2021-05-06 15:53 - 000000000 ____D C:\Users\HP-OMEN\Desktop\Spark Arc
2021-05-05 15:48 - 2021-05-05 15:48 - 000111733 _____ C:\Users\HP-OMEN\Downloads\dokument-125558478.pdf
2021-05-05 09:35 - 2021-05-05 09:41 - 000000000 ____D C:\Users\HP-OMEN\Desktop\snezne_jamy_standa
2021-04-28 12:14 - 2021-04-28 12:14 - 000000000 ____D C:\Users\HP-OMEN\Downloads\Blackmagic_RAW_Windows_1.7
2021-04-27 13:43 - 2021-04-27 13:43 - 000048040 _____ C:\Users\HP-OMEN\Desktop\82112235.pdf
2021-04-27 12:10 - 2021-04-27 12:10 - 000000000 ____D C:\Users\HP-OMEN\Desktop\StarStaX-0.71_win64
2021-04-27 06:19 - 2021-04-27 06:19 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-04-27 06:19 - 2021-04-27 06:19 - 000215352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-04-26 10:38 - 2021-04-26 10:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2021-04-26 10:38 - 2021-04-26 10:38 - 000000000 ____D C:\Program Files\iTunes
2021-04-25 17:44 - 2021-04-25 17:44 - 000299475 _____ C:\Users\HP-OMEN\Downloads\REKONSTRUKCE-FRIMLOVKA.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-24 18:31 - 2020-01-06 23:56 - 000000000 ____D C:\FRST
2021-05-24 18:31 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-24 18:28 - 2021-03-23 10:18 - 000000000 ____D C:\Users\HP-OMEN\AppData\Roaming\Slack
2021-05-24 18:20 - 2020-08-28 12:40 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-05-24 18:20 - 2020-08-28 12:40 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-05-24 18:20 - 2020-08-28 12:40 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-05-24 18:20 - 2020-08-28 12:40 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-05-24 18:20 - 2020-08-28 12:40 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-05-24 18:19 - 2020-04-15 09:46 - 000522936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-05-24 16:25 - 2020-08-28 12:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-05-24 16:23 - 2020-08-28 12:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-24 15:32 - 2019-10-05 17:18 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-05-24 12:58 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-24 12:03 - 2020-08-28 12:43 - 001607418 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-24 12:03 - 2019-12-07 16:41 - 000684934 _____ C:\WINDOWS\system32\perfh005.dat
2021-05-24 12:03 - 2019-12-07 16:41 - 000137698 _____ C:\WINDOWS\system32\perfc005.dat
2021-05-24 11:59 - 2020-08-30 12:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2021-05-24 11:59 - 2019-07-26 09:33 - 000000000 ____D C:\ProgramData\Package Cache
2021-05-24 11:56 - 2020-08-28 12:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-24 11:56 - 2020-08-28 12:32 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-24 11:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-05-24 11:56 - 2019-08-06 10:53 - 000000000 ____D C:\Program Files\CCleaner
2021-05-24 11:56 - 2019-07-26 10:27 - 000000000 ____D C:\ProgramData\AVAST Software
2021-05-24 11:56 - 2019-07-26 09:41 - 000000000 ____D C:\ProgramData\NVIDIA
2021-05-24 11:56 - 2019-07-26 09:14 - 000000000 __SHD C:\Users\HP-OMEN\IntelGraphicsProfiles
2021-05-24 11:56 - 2019-07-25 13:44 - 000000000 ____D C:\Intel
2021-05-24 11:55 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-05-24 11:53 - 2019-08-06 10:52 - 000000000 ____D C:\Users\HP-OMEN\AppData\Local\CrashDumps
2021-05-23 23:16 - 2020-08-28 12:34 - 000000000 ____D C:\Users\HP-OMEN
2021-05-23 09:18 - 2019-08-10 22:45 - 000000000 ____D C:\Users\HP-OMEN\AppData\Roaming\uTorrent
2021-05-23 07:25 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-23 07:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-22 12:56 - 2020-06-08 22:39 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-21 20:09 - 2019-07-25 13:35 - 000000000 ____D C:\Users\HP-OMEN\AppData\Roaming\vlc
2021-05-21 19:52 - 2019-07-25 13:33 - 000000000 ____D C:\ProgramData\Packages
2021-05-21 19:52 - 2019-07-25 13:29 - 000000000 ____D C:\Users\HP-OMEN\AppData\Local\Packages
2021-05-21 18:47 - 2019-07-25 13:31 - 000000000 ____D C:\Users\HP-OMEN\AppData\Local\PlaceholderTileLogoFolder
2021-05-21 16:31 - 2021-02-24 15:50 - 000002364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2021-05-19 18:31 - 2020-05-28 13:16 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-05-19 10:00 - 2019-07-25 13:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-05-19 09:49 - 2021-03-23 10:18 - 000000000 ____D C:\Users\HP-OMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc
2021-05-19 09:49 - 2021-03-23 10:18 - 000000000 ____D C:\Users\HP-OMEN\AppData\Local\slack
2021-05-19 09:48 - 2021-03-23 10:18 - 000000000 ____D C:\Users\HP-OMEN\AppData\Local\SquirrelTemp
2021-05-14 11:43 - 2020-04-15 09:46 - 000522896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys.162187318529601
2021-05-14 10:43 - 2020-08-28 12:40 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-05-14 00:18 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-14 00:16 - 2020-08-28 12:32 - 000869352 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-14 00:15 - 2019-12-07 16:42 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-13 19:21 - 2019-12-07 16:44 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-13 19:21 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-13 19:12 - 2019-07-25 15:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-13 19:09 - 2019-07-26 10:03 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2021-05-13 19:09 - 2019-07-25 15:46 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-12 21:34 - 2019-08-10 23:03 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-05 20:19 - 2019-07-26 10:31 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-05-05 15:03 - 2021-04-06 18:52 - 000000000 ____D C:\Users\HP-OMEN\AppData\Roaming\WhatsApp
2021-04-28 12:06 - 2020-11-13 14:27 - 000000000 ____D C:\WINDOWS\Minidump
2021-04-28 12:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-04-27 13:21 - 2020-01-31 15:33 - 000000000 ____D C:\Users\HP-OMEN\AppData\Roaming\audacity
2021-04-27 06:19 - 2020-10-18 23:00 - 000180448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-04-27 06:19 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-27 06:19 - 2019-08-07 20:26 - 000035664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-04-27 06:19 - 2019-07-26 10:28 - 000850632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-04-27 06:19 - 2019-07-26 10:28 - 000467720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-04-27 06:19 - 2019-07-26 10:28 - 000365024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-04-27 06:19 - 2019-07-26 10:28 - 000326992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-04-27 06:19 - 2019-07-26 10:28 - 000250336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-04-27 06:19 - 2019-07-26 10:28 - 000212192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-04-27 06:19 - 2019-07-26 10:28 - 000107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-04-27 06:19 - 2019-07-26 10:28 - 000099288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-04-27 06:19 - 2019-07-26 10:28 - 000082872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-04-27 06:19 - 2019-07-26 10:28 - 000041296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-04-27 06:19 - 2019-07-26 10:28 - 000017352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-04-26 09:43 - 2021-04-06 18:52 - 000000000 ____D C:\Users\HP-OMEN\AppData\Local\WhatsApp
==================== Files in the root of some directories ========
2019-11-29 12:59 - 2019-11-29 13:51 - 000063312 _____ () C:\Users\HP-OMEN\AppData\Roaming\downloads.json
2020-10-16 10:39 - 2020-10-16 10:39 - 000001480 _____ () C:\Users\HP-OMEN\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2019-08-09 15:18 - 2019-08-09 15:18 - 000000000 _____ () C:\Users\HP-OMEN\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2021
Ran by HP-OMEN (24-05-2021 18:32:16)
Running from C:\Users\HP-OMEN\Desktop
Windows 10 Home Version 2004 19041.985 (X64) (2020-08-28 10:40:17)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2343376451-2767932507-3490548569-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2343376451-2767932507-3490548569-503 - Limited - Disabled)
Guest (S-1-5-21-2343376451-2767932507-3490548569-501 - Limited - Disabled)
HP-OMEN (S-1-5-21-2343376451-2767932507-3490548569-1001 - Administrator - Enabled) => C:\Users\HP-OMEN
WDAGUtilityAccount (S-1-5-21-2343376451-2767932507-3490548569-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4Videosoft iOS Transfer 8.2.58 (HKLM-x32\...\{E8C3E38D-FE43-4a26-8B93-886E4F2C4710}_is1) (Version: 8.2.58 - 4Videosoft Studio)
7-Zip 20.00 alpha (x64) (HKLM\...\7-Zip) (Version: 20.00 alpha - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated)
Adobe After Effects 2019 (HKLM-x32\...\AEFT_16_1_1) (Version: 16.1.1 - Adobe Systems Incorporated)
Adobe Audition 2019 (HKLM-x32\...\AUDT_12_1) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.453 - Adobe)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Adobe Illustrator 2019 (HKLM-x32\...\ILST_23_0_3) (Version: 23.0.3 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_2_1) (Version: 8.2.1 - Adobe Systems Incorporated)
Adobe Media Encoder 2019 (HKLM-x32\...\AME_13_1) (Version: 13.1 - Adobe Systems Incorporated)
Adobe Media Encoder 2020 (HKLM-x32\...\AME_14_0_1) (Version: 14.0.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_2) (Version: 20.0.2 - Adobe Systems Incorporated)
Adobe Premiere Pro 2019 (HKLM-x32\...\PPRO_13_1) (Version: 13.1 - Adobe Systems Incorporated)
Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_0_1) (Version: 14.0.1 - Adobe Systems Incorporated)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Apple Mobile Device Support (HKLM\...\{74CC99EB-7DC0-4CB0-847A-F8C2FE39690C}) (Version: 14.5.0.7 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.3.2459 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 90.0.9316.94 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Balíček ovladače systému Windows - Silicon Laboratories (silabenm) Ports (10/18/2013 6.6.1.0) (HKLM\...\F92C2D6CB4EA0EE558BDF5F8BDD69083DFC62179) (Version: 10/18/2013 6.6.1.0 - Silicon Laboratories)
Blackmagic Camera Utility (HKLM\...\{6C927A11-14CA-4442-845B-0D4A5A3209CE}) (Version: 7.3.1.0 - Blackmagic Design) Hidden
Blackmagic Camera Utility (HKLM-x32\...\{528a5726-a79f-4027-b094-9da8c19708b4}) (Version: 7.3.1 - Blackmagic Design)
Blackmagic RAW (HKLM\...\{F0BC5957-E729-4A87-807C-70440D42C6B7}) (Version: 2.0 - Blackmagic Design)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 90.1.24.86 - Autoři prohlížeče Brave)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.74.1085 - AB Team, d.o.o.)
CCleaner (HKLM\...\{DCC7ED81-4222-4555-87F4-AE3E8B0C10D6}_is1) (Version: 5.55.7108 - Piriform)
Cyberpunk 2077 (HKLM-x32\...\Cyberpunk 2077_is1) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.12.0.1152 - Disc Soft Ltd)
DJI Assistant 2 For Mavic version V2.0.10.8 (HKLM-x32\...\{6859F742-537E-44EA-AF45-000EC275335F}_is1) (Version: V2.0.10.8 - DJI)
FileZilla Client 3.46.3 (HKLM-x32\...\FileZilla Client) (Version: 3.46.3 - Tim Kosse)
Flvto Youtube Downloader (HKLM-x32\...\Flvto Youtube Downloader) (Version: 1.3.9 - Flvto.biz)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{F322B446-B157-4257-B44F-4F22D41F8EDB}) (Version: 8.8.34.31 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{682A0055-EB89-425A-812B-80C18244DC61}) (Version: 12.18.34.21 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{57058272-92B0-4EFA-8FDD-ED3E5D689D37}) (Version: 1.4.32 - HP Inc.)
iCloud Outlook (HKLM\...\{696A65CA-2720-4D0D-A255-78123E9AC856}) (Version: 11.2.0.18 - Apple Inc.)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1069 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{df682aff-4294-4ad1-aaa7-276931d5781f}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000020-0200-1029-84C8-B8D95FA3C8C3}) (Version: 20.20.0 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{226be6c3-8e08-4d52-bd3a-d361008448c5}) (Version: 10.1.1.37 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{07B3B04F-368F-42D9-9DDC-EEF1821DF158}) (Version: 12.11.3.17 - Apple Inc.)
Java 8 Update 271 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
Ledger Live 2.25.1 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.25.1 - Ledger Live Team)
LRTimelapse 4.5 (HKLM-x32\...\{3B86296C-F4C8-4FE7-8561-CC5F444098D4}}_is1) (Version: 4.5 - Gunther Wegner)
Mafia II (HKLM-x32\...\1816059595_is1) (Version: update5 - GOG.com)
MediaHuman Video Converter verze 1.2.1 (HKLM-x32\...\MHVideoConverter_is1) (Version: 1.2.1 - MediaHuman)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.66 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2343376451-2767932507-3490548569-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{9738288C-21BC-4F54-AB4F-72F059339376}) (Version: 8.6 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{DEB339C1-2687-43AB-816A-8714F3E26846}) (Version: 8.6 - Apple Inc.)
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 6.2.1.14 - Popcorn Time) <==== ATTENTION
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8940.1 - Realtek Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21292 - Realtek Semiconductor Corp.)
Skype verze 8.58 (HKLM-x32\...\Skype_is1) (Version: 8.58 - Skype Technologies S.A.)
Slack (HKU\S-1-5-21-2343376451-2767932507-3490548569-1001\...\slack) (Version: 4.16.1 - Slack Technologies Inc.)
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.5.10.75 - Synaptics Incorporated)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.50 - Ghisler Software GmbH)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
VirtualDJ PRO Full (HKLM-x32\...\{4769E972-2E92-49C5-B6F9-465EFD0C4D94}) (Version: 7.0.5 - Atomix Productions)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WhatsApp (HKU\S-1-5-21-2343376451-2767932507-3490548569-1001\...\WhatsApp) (Version: 2.2114.9 - WhatsApp)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Worms Armageddon (HKLM-x32\...\1462173886_is1) (Version: 2.0.0.2 - GOG.com)
Zoom (HKU\S-1-5-21-2343376451-2767932507-3490548569-1001\...\ZoomUMX) (Version: 5.6.3 (751) - Zoom Video Communications, Inc.)
Packages:
=========
CryptoTracker -> C:\Program Files\WindowsApps\54989IsmaelEstalayoMena.CoinBaseUnofficial_5.1.7.0_x64__89h962p81ezx6 [2021-04-15] (Ismael Estalayo Mena)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-12] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.6.8.0_x64__v10z8vjag6ke6 [2021-01-28] (HP Inc.)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_12.3.74.0_x86__nzyj5cx40ttqa [2021-05-10] (Apple Inc.) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-17] (INTEL CORP)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt [2021-04-11] (Facebook Inc) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-07-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-07-26] (Microsoft Corporation) [MS Ad]
Microsoft Midi gm.dls -> C:\Program Files\WindowsApps\Microsoft.Midi.GmDls_1.0.1.0_neutral__8wekyb3d8bbwe [2021-01-11] (Microsoft Platform Extensions)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5170.0_x64__8wekyb3d8bbwe [2021-05-23] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-20] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt [2021-05-10] (INTEL CORP) [Startup Task]
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_1.0.40392.0_x64__8wekyb3d8bbwe [2021-03-03] (Microsoft Corporation)
Screen Recorder Pro For Win10 -> C:\Program Files\WindowsApps\57506winuwp.ScreenRecorderProForWin10_2.0.4.0_x86__2h241tqkdbv36 [2021-05-21] (winuwp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.714.0_x86__zpdnekdrzrea0 [2021-05-21] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-27] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2020-02-06] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-03-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-03-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2020-02-06] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_c111c8dc1ba8768e\nvshext.dll [2020-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2020-02-06] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\HP-OMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
Shortcut: C:\Users\HP-OMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com
==================== Loaded Modules (Whitelisted) =============
2021-04-09 15:05 - 2021-04-09 15:05 - 054230528 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\addon.node
2021-04-09 15:05 - 2021-04-09 15:05 - 000763392 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\keytar.node
2021-04-09 15:05 - 2021-04-09 15:05 - 000750080 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\logging.node
2020-11-13 13:16 - 2020-11-13 13:17 - 001037824 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\spellchecker_win.node
2021-04-09 15:05 - 2021-04-09 15:05 - 001218560 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\systeminfo.node
2020-11-13 13:16 - 2020-11-13 13:17 - 000614912 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.applicationmodel.node
2020-11-13 13:16 - 2020-11-13 13:17 - 000523776 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.data.xml.dom.node
2020-11-13 13:16 - 2020-11-13 13:17 - 000202240 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.networking.pushnotifications.node
2020-11-13 13:16 - 2020-11-13 13:17 - 001144832 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.storage.node
2020-11-13 13:16 - 2020-11-13 13:17 - 000681984 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.ui.notifications.node
2021-05-07 13:20 - 2021-05-07 13:20 - 042557440 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt\IGCC.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_271\bin\ssv.dll [2020-11-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-11-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2343376451-2767932507-3490548569-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 06:49 - 2020-04-12 00:24 - 000001056 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Windows\System32\OpenSSH;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin;C:\Program Files\Common Files\Intel\WirelessCommon;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2343376451-2767932507-3490548569-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\HP-OMEN\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.4.4 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKU\S-1-5-21-2343376451-2767932507-3490548569-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-2343376451-2767932507-3490548569-1001\...\StartupApproved\Run: => "CCXProcess"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{AED8B6E0-C59E-4924-9AD0-F372BB5B9E6E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CBED6D5F-66BB-45C6-B8E1-E35AAD5126F2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8D5F45A9-C2DD-42AA-B873-394B507DFEA6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7E432063-7AA4-411D-B0EC-71D1C03F4DE9}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{638A9BAA-5ABC-46C8-9C35-A4D7DC2EBC7F}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{2A9847B3-4BA2-492A-BFBE-940BAF61AE9B}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{F1815726-4F1D-4587-9ED2-2C6195480572}C:\program files (x86)\microsoft\skype for desktop\skype.exe] => (Allow) C:\program files (x86)\microsoft\skype for desktop\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{2A9A2725-2B0D-4E41-AF7C-090B7647A61D}C:\program files (x86)\microsoft\skype for desktop\skype.exe] => (Allow) C:\program files (x86)\microsoft\skype for desktop\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F273AF6E-B4A5-457A-A99F-40F1EE6764BD}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DA50A6BB-B3FF-4105-BC97-B5F10AD183C5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{4C5173A1-9849-4B03-BF1E-4F904AF11C18}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{3944F71A-75D1-4CEF-95EC-3BFEF8445DF6}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{7F5B61B9-8402-4F19-A23B-D68E09B0BA54}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe (Microsoft Corporation) [File not signed]
FirewallRules: [TCP Query User{D467F349-15C3-4A71-A270-422B66221791}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{3D3768D5-F7AC-4E09-86F7-0F6610869882}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{18AA60A9-B263-469F-A788-AA3D2CA0915C}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{8A963509-87C9-4E4A-BB9B-457B1BF777EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1D8EF35D-6BCD-4827-9FAA-7B151136165D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{24B1A546-652A-4F4F-9008-F752C82CDB80}] => (Block) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\visionstarter2.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [{19FD93A2-4A0A-46D3-AB77-057B4D0B2013}] => (Block) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\visionstarter2.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [UDP Query User{7FF3CC85-E0D4-4414-806A-2CB2F0D9580F}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\visionstarter2.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\visionstarter2.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [TCP Query User{6B5BE1C5-161A-48D9-B25C-1CF623D75841}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\visionstarter2.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\visionstarter2.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [UDP Query User{FFA67698-11C0-4332-91C3-424DB73BCEF9}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [TCP Query User{DB916188-7E0B-49CF-8033-369641DCF2F4}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [UDP Query User{17A38925-AE10-4545-BD7F-107D4BD3B2D4}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [TCP Query User{9C6044A2-E9CE-46F9-B621-AD13E5B5E83F}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [UDP Query User{2AE61507-2988-4668-8FB5-4CB775BEB828}C:\users\hp-omen\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hp-omen\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{2873037A-1959-4D3E-8A88-C744C2E6543D}C:\users\hp-omen\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hp-omen\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{CCE24CB4-0DF7-46B3-B9A2-64DCC6C17F90}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{12D724D0-6131-4D9F-994A-36CBB8A4B464}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3BAD7DBC-D8B5-4A28-83C3-3F66E62F2CEE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{295EAD61-A74D-4BDB-AD5E-3349E69CB0C9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E8B48E33-7C68-440A-B9A2-6A7AFE206AC3}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{962FF666-29EF-4CF5-B503-F39E05FB9324}C:\users\hp-omen\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hp-omen\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{BAC457E7-A299-4DC8-B60B-C4EC6B624193}C:\users\hp-omen\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hp-omen\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{7220B7F9-15CC-464D-9EBA-93E8B64BD088}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2C572517-F76E-475B-AB3B-E789C68B5730}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7ECB3527-E1A3-42D8-AF0F-F35FC1453C0A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5A115AAD-B21F-4358-A70C-6C685F4AC9CA}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0AC72AB2-9293-4877-B1A2-7E06E338744C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{89E3335B-4CCD-4A22-B815-7D6D8BF5DC83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{04099A55-20CD-406E-99D8-4FDBDB05C56B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8F53C654-39AA-42F2-8E8C-A3CD74DDBECB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{61B116B5-251B-48DB-AF06-30C9A4A5A6E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{EC9766DD-2B6E-4550-90D7-37BB1B307539}C:\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) C:\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{A3DD5199-5857-4E79-8D13-D7871740FD5E}C:\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) C:\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [TCP Query User{0B827DE3-D5E2-4A76-A9BA-60B891EC252F}C:\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{106CC828-5489-4124-A1A0-F9A96BD6C4A7}C:\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{E2789293-E98C-43A8-9BA2-44DE0292FA65}] => (Allow) C:\Users\HP-OMEN\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{73CD7322-3A1F-4713-ABF1-880F2B426B03}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E95B82FD-7570-4B7E-9101-104FFCB541A9}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0EFBB30F-36B2-4BEF-B1C8-C84D042677A9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{7ABE5278-7086-4FEC-86CE-D9C58F07367D}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{CA955503-2A6D-49A6-A19D-71A408160BAD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.714.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E18511B7-2964-455B-B15C-F13206D87686}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.714.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F0CBA1E4-8583-4966-85A6-F2C248E854CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.714.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CDB93D2F-A2FE-4B41-834C-9E4B46C61B42}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.714.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6882E6B2-6455-4855-AD3B-F4065FF41D2A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.714.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3457FC77-A4EB-40A0-926A-2A289C9AB55C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.714.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C733443B-CD75-4401-B04E-BCB7AE8A5E2C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.714.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{790DEF75-475C-409F-A4DA-6B5DE5EF227A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.714.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
==================== Restore Points =========================
21-05-2021 18:43:12 Naplánovaný kontrolní bod
24-05-2021 11:19:53 Removed Blackmagic RAW
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/24/2021 11:55:48 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (05/24/2021 11:55:48 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (05/24/2021 11:55:48 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (05/24/2021 11:55:48 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (05/24/2021 09:28:05 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (05/23/2021 01:15:27 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (05/23/2021 01:15:27 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (05/23/2021 09:18:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.19041.746, časové razítko: 0x1baae673
Kód výjimky: 0xc000041d
Posun chyby: 0x00005d67
ID chybujícího procesu: 0x3b8c
Čas spuštění chybující aplikace: 0x01d74ef6d0c04f75
Cesta k chybující aplikaci: C:\Users\HP-OMEN\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 433ec0ca-d1be-47fe-877e-2a3aa154dbeb
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (05/24/2021 11:55:34 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2J4O5S5)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/24/2021 11:53:25 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-2J4O5S5)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (05/24/2021 09:23:50 AM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Vzájemné ověření mezi místním adaptérem Bluetooth a zařízením s adresou adaptéru Bluetooth (b0:ca:68:71:32:74) se nezdařilo.
Error: (05/24/2021 09:21:13 AM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Vzájemné ověření mezi místním adaptérem Bluetooth a zařízením s adresou adaptéru Bluetooth (b0:ca:68:71:32:74) se nezdařilo.
Error: (05/23/2021 11:16:25 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2J4O5S5)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/23/2021 10:40:46 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Vzájemné ověření mezi místním adaptérem Bluetooth a zařízením s adresou adaptéru Bluetooth (b0:ca:68:71:32:74) se nezdařilo.
Error: (05/23/2021 10:40:36 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (22:15:37, 23.05.2021) bylo neočekávané.
Error: (05/23/2021 08:35:47 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Vzájemné ověření mezi místním adaptérem Bluetooth a zařízením s adresou adaptéru Bluetooth (b0:ca:68:71:32:74) se nezdařilo.
Windows Defender:
================
Date: 2021-05-24 12:12:32
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {4C3E6A3D-44C7-4744-862D-49AF7EC2C311}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-05-24 11:47:38
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {2C276ACF-E9E3-40BC-9BCE-7F53E267205E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-05-23 12:33:07
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {36FE0836-7210-4670-91EB-612B25C87CBF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-05-22 12:47:42
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {38524CD1-3EA8-41E5-BDB8-618D488C07F3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-05-21 12:43:52
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5916E0E4-05F5-4B4A-80A7-4F61C9937190}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2021-05-24 18:26:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Insyde F.52 05/02/2019
Motherboard: HP 8259
Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 40%
Total physical RAM: 16269.14 MB
Available physical RAM: 9602.38 MB
Total Virtual: 31629.14 MB
Available Virtual: 19727.98 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:464.51 GB) (Free:134.74 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:13.49 GB) NTFS
Drive f: (Seagate Expansion Drive) (Fixed) (Total:3725.9 GB) (Free:2423.58 GB) NTFS
Drive g: () (Removable) (Total:119.06 GB) (Free:46.08 GB) exFAT
\\?\Volume{e82e3e18-7886-4a41-8f94-5549fd38db29}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.5 GB) NTFS
\\?\Volume{90fc4fb7-5748-4324-987c-fdc1cda6c88e}\ () (Fixed) (Total:0.62 GB) (Free:0.08 GB) NTFS
\\?\Volume{f525c893-b93b-4dc9-b997-a216bec897ef}\ () (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 2853A130)
Partition: GPT.
==========================================================
Disk: 2 (Size: 3726 GB) (Disk ID: 8B444527)
Partition: GPT.
==========================================================
Disk: 3 (Protective MBR) (Size: 119.1 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
už delší dobu pozoruji, že po spuštění systému mi vždy po nepravidelné době problikne CMD okno příkazového řádku, někdy i 2x za sebou. Je to tak rychlé, že nikdy nestihnu přečíst co je obsahem.
Posílám log z FRST.
Děkuji za prověření.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2021
Ran by HP-OMEN (administrator) on DESKTOP-2J4O5S5 (HP OMEN by HP Laptop) (24-05-2021 18:31:12)
Running from C:\Users\HP-OMEN\Desktop
Loaded Profiles: HP-OMEN
Platform: Windows 10 Home Version 2004 19041.985 (X64) Language: Čeština (Česko)
Default browser: Brave
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.3.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe <27>
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
(Facebook Inc) C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\Messenger.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a086f01cc7be643a\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_c111c8dc1ba8768e\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Slack Technologies, Inc. -> Slack Technologies Inc.) C:\Users\HP-OMEN\AppData\Local\slack\app-4.16.1\slack.exe <6>
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.714.0_x86__zpdnekdrzrea0\Spotify.exe <6>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-10-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [118496 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [340440 2021-04-16] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [707624 2018-08-08] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2343376451-2767932507-3490548569-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32721976 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2343376451-2767932507-3490548569-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-11-26] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2343376451-2767932507-3490548569-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\HP-OMEN\AppData\Local\slack\slack.exe [308368 2021-05-19] (Slack Technologies, Inc. -> Slack Technologies Inc.)
HKLM\...\Print\Monitors\36C-0iSeriesPCL Language Monitor: C:\Windows\system32\KOAXJJAL.dll [25504 2020-11-05] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-12] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\90.0.9316.94\Installer\chrmstp.exe [2021-05-05] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\90.1.24.86\Installer\chrmstp.exe [2021-05-21] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\88.0.7842.105\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01C8EAA0-5E79-414E-9858-B20A55357309} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => cmd /c start hpdiags://BCF
Task: {03A12084-5279-4064-982A-AE4CB5C5DC43} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {06C2623D-340E-45E7-8A72-43EBED021E0C} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {0E130614-5525-47D1-AF88-B6CCDBABEECB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1DDC7373-93BF-4C38-9B14-6CE6715DEDA4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {1E007997-DE34-4637-8ADD-5B95CA1BEDE6} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => cmd /c start hpdiags://ABO
Task: {20D600AF-FE52-443D-8CB6-EF1082B2A3E5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {28F78EA0-2FF0-4175-BBC2-F7204E6C1307} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.)
Task: {2BDF9E3A-1042-4AE1-AC70-6FC0D93CA120} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => cmd /c start hpdiags://BHM2
Task: {3A131304-A54A-4325-801C-1127FF8E39FD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3C345500-DF95-4DDD-8236-C86677CE0756} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {3DB790C1-3CCC-43B0-895D-D41BDDA31C93} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {474B424E-1CF0-4BA5-B01C-F6ED7D62EC36} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2018-05-04] (HP Inc. -> HP Inc.)
Task: {4DED6405-D2F8-4D3F-BED9-336F59B3AF8C} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2343376451-2767932507-3490548569-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {5083D466-DECD-4905-9920-ACC55058D6DA} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2229072 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
Task: {5D86163E-34E4-4352-8E77-63C3EC56A836} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => cmd /c start hpdiags://LaunchUI
Task: {62FC85F5-7199-46A8-AFA2-09242D7B0AEB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27165752 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {655CA231-0CB6-47CC-B1B5-B6260D560951} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6D83A2E2-6D3A-4BC0-BCBE-01B594C53982} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {6F74AC7C-337D-4DBB-96D0-5927EA3E3EC6} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {72804E1D-65F6-4F14-B8B7-B63564E94DF1} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => cmd /c start hpdiags://SmartCheckError
Task: {79F905D8-86EF-492C-B81A-3367E4DDA9EF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-10] (Adobe Inc. -> Adobe)
Task: {7EB463B7-73EE-46FB-B2BD-E271FADB9445} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B3FE3D8-BE08-42E1-9624-677D5BC4E09D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8F0A85FA-389D-41D5-8FD7-2BEAD70A8939} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2229072 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
Task: {8F443F0B-DA94-4B3C-A576-11DAB6E7CB95} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {8F873379-B8A9-426A-A8DA-C44A9F9D0F99} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {90BB4BD5-BDBE-4BC5-ABF1-05C232E4F261} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {997B514F-31AE-4092-A968-B936C973E459} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4699872 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
Task: {A3789B3A-3C77-4DAB-9A06-F0ABE50654B7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {A4CFA836-EAB1-4EFE-8314-C1B3B5A579D5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {AAC514B2-5837-4795-8A0D-475FEE752B75} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-09] (Avast Software s.r.o. -> AVAST Software)
Task: {ACCF43F4-E4BB-45ED-B0AB-E47648B82234} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {B3DEFBD4-6052-4A97-BE76-B959AADE7B36} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => cmd /c start hpdiags://BHM1
Task: {B5E5B402-EC30-42DD-AB13-D0A97C579BFB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {B8E26EB7-6BEA-4303-9463-D0BE21EF6C53} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {BB6DC990-2606-4337-AF7B-A2302C0FABD5} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_453_pepper.exe [1498680 2020-11-10] (Adobe Inc. -> Adobe)
Task: {BC52D67D-746B-4D4B-97AD-3E5042F2C073} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C14DDE6B-B134-4132-8D0F-812CF2EE3753} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-02-24] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {C15E0FC6-A931-496E-A483-BC70418896E4} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => cmd /c start hpdiags:
Task: {C1D76223-9C13-4B77-B17E-03F29227FFAC} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => cmd /c start hpdiags://BatteryStatusTest
Task: {C3DA362E-05FB-4E97-BFB7-3ACD4FB048A4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-10] (Google Inc -> Google LLC)
Task: {D0E1D757-97BA-4195-99FD-A689E6EAF386} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-02-24] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {D575434C-92E9-428E-9177-289BD72FBEB7} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D8D2A894-15F0-431E-8E56-D2227C21537B} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => cmd /c start hpdiags://BatteryStatusError
Task: {D9E54BA0-1493-431C-BF0C-50ABA672042B} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DC10FB39-5534-4DF1-B770-E8B479396D29} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {DF7C82C4-EE57-49DD-BA3E-2E0075691CC0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-10] (Google Inc -> Google LLC)
Task: {DFA7E8A5-FB75-49F1-9AD1-20F09DA319A6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [352368 2021-03-26] (HP Inc. -> HP Inc.)
Task: {E48E16EF-E2F6-4AB6-825D-6E3DD6EBCD32} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E799D438-FE0F-4CA8-9685-7E74E0E211D3} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckTest => cmd /c start hpdiags://SmartCheckTest
Task: {EF595914-B15A-4F7B-8747-FD4F96947CBB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-02-16] (Piriform Software Ltd -> Piriform)
Task: {F2E4F27D-E497-49B3-80B3-E66028AFC2A8} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F403D227-468D-4CE2-A526-0C55A38864C6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F96B99A4-2ADE-4BD0-885A-B87094161103} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-09] (Avast Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 8.8.4.4 8.8.8.8
Tcpip\..\Interfaces\{42385fa3-dcb6-4586-9555-113afacea9ce}: [DhcpNameServer] 8.8.4.4 8.8.8.8
Tcpip\..\Interfaces\{9c025835-2d8a-400c-959c-288914851882}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{af4e668a-ae58-4841-b9d4-4b58dff92a9f}: [DhcpNameServer] 10.0.0.138
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\HP-OMEN\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-24]
Edge HomePage: Default -> hxxp://www.seznam.cz/
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-11-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-11-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-09-09] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-09-09] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default [2021-05-24]
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.cz/","hxxp://www.yandex.ru/? ... oogle.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Slides) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-10]
CHR Extension: (Just Black) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2020-08-01]
CHR Extension: (Adblocker for Chrome - NoAds) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\alplpnakfeabeiebipdmaenpmbgknjce [2020-04-15]
CHR Extension: (Docs) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-10]
CHR Extension: (Google Drive) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-10]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-29]
CHR Extension: (Adblock for Youtube™) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2020-10-12]
CHR Extension: (minerBlock) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\emikbbbebcdfohonlaifafnoanocnebl [2021-02-02]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-09]
CHR Extension: (Sheets) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-10]
CHR Extension: (Save to Collect) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\flblmacldekcjcoockeoggionmhflecp [2021-03-16]
CHR Extension: (Google Docs Offline) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-16]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-04-01]
CHR Extension: (No Coin - Block miners on the web!) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojamcfopckidlocpkbelmpjcgmbgjcl [2019-08-10]
CHR Extension: (FormApps Extension) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2019-08-10]
CHR Extension: (HP Network Check Launcher) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2019-08-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-23]
CHR Profile: C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-11-17]
CHR Profile: C:\Users\HP-OMEN\AppData\Local\Google\Chrome\User Data\System Profile [2020-11-17]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [jkfpchpiljkaemlpmpebnglgkomamfeo]
Brave:
=======
BRA Profile: C:\Users\HP-OMEN\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-05-24]
BRA Notifications: Default -> hxxps://calendar.google.com
BRA DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}&t=brave
BRA DefaultSearchKeyword: Default -> :d
BRA DefaultSuggestURL: Default -> hxxps://ac.duckduckgo.com/ac/?q={searchTerms}&type=list
BRA Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\HP-OMEN\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2021-02-24]
BRA Extension: (Save to Collect) - C:\Users\HP-OMEN\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\flblmacldekcjcoockeoggionmhflecp [2021-03-10]
BRA Extension: (FormApps Extension) - C:\Users\HP-OMEN\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2021-02-24]
BRA Extension: (HP Network Check Launcher) - C:\Users\HP-OMEN\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2021-02-24]
BRA Extension: (MetaMask) - C:\Users\HP-OMEN\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2021-05-22]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\HP-OMEN\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-02-24]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\HP-OMEN\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-05-24]
BRA Extension: (Brave NTP sponsored images) - C:\Users\HP-OMEN\AppData\Local\BraveSoftware\Brave-Browser\User Data\efkihffiamafhbhefjaljejgdpkelpal [2021-05-24]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\HP-OMEN\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-05-05]
BRA Extension: (Brave Ad Block Updater (CZE, SVK: EasyList Czech and Slovak)) - C:\Users\HP-OMEN\AppData\Local\BraveSoftware\Brave-Browser\User Data\omkkefoeihpbpebhhbhmjekpnegokpbj [2021-05-24]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\HP-OMEN\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-05-19]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-10] (Adobe Inc. -> Adobe)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7894040 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-09] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [606944 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [356064 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-09] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\90.0.9316.94\elevation_service.exe [1396968 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56920 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-02-24] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-02-24] (Brave Software, Inc. -> BraveSoftware Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4506728 2020-03-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_c111c8dc1ba8768e\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_c111c8dc1ba8768e\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35664 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [212192 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365024 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250336 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99288 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17352 2021-04-27] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41296 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [180448 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522936 2021-05-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107792 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82872 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850632 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467720 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215352 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326992 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
S3 CinemaCamera; C:\WINDOWS\System32\drivers\CinemaCamera.sys [27368 2021-04-22] (WDKTestCert build,131958900460134002 -> Blackmagic Design)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-03-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-03-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-07-25] (Martin Malik - REALiX -> REALiX(tm))
S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [72224 2019-10-17] (SZ DJI Technology Co., Ltd. -> hxxp://libusb-win32.sourceforge.net)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2019-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2014-11-05] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [45024 2018-07-31] (ExprsVPN LLC -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-05-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-19] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-24 18:31 - 2021-05-24 18:31 - 000041623 _____ C:\Users\HP-OMEN\Desktop\FRST.txt
2021-05-24 18:26 - 2021-05-24 18:26 - 002299904 _____ (Farbar) C:\Users\HP-OMEN\Desktop\FRST64.exe
2021-05-24 11:58 - 2021-05-24 11:59 - 000000000 ____D C:\Program Files (x86)\Blackmagic Design
2021-05-24 09:43 - 2021-05-24 09:43 - 004173473 _____ C:\Users\HP-OMEN\Desktop\SOD p. Dolezalova_podepsana.pdf
2021-05-22 12:40 - 2021-05-22 12:53 - 000000000 ____D C:\Users\HP-OMEN\Downloads\The Insider (1999) - 1080p
2021-05-21 19:52 - 2021-05-21 19:52 - 000000000 ____D C:\Users\HP-OMEN\Documents\Captura
2021-05-21 18:47 - 2021-05-21 18:47 - 000000000 ____D C:\Users\HP-OMEN\Documents\ScreenRecorder
2021-05-19 14:47 - 2021-05-19 14:47 - 000000000 ____D C:\Users\HP-OMEN\Downloads\Blackmagic_Camera_Setup_Windows_7.3.1
2021-05-13 19:19 - 2021-05-13 19:19 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-13 19:19 - 2021-05-13 19:19 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-13 19:19 - 2021-05-13 19:19 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-13 19:19 - 2021-05-13 19:19 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-13 19:19 - 2021-05-13 19:19 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-13 19:19 - 2021-05-13 19:19 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-13 19:18 - 2021-05-13 19:18 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-13 19:18 - 2021-05-13 19:18 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-13 19:18 - 2021-05-13 19:18 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-13 19:18 - 2021-05-13 19:18 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-13 19:18 - 2021-05-13 19:18 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-13 19:18 - 2021-05-13 19:18 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-12 20:26 - 2021-05-12 21:27 - 000000000 ____D C:\Users\HP-OMEN\Downloads\Pride and Glory (2008) [1080p]
2021-05-07 11:58 - 2021-05-07 11:58 - 000000000 ____D C:\Users\HP-OMEN\Desktop\coolvetica
2021-05-07 11:57 - 2021-05-07 11:57 - 000000000 ____D C:\Users\HP-OMEN\Desktop\sugo_pro_classic
2021-05-07 11:57 - 2021-05-07 11:57 - 000000000 ____D C:\Users\HP-OMEN\Desktop\gobold
2021-05-06 15:16 - 2021-05-06 15:53 - 000000000 ____D C:\Users\HP-OMEN\Desktop\Spark Arc
2021-05-05 15:48 - 2021-05-05 15:48 - 000111733 _____ C:\Users\HP-OMEN\Downloads\dokument-125558478.pdf
2021-05-05 09:35 - 2021-05-05 09:41 - 000000000 ____D C:\Users\HP-OMEN\Desktop\snezne_jamy_standa
2021-04-28 12:14 - 2021-04-28 12:14 - 000000000 ____D C:\Users\HP-OMEN\Downloads\Blackmagic_RAW_Windows_1.7
2021-04-27 13:43 - 2021-04-27 13:43 - 000048040 _____ C:\Users\HP-OMEN\Desktop\82112235.pdf
2021-04-27 12:10 - 2021-04-27 12:10 - 000000000 ____D C:\Users\HP-OMEN\Desktop\StarStaX-0.71_win64
2021-04-27 06:19 - 2021-04-27 06:19 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-04-27 06:19 - 2021-04-27 06:19 - 000215352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-04-26 10:38 - 2021-04-26 10:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2021-04-26 10:38 - 2021-04-26 10:38 - 000000000 ____D C:\Program Files\iTunes
2021-04-25 17:44 - 2021-04-25 17:44 - 000299475 _____ C:\Users\HP-OMEN\Downloads\REKONSTRUKCE-FRIMLOVKA.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-24 18:31 - 2020-01-06 23:56 - 000000000 ____D C:\FRST
2021-05-24 18:31 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-24 18:28 - 2021-03-23 10:18 - 000000000 ____D C:\Users\HP-OMEN\AppData\Roaming\Slack
2021-05-24 18:20 - 2020-08-28 12:40 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-05-24 18:20 - 2020-08-28 12:40 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-05-24 18:20 - 2020-08-28 12:40 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-05-24 18:20 - 2020-08-28 12:40 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-05-24 18:20 - 2020-08-28 12:40 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-05-24 18:19 - 2020-04-15 09:46 - 000522936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-05-24 16:25 - 2020-08-28 12:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-05-24 16:23 - 2020-08-28 12:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-24 15:32 - 2019-10-05 17:18 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-05-24 12:58 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-24 12:03 - 2020-08-28 12:43 - 001607418 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-24 12:03 - 2019-12-07 16:41 - 000684934 _____ C:\WINDOWS\system32\perfh005.dat
2021-05-24 12:03 - 2019-12-07 16:41 - 000137698 _____ C:\WINDOWS\system32\perfc005.dat
2021-05-24 11:59 - 2020-08-30 12:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2021-05-24 11:59 - 2019-07-26 09:33 - 000000000 ____D C:\ProgramData\Package Cache
2021-05-24 11:56 - 2020-08-28 12:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-24 11:56 - 2020-08-28 12:32 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-24 11:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-05-24 11:56 - 2019-08-06 10:53 - 000000000 ____D C:\Program Files\CCleaner
2021-05-24 11:56 - 2019-07-26 10:27 - 000000000 ____D C:\ProgramData\AVAST Software
2021-05-24 11:56 - 2019-07-26 09:41 - 000000000 ____D C:\ProgramData\NVIDIA
2021-05-24 11:56 - 2019-07-26 09:14 - 000000000 __SHD C:\Users\HP-OMEN\IntelGraphicsProfiles
2021-05-24 11:56 - 2019-07-25 13:44 - 000000000 ____D C:\Intel
2021-05-24 11:55 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-05-24 11:53 - 2019-08-06 10:52 - 000000000 ____D C:\Users\HP-OMEN\AppData\Local\CrashDumps
2021-05-23 23:16 - 2020-08-28 12:34 - 000000000 ____D C:\Users\HP-OMEN
2021-05-23 09:18 - 2019-08-10 22:45 - 000000000 ____D C:\Users\HP-OMEN\AppData\Roaming\uTorrent
2021-05-23 07:25 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-23 07:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-22 12:56 - 2020-06-08 22:39 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-21 20:09 - 2019-07-25 13:35 - 000000000 ____D C:\Users\HP-OMEN\AppData\Roaming\vlc
2021-05-21 19:52 - 2019-07-25 13:33 - 000000000 ____D C:\ProgramData\Packages
2021-05-21 19:52 - 2019-07-25 13:29 - 000000000 ____D C:\Users\HP-OMEN\AppData\Local\Packages
2021-05-21 18:47 - 2019-07-25 13:31 - 000000000 ____D C:\Users\HP-OMEN\AppData\Local\PlaceholderTileLogoFolder
2021-05-21 16:31 - 2021-02-24 15:50 - 000002364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2021-05-19 18:31 - 2020-05-28 13:16 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-05-19 10:00 - 2019-07-25 13:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-05-19 09:49 - 2021-03-23 10:18 - 000000000 ____D C:\Users\HP-OMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc
2021-05-19 09:49 - 2021-03-23 10:18 - 000000000 ____D C:\Users\HP-OMEN\AppData\Local\slack
2021-05-19 09:48 - 2021-03-23 10:18 - 000000000 ____D C:\Users\HP-OMEN\AppData\Local\SquirrelTemp
2021-05-14 11:43 - 2020-04-15 09:46 - 000522896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys.162187318529601
2021-05-14 10:43 - 2020-08-28 12:40 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-05-14 00:18 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-14 00:16 - 2020-08-28 12:32 - 000869352 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-14 00:15 - 2019-12-07 16:42 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-14 00:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-13 19:21 - 2019-12-07 16:44 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-13 19:21 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-13 19:12 - 2019-07-25 15:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-13 19:09 - 2019-07-26 10:03 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2021-05-13 19:09 - 2019-07-25 15:46 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-12 21:34 - 2019-08-10 23:03 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-05 20:19 - 2019-07-26 10:31 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-05-05 15:03 - 2021-04-06 18:52 - 000000000 ____D C:\Users\HP-OMEN\AppData\Roaming\WhatsApp
2021-04-28 12:06 - 2020-11-13 14:27 - 000000000 ____D C:\WINDOWS\Minidump
2021-04-28 12:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-04-27 13:21 - 2020-01-31 15:33 - 000000000 ____D C:\Users\HP-OMEN\AppData\Roaming\audacity
2021-04-27 06:19 - 2020-10-18 23:00 - 000180448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-04-27 06:19 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-27 06:19 - 2019-08-07 20:26 - 000035664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-04-27 06:19 - 2019-07-26 10:28 - 000850632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-04-27 06:19 - 2019-07-26 10:28 - 000467720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-04-27 06:19 - 2019-07-26 10:28 - 000365024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-04-27 06:19 - 2019-07-26 10:28 - 000326992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-04-27 06:19 - 2019-07-26 10:28 - 000250336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-04-27 06:19 - 2019-07-26 10:28 - 000212192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-04-27 06:19 - 2019-07-26 10:28 - 000107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-04-27 06:19 - 2019-07-26 10:28 - 000099288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-04-27 06:19 - 2019-07-26 10:28 - 000082872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-04-27 06:19 - 2019-07-26 10:28 - 000041296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-04-27 06:19 - 2019-07-26 10:28 - 000017352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-04-26 09:43 - 2021-04-06 18:52 - 000000000 ____D C:\Users\HP-OMEN\AppData\Local\WhatsApp
==================== Files in the root of some directories ========
2019-11-29 12:59 - 2019-11-29 13:51 - 000063312 _____ () C:\Users\HP-OMEN\AppData\Roaming\downloads.json
2020-10-16 10:39 - 2020-10-16 10:39 - 000001480 _____ () C:\Users\HP-OMEN\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2019-08-09 15:18 - 2019-08-09 15:18 - 000000000 _____ () C:\Users\HP-OMEN\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2021
Ran by HP-OMEN (24-05-2021 18:32:16)
Running from C:\Users\HP-OMEN\Desktop
Windows 10 Home Version 2004 19041.985 (X64) (2020-08-28 10:40:17)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2343376451-2767932507-3490548569-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2343376451-2767932507-3490548569-503 - Limited - Disabled)
Guest (S-1-5-21-2343376451-2767932507-3490548569-501 - Limited - Disabled)
HP-OMEN (S-1-5-21-2343376451-2767932507-3490548569-1001 - Administrator - Enabled) => C:\Users\HP-OMEN
WDAGUtilityAccount (S-1-5-21-2343376451-2767932507-3490548569-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4Videosoft iOS Transfer 8.2.58 (HKLM-x32\...\{E8C3E38D-FE43-4a26-8B93-886E4F2C4710}_is1) (Version: 8.2.58 - 4Videosoft Studio)
7-Zip 20.00 alpha (x64) (HKLM\...\7-Zip) (Version: 20.00 alpha - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated)
Adobe After Effects 2019 (HKLM-x32\...\AEFT_16_1_1) (Version: 16.1.1 - Adobe Systems Incorporated)
Adobe Audition 2019 (HKLM-x32\...\AUDT_12_1) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.453 - Adobe)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Adobe Illustrator 2019 (HKLM-x32\...\ILST_23_0_3) (Version: 23.0.3 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_2_1) (Version: 8.2.1 - Adobe Systems Incorporated)
Adobe Media Encoder 2019 (HKLM-x32\...\AME_13_1) (Version: 13.1 - Adobe Systems Incorporated)
Adobe Media Encoder 2020 (HKLM-x32\...\AME_14_0_1) (Version: 14.0.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_2) (Version: 20.0.2 - Adobe Systems Incorporated)
Adobe Premiere Pro 2019 (HKLM-x32\...\PPRO_13_1) (Version: 13.1 - Adobe Systems Incorporated)
Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_0_1) (Version: 14.0.1 - Adobe Systems Incorporated)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Apple Mobile Device Support (HKLM\...\{74CC99EB-7DC0-4CB0-847A-F8C2FE39690C}) (Version: 14.5.0.7 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.3.2459 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 90.0.9316.94 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Balíček ovladače systému Windows - Silicon Laboratories (silabenm) Ports (10/18/2013 6.6.1.0) (HKLM\...\F92C2D6CB4EA0EE558BDF5F8BDD69083DFC62179) (Version: 10/18/2013 6.6.1.0 - Silicon Laboratories)
Blackmagic Camera Utility (HKLM\...\{6C927A11-14CA-4442-845B-0D4A5A3209CE}) (Version: 7.3.1.0 - Blackmagic Design) Hidden
Blackmagic Camera Utility (HKLM-x32\...\{528a5726-a79f-4027-b094-9da8c19708b4}) (Version: 7.3.1 - Blackmagic Design)
Blackmagic RAW (HKLM\...\{F0BC5957-E729-4A87-807C-70440D42C6B7}) (Version: 2.0 - Blackmagic Design)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 90.1.24.86 - Autoři prohlížeče Brave)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.74.1085 - AB Team, d.o.o.)
CCleaner (HKLM\...\{DCC7ED81-4222-4555-87F4-AE3E8B0C10D6}_is1) (Version: 5.55.7108 - Piriform)
Cyberpunk 2077 (HKLM-x32\...\Cyberpunk 2077_is1) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.12.0.1152 - Disc Soft Ltd)
DJI Assistant 2 For Mavic version V2.0.10.8 (HKLM-x32\...\{6859F742-537E-44EA-AF45-000EC275335F}_is1) (Version: V2.0.10.8 - DJI)
FileZilla Client 3.46.3 (HKLM-x32\...\FileZilla Client) (Version: 3.46.3 - Tim Kosse)
Flvto Youtube Downloader (HKLM-x32\...\Flvto Youtube Downloader) (Version: 1.3.9 - Flvto.biz)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{F322B446-B157-4257-B44F-4F22D41F8EDB}) (Version: 8.8.34.31 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{682A0055-EB89-425A-812B-80C18244DC61}) (Version: 12.18.34.21 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{57058272-92B0-4EFA-8FDD-ED3E5D689D37}) (Version: 1.4.32 - HP Inc.)
iCloud Outlook (HKLM\...\{696A65CA-2720-4D0D-A255-78123E9AC856}) (Version: 11.2.0.18 - Apple Inc.)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1069 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{df682aff-4294-4ad1-aaa7-276931d5781f}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000020-0200-1029-84C8-B8D95FA3C8C3}) (Version: 20.20.0 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{226be6c3-8e08-4d52-bd3a-d361008448c5}) (Version: 10.1.1.37 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{07B3B04F-368F-42D9-9DDC-EEF1821DF158}) (Version: 12.11.3.17 - Apple Inc.)
Java 8 Update 271 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
Ledger Live 2.25.1 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.25.1 - Ledger Live Team)
LRTimelapse 4.5 (HKLM-x32\...\{3B86296C-F4C8-4FE7-8561-CC5F444098D4}}_is1) (Version: 4.5 - Gunther Wegner)
Mafia II (HKLM-x32\...\1816059595_is1) (Version: update5 - GOG.com)
MediaHuman Video Converter verze 1.2.1 (HKLM-x32\...\MHVideoConverter_is1) (Version: 1.2.1 - MediaHuman)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.66 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2343376451-2767932507-3490548569-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{9738288C-21BC-4F54-AB4F-72F059339376}) (Version: 8.6 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{DEB339C1-2687-43AB-816A-8714F3E26846}) (Version: 8.6 - Apple Inc.)
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 6.2.1.14 - Popcorn Time) <==== ATTENTION
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8940.1 - Realtek Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21292 - Realtek Semiconductor Corp.)
Skype verze 8.58 (HKLM-x32\...\Skype_is1) (Version: 8.58 - Skype Technologies S.A.)
Slack (HKU\S-1-5-21-2343376451-2767932507-3490548569-1001\...\slack) (Version: 4.16.1 - Slack Technologies Inc.)
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.5.10.75 - Synaptics Incorporated)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.50 - Ghisler Software GmbH)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
VirtualDJ PRO Full (HKLM-x32\...\{4769E972-2E92-49C5-B6F9-465EFD0C4D94}) (Version: 7.0.5 - Atomix Productions)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WhatsApp (HKU\S-1-5-21-2343376451-2767932507-3490548569-1001\...\WhatsApp) (Version: 2.2114.9 - WhatsApp)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Worms Armageddon (HKLM-x32\...\1462173886_is1) (Version: 2.0.0.2 - GOG.com)
Zoom (HKU\S-1-5-21-2343376451-2767932507-3490548569-1001\...\ZoomUMX) (Version: 5.6.3 (751) - Zoom Video Communications, Inc.)
Packages:
=========
CryptoTracker -> C:\Program Files\WindowsApps\54989IsmaelEstalayoMena.CoinBaseUnofficial_5.1.7.0_x64__89h962p81ezx6 [2021-04-15] (Ismael Estalayo Mena)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-12] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.6.8.0_x64__v10z8vjag6ke6 [2021-01-28] (HP Inc.)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_12.3.74.0_x86__nzyj5cx40ttqa [2021-05-10] (Apple Inc.) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-17] (INTEL CORP)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt [2021-04-11] (Facebook Inc) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-07-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-07-26] (Microsoft Corporation) [MS Ad]
Microsoft Midi gm.dls -> C:\Program Files\WindowsApps\Microsoft.Midi.GmDls_1.0.1.0_neutral__8wekyb3d8bbwe [2021-01-11] (Microsoft Platform Extensions)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5170.0_x64__8wekyb3d8bbwe [2021-05-23] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-20] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt [2021-05-10] (INTEL CORP) [Startup Task]
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_1.0.40392.0_x64__8wekyb3d8bbwe [2021-03-03] (Microsoft Corporation)
Screen Recorder Pro For Win10 -> C:\Program Files\WindowsApps\57506winuwp.ScreenRecorderProForWin10_2.0.4.0_x86__2h241tqkdbv36 [2021-05-21] (winuwp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.714.0_x86__zpdnekdrzrea0 [2021-05-21] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-27] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2020-02-06] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-03-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-03-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2020-02-06] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_c111c8dc1ba8768e\nvshext.dll [2020-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2020-02-06] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\HP-OMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
Shortcut: C:\Users\HP-OMEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com
==================== Loaded Modules (Whitelisted) =============
2021-04-09 15:05 - 2021-04-09 15:05 - 054230528 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\addon.node
2021-04-09 15:05 - 2021-04-09 15:05 - 000763392 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\keytar.node
2021-04-09 15:05 - 2021-04-09 15:05 - 000750080 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\logging.node
2020-11-13 13:16 - 2020-11-13 13:17 - 001037824 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\spellchecker_win.node
2021-04-09 15:05 - 2021-04-09 15:05 - 001218560 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\systeminfo.node
2020-11-13 13:16 - 2020-11-13 13:17 - 000614912 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.applicationmodel.node
2020-11-13 13:16 - 2020-11-13 13:17 - 000523776 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.data.xml.dom.node
2020-11-13 13:16 - 2020-11-13 13:17 - 000202240 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.networking.pushnotifications.node
2020-11-13 13:16 - 2020-11-13 13:17 - 001144832 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.storage.node
2020-11-13 13:16 - 2020-11-13 13:17 - 000681984 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.ui.notifications.node
2021-05-07 13:20 - 2021-05-07 13:20 - 042557440 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt\IGCC.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_271\bin\ssv.dll [2020-11-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-11-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2343376451-2767932507-3490548569-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 06:49 - 2020-04-12 00:24 - 000001056 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Windows\System32\OpenSSH;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin;C:\Program Files\Common Files\Intel\WirelessCommon;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2343376451-2767932507-3490548569-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\HP-OMEN\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.4.4 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKU\S-1-5-21-2343376451-2767932507-3490548569-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-2343376451-2767932507-3490548569-1001\...\StartupApproved\Run: => "CCXProcess"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{AED8B6E0-C59E-4924-9AD0-F372BB5B9E6E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CBED6D5F-66BB-45C6-B8E1-E35AAD5126F2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8D5F45A9-C2DD-42AA-B873-394B507DFEA6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7E432063-7AA4-411D-B0EC-71D1C03F4DE9}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{638A9BAA-5ABC-46C8-9C35-A4D7DC2EBC7F}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{2A9847B3-4BA2-492A-BFBE-940BAF61AE9B}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{F1815726-4F1D-4587-9ED2-2C6195480572}C:\program files (x86)\microsoft\skype for desktop\skype.exe] => (Allow) C:\program files (x86)\microsoft\skype for desktop\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{2A9A2725-2B0D-4E41-AF7C-090B7647A61D}C:\program files (x86)\microsoft\skype for desktop\skype.exe] => (Allow) C:\program files (x86)\microsoft\skype for desktop\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F273AF6E-B4A5-457A-A99F-40F1EE6764BD}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DA50A6BB-B3FF-4105-BC97-B5F10AD183C5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{4C5173A1-9849-4B03-BF1E-4F904AF11C18}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{3944F71A-75D1-4CEF-95EC-3BFEF8445DF6}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{7F5B61B9-8402-4F19-A23B-D68E09B0BA54}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe (Microsoft Corporation) [File not signed]
FirewallRules: [TCP Query User{D467F349-15C3-4A71-A270-422B66221791}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{3D3768D5-F7AC-4E09-86F7-0F6610869882}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{18AA60A9-B263-469F-A788-AA3D2CA0915C}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{8A963509-87C9-4E4A-BB9B-457B1BF777EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1D8EF35D-6BCD-4827-9FAA-7B151136165D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{24B1A546-652A-4F4F-9008-F752C82CDB80}] => (Block) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\visionstarter2.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [{19FD93A2-4A0A-46D3-AB77-057B4D0B2013}] => (Block) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\visionstarter2.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [UDP Query User{7FF3CC85-E0D4-4414-806A-2CB2F0D9580F}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\visionstarter2.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\visionstarter2.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [TCP Query User{6B5BE1C5-161A-48D9-B25C-1CF623D75841}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\visionstarter2.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\visionstarter2.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [UDP Query User{FFA67698-11C0-4332-91C3-424DB73BCEF9}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [TCP Query User{DB916188-7E0B-49CF-8033-369641DCF2F4}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [UDP Query User{17A38925-AE10-4545-BD7F-107D4BD3B2D4}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [TCP Query User{9C6044A2-E9CE-46F9-B621-AD13E5B5E83F}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [UDP Query User{2AE61507-2988-4668-8FB5-4CB775BEB828}C:\users\hp-omen\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hp-omen\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{2873037A-1959-4D3E-8A88-C744C2E6543D}C:\users\hp-omen\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hp-omen\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{CCE24CB4-0DF7-46B3-B9A2-64DCC6C17F90}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{12D724D0-6131-4D9F-994A-36CBB8A4B464}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3BAD7DBC-D8B5-4A28-83C3-3F66E62F2CEE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{295EAD61-A74D-4BDB-AD5E-3349E69CB0C9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E8B48E33-7C68-440A-B9A2-6A7AFE206AC3}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{962FF666-29EF-4CF5-B503-F39E05FB9324}C:\users\hp-omen\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hp-omen\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{BAC457E7-A299-4DC8-B60B-C4EC6B624193}C:\users\hp-omen\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hp-omen\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{7220B7F9-15CC-464D-9EBA-93E8B64BD088}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2C572517-F76E-475B-AB3B-E789C68B5730}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7ECB3527-E1A3-42D8-AF0F-F35FC1453C0A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5A115AAD-B21F-4358-A70C-6C685F4AC9CA}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0AC72AB2-9293-4877-B1A2-7E06E338744C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{89E3335B-4CCD-4A22-B815-7D6D8BF5DC83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{04099A55-20CD-406E-99D8-4FDBDB05C56B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8F53C654-39AA-42F2-8E8C-A3CD74DDBECB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{61B116B5-251B-48DB-AF06-30C9A4A5A6E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{EC9766DD-2B6E-4550-90D7-37BB1B307539}C:\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) C:\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{A3DD5199-5857-4E79-8D13-D7871740FD5E}C:\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) C:\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [TCP Query User{0B827DE3-D5E2-4A76-A9BA-60B891EC252F}C:\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{106CC828-5489-4124-A1A0-F9A96BD6C4A7}C:\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{E2789293-E98C-43A8-9BA2-44DE0292FA65}] => (Allow) C:\Users\HP-OMEN\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{73CD7322-3A1F-4713-ABF1-880F2B426B03}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E95B82FD-7570-4B7E-9101-104FFCB541A9}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0EFBB30F-36B2-4BEF-B1C8-C84D042677A9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{7ABE5278-7086-4FEC-86CE-D9C58F07367D}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{CA955503-2A6D-49A6-A19D-71A408160BAD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.714.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E18511B7-2964-455B-B15C-F13206D87686}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.714.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F0CBA1E4-8583-4966-85A6-F2C248E854CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.714.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CDB93D2F-A2FE-4B41-834C-9E4B46C61B42}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.714.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6882E6B2-6455-4855-AD3B-F4065FF41D2A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.714.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3457FC77-A4EB-40A0-926A-2A289C9AB55C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.714.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C733443B-CD75-4401-B04E-BCB7AE8A5E2C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.714.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{790DEF75-475C-409F-A4DA-6B5DE5EF227A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.714.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
==================== Restore Points =========================
21-05-2021 18:43:12 Naplánovaný kontrolní bod
24-05-2021 11:19:53 Removed Blackmagic RAW
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/24/2021 11:55:48 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (05/24/2021 11:55:48 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (05/24/2021 11:55:48 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (05/24/2021 11:55:48 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (05/24/2021 09:28:05 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (05/23/2021 01:15:27 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (05/23/2021 01:15:27 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (05/23/2021 09:18:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.19041.746, časové razítko: 0x1baae673
Kód výjimky: 0xc000041d
Posun chyby: 0x00005d67
ID chybujícího procesu: 0x3b8c
Čas spuštění chybující aplikace: 0x01d74ef6d0c04f75
Cesta k chybující aplikaci: C:\Users\HP-OMEN\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 433ec0ca-d1be-47fe-877e-2a3aa154dbeb
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (05/24/2021 11:55:34 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2J4O5S5)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/24/2021 11:53:25 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-2J4O5S5)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (05/24/2021 09:23:50 AM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Vzájemné ověření mezi místním adaptérem Bluetooth a zařízením s adresou adaptéru Bluetooth (b0:ca:68:71:32:74) se nezdařilo.
Error: (05/24/2021 09:21:13 AM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Vzájemné ověření mezi místním adaptérem Bluetooth a zařízením s adresou adaptéru Bluetooth (b0:ca:68:71:32:74) se nezdařilo.
Error: (05/23/2021 11:16:25 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2J4O5S5)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/23/2021 10:40:46 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Vzájemné ověření mezi místním adaptérem Bluetooth a zařízením s adresou adaptéru Bluetooth (b0:ca:68:71:32:74) se nezdařilo.
Error: (05/23/2021 10:40:36 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (22:15:37, 23.05.2021) bylo neočekávané.
Error: (05/23/2021 08:35:47 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Vzájemné ověření mezi místním adaptérem Bluetooth a zařízením s adresou adaptéru Bluetooth (b0:ca:68:71:32:74) se nezdařilo.
Windows Defender:
================
Date: 2021-05-24 12:12:32
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {4C3E6A3D-44C7-4744-862D-49AF7EC2C311}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-05-24 11:47:38
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {2C276ACF-E9E3-40BC-9BCE-7F53E267205E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-05-23 12:33:07
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {36FE0836-7210-4670-91EB-612B25C87CBF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-05-22 12:47:42
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {38524CD1-3EA8-41E5-BDB8-618D488C07F3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-05-21 12:43:52
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5916E0E4-05F5-4B4A-80A7-4F61C9937190}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2021-05-24 18:26:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Insyde F.52 05/02/2019
Motherboard: HP 8259
Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 40%
Total physical RAM: 16269.14 MB
Available physical RAM: 9602.38 MB
Total Virtual: 31629.14 MB
Available Virtual: 19727.98 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:464.51 GB) (Free:134.74 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:13.49 GB) NTFS
Drive f: (Seagate Expansion Drive) (Fixed) (Total:3725.9 GB) (Free:2423.58 GB) NTFS
Drive g: () (Removable) (Total:119.06 GB) (Free:46.08 GB) exFAT
\\?\Volume{e82e3e18-7886-4a41-8f94-5549fd38db29}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.5 GB) NTFS
\\?\Volume{90fc4fb7-5748-4324-987c-fdc1cda6c88e}\ () (Fixed) (Total:0.62 GB) (Free:0.08 GB) NTFS
\\?\Volume{f525c893-b93b-4dc9-b997-a216bec897ef}\ () (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 2853A130)
Partition: GPT.
==========================================================
Disk: 2 (Size: 3726 GB) (Disk ID: 8B444527)
Partition: GPT.
==========================================================
Disk: 3 (Protective MBR) (Size: 119.1 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Stiahni AdwCleaner: