Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosba o kontrolu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
heges
Návštěvník
Návštěvník
Příspěvky: 55
Registrován: 12 črc 2010 12:27

Prosba o kontrolu

#1 Příspěvek od heges »

Dobrý den, prosím o kontrolu. Děkuji vám
==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ->) (ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe ->) (Qualcomm Atheros -> ) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(C:\Users\HP\AppData\Local\Programs\Opera\opera.exe ->) (Opera Software AS -> Opera Software) C:\Users\HP\AppData\Local\Programs\Opera\85.0.4341.53\opera_crashreporter.exe
(explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\HP\AppData\Local\FluxSoftware\Flux\flux.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\calc.exe
(explorer.exe ->) (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(explorer.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <18>
(Opera Software AS -> Opera Software) C:\Users\HP\AppData\Local\Programs\Opera\opera.exe <12>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(services.exe ->) (Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(services.exe ->) (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(services.exe ->) (Vodafone) [File not signed] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Vodafone) [File not signed] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3030256 2013-05-16] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [212816 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-02-25] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [MobileBroadband] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [76288 2013-03-25] (Vodafone) [File not signed]
HKLM-x32\...\Run: [VmbNotifier] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe [1861632 2013-03-25] (Vodafone) [File not signed]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [133248 2013-05-16] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
HKU\S-1-5-21-2394591222-3491014639-821066103-1002\...\Run: [f.lux] => C:\Users\HP\AppData\Local\FluxSoftware\Flux\flux.exe [1515848 2021-06-18] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-2394591222-3491014639-821066103-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36976728 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2394591222-3491014639-821066103-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [109945728 2021-02-12] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2394591222-3491014639-821066103-1002\...\Run: [Opera Browser Assistant] => C:\Users\HP\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4137216 2022-06-07] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2394591222-3491014639-821066103-1002\...\MountPoints2: {614469cd-68c8-11e7-befb-a0481cee89c1} - "F:\setup_vmb_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-2394591222-3491014639-821066103-1002\...\MountPoints2: {6d2b009b-09d6-11e7-beef-a0481cee89c1} - "F:\WD Drive Unlock.exe" autoplay=true
HKLM\...\Print\Monitors\HP BA11 Status Monitor: C:\WINDOWS\system32\hpinkstsBA11LM.dll [329576 2012-04-02] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [365568 2012-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\91.1.10672.124\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7478.88\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2022-03-02] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-05-16] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-05-16] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0144D0B1-9961-48E1-B44B-1298EADBA879} - System32\Tasks\Microsoft\Windows\WCM\Provisioning\Purge.S-1-5-21-2394591222-3491014639-821066103-1002 => {217700E0-2005-11DF-ADB9-F4CE462D9137} C:\WINDOWS\System32\provcore.dll [873984 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
Task: {06255F53-D047-448E-A95F-15D3FFE03A82} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {094CD275-5C71-4753-B57E-5566CA859498} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {0CF5DC0B-FF7B-4D71-AA7B-9E1C8C51C22C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
Task: {0F6DBBD1-1FA5-490B-A482-1F43FCC689E6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {15DB5353-9048-43E8-8F01-9A24253E45E1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-06-14] (Piriform Software Ltd -> Piriform)
Task: {2C579831-0D17-4538-A0E4-08D5E0293324} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [592288 2012-09-05] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {2ECA3CB2-7CC7-43B1-BED1-7D6F21FAD253} - System32\Tasks\CCleanerSkipUAC - HP => C:\Program Files\CCleaner\CCleaner.exe [31027800 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3CBC70DF-ECD8-4150-A944-91C91E65224C} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (No File)
Task: {4525E856-A8B8-40B6-A1B0-21F3C6658FBB} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {63655949-580D-43F5-82B5-F85BC769C2F4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {769DBDA5-C102-47D6-9D0E-7041F83280B3} - System32\Tasks\Opera scheduled assistant Autoupdate 1646406258 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe [1868032 2022-04-04] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\HP\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {86341E96-39F8-4ECB-A831-2FFE15658196} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4925264 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
Task: {89923EB3-2372-4579-A26E-AC664E79D276} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-12-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {8B6759EE-1C08-4B8F-955C-774AB5A6544E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {8F9F8AC1-8D13-4554-A358-D81E78509EB0} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7018568 2013-03-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {8FA236DE-F3F9-4E9E-8D91-CCC15D6652A5} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {C69FE8D5-E8E6-42AE-AE5C-9D609AFD6E4E} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3030256 2013-05-16] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {C9DCF59E-6B97-4C0C-8641-B8261089C8CA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {DB21EF32-6BA9-4118-BBC1-BC4FF48961E5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {DB5B72D7-27BF-4BD7-B89A-75FB81A2ECAF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [525728 2012-09-27] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {F072362C-F90B-4898-BAB6-3488530AF910} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {FF8F57FF-0A9E-4B57-B4D7-3511C6BE8F97} - System32\Tasks\Opera scheduled Autoupdate 1646406244 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe [1868032 2022-04-04] (Opera Software AS -> Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{41246C02-D05C-4C00-8E36-806A6E8594D6}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B95C4867-9C22-4003-843B-5907C5EB1A29}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\HP\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-27]

FireFox:
========
FF DefaultProfile: pv1qtyt4.default
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pv1qtyt4.default [2022-06-27]
FF Extension: (Cookie AutoDelete) - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pv1qtyt4.default\Extensions\CookieAutoDelete@kennydo.com.xpi [2022-06-15]
FF Extension: (Decentraleyes) - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pv1qtyt4.default\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2022-02-02]
FF Extension: (Privacy Badger) - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pv1qtyt4.default\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-11-30]
FF Extension: (uBlock Origin) - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pv1qtyt4.default\Extensions\uBlock0@raymondhill.net.xpi [2022-06-14]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-13] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-13] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2013-04-02] (Google Inc. -> Google, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default [2022-06-27]
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Dokumenty) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-16]
CHR Extension: (Disk Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-04]
CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-18]
CHR Extension: (Vyhledávání Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-02-26]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-04]
CHR Extension: (Chrome Media Router) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-04]

Opera:
=======
OPR Profile: C:\Users\HP\AppData\Roaming\Opera Software\Opera Stable [2022-06-27]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Avast Online Security & Privacy) - C:\Users\HP\AppData\Roaming\Opera Software\Opera Stable\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2022-03-04]
OPR Extension: (Rich Hints Agent) - C:\Users\HP\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-05-14]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\HP\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-03-04]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-12-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R3 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [98208 2013-03-05] (Andrea Electronics -> Andrea Electronics Corporation)
R3 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-13] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8432776 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [310912 2013-05-16] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [576336 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1995600 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [576336 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
R3 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-02-01] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
S4 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2468496 2012-11-16] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
R2 VmbService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [8704 2013-03-25] (Vodafone) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-05-16] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [38912 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [232648 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [382608 2022-06-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [255136 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [102048 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [45072 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [271600 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [548968 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111056 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [86120 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [857488 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [662160 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [218608 2022-06-13] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [321928 2022-06-22] (Avast Software s.r.o. -> AVAST Software)
S3 ATHDFU; C:\WINDOWS\System32\Drivers\AthDfu.sys [55448 2013-05-16] (Atheros Communications Inc. -> Windows (R) Win 7 DDK provider)
S3 FcSerial; C:\WINDOWS\system32\DRIVERS\FcSerial.sys [221568 2013-01-30] (Microsoft Windows Hardware Compatibility Publisher -> Flash Card.)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [288328 2013-01-24] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
S3 wmbclass; C:\WINDOWS\System32\drivers\wmbclass.sys [267264 2017-12-10] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-06-27 16:08 - 2022-06-27 16:13 - 000024639 _____ C:\Users\HP\Desktop\FRST.txt
2022-06-27 16:00 - 2022-06-27 16:11 - 000000000 ____D C:\FRST
2022-06-27 15:59 - 2022-06-27 15:59 - 002369024 _____ (Farbar) C:\Users\HP\Downloads\FRST64(1).exe
2022-06-27 15:58 - 2022-06-27 15:58 - 002369024 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2022-06-13 20:59 - 2022-06-13 20:55 - 000218608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-06-13 20:59 - 2022-06-13 20:54 - 000269136 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-06-10 21:42 - 2022-06-22 23:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-06-10 01:51 - 2022-06-17 21:50 - 000004240 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1646406258
2022-06-04 14:22 - 2022-06-04 14:22 - 000132970 _____ C:\Users\HP\Downloads\Informace o pojisteni vozidla na dalsi obdobi(1).zip

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-06-27 16:07 - 2013-12-12 15:11 - 000003598 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2394591222-3491014639-821066103-1002
2022-06-27 16:02 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\tracing
2022-06-27 15:54 - 2018-04-04 20:04 - 000000000 ____D C:\Users\HP\AppData\Local\AVAST Software
2022-06-27 15:50 - 2022-02-12 03:55 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-06-27 15:45 - 2022-02-12 09:32 - 000002798 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - HP
2022-06-27 15:45 - 2020-07-08 22:43 - 000003542 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-06-27 15:45 - 2020-07-08 22:43 - 000003414 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-06-27 15:45 - 2015-05-14 22:49 - 000004478 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-06-27 15:44 - 2013-12-12 14:41 - 000000000 ____D C:\ProgramData\AVAST Software
2022-06-27 15:36 - 2013-12-31 12:16 - 000000000 ____D C:\Users\HP\AppData\Local\CrashDumps
2022-06-27 15:36 - 2013-12-22 00:14 - 000000000 ____D C:\Program Files\CCleaner
2022-06-27 15:28 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2022-06-27 13:34 - 2016-11-16 17:38 - 000000000 ____D C:\Users\HP\AppData\LocalLow\Mozilla
2022-06-25 11:06 - 2020-07-08 22:44 - 000002248 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-06-25 10:57 - 2014-07-01 20:47 - 000000000 __RDO C:\Users\HP\OneDrive
2022-06-24 09:19 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache
2022-06-23 23:07 - 2014-03-18 17:33 - 001928160 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-06-23 23:07 - 2014-03-18 16:54 - 000796792 _____ C:\WINDOWS\system32\perfh005.dat
2022-06-23 23:07 - 2014-03-18 16:54 - 000180910 _____ C:\WINDOWS\system32\perfc005.dat
2022-06-23 21:54 - 2017-03-14 11:09 - 000004168 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-06-23 21:52 - 2013-12-15 18:03 - 000065536 _____ C:\WINDOWS\system32\Ikeext.etl
2022-06-23 21:51 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-06-23 21:50 - 2013-08-22 16:44 - 000414064 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-06-23 21:43 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2022-06-23 21:38 - 2013-08-22 17:36 - 000000000 ___RD C:\WINDOWS\ToastData
2022-06-23 21:36 - 2014-05-03 09:12 - 000000000 ____D C:\Users\HP
2022-06-23 18:41 - 2012-07-26 09:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-06-23 18:23 - 2013-12-10 12:37 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-06-23 18:14 - 2013-12-10 12:37 - 145918784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-06-22 23:16 - 2019-01-14 17:13 - 000382608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-06-22 23:16 - 2013-12-12 14:55 - 000321928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-06-22 23:14 - 2013-12-21 23:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-06-17 21:50 - 2022-03-04 17:04 - 000004012 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1646406244
2022-06-17 21:50 - 2018-03-29 00:11 - 000004128 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-06-17 21:50 - 2015-12-03 22:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2022-06-17 21:50 - 2013-09-16 17:31 - 000003148 _____ C:\WINDOWS\system32\Tasks\MirageAgent
2022-06-17 21:50 - 2013-09-16 17:10 - 000002990 _____ C:\WINDOWS\system32\Tasks\Synaptics TouchPad Enhancements
2022-06-17 21:50 - 2013-09-16 17:09 - 000003134 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2022-06-14 16:16 - 2021-10-12 08:07 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-06-14 16:16 - 2013-12-21 23:43 - 000001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-06-13 20:55 - 2019-01-07 15:21 - 000255136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-06-13 20:55 - 2019-01-07 15:21 - 000102048 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-06-13 20:54 - 2020-10-18 18:46 - 000271600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-06-13 20:54 - 2020-04-16 08:09 - 000548968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-06-13 20:54 - 2018-10-24 08:54 - 000045072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-06-13 20:54 - 2013-12-12 14:55 - 000662160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-06-13 20:54 - 2013-12-12 14:55 - 000111056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-06-13 20:54 - 2013-12-12 14:55 - 000086120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-06-13 20:47 - 2019-01-07 15:21 - 000038912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-06-13 20:47 - 2017-11-18 00:35 - 000232648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-06-13 20:47 - 2013-12-12 14:55 - 000857488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys

==================== Files in the root of some directories ========

2017-02-07 12:14 - 2017-02-07 12:14 - 000003584 _____ () C:\Users\HP\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-10-06 22:19 - 2019-10-06 22:19 - 000000000 _____ () C:\Users\HP\AppData\Local\{44887074-48D8-4A95-9DFD-0DAB5AB4C18C}
2019-10-06 22:19 - 2019-10-06 22:19 - 000000000 _____ () C:\Users\HP\AppData\Local\{892A7CFD-D745-4A48-8768-EFF8976A26D8}
2019-10-06 22:19 - 2019-10-06 22:19 - 000000000 _____ () C:\Users\HP\AppData\Local\{8C1183CA-CCAC-4E2E-A4AF-11EDC5B4C215}

==================== SigCheckExt =========================

2013-05-16 03:10 - 2013-05-16 03:10 - 000362112 _____ (Qualcomm Atheros Commnucations) C:\WINDOWS\system32\AthCredentialProvider.dll
2013-06-07 12:48 - 2011-08-24 09:52 - 000117248 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPMUIDir.exe
2012-07-25 22:22 - 2012-07-26 05:07 - 004722176 _____ (Intel Corporation) C:\WINDOWS\system32\igd10umd64.dll
2012-07-25 22:22 - 2012-07-26 05:07 - 006549504 _____ (Intel Corporation) C:\WINDOWS\system32\igdumd64.dll
2012-07-25 22:22 - 2012-07-26 05:07 - 000188416 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2012-07-25 22:22 - 2012-07-26 05:07 - 000206336 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2002-01-05 02:18 - 2002-01-05 02:18 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl70.dll
2003-03-18 19:05 - 2003-03-18 19:05 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll
2014-03-10 14:15 - 1999-01-20 06:01 - 000210032 _____ C:\WINDOWS\SysWOW64\DBCLIENT.DLL
2012-07-25 22:22 - 2012-06-02 16:32 - 004338688 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10umd32.dll
2012-07-25 22:22 - 2012-06-02 16:32 - 004896768 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumd32.dll
2012-07-25 22:22 - 2012-06-02 16:32 - 000147456 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2012-07-25 22:22 - 2012-06-02 16:32 - 000208896 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2007-01-26 01:04 - 2007-01-26 01:04 - 000027648 _____ C:\WINDOWS\SysWOW64\ma32.dll
2007-01-26 01:04 - 2007-01-26 01:04 - 000138752 _____ C:\WINDOWS\SysWOW64\mase32.dll
2002-01-05 04:48 - 2002-01-05 04:48 - 000974848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70.dll
2002-01-05 04:36 - 2002-01-05 04:36 - 000964608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70u.dll
2003-03-18 21:20 - 2003-03-18 21:20 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll
2003-03-18 21:12 - 2003-03-18 21:12 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71u.dll
2002-01-05 03:38 - 2002-01-05 03:38 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvci70.dll
2002-01-05 03:40 - 2002-01-05 03:40 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp70.dll
2013-09-16 17:37 - 2013-09-16 17:37 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2002-01-05 03:37 - 2002-01-05 03:37 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll
2013-09-16 17:37 - 2013-09-16 17:37 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2003-04-18 16:46 - 2003-04-18 16:46 - 001233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4.dll
2003-04-18 16:29 - 2003-04-18 16:29 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4r.dll
2007-06-21 21:55 - 2007-06-21 21:55 - 000401408 _____ (Pegasus Imaging Corporation) C:\WINDOWS\SysWOW64\pvmjpg30.dll
2022-06-27 15:58 - 2022-06-27 15:58 - 002369024 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2014-03-10 12:59 - 2014-03-10 13:01 - 078415360 _____ C:\Users\HP\Downloads\131231_Poradce1.46.1.exe
2014-03-10 12:59 - 2014-03-10 12:59 - 022744064 _____ C:\Users\HP\Downloads\140226_PoradceOprava1.46.1.exe
2013-12-22 00:06 - 2013-12-22 00:07 - 130785256 _____ C:\Users\HP\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_cs.exe
2019-02-09 12:18 - 2019-02-09 12:20 - 129151225 _____ C:\Users\HP\Downloads\Apache_OpenOffice_4.1.6_Win_x86_install_cs.exe
2022-06-27 15:59 - 2022-06-27 15:59 - 002369024 _____ (Farbar) C:\Users\HP\Downloads\FRST64(1).exe
2014-07-01 20:19 - 2014-07-01 20:20 - 092549632 _____ (Vodafone Group) C:\Users\HP\Downloads\K4201_QuickStart_Firmware_v3.7.exe
2014-05-08 22:20 - 2014-05-08 22:21 - 118560768 _____ (Vodafone Group) C:\Users\HP\Downloads\K5150_QuickStart_Firmware_v7.0.exe
2014-02-03 10:19 - 2014-02-03 10:19 - 000466288 _____ () C:\Users\HP\Downloads\setup.exe
2014-03-10 13:03 - 2014-03-10 13:09 - 306703320 _____ (Kooperativa ) C:\Users\HP\Downloads\SetupISOS_E_All.exe
2014-05-08 22:05 - 2014-05-08 22:07 - 080055389 _____ C:\Users\HP\Downloads\setup_vmc.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2022-06-27 14:34
==================== End of FRST.txt ========================


==================== Memory info ===========================

BIOS: Insyde F.37 06/26/2013
Motherboard: Hewlett-Packard 188B
Processor: AMD E2-1800 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 74%
Total physical RAM: 3682.26 MB
Available physical RAM: 936.39 MB
Total Virtual: 7394.26 MB
Available Virtual: 2135.07 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:448.41 GB) (Free:110.32 GB) (Model: ST500LT012-9WS14 SATA Disk Device) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.15 GB) (Free:2 GB) (Model: ST500LT012-9WS14 SATA Disk Device) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Zivot v rytmu sw) (CDROM) (Total:0.62 GB) (Free:0 GB) CDFS

\\?\Volume{01e031f0-d493-4ce6-bec7-7fca3e081ea7}\ (WINRE) (Fixed) (Total:0.39 GB) (Free:0.13 GB) NTFS
\\?\Volume{1c4bf91d-1333-4957-b8f3-9109d55a8810}\ () (Fixed) (Total:0.44 GB) (Free:0.1 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1E1F4777)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosba o kontrolu

#2 Příspěvek od Rudy »

Zdravím! Log Addition není kompletní a chybí hlavičky logů. Bez nich nevím, jaký máte OS a nevím, odkud byl FRST spuštěn, abych mohl podat správnou informaci, kam uložit fixlist.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

heges
Návštěvník
Návštěvník
Příspěvky: 55
Registrován: 12 črc 2010 12:27

Re: Prosba o kontrolu

#3 Příspěvek od heges »

Z nějakého důvodu mi nešel znovu vygenerovat frst log, tak sem vkládám rsit.

Logfile of random's system information tool 1.10 (written by random/random)
Run by HP at 2022-07-10 09:33:47
Microsoft Windows 8.1
System drive C: has 102 GB (22%) free of 459 GB
Total RAM: 3682 MB (27% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:20:14, on 10. 7. 2022
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.19036)
Boot mode: Normal

Running processes:
C:\Users\HP\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe
C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\RdrCEF.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\RdrCEF.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\RdrCEF.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\RdrCEF.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\RdrCEF.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\RdrCEF.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\RdrCEF.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\RdrCEF.exe
C:\Program Files\trend micro\HP.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/?rlz=1W4CHBA_csCZ566
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\103.0.1264.37\BHO\ie_to_edge_bho.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent
O4 - HKLM\..\Run: [VmbNotifier] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe
O4 - HKCU\..\Run: [f.lux] "C:\Users\HP\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_AC3B7AF181558E407F159DB8A5D4AA84] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
O4 - HKCU\..\Run: [Opera Browser Assistant] C:\Users\HP\AppData\Local\Programs\Opera\assistant\browser_assistant.exe
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall Service (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Avast Tools (avast! Tools) - AVAST Software - C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Vodafone Mobile Connect Service (VmbService) - Vodafone - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 9878 bytes

======Listing Processes======





wininit.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files\AVAST Software\Avast\wsc_proxy.exe" /runassvc /rpcserver
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe" /runassvc
"C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe" /runassvc
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Program Files\AVAST Software\Avast\aswEngSrv.exe" /pipename="5F6B94E5-B6C4-1675-8051-9C6671E4036D" /binpath="C:\Program Files\AVAST Software\Avast" /logpath="C:\ProgramData\AVAST Software\Avast\log"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {bbefb1a5-3207-494a-b0803f1c5cf3bfa6}
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe"
"C:\Program Files\AVAST Software\Avast\aswidsagent.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
-hiberboot
atieclxx
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\WINDOWS\Explorer.EXE
taskhostex.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Users\HP\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
AvastUI.exe /nogui
"C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=gpu-process --field-trial-handle=7956,10793056744043960562,11250614506059288828,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,ForcedColors,SameSiteByDefaultCookies,SameSiteDefaultChecksMethodRigorously --no-sandbox --disable-gpu-driver-bug-workarounds --log-file="C:\Users\HP\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (0.0.0)" --lang=cs-CZ --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --disable-gpu --disable-webgl --disable-gpu-compositing --allow-file-access-from-files=1 --force-device-scale-factor=1.25 --pack_loading_disabled=1 --gpu-preferences=SAAAAAAAAADgAABwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --use-gl=swiftshader-webgl --log-file="C:\Users\HP\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=5228 /prefetch:2
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=7956,10793056744043960562,11250614506059288828,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,ForcedColors,SameSiteByDefaultCookies,SameSiteDefaultChecksMethodRigorously --lang=cs --service-sandbox-type=none --no-sandbox --force-wave-audio --log-file="C:\Users\HP\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (0.0.0)" --lang=cs-CZ --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --disable-gpu --disable-webgl --disable-gpu-compositing --allow-file-access-from-files=1 --force-device-scale-factor=1.25 --pack_loading_disabled=1 --log-file="C:\Users\HP\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=2832 /prefetch:8
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=7956,10793056744043960562,11250614506059288828,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,ForcedColors,SameSiteByDefaultCookies,SameSiteDefaultChecksMethodRigorously --lang=cs --service-sandbox-type=utility --no-sandbox --force-wave-audio --log-file="C:\Users\HP\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (0.0.0)" --lang=cs-CZ --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --disable-gpu --disable-webgl --disable-gpu-compositing --allow-file-access-from-files=1 --force-device-scale-factor=1.25 --pack_loading_disabled=1 --log-file="C:\Users\HP\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=5552 /prefetch:8
"C:\Program Files (x86)\OpenOffice 4\program\soffice.exe"
"C:\Program Files (x86)\OpenOffice 4\program\soffice.exe" "-env:OOO_CWD=2C:\\Program Files (x86)\\OpenOffice 4"
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\HP\Desktop\koncept MPP\001_Paradigma_a_Zlate_pravidlo.pdf"
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" --type=renderer /prefetch:1 "C:\Users\HP\Desktop\koncept MPP\001_Paradigma_a_Zlate_pravidlo.pdf"
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\RdrCEF.exe" --locale=cs_cz --backgroundcolor=16514043
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\RdrCEF.exe" --type=gpu-process --field-trial-handle=1196,8990700494676199801,10440763005258618053,131072 --enable-features=CastMediaRouteProvider --disable-features=CalculateNativeWinOcclusion --disable-pack-loading --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\debug.log" --log-severity=disable --product-version="ReaderServices/22.1.20117 Chrome/80.0.0.0" --lang=en-US --gpu-preferences=OAAAAAAAAADgACAwAAAAAAAAAAAAAAAAAABgAAAAAAAYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAABQAAABAAAAAAAAAAAAAAAAYAAAAQAAAAAAAAAAEAAAAFAAAAEAAAAAAAAAABAAAABgAAAA== --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\debug.log" --mojo-platform-channel-handle=1216 --allow-no-sandbox-job /prefetch:2
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\RdrCEF.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1196,8990700494676199801,10440763005258618053,131072 --enable-features=CastMediaRouteProvider --disable-features=CalculateNativeWinOcclusion --lang=en-US --service-sandbox-type=utility --disable-pack-loading --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\debug.log" --log-severity=disable --product-version="ReaderServices/22.1.20117 Chrome/80.0.0.0" --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\debug.log" --mojo-platform-channel-handle=1476 --allow-no-sandbox-job /prefetch:8
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\RdrCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1196,8990700494676199801,10440763005258618053,131072 --enable-features=CastMediaRouteProvider --disable-features=CalculateNativeWinOcclusion --lang=en-US --service-sandbox-type=network --disable-pack-loading --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\debug.log" --log-severity=disable --product-version="ReaderServices/22.1.20117 Chrome/80.0.0.0" --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\debug.log" --mojo-platform-channel-handle=1656 --allow-no-sandbox-job /prefetch:8
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\RdrCEF.exe" --type=renderer --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\debug.log" --touch-events=enabled --field-trial-handle=1196,8990700494676199801,10440763005258618053,131072 --enable-features=CastMediaRouteProvider --disable-features=CalculateNativeWinOcclusion --lang=en-US --disable-pack-loading --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\debug.log" --log-severity=disable --product-version="ReaderServices/22.1.20117 Chrome/80.0.0.0" --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=5 --mojo-platform-channel-handle=1916 --allow-no-sandbox-job /prefetch:1
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\RdrCEF.exe" --type=renderer --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\debug.log" --touch-events=enabled --field-trial-handle=1196,8990700494676199801,10440763005258618053,131072 --enable-features=CastMediaRouteProvider --disable-features=CalculateNativeWinOcclusion --disable-gpu-compositing --lang=en-US --disable-pack-loading --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\debug.log" --log-severity=disable --product-version="ReaderServices/22.1.20117 Chrome/80.0.0.0" --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=7 --mojo-platform-channel-handle=2360 --allow-no-sandbox-job /prefetch:1
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\RdrCEF.exe" --type=renderer --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\debug.log" --touch-events=enabled --field-trial-handle=1196,8990700494676199801,10440763005258618053,131072 --enable-features=CastMediaRouteProvider --disable-features=CalculateNativeWinOcclusion --disable-gpu-compositing --lang=en-US --disable-pack-loading --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\debug.log" --log-severity=disable --product-version="ReaderServices/22.1.20117 Chrome/80.0.0.0" --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=8 --mojo-platform-channel-handle=2100 --allow-no-sandbox-job /prefetch:1
taskhost.exe
"C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\HP\Downloads\06_stare_dokumenty_komplet.zip"
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\RdrCEF.exe" --type=renderer --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\debug.log" --touch-events=enabled --field-trial-handle=1196,8990700494676199801,10440763005258618053,131072 --enable-features=CastMediaRouteProvider --disable-features=CalculateNativeWinOcclusion --disable-gpu-compositing --lang=en-US --disable-pack-loading --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\debug.log" --log-severity=disable --product-version="ReaderServices/22.1.20117 Chrome/80.0.0.0" --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=13 --mojo-platform-channel-handle=1632 --allow-no-sandbox-job /prefetch:1
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\HP\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\HP\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=103.0.5060.53 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=103.0.1264.37 --initial-client-data=0x88,0xac,0xb0,0x68,0xb8,0x7ffe745390b8,0x7ffe745390c8,0x7ffe745390d8
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1664 --field-trial-handle=1708,i,17622949049676558371,12058793877756967289,131072 /prefetch:2
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --disable-client-side-phishing-detection --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale= --lang=cs --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=6 --launch-time-ticks=610473375171 --mojo-platform-channel-handle=2692 --field-trial-handle=1708,i,17622949049676558371,12058793877756967289,131072 /prefetch:1
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=cs --service-sandbox-type=utility --mojo-platform-channel-handle=2832 --field-trial-handle=1708,i,17622949049676558371,12058793877756967289,131072 /prefetch:8
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=cs --service-sandbox-type=none --mojo-platform-channel-handle=3564 --field-trial-handle=1708,i,17622949049676558371,12058793877756967289,131072 /prefetch:3
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=cs --service-sandbox-type=entity_extraction --mojo-platform-channel-handle=5676 --field-trial-handle=1708,i,17622949049676558371,12058793877756967289,131072 /prefetch:8
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=cs --service-sandbox-type=audio --mojo-platform-channel-handle=3576 --field-trial-handle=1708,i,17622949049676558371,12058793877756967289,131072 /prefetch:8
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --disable-client-side-phishing-detection --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale= --disable-gpu-compositing --lang=cs --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=211 --launch-time-ticks=1053128800811 --mojo-platform-channel-handle=7312 --field-trial-handle=1708,i,17622949049676558371,12058793877756967289,131072 /prefetch:1
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --disable-client-side-phishing-detection --display-capture-permissions-policy-allowed --js-flags=--ms-user-locale= --disable-gpu-compositing --lang=cs --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=220 --launch-time-ticks=1345602790634 --mojo-platform-channel-handle=7184 --field-trial-handle=1708,i,17622949049676558371,12058793877756967289,131072 /prefetch:1
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="12160.0.385011963\939556763" -parentBuildID 20220705093820 -prefsHandle 1248 -prefMapHandle 1240 -prefsLen 36066 -prefMapSize 230399 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 12160 "\\.\pipe\gecko-crash-server-pipe.12160" 1328 f1147ecd48 gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="12160.1.1292476203\668870359" -parentBuildID 20220705093820 -prefsHandle 1528 -prefMapHandle 1524 -prefsLen 36111 -prefMapSize 230399 -win32kLockedDown -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 12160 "\\.\pipe\gecko-crash-server-pipe.12160" 1540 f1067ea448 socket
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="12160.3.1389650732\117308630" -childID 2 -isForBrowser -prefsHandle 2592 -prefMapHandle 2596 -prefsLen 36732 -prefMapSize 230399 -jsInitHandle 1124 -jsInitLen 277276 -a11yResourceId 64 -parentBuildID 20220705093820 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 12160 "\\.\pipe\gecko-crash-server-pipe.12160" 2584 f1196fb048 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="12160.5.330594017\1260200241" -childID 4 -isForBrowser -prefsHandle 3984 -prefMapHandle 3980 -prefsLen 41869 -prefMapSize 230399 -jsInitHandle 1124 -jsInitLen 277276 -a11yResourceId 64 -parentBuildID 20220705093820 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 12160 "\\.\pipe\gecko-crash-server-pipe.12160" 3996 f122212b48 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="12160.7.1523132887\1950185318" -childID 6 -isForBrowser -prefsHandle 4848 -prefMapHandle 4852 -prefsLen 42617 -prefMapSize 230399 -jsInitHandle 1124 -jsInitLen 277276 -a11yResourceId 64 -parentBuildID 20220705093820 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 12160 "\\.\pipe\gecko-crash-server-pipe.12160" 4836 f124372b48 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="12160.14.1984445486\1077595787" -childID 13 -isForBrowser -prefsHandle 5096 -prefMapHandle 5476 -prefsLen 43937 -prefMapSize 230399 -jsInitHandle 1124 -jsInitLen 277276 -a11yResourceId 64 -parentBuildID 20220705093820 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 12160 "\\.\pipe\gecko-crash-server-pipe.12160" 3884 f12c526d48 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="12160.27.1749052209\37793310" -parentBuildID 20220705093820 -prefsHandle 5716 -prefMapHandle 4616 -prefsLen 43937 -prefMapSize 230399 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 12160 "\\.\pipe\gecko-crash-server-pipe.12160" 8752 f1206b3148 rdd
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="12160.51.1509387449\516129040" -parentBuildID 20220705093820 -sandboxingKind 1 -prefsHandle 6076 -prefMapHandle 8284 -prefsLen 44221 -prefMapSize 230399 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 12160 "\\.\pipe\gecko-crash-server-pipe.12160" 8276 f11cfbb148 utility
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="12160.94.1031817754\1015834768" -childID 91 -isForBrowser -prefsHandle 9764 -prefMapHandle 9052 -prefsLen 44221 -prefMapSize 230399 -jsInitHandle 1124 -jsInitLen 277276 -a11yResourceId 64 -parentBuildID 20220705093820 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 12160 "\\.\pipe\gecko-crash-server-pipe.12160" 9060 f11b35b048 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="12160.100.2018938177\785088813" -childID 97 -isForBrowser -prefsHandle 8756 -prefMapHandle 9924 -prefsLen 44221 -prefMapSize 230399 -jsInitHandle 1124 -jsInitLen 277276 -a11yResourceId 64 -parentBuildID 20220705093820 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 12160 "\\.\pipe\gecko-crash-server-pipe.12160" 9208 f11c4f9848 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="12160.101.1807673179\1573470569" -childID 98 -isForBrowser -prefsHandle 9200 -prefMapHandle 4720 -prefsLen 44221 -prefMapSize 230399 -jsInitHandle 1124 -jsInitLen 277276 -a11yResourceId 64 -parentBuildID 20220705093820 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 12160 "\\.\pipe\gecko-crash-server-pipe.12160" 7996 f12510dc48 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="12160.102.1983286089\451040987" -childID 99 -isForBrowser -prefsHandle 9404 -prefMapHandle 9616 -prefsLen 44221 -prefMapSize 230399 -jsInitHandle 1124 -jsInitLen 277276 -a11yResourceId 64 -parentBuildID 20220705093820 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 12160 "\\.\pipe\gecko-crash-server-pipe.12160" 8204 f123b7ed48 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="12160.107.1744354908\418822419" -childID 104 -isForBrowser -prefsHandle 4924 -prefMapHandle 7304 -prefsLen 44221 -prefMapSize 230399 -jsInitHandle 1124 -jsInitLen 277276 -a11yResourceId 64 -parentBuildID 20220705093820 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 12160 "\\.\pipe\gecko-crash-server-pipe.12160" 7312 f129b12b48 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="12160.108.535856388\1888405973" -childID 105 -isForBrowser -prefsHandle 5680 -prefMapHandle 8000 -prefsLen 44221 -prefMapSize 230399 -jsInitHandle 1124 -jsInitLen 277276 -a11yResourceId 64 -parentBuildID 20220705093820 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 12160 "\\.\pipe\gecko-crash-server-pipe.12160" 5616 f10672c748 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="12160.112.558664023\1991053291" -childID 109 -isForBrowser -prefsHandle 9800 -prefMapHandle 9812 -prefsLen 44264 -prefMapSize 230399 -jsInitHandle 1124 -jsInitLen 277276 -a11yResourceId 64 -parentBuildID 20220705093820 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 12160 "\\.\pipe\gecko-crash-server-pipe.12160" 5676 f12c537a48 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="12160.113.1280221051\1067733034" -childID 110 -isForBrowser -prefsHandle 8600 -prefMapHandle 9024 -prefsLen 44264 -prefMapSize 230399 -jsInitHandle 1124 -jsInitLen 277276 -a11yResourceId 64 -parentBuildID 20220705093820 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 12160 "\\.\pipe\gecko-crash-server-pipe.12160" 7976 f129bb5b48 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="12160.114.958004448\1996684194" -childID 111 -isForBrowser -prefsHandle 6336 -prefMapHandle 6340 -prefsLen 44264 -prefMapSize 230399 -jsInitHandle 1124 -jsInitLen 277276 -a11yResourceId 64 -parentBuildID 20220705093820 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 12160 "\\.\pipe\gecko-crash-server-pipe.12160" 6328 f11c8f0b48 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="12160.115.1073649784\63309880" -childID 112 -isForBrowser -prefsHandle 4672 -prefMapHandle 6136 -prefsLen 44264 -prefMapSize 230399 -jsInitHandle 1124 -jsInitLen 277276 -a11yResourceId 64 -parentBuildID 20220705093820 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 12160 "\\.\pipe\gecko-crash-server-pipe.12160" 9564 f1196faa48 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="12160.116.1924166004\331337099" -childID 113 -isForBrowser -prefsHandle 9356 -prefMapHandle 9880 -prefsLen 44264 -prefMapSize 230399 -jsInitHandle 1124 -jsInitLen 277276 -a11yResourceId 64 -parentBuildID 20220705093820 -appDir "C:\Program Files (x86)\Mozilla Firefox\browser" - 12160 "\\.\pipe\gecko-crash-server-pipe.12160" 9508 f11d3e8a48 tab
"C:\Users\HP\Desktop\RSITx64.exe"
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pv1qtyt4.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 28.0.0.126 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 28.0.0.126 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll


C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pv1qtyt4.default\extensions\
staged

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\103.0.1264.37\BHO\ie_to_edge_bho_64.dll [2022-06-22 561080]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\103.0.1264.37\BHO\ie_to_edge_bho.dll [2022-06-22 440248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-05-16 3030256]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2022-06-13 212816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-05-16 133248]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"f.lux"=C:\Users\HP\AppData\Local\FluxSoftware\Flux\flux.exe [2021-06-18 1515848]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2022-06-14 36976728]
"Skype for Desktop"=C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [2021-02-12 109945728]
"MicrosoftEdgeAutoLaunch_AC3B7AF181558E407F159DB8A5D4AA84"=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [2022-06-22 3601824]
"Opera Browser Assistant"=C:\Users\HP\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [2022-07-06 4110832]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-03-14 642656]
"HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2013-02-25 1045304]
"MobileBroadband"=C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [2013-03-25 76288]
"VmbNotifier"=C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe [2013-03-25 1861632]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-05-16 133248]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aswSP.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"DisableCAD"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2022-07-10 09:33:48 ----D---- C:\Program Files\trend micro
2022-07-10 09:33:47 ----D---- C:\rsit
2022-07-10 09:23:47 ----HD---- C:\$AV_ASW
2022-06-30 16:56:02 ----D---- C:\Program Files\7-Zip
2022-06-27 16:00:12 ----D---- C:\FRST
2022-06-23 17:23:21 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2022-06-23 17:23:20 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2022-06-23 17:23:20 ----A---- C:\WINDOWS\system32\kerberos.dll
2022-06-23 17:23:19 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2022-06-23 17:23:18 ----A---- C:\WINDOWS\system32\schannel.dll
2022-06-23 17:23:18 ----A---- C:\WINDOWS\system32\authui.dll
2022-06-23 17:23:17 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2022-06-23 17:23:17 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2022-06-23 17:23:16 ----A---- C:\WINDOWS\system32\msi.dll
2022-06-23 17:23:15 ----A---- C:\WINDOWS\system32\lsasrv.dll
2022-06-23 17:23:14 ----A---- C:\WINDOWS\system32\win32k.sys
2022-06-23 17:23:13 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2022-06-23 17:23:13 ----A---- C:\WINDOWS\system32\certcli.dll
2022-06-23 17:23:11 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2022-06-23 17:23:11 ----A---- C:\WINDOWS\system32\winresume.exe
2022-06-23 17:23:11 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2022-06-23 17:23:10 ----A---- C:\WINDOWS\system32\winload.exe
2022-06-23 17:23:08 ----A---- C:\WINDOWS\SYSWOW64\Wldap32.dll
2022-06-23 17:23:08 ----A---- C:\WINDOWS\system32\Wldap32.dll
2022-06-23 17:23:08 ----A---- C:\WINDOWS\system32\ole32.dll
2022-06-23 17:23:08 ----A---- C:\WINDOWS\system32\iscsiexe.dll
2022-06-23 17:23:07 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2022-06-23 17:23:07 ----A---- C:\WINDOWS\system32\samsrv.dll
2022-06-23 17:23:06 ----A---- C:\WINDOWS\SYSWOW64\msdt.exe
2022-06-23 17:23:06 ----A---- C:\WINDOWS\system32\msdt.exe
2022-06-23 17:23:05 ----A---- C:\WINDOWS\system32\localspl.dll
2022-06-23 17:23:05 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2022-06-23 17:23:04 ----A---- C:\WINDOWS\system32\kernel32.dll
2022-06-23 17:23:04 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2022-06-23 17:23:04 ----A---- C:\WINDOWS\system32\ci.dll
2022-06-23 17:23:03 ----A---- C:\WINDOWS\SYSWOW64\twext.dll
2022-06-23 17:23:03 ----A---- C:\WINDOWS\system32\puiobj.dll
2022-06-23 17:23:03 ----A---- C:\WINDOWS\system32\combase.dll
2022-06-23 17:23:02 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2022-06-23 17:23:02 ----A---- C:\WINDOWS\system32\twext.dll
2022-06-23 17:23:02 ----A---- C:\WINDOWS\system32\drivers\ipnat.sys
2022-06-23 17:23:01 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2022-06-23 17:23:01 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2022-06-23 17:22:59 ----A---- C:\WINDOWS\SYSWOW64\iscsidsc.dll
2022-06-23 17:22:59 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2022-06-23 17:22:51 ----A---- C:\WINDOWS\system32\iscsidsc.dll
2022-06-23 17:22:50 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2022-06-23 17:22:49 ----A---- C:\WINDOWS\system32\win32spl.dll
2022-06-23 17:22:49 ----A---- C:\WINDOWS\system32\rpcss.dll
2022-06-23 17:22:48 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2022-06-23 17:22:48 ----A---- C:\WINDOWS\system32\srvsvc.dll
2022-06-23 17:22:48 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2022-06-13 20:59:33 ----A---- C:\WINDOWS\system32\aswBoot.exe
2022-06-13 20:59:12 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys

======List of files/folders modified in the last 1 month======

2022-07-10 10:20:11 ----D---- C:\WINDOWS\system32\drivers\etc
2022-07-10 10:16:50 ----D---- C:\WINDOWS\Temp
2022-07-10 10:01:41 ----D---- C:\WINDOWS\tracing
2022-07-10 10:00:00 ----D---- C:\WINDOWS\system32\sru
2022-07-10 09:34:09 ----D---- C:\WINDOWS\Prefetch
2022-07-10 09:33:48 ----D---- C:\Program Files
2022-07-09 23:36:07 ----D---- C:\Program Files\CCleaner
2022-07-09 11:32:44 ----D---- C:\Program Files (x86)\Mozilla Firefox
2022-07-09 11:32:35 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2022-07-08 10:32:17 ----D---- C:\WINDOWS\Microsoft.NET
2022-07-08 09:42:56 ----D---- C:\WINDOWS\system32\Tasks
2022-07-08 00:13:51 ----SHD---- C:\System Volume Information
2022-07-07 17:11:22 ----SHD---- C:\WINDOWS\Installer
2022-07-07 17:09:39 ----D---- C:\WINDOWS\SysWOW64
2022-07-03 12:28:53 ----D---- C:\WINDOWS\Inf
2022-06-28 10:59:20 ----D---- C:\Windows
2022-06-28 02:05:15 ----D---- C:\WINDOWS\SoftwareDistribution
2022-06-27 15:50:13 ----D---- C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-06-27 15:44:07 ----RD---- C:\Program Files (x86)
2022-06-27 15:44:07 ----D---- C:\ProgramData\AVAST Software
2022-06-27 15:36:24 ----D---- C:\WINDOWS\debug
2022-06-26 15:57:30 ----D---- C:\WINDOWS\system32\config
2022-06-26 15:29:43 ----D---- C:\WINDOWS\WinSxS
2022-06-26 15:25:02 ----D---- C:\WINDOWS\system32\catroot2
2022-06-24 09:19:18 ----D---- C:\WINDOWS\rescache
2022-06-23 23:07:44 ----RD---- C:\WINDOWS\System32
2022-06-23 23:07:44 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2022-06-23 21:53:13 ----D---- C:\WINDOWS\system32\DriverStore
2022-06-23 21:38:33 ----RD---- C:\WINDOWS\ToastData
2022-06-23 21:38:28 ----D---- C:\WINDOWS\system32\drivers
2022-06-23 21:38:28 ----D---- C:\WINDOWS\system32\Boot
2022-06-23 21:38:23 ----D---- C:\WINDOWS\system32\CodeIntegrity
2022-06-23 18:41:48 ----D---- C:\WINDOWS\CbsTemp
2022-06-23 18:23:51 ----D---- C:\WINDOWS\system32\MRT
2022-06-23 18:14:18 ----AC---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswArDisk;aswArDisk; C:\WINDOWS\system32\drivers\aswArDisk.sys [2022-06-13 38912]
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsh.sys [2022-06-13 255136]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniv.sys [2022-06-13 102048]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2022-06-13 86120]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2022-06-22 321928]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2022-06-13 232648]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriver.sys [2022-06-22 382608]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2022-06-13 45072]
R1 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2022-06-13 271600]
R1 aswNetHub;aswNetHub; C:\WINDOWS\system32\drivers\aswNetHub.sys [2022-06-13 548968]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2022-06-13 111056]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2022-06-13 857488]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2022-06-13 662160]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2016-08-13 71680]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2022-06-13 218608]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2013-12-13 13207552]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2013-12-13 626176]
R3 athr;@oem6.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-04-16 3786752]
R3 AtiHDAudioService;@oem24.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdW86.sys [2013-02-14 94208]
R3 BTATH_BUS;@oem7.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2013-05-16 34384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-03-05 3333576]
R3 RSP2STOR;@oem5.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [2013-01-24 288328]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 SynTP;@oem12.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2013-05-16 524016]
R3 usbfilter;AMD USB Filter Driver; C:\WINDOWS\system32\DRIVERS\usbfilter.sys [2012-08-28 58536]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2016-08-13 38912]
S0 amd_sata;amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [2012-11-30 80552]
S0 amd_xata;amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [2012-11-30 26280]
S3 AthBTPort;@oem11.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2013-05-16 89800]
S3 ATHDFU;Qualcomm Atheros Valkyrie USB BootROM; C:\WINDOWS\System32\Drivers\AthDfu.sys [2013-05-16 55448]
S3 BTATH_A2DP;@oem10.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2013-05-16 347336]
S3 btath_avdt;@oem10.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2013-05-16 115912]
S3 BTATH_HCRP;@oem14.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2013-05-16 179432]
S3 BTATH_LWFLT;@oem21.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2013-05-16 77464]
S3 BTATH_RCP;@oem17.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2013-05-16 136784]
S3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-04-28 599240]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2019-08-04 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2021-07-13 1209856]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2019-05-03 81920]
S3 FcSerial;Fc Serial Port Driver; C:\WINDOWS\system32\DRIVERS\FcSerial.sys [2013-01-30 221568]
S3 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-09-02 647736]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 SmbDrv;SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2013-05-08 29424]
S3 SmbDrvI;SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2013-05-08 33008]
S3 usb_rndisx;@netrndis.inf,%usb_rndis.Service.DispName%;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2015-04-25 20992]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2022-02-15 39288]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-05-16 310912]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2022-06-13 576336]
R2 avast! Firewall;Avast Firewall Service; C:\Program Files\AVAST Software\Avast\afwServ.exe [2022-06-13 1995600]
R2 avast! Tools;Avast Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [2022-06-13 576336]
R2 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2021-06-02 56912]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2022-02-15 39288]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2013-02-01 1039160]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-03-05 239176]
R2 VmbService;Vodafone Mobile Connect Service; C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [2013-03-25 8704]
R3 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2021-11-18 169728]
R3 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [2013-03-05 98208]
R3 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2013-12-13 239616]
R3 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-03-13 361984]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2022-06-13 8432776]
R3 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-07-08 224152]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-13 272384]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2019-03-28 54912]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2022-02-15 39288]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-07-08 224152]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\103.0.1264.37\elevation_service.exe [2022-06-22 1696696]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2022-07-09 232824]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\WINDOWS\system32\svchost.exe [2022-02-15 39288]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\WINDOWS\system32\svchost.exe [2022-02-15 39288]
S4 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S4 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S4 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-11-16 2468496]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosba o kontrolu

#4 Příspěvek od Rudy »

RSIT je na nic, s tímto OS není plně kompatibilní.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

heges
Návštěvník
Návštěvník
Příspěvky: 55
Registrován: 12 črc 2010 12:27

Re: Prosba o kontrolu

#5 Příspěvek od heges »

frst mi nejde uložit na plochu a tam spustit, i když minule to šlo. Nevedí když ho spustím ve složce kam se stáhnul a tam vygeneruji log?
Děkuji

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosba o kontrolu

#6 Příspěvek od Rudy »

Můžete použít jakoukoliv složku.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

heges
Návštěvník
Návštěvník
Příspěvky: 55
Registrován: 12 črc 2010 12:27

Re: Prosba o kontrolu

#7 Příspěvek od heges »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2022
Ran by HP (administrator) on HP-PC (Hewlett-Packard HP 255 G1 Notebook PC) (29-07-2022 13:16:15)
Running from C:\Users\HP\Desktop
Loaded Profiles: HP
Platform: Microsoft Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe ->) (Qualcomm Atheros -> ) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(C:\Program Files (x86)\OpenOffice 4\program\soffice.exe ->) (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <5>
(C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(C:\Users\HP\AppData\Local\Programs\Opera\opera.exe ->) (Opera Software AS -> Opera Software) C:\Users\HP\AppData\Local\Programs\Opera\85.0.4341.53\opera_crashreporter.exe
(explorer.exe ->) (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\HP\AppData\Local\FluxSoftware\Flux\flux.exe
(explorer.exe ->) (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <20>
(Opera Software AS -> Opera Software) C:\Users\HP\AppData\Local\Programs\Opera\opera.exe <21>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(services.exe ->) (Vodafone) [File not signed] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(svchost.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Vodafone) [File not signed] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3030256 2013-05-16] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213760 2022-07-13] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-02-25] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [MobileBroadband] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [76288 2013-03-25] (Vodafone) [File not signed]
HKLM-x32\...\Run: [VmbNotifier] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe [1861632 2013-03-25] (Vodafone) [File not signed]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [133248 2013-05-16] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
HKU\S-1-5-21-2394591222-3491014639-821066103-1002\...\Run: [f.lux] => C:\Users\HP\AppData\Local\FluxSoftware\Flux\flux.exe [1515848 2021-06-18] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-2394591222-3491014639-821066103-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36976728 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2394591222-3491014639-821066103-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [109945728 2021-02-12] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2394591222-3491014639-821066103-1002\...\Run: [Opera Browser Assistant] => C:\Users\HP\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4110832 2022-07-06] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-2394591222-3491014639-821066103-1002\...\MountPoints2: {614469cd-68c8-11e7-befb-a0481cee89c1} - "F:\setup_vmb_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-2394591222-3491014639-821066103-1002\...\MountPoints2: {6d2b009b-09d6-11e7-beef-a0481cee89c1} - "F:\WD Drive Unlock.exe" autoplay=true
HKLM\...\Print\Monitors\HP BA11 Status Monitor: C:\WINDOWS\system32\hpinkstsBA11LM.dll [329576 2012-04-02] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [365568 2012-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\91.1.10672.124\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7478.88\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2022-03-02] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-05-16] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-05-16] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0144D0B1-9961-48E1-B44B-1298EADBA879} - System32\Tasks\Microsoft\Windows\WCM\Provisioning\Purge.S-1-5-21-2394591222-3491014639-821066103-1002 => {217700E0-2005-11DF-ADB9-F4CE462D9137} C:\WINDOWS\System32\provcore.dll [873984 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
Task: {03EC3C2A-F5C2-4869-879B-9917758CCA2E} - System32\Tasks\Opera scheduled assistant Autoupdate 1646406258 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe [1868032 2022-04-04] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\HP\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {06255F53-D047-448E-A95F-15D3FFE03A82} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {094CD275-5C71-4753-B57E-5566CA859498} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {0CF5DC0B-FF7B-4D71-AA7B-9E1C8C51C22C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
Task: {0F6DBBD1-1FA5-490B-A482-1F43FCC689E6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {120E13F9-1D30-42B3-9F80-B0047C8FE3D0} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {15DB5353-9048-43E8-8F01-9A24253E45E1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-06-14] (Piriform Software Ltd -> Piriform)
Task: {2C579831-0D17-4538-A0E4-08D5E0293324} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [592288 2012-09-05] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {2ECA3CB2-7CC7-43B1-BED1-7D6F21FAD253} - System32\Tasks\CCleanerSkipUAC - HP => C:\Program Files\CCleaner\CCleaner.exe [31027800 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {39D281EA-25FE-4EFE-BC24-CA6CFCC43FE7} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4938496 2022-07-13] (Avast Software s.r.o. -> AVAST Software)
Task: {3CBC70DF-ECD8-4150-A944-91C91E65224C} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (No File)
Task: {4525E856-A8B8-40B6-A1B0-21F3C6658FBB} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {63655949-580D-43F5-82B5-F85BC769C2F4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {89923EB3-2372-4579-A26E-AC664E79D276} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-12-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {8B6759EE-1C08-4B8F-955C-774AB5A6544E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {8F9F8AC1-8D13-4554-A358-D81E78509EB0} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7018568 2013-03-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {C69FE8D5-E8E6-42AE-AE5C-9D609AFD6E4E} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3030256 2013-05-16] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {C9DCF59E-6B97-4C0C-8641-B8261089C8CA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {DB21EF32-6BA9-4118-BBC1-BC4FF48961E5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {DB5B72D7-27BF-4BD7-B89A-75FB81A2ECAF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [525728 2012-09-27] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {F072362C-F90B-4898-BAB6-3488530AF910} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {FF8F57FF-0A9E-4B57-B4D7-3511C6BE8F97} - System32\Tasks\Opera scheduled Autoupdate 1646406244 => C:\Users\HP\AppData\Local\Programs\Opera\launcher.exe [1868032 2022-04-04] (Opera Software AS -> Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{41246C02-D05C-4C00-8E36-806A6E8594D6}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B95C4867-9C22-4003-843B-5907C5EB1A29}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\HP\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-25]

FireFox:
========
FF DefaultProfile: pv1qtyt4.default
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pv1qtyt4.default [2022-07-29]
FF Extension: (Cookie AutoDelete) - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pv1qtyt4.default\Extensions\CookieAutoDelete@kennydo.com.xpi [2022-07-05]
FF Extension: (Decentraleyes) - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pv1qtyt4.default\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2022-02-02]
FF Extension: (Privacy Badger) - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pv1qtyt4.default\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-11-30]
FF Extension: (uBlock Origin) - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pv1qtyt4.default\Extensions\uBlock0@raymondhill.net.xpi [2022-06-14]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-13] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-13] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2013-04-02] (Google Inc. -> Google, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default [2022-06-27]
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Dokumenty) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-16]
CHR Extension: (Disk Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-04]
CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-18]
CHR Extension: (Vyhledávání Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-02-26]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-04]
CHR Extension: (Chrome Media Router) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-04]

Opera:
=======
OPR Profile: C:\Users\HP\AppData\Roaming\Opera Software\Opera Stable [2022-07-29]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Avast Online Security & Privacy) - C:\Users\HP\AppData\Roaming\Opera Software\Opera Stable\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2022-07-26]
OPR Extension: (Rich Hints Agent) - C:\Users\HP\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-07-10]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\HP\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-03-04]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-12-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S3 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [98208 2013-03-05] (Andrea Electronics -> Andrea Electronics Corporation)
S3 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-13] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8486968 2022-07-13] (Avast Software s.r.o. -> AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [310912 2013-05-16] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [590080 2022-07-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2009344 2022-07-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [589056 2022-07-13] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
S3 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-02-01] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
S4 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2468496 2012-11-16] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
R2 VmbService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [8704 2013-03-25] (Vodafone) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-05-16] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [41832 2022-07-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [235584 2022-07-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [385560 2022-07-13] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [258072 2022-07-13] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [104976 2022-07-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [47976 2022-07-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [274536 2022-07-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [553928 2022-07-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [113984 2022-07-13] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [89056 2022-07-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [860416 2022-07-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [668208 2022-07-13] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221528 2022-07-13] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [324864 2022-07-13] (Avast Software s.r.o. -> AVAST Software)
S3 ATHDFU; C:\WINDOWS\System32\Drivers\AthDfu.sys [55448 2013-05-16] (Atheros Communications Inc. -> Windows (R) Win 7 DDK provider)
S3 FcSerial; C:\WINDOWS\system32\DRIVERS\FcSerial.sys [221568 2013-01-30] (Microsoft Windows Hardware Compatibility Publisher -> Flash Card.)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [288328 2013-01-24] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
S3 wmbclass; C:\WINDOWS\System32\drivers\wmbclass.sys [267264 2017-12-10] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-07-29 13:16 - 2022-07-29 13:22 - 000024064 _____ C:\Users\HP\Desktop\FRST.txt
2022-07-29 13:07 - 2022-07-29 13:07 - 002369536 _____ (Farbar) C:\Users\HP\Desktop\FRST64(1).exe
2022-07-13 01:20 - 2022-07-13 01:19 - 000221528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-07-13 01:20 - 2022-07-13 01:18 - 000270592 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-07-10 12:13 - 2022-07-10 12:24 - 000075516 _____ C:\Users\HP\Downloads\Addition.txt
2022-07-10 12:08 - 2022-07-10 12:24 - 000033219 _____ C:\Users\HP\Downloads\FRST.txt
2022-07-10 09:33 - 2022-07-10 10:20 - 000000000 ____D C:\rsit
2022-07-10 09:33 - 2022-07-10 10:20 - 000000000 ____D C:\Program Files\trend micro
2022-07-10 09:27 - 2022-07-10 09:27 - 002369024 _____ (Farbar) C:\Users\HP\Downloads\FRST64.exe
2022-07-10 09:23 - 2022-07-10 09:23 - 000000000 ___HD C:\$AV_ASW
2022-07-08 09:42 - 2022-07-16 18:17 - 000004240 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1646406258
2022-06-30 20:15 - 2022-06-30 20:16 - 186949401 _____ C:\Users\HP\Downloads\06_stare_dokumenty_komplet.zip
2022-06-30 17:03 - 2022-06-30 17:03 - 000000000 ____D C:\Users\HP\Desktop\koncept MPP
2022-06-30 16:57 - 2022-06-30 17:00 - 000000000 ____D C:\Users\HP\Downloads\05_koncept_oduvodneni_komplet
2022-06-30 16:56 - 2022-06-30 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2022-06-30 16:56 - 2022-06-30 16:56 - 000000000 ____D C:\Program Files\7-Zip
2022-06-30 16:55 - 2022-06-30 16:55 - 001569243 _____ (Igor Pavlov) C:\Users\HP\Downloads\7z2200-x64.exe
2022-06-30 16:30 - 2022-06-30 16:35 - 812668731 _____ C:\Users\HP\Downloads\05_koncept_oduvodneni_komplet.zip

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-07-29 13:20 - 2022-06-27 16:00 - 000000000 ____D C:\FRST
2022-07-29 13:17 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\tracing
2022-07-29 13:15 - 2013-12-22 00:14 - 000000000 ____D C:\Program Files\CCleaner
2022-07-29 10:16 - 2016-11-16 17:38 - 000000000 ____D C:\Users\HP\AppData\LocalLow\Mozilla
2022-07-26 23:26 - 2022-06-10 21:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-07-26 10:56 - 2018-04-04 20:04 - 000000000 ____D C:\Users\HP\AppData\Local\AVAST Software
2022-07-26 10:41 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-07-26 10:33 - 2017-03-14 11:09 - 000004168 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-07-26 10:32 - 2013-12-12 15:11 - 000003598 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2394591222-3491014639-821066103-1002
2022-07-26 10:22 - 2014-07-01 20:47 - 000000000 __RDO C:\Users\HP\OneDrive
2022-07-25 13:28 - 2020-07-08 22:44 - 000002248 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-07-18 10:33 - 2013-12-12 15:01 - 000000000 ____D C:\Users\HP\AppData\Roaming\vlc
2022-07-17 21:51 - 2014-03-18 17:33 - 001928160 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-07-17 21:51 - 2014-03-18 16:54 - 000796792 _____ C:\WINDOWS\system32\perfh005.dat
2022-07-17 21:51 - 2014-03-18 16:54 - 000180910 _____ C:\WINDOWS\system32\perfc005.dat
2022-07-17 21:51 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2022-07-16 18:17 - 2022-03-04 17:04 - 000004012 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1646406244
2022-07-16 18:17 - 2022-02-12 09:32 - 000002796 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - HP
2022-07-16 18:17 - 2020-07-08 22:43 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-07-16 18:17 - 2020-07-08 22:43 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-07-16 18:17 - 2018-03-29 00:11 - 000004128 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-07-16 18:17 - 2015-12-03 22:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2022-07-16 18:17 - 2013-09-16 17:31 - 000003148 _____ C:\WINDOWS\system32\Tasks\MirageAgent
2022-07-16 18:17 - 2013-09-16 17:10 - 000002990 _____ C:\WINDOWS\system32\Tasks\Synaptics TouchPad Enhancements
2022-07-16 18:17 - 2013-09-16 17:09 - 000003134 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2022-07-15 13:28 - 2012-07-26 09:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-07-15 13:04 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache
2022-07-15 12:12 - 2013-12-12 14:41 - 000000000 ____D C:\ProgramData\AVAST Software
2022-07-15 12:11 - 2013-12-15 18:03 - 000065536 _____ C:\WINDOWS\system32\Ikeext.etl
2022-07-15 12:11 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-07-15 12:10 - 2013-08-22 16:44 - 000414064 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-07-15 12:04 - 2013-12-21 23:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-07-15 12:04 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2022-07-15 11:57 - 2013-08-22 17:36 - 000000000 ___RD C:\WINDOWS\ToastData
2022-07-15 11:57 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2022-07-15 11:57 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2022-07-13 12:33 - 2013-12-10 12:37 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-07-13 12:21 - 2013-12-10 12:37 - 146546848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-07-13 01:19 - 2020-10-18 18:46 - 000274536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-07-13 01:19 - 2020-04-16 08:09 - 000553928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-07-13 01:19 - 2019-01-07 15:21 - 000258072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-07-13 01:19 - 2019-01-07 15:21 - 000104976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-07-13 01:19 - 2018-10-24 08:54 - 000047976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-07-13 01:19 - 2013-12-12 14:55 - 000668208 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-07-13 01:19 - 2013-12-12 14:55 - 000324864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-07-13 01:19 - 2013-12-12 14:55 - 000113984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-07-13 01:19 - 2013-12-12 14:55 - 000089056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-07-13 01:18 - 2019-01-14 17:13 - 000385560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-07-13 01:18 - 2019-01-07 15:21 - 000041832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-07-13 01:18 - 2017-11-18 00:35 - 000235584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-07-13 01:18 - 2013-12-12 14:55 - 000860416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-07-10 00:22 - 2013-12-31 12:16 - 000000000 ____D C:\Users\HP\AppData\Local\CrashDumps
2022-07-09 11:32 - 2021-10-12 08:07 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-07-09 11:32 - 2013-12-21 23:43 - 000001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk

==================== Files in the root of some directories ========

2017-02-07 12:14 - 2017-02-07 12:14 - 000003584 _____ () C:\Users\HP\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-10-06 22:19 - 2019-10-06 22:19 - 000000000 _____ () C:\Users\HP\AppData\Local\{44887074-48D8-4A95-9DFD-0DAB5AB4C18C}
2019-10-06 22:19 - 2019-10-06 22:19 - 000000000 _____ () C:\Users\HP\AppData\Local\{892A7CFD-D745-4A48-8768-EFF8976A26D8}
2019-10-06 22:19 - 2019-10-06 22:19 - 000000000 _____ () C:\Users\HP\AppData\Local\{8C1183CA-CCAC-4E2E-A4AF-11EDC5B4C215}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2022-07-29 12:48
==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-07-2022
Ran by HP (29-07-2022 13:28:29)
Running from C:\Users\HP\Desktop
Microsoft Windows 8.1 (Update) (X64) (2014-05-03 09:11:06)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2394591222-3491014639-821066103-500 - Administrator - Disabled)
Guest (S-1-5-21-2394591222-3491014639-821066103-501 - Limited - Disabled)
HP (S-1-5-21-2394591222-3491014639-821066103-1002 - Administrator - Enabled) => C:\Users\HP

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 22.00 (x64) (HKLM\...\7-Zip) (Version: 22.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 22.001.20117 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{CB4C08E3-800F-65F6-9C00-06814A6B7CE7}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.6.6022 - Avast Software)
Catalyst Control Center - Branding (HKLM-x32\...\{EEEDA52B-3C42-4BD7-BE42-FDB596EAFCEF}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.01 - Piriform)
CyberLink YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.6.6119 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.6.6119 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
f.lux (HKU\S-1-5-21-2394591222-3491014639-821066103-1002\...\Flux) (Version: - f.lux Software LLC)
Fotogaléria (HKLM-x32\...\{9093B0D5-EA59-4C9E-A2E3-CC130138DFCD}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{A1FBD2B3-6768-472D-BA46-C00EACBCE16C}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Customer Experience Enhancements (HKLM-x32\...\{07FA4960-B038-49EB-891B-9F95930AA544}) (Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{8C1ADF61-4F87-44BC-804C-C20FC70D98BB}) (Version: 1.4.0.0 - Hewlett-Packard)
HP Postscript Converter (HKLM\...\{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}) (Version: 4.0.4100 - Hewlett-Packard) Hidden
HP Quick Start (HKLM-x32\...\{C001689B-4EAD-4CB4-B5F7-4A85A32785DC}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Recovery Manager (HKLM-x32\...\{1AE37508-089E-41AC-95BD-99FF06887C2F}) (Version: 9.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{B2F0406F-1609-489A-8626-7DB46776AB57}) (Version: 1.0.5 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.6.1 - Hewlett-Packard Company)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
ISOS 7.2.5.0 (Externí síť, XP,Vista,Win7) (HKLM-x32\...\ISOS_is1) (Version: - Kooperativa)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.71 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2394591222-3491014639-821066103-1002\...\Teams) (Version: 1.4.00.29469 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9EDF46F0-2D4E-4C00-B2B6-0660666E9F60}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A035950F-15BA-41C0-9D8F-165FC0536012}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 102.0.1 (x64 cs)) (Version: 102.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 102.0.1.8221 - Mozilla)
MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden
OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Název společnosti:)
OpenOffice 4.1.6 (HKLM-x32\...\{8DADDDBF-EB36-4D00-9291-8C281F1755A6}) (Version: 4.16.9790 - Apache Software Foundation)
Opera Stable 85.0.4341.53 (HKU\S-1-5-21-2394591222-3491014639-821066103-1002\...\Opera 85.0.4341.53) (Version: 85.0.4341.53 - Opera Software)
Photo Common (HKLM-x32\...\{49110532-D289-4BFF-807C-45B782E66A7C}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{C67BC332-A59A-4D40-977F-664F60AB21D8}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{EB91007A-0110-42A6-B869-2709955A9B2A}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{30F99474-EBE3-4134-A02B-F6CD38CFE243}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{63824BC0-B747-43F3-9863-1066D64AD919}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pinnacle VideoSpin (HKLM-x32\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
Poradce - MAKFAC,SLS,MBI, verze 1.46/1 (HKLM-x32\...\Hledik - Poradce - MAKFAC,SLS,MBI) (Version: 1.46/1 - )
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.226 - Qualcomm Atheros Communications)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6849 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.29053 - Realtek Semiconductor Corp.)
Skype verze 8.69 (HKLM-x32\...\Skype_is1) (Version: 8.69 - Skype Technologies S.A.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.1.3 - Synaptics Incorporated)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Windows Live Communications Platform (HKLM-x32\...\{0454BB9A-2A7A-4214-BDFF-937F7A711A44}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{6CEA775F-E70A-4D72-A3B4-1EB3A5AD4B5C}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{797DC296-ADC5-4A08-8CBC-AEB0D6F4B249}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{C4D82144-B2D5-4A0E-A470-16F13EBC5BCB}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Installer (HKLM-x32\...\{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (HKLM-x32\...\{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (HKLM-x32\...\{FE7C0B3D-50B9-4951-BE78-A321CBF86552}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (HKLM-x32\...\{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (HKLM-x32\...\{4CCBD1F4-CEEC-452A-9CB8-46564B501315}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{56232E3D-7EA9-45E0-A371-26CD80510AF7}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{E18F981B-401C-4D90-BC57-D8903564D558}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{F21F0424-B2FF-40BF-A984-9E0D7FB4C97E}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-2394591222-3491014639-821066103-1002\...\ZoomUMX) (Version: 5.3.1 (52879.0927) - Zoom Video Communications, Inc.)

Packages:
=========
HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.166_neutral__v10z8vjag6ke6 [2014-11-28] (Hewlett-Packard Company)
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-03-18] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-03-15] (Microsoft Corporation) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-23] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-29] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-06-28] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-06] (Microsoft Corporation) [MS Ad]
Vodafone Mobile Broadband -> C:\Program Files\WindowsApps\VodafoneGroupServices.VodafoneMobileBroadband_1.1.6.472_neutral__cx08jceyq9bcp [2017-12-09] (Vodafone Group Services)
Výběr prohlížeče -> C:\WINDOWS\BrowserChoice [2014-05-06] (Microsoft Corporation)
YouCam for HP -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.YouCamforHP_1.0.2.29632_x86__06qsbagp91rvg [2014-05-04] (CYBERLINKCOM CORP)
Začínáme se systémem Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6 [2015-03-03] (Hewlett-Packard Company)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2394591222-3491014639-821066103-1002_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21209.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2394591222-3491014639-821066103-1002_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-07-13] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-07-13] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Atheros] -> [CC]{B8952421-0E55-400B-94A6-FA858FC0A39F} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-07-13] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-07-13] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [FTShellContext] -> [CC]{AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-03-13] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-07-13] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\pvmjpg30.dll [401408 2007-06-21] (Pegasus Imaging Corporation) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2013-05-16 02:46 - 2013-05-16 02:46 - 000011264 _____ () [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-05-16 02:43 - 2013-05-16 02:43 - 000086016 _____ () [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 001010688 _____ () [File not signed] C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000178176 _____ () [File not signed] C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll
2013-03-18 11:06 - 2013-03-18 11:06 - 000040960 _____ () [File not signed] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Interop.MbnApi.dll
2022-05-14 17:18 - 2022-05-14 17:18 - 000119808 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.Shell32\002d149f27088bbe17bc4e7f1f1d751b\Interop.Shell32.ni.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000164352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\apr-util.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000297472 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\avmedia.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 001143808 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\basegfx.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000596992 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\bootstrap.uno.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 001175552 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\comphelpMSC.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000487936 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\configmgr.uno.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000238080 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\cppu3.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000587776 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\cppuhelper3MSC.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 003026944 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\dbtools.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000652800 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\deployment.uno.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000353792 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\deploymentgui.uno.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000151040 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\deploymentmisc.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000126464 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\dnd.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000887296 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\drawinglayer.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 001580544 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\editeng.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000160768 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\emser.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000046592 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\evtatt.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000051712 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\fileacc.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000226304 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\filterconfig1.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 001814528 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\frm.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000091648 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\fsstorage.uno.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000055808 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ftransl.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000485888 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\fwe.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000210432 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\fwi.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 002193920 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\fwk.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000313344 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\fwl.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000187392 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\helplinker.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000070656 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\hyphen.uno.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000027136 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\i18nisolang1MSC.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000029696 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\i18npaper.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 001333760 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\i18npool.uno.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000067072 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\i18nutilMSC.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000136192 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\introspection.uno.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000027136 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\jvmaccess3MSC.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000107008 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\jvmfwk3.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000134144 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\libapr-1.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000099840 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\librdf.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 001257472 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\lng.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000068608 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\lnth.uno.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000024064 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\localebe1.uno.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000104448 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\localedata_en.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000718848 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\localedata_euro.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000038912 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\mcnttype.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000083456 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\msci_uno.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000812032 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\msfilter.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 001449472 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\msword.DLL
2018-10-24 03:50 - 2018-10-24 03:50 - 000344576 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\oleautobridge.uno.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000008704 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\onlinecheck.DLL
2018-10-24 03:50 - 2018-10-24 03:50 - 002456064 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ootk.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000368640 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\package2.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000097280 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\passwordcontainer.uno.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000028160 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\proxyfac.uno.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000286720 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\raptor.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000156160 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\rasqal.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000121344 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\reflection.uno.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000107008 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\reg3.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 001792512 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sal3.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000013824 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\salhelper3MSC.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000093184 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sax.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000168448 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sax.uno.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 002291200 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sb.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000082944 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\serf.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 003658240 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sfx.dll
2018-10-24 04:43 - 2018-10-24 04:43 - 011045376 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
2018-10-24 03:50 - 2018-10-24 03:50 - 000290304 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sofficeapp.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000279040 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sot.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000183296 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\spell.uno.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000205824 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\spl.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000096768 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\stocservices.uno.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000053760 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\store3.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000901120 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\svl.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 003373056 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\svt.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 003235328 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\svx.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 006034432 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\svxcore.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 009289216 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sw.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000051200 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\swd.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000117760 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sysdtrans.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000620544 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\tl.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000231936 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ucb1.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000388608 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ucbhelper4MSC.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000412160 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ucpdav1.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000024576 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ucpexpand1.uno.dll
2018-10-23 15:51 - 2018-10-23 15:51 - 000309248 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ucpfile1.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000344576 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ucpchelp1.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000162816 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ucppkg1.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000234496 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ucptdoc1.uno.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000167424 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\unordf.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000367616 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\unoxml.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000053248 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\updatefeed.uno.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000186880 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\updchk.uno.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 001104384 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\utl.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000254976 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\uui.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000085504 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\uwinapi.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 004172800 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\vcl.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000099328 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\vos3MSC.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000028672 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\wininetbe1.uno.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000791040 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\xcr.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000045056 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\xmlreader.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 003469312 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\xo.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000396288 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\xstor.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 013914112 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\icudt40.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 001072128 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\icuin40.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000951808 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\icuuc40.dll
2022-06-30 16:56 - 2022-06-15 15:00 - 000094720 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2013-05-16 03:15 - 2013-05-16 03:15 - 000033408 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\CommApi.dll
2013-05-16 03:16 - 2013-05-16 03:16 - 000203392 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\FolderViewImpl.dll
2013-05-16 03:16 - 2013-05-16 03:16 - 000085632 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\GattI.dll
2013-05-16 03:17 - 2013-05-16 03:17 - 000126592 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\gatts.DLL
2013-05-16 03:17 - 2013-05-16 03:17 - 000083072 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Handsfree.dll
2013-05-16 03:18 - 2013-05-16 03:18 - 000034432 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ipc.dll
2013-05-16 03:21 - 2013-05-16 03:21 - 000063104 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ModuleManager.dll
2013-05-16 03:22 - 2013-05-16 03:22 - 001067648 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\OutlookLib.dll
2013-05-16 03:25 - 2013-05-16 03:25 - 000027264 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\TCPConnection.dll
2013-05-16 03:25 - 2013-05-16 03:25 - 000114816 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\utils.dll
2013-05-16 02:45 - 2013-05-16 02:45 - 000194560 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\Audio\audio.dll
2013-05-16 02:46 - 2013-05-16 02:46 - 000161792 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\BasicPrintProfile\BPP.dll
2013-05-16 02:46 - 2013-05-16 02:46 - 000177152 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\BIP\BIP.dll
2013-05-16 02:43 - 2013-05-16 02:43 - 000018432 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\DID\DId.dll
2013-05-16 02:43 - 2013-05-16 02:43 - 000035840 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\FAX\Fax.dll
2013-05-16 02:45 - 2013-05-16 02:45 - 000421376 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\FileTransfer\FileTransfer.dll
2013-05-16 02:46 - 2013-05-16 02:46 - 000095232 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\GapSdp\GapSdp.dll
2013-05-16 02:39 - 2013-05-16 02:39 - 000096768 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\goep\goep.dll
2013-05-16 02:43 - 2013-05-16 02:43 - 000029696 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\HCRP\Hcrp.dll
2013-05-16 02:46 - 2013-05-16 02:46 - 000091136 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\L2capLib\l2caplib.dll
2013-05-16 02:44 - 2013-05-16 02:44 - 000308224 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\LE\LE.dll
2013-05-16 02:46 - 2013-05-16 02:46 - 000065024 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\OppOperation\OppOperation.dll
2013-05-16 02:46 - 2013-05-16 02:46 - 000063488 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\RfcommLib\rfcommlib.dll
2013-05-16 02:46 - 2013-05-16 02:46 - 000087552 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\SesMgr\sesmgr.dll
2013-05-16 02:45 - 2013-05-16 02:45 - 000055296 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\spp\spp.dll
2013-05-16 02:44 - 2013-05-16 02:44 - 000064512 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\Sync\Sync.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000355840 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\libcurl.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 001020928 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\LIBEAY32.dll
2018-10-24 03:50 - 2018-10-24 03:50 - 000218624 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\SSLEAY32.dll
2013-03-25 09:12 - 2013-03-25 09:12 - 000151552 _____ (Vodafone) [File not signed] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.Base.Win32.dll
2013-03-25 09:12 - 2013-03-25 09:12 - 000080384 _____ (Vodafone) [File not signed] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.NtService.Core.dll
2022-05-14 17:14 - 2022-05-14 17:14 - 000193536 _____ (Vodafone) [File not signed] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Contr#\d3b54193f10f5b2be2930a50eb47ff2d\Vodafone.Base.Contracts.ni.dll
2022-05-14 17:18 - 2022-05-14 17:18 - 000046592 _____ (Vodafone) [File not signed] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Facto#\9b963ea93c2c20da9c5a175d7301b665\Vodafone.Base.Factory.ni.dll
2022-05-14 17:18 - 2022-05-14 17:18 - 000618496 _____ (Vodafone) [File not signed] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Inter#\215d3a607a5741def66ab26ecc332fbd\Vodafone.Base.Internals.ni.dll
2022-05-14 17:18 - 2022-05-14 17:18 - 000015360 _____ (Vodafone) [File not signed] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Inter#\c955488e23b266fe013d1752daa22192\Vodafone.Base.Interfaces.ni.dll
2022-05-14 17:16 - 2022-05-14 17:16 - 000382976 _____ (Vodafone) [File not signed] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Win32\efd254e0e1af7e05ad4824a74b5b1c7f\Vodafone.Base.Win32.ni.dll
2022-05-14 17:16 - 2022-05-14 17:16 - 000119296 _____ (Vodafone) [File not signed] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Common\72264c1af807bd2b8a4f05cced48d399\Vodafone.Common.ni.dll
2022-05-14 17:14 - 2022-05-14 17:14 - 000655872 _____ (Vodafone) [File not signed] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Data\a0f6936ba71d2a750e9c2ce8fc0ab3de\Vodafone.Data.ni.dll
2022-05-14 17:18 - 2022-05-14 17:18 - 000372736 _____ (Vodafone) [File not signed] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.DataAccess#\df2f53d4e93f424478a6046270e4d453\Vodafone.DataAccessor.ni.dll
2022-05-14 17:16 - 2022-05-14 17:16 - 000105472 _____ (Vodafone) [File not signed] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\28224fb748f0252030e30b614e878b59\Vodafone.DeviceAccess.Contracts.ni.dll
2022-05-14 17:18 - 2022-05-14 17:18 - 000018944 _____ (Vodafone) [File not signed] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\4c59b441b3d73b94355f65259d3087d1\Vodafone.DeviceAccess.Interfaces.ni.dll
2022-05-14 17:18 - 2022-05-14 17:18 - 000135168 _____ (Vodafone) [File not signed] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\9581c159a4fd8de17d03a3708f3da2ff\Vodafone.DeviceAccess.Factory.ni.dll
2022-05-14 17:18 - 2022-05-14 17:18 - 000343040 _____ (Vodafone) [File not signed] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\fceddfa02e3941713fa8dfdfa4516ec2\Vodafone.DeviceAccess.Internals.ni.dll
2022-05-14 17:14 - 2022-05-14 17:14 - 000100864 _____ (Vodafone) [File not signed] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.LogEngine\a051d727fe6e1afc0cb9d062d703c3ca\Vodafone.LogEngine.ni.dll
2022-05-14 17:14 - 2022-05-14 17:14 - 000019968 _____ (Vodafone) [File not signed] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.MobileBroa#\72d4cfb07919fc54a208aec8b6f8b7c8\Vodafone.MobileBroadband.CallbackHandler.ni.dll
2022-05-14 17:16 - 2022-05-14 17:16 - 000167936 _____ (Vodafone) [File not signed] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Mondrian\88dd8b02b485ab003c9303c0670cb2d6\Vodafone.Mondrian.ni.dll
2022-05-14 17:16 - 2022-05-14 17:16 - 001545216 _____ (Vodafone) [File not signed] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Platform\c9b1c6b476a3ed1f4a470dd68a4880a4\Vodafone.Platform.ni.dll
2022-05-14 17:18 - 2022-05-14 17:18 - 000080896 _____ (Vodafone) [File not signed] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.SmsProfile#\bf29835bdfc8f4268dd813f16fb2bd95\Vodafone.SmsProfileManager.ni.dll
2022-05-14 17:14 - 2022-05-14 17:14 - 000083456 _____ (Vodafone) [File not signed] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.VmbApi.Con#\46b5608b818db8f3b2cb68d21b227121\Vodafone.VmbApi.Contracts.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2394591222-3491014639-821066103-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.cz/?rlz=1W4CHBA_csCZ566
HKU\S-1-5-21-2394591222-3491014639-821066103-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
SearchScopes: HKLM -> {83E408D0-4783-4928-ADEC-A7ADE06C1DC7} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM -> {893353D1-5E46-4B44-B579-E3D0D7FA554D} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {83E408D0-4783-4928-ADEC-A7ADE06C1DC7} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {893353D1-5E46-4B44-B579-E3D0D7FA554D} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-2394591222-3491014639-821066103-1002 -> {83E408D0-4783-4928-ADEC-A7ADE06C1DC7} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-2394591222-3491014639-821066103-1002 -> {893353D1-5E46-4B44-B579-E3D0D7FA554D} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard Company -> Hewlett-Packard)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2022-07-10 10:20 - 000000848 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2394591222-3491014639-821066103-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\HP\Pictures\Kru\Kiko 18\114_8639.JPG
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: HP Support Assistant Service => 2
MSCONFIG\Services: hpqwmiex => 3
MSCONFIG\Services: IconMan_R => 2
MSCONFIG\Services: SkypeUpdate => 2
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "MobileBroadband"
HKU\S-1-5-21-2394591222-3491014639-821066103-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2394591222-3491014639-821066103-1002\...\StartupApproved\Run: => "BrowserChoice"
HKU\S-1-5-21-2394591222-3491014639-821066103-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2394591222-3491014639-821066103-1002\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-2394591222-3491014639-821066103-1002\...\StartupApproved\Run: => "Opera Browser Assistant"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E3E37FAA-F9DC-4560-9BAF-71E66C9F2262}] => (Allow) LPort=1900
FirewallRules: [{5A2CCC51-E962-4135-A34C-0469A99F548C}] => (Allow) LPort=2869
FirewallRules: [{2EE2C600-C2C5-4C70-9BA5-44DFCF83AED9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4F8DCB03-2B79-4951-9A5C-47DDB66ECF70}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{75CDE16E-BF00-440B-A148-9EF9C75E055D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{122D09F9-BCE5-47A6-B812-B06908A0A5B9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{2AFF74F9-4009-48E5-B664-8317912D7C45}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{05973510-FF7A-4CBE-8651-6844AB1F211D}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN) [File not signed]
FirewallRules: [UDP Query User{C138C426-9A59-46DE-A861-9672BB5FA7C5}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN) [File not signed]
FirewallRules: [{F943B31D-1E19-494C-BEB2-2D733E7FCE46}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B918F3A2-9738-44EA-A80A-280EF939A9DE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6A83BEB0-6972-4359-8A5F-5E0C0378BFC7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{E433FFD0-EBA2-46EC-A245-4C4290165D31}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{7D9D1076-3467-4553-AD59-7871EADA4D53}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe (Pinnacle Systems, Inc. -> Pinnacle Systems)
FirewallRules: [{897ADF30-3E3B-4B2D-81F0-6BC53E7A2663}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe (Pinnacle Systems, Inc. -> Pinnacle Systems)
FirewallRules: [{1CE3CFA7-897C-41CA-AC5D-1E8B1702F5EC}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe (Pinnacle Systems, Inc. -> Pinnacle Systems)
FirewallRules: [{8F51C8A2-CCD8-426F-AC11-1975C997E22B}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe (Pinnacle Systems, Inc. -> Pinnacle Systems)
FirewallRules: [{27C81285-5A82-4776-93B7-FFC3FB95EAA5}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe (Pinnacle Systems, Inc. -> Pinnacle Systems)
FirewallRules: [{9917E509-48ED-45D0-A34C-1012AAC77EC8}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe (Pinnacle Systems, Inc. -> Pinnacle Systems)
FirewallRules: [{929512ED-83F8-42BD-B89D-F4575467317A}] => (Allow) C:\Users\HP\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{86542484-D86E-4FA6-921D-8FFF96A264FD}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{13F6A2CB-A64F-4F6D-BE55-C6CE2014A388}C:\users\hp\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\hp\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{B181A334-F640-4A3E-8258-350F49CDD83E}C:\users\hp\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\hp\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{A88350FB-65FF-4C4D-BA90-BB546D763E35}C:\program files (x86)\pinnacle\videospin\programs\videospin.exe] => (Block) C:\program files (x86)\pinnacle\videospin\programs\videospin.exe (Pinnacle Systems, Inc. -> Pinnacle Systems)
FirewallRules: [UDP Query User{7E713AFF-E714-4E10-976F-7EDCC397A2C8}C:\program files (x86)\pinnacle\videospin\programs\videospin.exe] => (Block) C:\program files (x86)\pinnacle\videospin\programs\videospin.exe (Pinnacle Systems, Inc. -> Pinnacle Systems)
FirewallRules: [{55E06DC6-7875-47D0-8552-1583B5519889}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{19A3DC93-6F8C-4AFB-8793-BF36E98E8E17}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3EF0BF19-BE0F-4193-B5AA-0E2A078CF1E6}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{7595B275-CE67-4B68-9088-C3EB053A6E2B}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F9C01804-BB46-444C-8260-52CE68FDC41F}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{06D1E569-B8A4-43B7-AC96-685B1B83D075}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B65B3279-EF64-4134-A86C-F3939FDC9414}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{ED25F8A9-387D-489A-A939-D5AFB1D516E4}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{DD889E8E-3DFE-4A27-9A5C-6A8D7F08124F}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3F9F17FE-38E8-4E6A-8051-DE0C147347E8}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{75DDC917-1388-4E27-B9BE-D90FCB58D3C4}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{13A6F7BA-0DF7-4D41-98B1-8C608893729D}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F0FEBCEE-41EF-4EE7-AC1D-ADC6D2F107C6}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A1FD0D6D-5EBD-4A0D-AAD8-083829B16968}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{21ECD968-4640-418B-A964-A53647D0E9D6}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{FECDFA72-8C56-4208-B3C7-D3E87F91BFA9}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3873A5ED-F43F-475A-856F-2F95558637D9}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{554DDFE0-3398-4635-A7F4-A61C89FC585A}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{635B5BDC-BC70-4A90-976A-04FC7747EF1F}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D0742006-F24F-48E1-8909-22857F972A16}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{2B41326F-FA2C-4FED-8504-FC911F4B76F0}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{181714DF-69E0-45E4-A7F3-3925183A72A7}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

11-07-2022 22:40:44 Naplánovaný kontrolní bod
15-07-2022 13:22:51 Windows Update
26-07-2022 10:33:05 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: Neznámé zařízení USB (neplatný popisovač zařízení)
Description: Neznámé zařízení USB (neplatný popisovač zařízení)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standardní hostitelský řadič USB)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: ========================

Application errors:
==================
Error: (07/29/2022 12:45:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program wwahost.exe verze 6.3.9600.17415 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 2a44

Čas spuštění: 01d8a3379e5f38da

Čas ukončení: 4294967295

Cesta k aplikaci: C:\WINDOWS\system32\wwahost.exe

ID hlášení: 928cb043-0f2b-11ed-8026-a0481cee89c1

Úplný název chybujícího balíčku: VodafoneGroupServices.VodafoneMobileBroadband_1.1.6.472_neutral__cx08jceyq9bcp

ID aplikace související s chybujícím balíčkem: vodafone.group.mbb

Error: (07/29/2022 10:11:52 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HP-PC)
Description: Aplikaci VodafoneGroupServices.VodafoneMobileBroadband_cx08jceyq9bcp!vodafone.group.mbb se nepovedlo aktivovat, protože došlo k chybě: -2147023170. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (07/29/2022 10:11:52 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HP-PC)
Description: Aplikaci VodafoneGroupServices.VodafoneMobileBroadband_cx08jceyq9bcp!vodafone.group.mbb se nepovedlo aktivovat, protože došlo k chybě: -2147023170. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (07/29/2022 12:01:46 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program wwahost.exe verze 6.3.9600.17415 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1358

Čas spuštění: 01d8a2ccea5b5f58

Čas ukončení: 4294967295

Cesta k aplikaci: C:\WINDOWS\system32\wwahost.exe

ID hlášení: dddc4362-0ec0-11ed-8026-a0481cee89c1

Úplný název chybujícího balíčku: VodafoneGroupServices.VodafoneMobileBroadband_1.1.6.472_neutral__cx08jceyq9bcp

ID aplikace související s chybujícím balíčkem: vodafone.group.mbb

Error: (07/29/2022 12:01:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.22013 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 20d8

Čas spuštění: 01d8a20301dba12e

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe

ID hlášení: bd937ed3-0ec0-11ed-8026-a0481cee89c1

Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1

Error: (07/25/2022 01:00:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.22013 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: e78

Čas spuštění: 01d8a014497480a2

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe

ID hlášení: f5a53844-0c08-11ed-8026-a0481cee89c1

Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1

Error: (07/25/2022 12:58:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program firefox.exe verze 102.0.1.8221 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: f28

Čas spuštění: 01d8a014c20d8230

Čas ukončení: 148

Cesta k aplikaci: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

ID hlášení: bdfa27c4-0c08-11ed-8026-a0481cee89c1

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (07/25/2022 12:57:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program wwahost.exe verze 6.3.9600.17415 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 4c8

Čas spuštění: 01d8a014a5c03a81

Čas ukončení: 4294967295

Cesta k aplikaci: C:\WINDOWS\system32\wwahost.exe

ID hlášení: 9c527f5c-0c08-11ed-8026-a0481cee89c1

Úplný název chybujícího balíčku: VodafoneGroupServices.VodafoneMobileBroadband_1.1.6.472_neutral__cx08jceyq9bcp

ID aplikace související s chybujícím balíčkem: vodafone.group.mbb


System errors:
=============
Error: (07/29/2022 01:38:42 PM) (Source: DCOM) (EventID: 10010) (User: HP-PC)
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.

Error: (07/29/2022 01:36:42 PM) (Source: DCOM) (EventID: 10010) (User: HP-PC)
Description: Server {1ECCA34C-E88A-44E3-8D6A-8921BDE9E452} se v daném časovém limitu neregistroval u služby DCOM.

Error: (07/29/2022 10:16:57 AM) (Source: DCOM) (EventID: 10016) (User: HP-PC)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
a APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
uživateli HP-PC\HP (SID: S-1-5-21-2394591222-3491014639-821066103-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací VodafoneGroupServices.VodafoneMobileBroadband_1.1.6.472_neutral__cx08jceyq9bcp – SID (S-1-15-2-1305384512-1191984967-2616396577-1885267767-665475324-2053634176-2749423153). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/29/2022 10:12:06 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby BFE bylo dosaženo časového limitu (30000 ms).

Error: (07/29/2022 12:16:42 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Aktualizace bezpečnostních informací pro produkt Microsoft Defender Antivirus - KB2267602 (verze 1.371.986.0).

Error: (07/29/2022 12:16:36 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 40

Error: (07/29/2022 12:16:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Defender neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.

Error: (07/28/2022 11:56:11 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby BFE bylo dosaženo časového limitu (30000 ms).


Windows Defender:
================
Date: 2015-07-22 11:42:30.580
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {16C582F4-9897-4826-A4B3-83C96EADB822}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2015-04-29 21:29:26.638
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D51618C2-9E7D-40A2-A901-030483202CD5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2015-04-29 21:11:03.497
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B339D682-8B89-480E-B960-F6780F3CEEC4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2015-04-29 15:23:51.434
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {59C419EE-8171-4F10-A223-C997BF651BFA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2015-04-29 14:23:40.614
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {21346E63-5929-475E-8150-BD66A12270B2}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2014-11-21 22:31:30.612
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.177.2118.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.10701.0
Kód chyby: 0x80070643
Popis chyby :Při instalaci došlo k závažné chybě.

Date: 2014-11-21 22:31:27.747
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 1.189.453.0
Předchozí verze podpisu: 1.177.2118.0
Zdroj aktualizace: Uživatel
Typ podpisu: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.10701.0
Předchozí verze modulu: 1.1.10701.0
Kód chyby: 0x80070666
Popis chyby :Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2014-11-21 22:31:27.742
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 1.189.453.0
Předchozí verze podpisu: 1.177.2118.0
Zdroj aktualizace: Uživatel
Typ podpisu: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.10701.0
Předchozí verze modulu: 1.1.10701.0
Kód chyby: 0x80070666
Popis chyby :Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2014-07-09 21:59:20.005
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

Date: 2014-07-09 21:56:56.298
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

==================== Memory info ===========================

BIOS: Insyde F.37 06/26/2013
Motherboard: Hewlett-Packard 188B
Processor: AMD E2-1800 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 76%
Total physical RAM: 3682.26 MB
Available physical RAM: 861.71 MB
Total Virtual: 8546.26 MB
Available Virtual: 2153.85 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:448.41 GB) (Free:101.95 GB) (Model: ST500LT012-9WS14 SATA Disk Device) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.15 GB) (Free:2 GB) (Model: ST500LT012-9WS14 SATA Disk Device) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{01e031f0-d493-4ce6-bec7-7fca3e081ea7}\ (WINRE) (Fixed) (Total:0.39 GB) (Free:0.13 GB) NTFS
\\?\Volume{1c4bf91d-1333-4957-b8f3-9109d55a8810}\ () (Fixed) (Total:0.44 GB) (Free:0.1 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1E1F4777)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosba o kontrolu

#8 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-2394591222-3491014639-821066103-1002\...\MountPoints2: {614469cd-68c8-11e7-befb-a0481cee89c1} - "F:\setup_vmb_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-2394591222-3491014639-821066103-1002\...\MountPoints2: {6d2b009b-09d6-11e7-beef-a0481cee89c1} - "F:\WD Drive Unlock.exe" autoplay=true
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0CF5DC0B-FF7B-4D71-AA7B-9E1C8C51C22C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
Task: {3CBC70DF-ECD8-4150-A944-91C91E65224C} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (No File)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ContextMenuHandlers1: [Atheros] -> [CC]{B8952421-0E55-400B-94A6-FA858FC0A39F} => -> No File
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers3: [FTShellContext] -> [CC]{AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => -> No File
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2394591222-3491014639-821066103-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět