Podezření na nekalé živly v PC
Napsal: 18 lis 2022 20:54
Notebook se občas podivně zpomaluje a tvrdí, že má CPU na 100 procent vytížen, i když nic nedělám.
Jindy zase odmítá zobrazit obyčejný fotky v JPG pro nedodatek paměti, ačkoli je ještě 1 GB RAM volných.
Apod.
Prosím o kontrolu.
------------------------
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-11-2022
Ran by fbart (administrator) on DESKTOP-1NAN9QR (HP HP ProBook 450 G4) (18-11-2022 20:46:42)
Running from D:\SOFTWARE\FRST
Loaded Profiles: fbart
Platform: Microsoft Windows 10 Home Version 21H2 19044.2130 (X64) Language: Czech (Czech Republic) -> English (United Kingdom)
Default browser: Opera
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <5>
(C:\Program Files (x86)\Microsoft Office\Office10\WINWORD.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mfpmp.exe <13>
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe ->) (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(C:\Program Files\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Program Files\Opera\92.0.4561.43\opera_crashreporter.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\totalcmd\TOTALCMD64.EXE ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitPDFReader.exe
(C:\Windows\CxSvc\CxAudioSvc.exe ->) (Synaptics Incorporated -> Conexant Systems LLC.) C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SmartAudio3.exe
(C:\Windows\CxSvc\CxAudioSvc.exe ->) (Synaptics Incorporated -> Conexant Systems, Inc) C:\Program Files\CONEXANT\Flow\Flow.exe
(DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_e2143fc8249238dd\HotKeyServiceUWP.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_e2143fc8249238dd\HPHotkeyNotification.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxEM.exe
(explorer.exe ->) (Adobe Systems®, Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Audition 1.5\Audition.exe
(explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\66.0.3.0\crashpad_handler.exe <6>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Lingea s.r.o. -> Lingea s.r.o.) C:\Program Files (x86)\Lingea\Lexicon7\Lexicon.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office10\WINWORD.EXE
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mspaint.exe <2>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <3>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(explorer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <55>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <47>
(Opera Norway AS -> Opera Software) C:\Program Files\Opera\opera.exe <19>
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Avid Technology, Inc. -> Avid Technology, Inc.) C:\Program Files\Avid\Cloud Client Services\Hub.exe
(services.exe ->) (Avid Technology, Inc. -> Avid Technology, Inc.) C:\Program Files\Avid\Cloud Client Services\TransportClient.exe
(services.exe ->) (Avid Technology, Inc.) [File not signed] C:\Program Files\Avid\Pro Tools First\MMERefresh.exe
(services.exe ->) (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\COMODO\Dragon\dragon_updater.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(services.exe ->) (Conexant Systems LLC.) [File not signed] C:\Windows\CxSvc\CxUtilSvc.exe
(services.exe ->) (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (Hewlett Packard Enterprise Company -> Hewlett Packard Enterprise Company) C:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_e2143fc8249238dd\HotKeyServiceUWP.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_e2143fc8249238dd\LanWlanWwanSwitchingServiceUWP.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Shanghai Microvirt Software Technology Co., Ltd. -> ) D:\Program Files\Microvirt\MEmu\MemuService.exe
(services.exe ->) (Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe
(services.exe ->) (Synaptics Incorporated -> Conexant Systems LLC.) C:\Windows\CxSvc\CxAudioSvc.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Synaptics Incorporated -> Conexant) C:\Windows\System32\MicTray64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(WhatsApp LLC -> WhatsApp) C:\Users\fbart\AppData\Local\WhatsApp\app-2.2242.6\WhatsApp.exe <7>
(Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\fbart\AppData\Roaming\Zoom\bin\Zoom.exe <2>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2018-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [212184 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [DigidesignMMERefresh] => C:\Program Files\Avid\Pro Tools First\MMERefresh.exe [117760 2018-04-03] (Avid Technology, Inc.) [File not signed]
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [644000 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [366960 2022-09-01] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-07-23] (Adobe Inc. -> )
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6206360 2021-03-23] (Acronis International GmbH -> )
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [446392 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [4095184 2021-08-11] (Opera Software AS -> Opera Software)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-03] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-03] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38502416 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [com.squirrel.Teams.Teams] => C:\Users\fbart\AppData\Local\Microsoft\Teams\Update.exe [2585824 2022-11-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-03] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [Titan Backup] => C:\Program Files (x86)\Titan Backup\Launcher.exe [142784 2008-12-18] (Neobyte Solutions SRL -> Neobyte Solutions)
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\fbart\AppData\Local\WhatsApp\Update.exe [2254048 2022-11-04] (WhatsApp LLC -> )
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [AvastBrowserAutoLaunch_A606C3A23F722394777472C3610F9B5A] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3012440 2022-10-31] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [MicrosoftEdgeAutoLaunch_CBC3A2C48DD08E53B4E467E37B52CD84] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3891624 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-03] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2017-01-10] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\doPDF 7 Monitor: C:\windows\system32\dopdfmn7.dll [25920 2016-12-29] (Softland S.R.L. -> Softland)
HKLM\...\Print\Monitors\HPLJ1020LM: C:\windows\system32\zlhp1020.dll [192512 2017-01-10] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\novaPDF 10 Port Monitor: C:\windows\system32\novamn10.dll [18944 2020-04-01] (Softland) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\92.2.11577.159\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\107.0.5304.107\Installer\chrmstp.exe [2022-11-11] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\106.0.19080.168\Installer\chrmstp.exe [2022-11-09] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6782.183\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{77B7ED10-A641-4766-A428-8B9EE42E830A}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{E85E7D14-653B-4E51-9BC5-E5F9EC9BC51D}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F0C31759-99A6-493E-AD7D-7F69126CDFBC}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F731030D-3272-4D8B-A21A-3940EF268453}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{DCFB2A33-814B-4236-BFBD-FFEA3F528385}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avid Link.lnk [2019-06-24]
ShortcutTarget: Avid Link.lnk -> C:\Program Files\Avid\Avid Link\Avid Link.exe (Avid Technology, Inc. -> Avid Technology, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2016-10-30]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{0F5EBB0D-DF6D-4DBE-9789-57BF05B3B0FD}\HPlogo_blue.ico () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2018-05-28]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01CB174C-AD1B-445F-A476-37D66715FBDC} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {0315D22F-55A8-4872-B593-CBA6743545C8} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {15F9F943-91F3-431B-A068-68EF69CFC841} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {1A0E7D9A-2E5D-49C7-A1B9-997A203B84D5} - System32\Tasks\doPDF 10 Telemetry => C:\Program Files\Softland\novaPDF 10\Driver\GoogleAnalytics.exe [51504 2020-04-01] (Softland SRL -> )
Task: {1B10606B-7AFC-408A-9FC6-8088E57FCC9A} - System32\Tasks\Opera scheduled assistant Autoupdate 1582720617 => C:\Program Files\Opera\launcher.exe [2569160 2022-11-03] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
Task: {1CC38B53-A328-4DB6-AEEB-82D4015A1931} - System32\Tasks\Adobe Creative Cloud => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779504 2021-07-23] (Adobe Inc. -> Adobe Inc.)
Task: {2364088E-19F8-4F7A-8A88-80C74475F615} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {335888FE-842D-43FA-9F1E-973E8FA2F4E4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u (No File)
Task: {338E88A2-EDFB-4A81-98EA-CBAD8E7F6728} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {468B8D09-A923-4767-A43B-646993EA1D39} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [17335976 2017-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {493ED88C-79E7-4817-9B2A-FE032ABEB371} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {4CD52400-C75D-42D4-87D7-47FD9001B222} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA (No File)
Task: {57F6E83D-22DD-4341-8377-BFB390D07DF8} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4666896 2022-09-12] (Piriform Software Ltd -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "d69b8913-fbe2-4c6b-8e6b-b8083f51231d" --version "6.04.10044" --silent
Task: {5EF6B28E-1257-4EE4-874B-7480E5A9F6F4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4936920 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
Task: {6E63C272-93D0-4442-908D-4D969E42433F} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {6EC8B7E2-E1D6-4D97-A743-AB1D424B0C9F} - System32\Tasks\GoogleUpdateTaskMachineUA{C9B41F03-CE97-46FC-9A53-217B962DE78D} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-13] (Google LLC -> Google LLC)
Task: {7C3AB1B9-ACF7-4703-89E5-D5CA83859B6C} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {91FB28D7-3A7F-47BA-9981-D86E369B45B5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-09-12] (Piriform Software Ltd -> Piriform)
Task: {93E3645D-9929-4696-B45E-6727B7D982D3} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {94333FE9-C5A2-412C-B30A-BFC66C47FF8E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {98A0AFCD-BB66-4C41-B5EE-F58EC42B9728} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {9BF8FCA5-10F7-470D-B2A8-275CC647D078} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [17335976 2017-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {A1BB5C1E-89C5-4735-83AF-816B7F0FCD4D} - System32\Tasks\GoogleUpdateTaskMachineCore{879116B2-1160-4F59-8641-0C214FB783CA} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-13] (Google LLC -> Google LLC)
Task: {A7577C0C-6E6F-455B-B904-811FCEC6C4A0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport (No File)
Task: {BD0EB86B-ADC0-476E-854A-748D90D679C8} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3012440 2022-10-31] (Avast Software s.r.o. -> AVAST Software)
Task: {BD5A8FA8-06EA-446B-A5F8-180A99237DD3} - System32\Tasks\Microsoft\Windows\Conexant\MicTray => C:\Windows\System32\MicTray64.exe [5009512 2020-06-13] (Synaptics Incorporated -> Conexant)
Task: {C0C70F2E-A974-4FF8-95A4-661E8091DA9C} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {C11EB089-78EE-48DE-9BA7-359A83745372} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {DF19A4FD-9F6B-452F-A8CB-CD00FB33FBF4} - System32\Tasks\Opera scheduled Autoupdate 1487236436 => C:\Program Files\Opera\launcher.exe [2569160 2022-11-03] (Opera Norway AS -> Opera Software)
Task: {E4043D11-6B42-41B7-A790-963B06103110} - System32\Tasks\CCleanerSkipUAC - fbart => C:\Program Files\CCleaner\CCleaner.exe [32204304 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E7302411-1508-44D7-8596-AC3C28BC26CD} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3012440 2022-10-31] (Avast Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5e93018d-e819-411c-a382-4ff97e6c7ce1}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7bb2afef-f054-4d68-bdc1-066d09ae6753}: [NameServer] 156.154.70.22,156.154.71.22
Tcpip\..\Interfaces\{7bb2afef-f054-4d68-bdc1-066d09ae6753}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9a41f277-0fa9-4555-953f-aa9788cd4df8}: [NameServer] 156.154.70.22,156.154.71.22
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\fbart\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-18]
Edge Session Restore: Default -> is enabled.
FireFox:
========
FF DefaultProfile: xs1zf06h.default-1602174025168
FF ProfilePath: C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168 [2022-11-18]
FF Session Restore: Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168 -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168 -> hxxps://app.slack.com
FF Extension: (Facebook Container) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168\Extensions\@contain-facebook.xpi [2022-11-03]
FF Extension: (German Dictionary, extended for Austria) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168\Extensions\de-AT@dictionaries.addons.mozilla.org.xpi [2020-10-08]
FF Extension: (German Dictionary (Switzerland)) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168\Extensions\de-CH@dictionaries.addons.mozilla.org.xpi [2020-10-08]
FF Extension: (German Dictionary) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168\Extensions\de-DE@dictionaries.addons.mozilla.org.xpi [2020-10-08]
FF Extension: (LexFox) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168\Extensions\info@lingea.com.xpi [2021-08-17] [UpdateUrl:hxxps://www.lingea.eu/updates/lexfox/update.json]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168\Extensions\langpack-de@firefox.mozilla.org.xpi [2022-11-04]
FF Extension: (Photon Colors) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168\Extensions\{2c6c94f3-c656-41e9-aa4b-1edba5be9c21}.xpi [2021-07-31]
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-12-29] [Legacy] [not signed]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-07-23] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-07-23] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-08-05] (pdfforge GmbH -> pdfforge GmbH)
Chrome:
=======
CHR Profile: C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default [2022-07-14]
CHR HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\fbart\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx <not found>
CHR HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
Opera:
=======
OPR Profile: C:\Users\fbart\AppData\Roaming\Opera Software\Opera Stable [2022-11-18]
OPR Notifications: Opera Stable -> hxxps://drive.google.com; hxxps://www.instagram.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\fbart\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-11-09]
OPR Extension: (MyJDownloader Browser Extension) - C:\Users\fbart\AppData\Roaming\Opera Software\Opera Stable\Extensions\fbclnkmbcmdfamfeaagadifibbongnmf [2019-02-28]
OPR Extension: (Opera Wallet) - C:\Users\fbart\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-11-09]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\fbart\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-17]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 aakore; C:\Program Files (x86)\Acronis\Agent\aakore.exe [9022120 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [12952232 2021-03-23] (Acronis International GmbH -> )
S4 AcronisCyberProtectionService; C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe [1425256 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
S4 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1052280 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842480 2021-07-23] (Adobe Inc. -> Adobe Inc.)
S4 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6391536 2021-08-01] (Acronis International GmbH -> )
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3779840 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3547904 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103280 2022-09-01] (Apple Inc. -> Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8539152 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [592600 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [592600 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\106.0.19080.168\elevation_service.exe [2047016 2022-10-31] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 AvidHubService; C:\Program Files\Avid\Cloud Client Services\Hub.exe [2299208 2017-11-09] (Avid Technology, Inc. -> Avid Technology, Inc.)
R2 AvidTransportClient; C:\Program Files\Avid\Cloud Client Services\TransportClient.exe [7067464 2017-11-09] (Avid Technology, Inc. -> Avid Technology, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7923888 2017-10-12] (Microsoft Corporation -> Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 CxAudioSvc; C:\WINDOWS\CxSvc\CxAudioSvc.exe [96432 2020-09-08] (Synaptics Incorporated -> Conexant Systems LLC.)
R2 CxUtilSvc; C:\WINDOWS\CxSvc\CxUtilSvc.exe [166400 2019-06-25] (Conexant Systems LLC.) [File not signed]
R2 DigiRefresh; C:\Program Files\Avid\Pro Tools First\MMERefresh.exe [117760 2018-04-03] (Avid Technology, Inc.) [File not signed]
S3 digiSPTIService64; C:\Program Files\Avid\Pro Tools First\digisptiservice64.exe [197632 2018-04-03] (Avid Technology, Inc.) [File not signed]
R2 DpHost; c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe [527296 2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2259720 2022-08-04] (Comodo Security Solutions -> Comodo)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [567888 2016-08-11] (Hewlett Packard Enterprise Company -> Hewlett-Packard Company)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitPDFReaderUpdateService.exe [2358800 2022-05-20] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 fpCsEvtSvc; C:\WINDOWS\System32\fpCSEvtSvc.exe [22424 2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> )
S2 gupdate1d62962e9ffe133; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-13] (Google LLC -> Google LLC)
S3 gupdatem1d62962ea02435c; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-13] (Google LLC -> Google LLC)
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_e2143fc8249238dd\HotKeyServiceUWP.exe [1556592 2022-06-14] (HP Inc. -> HP Inc.)
R2 HpDamServiceHost; c:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe [20376 2016-08-09] (Hewlett Packard Enterprise Company -> Hewlett Packard Enterprise Company)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1083200 2016-12-22] (HP Inc. -> HP)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_e2143fc8249238dd\LanWlanWwanSwitchingServiceUWP.exe [602224 2022-06-14] (HP Inc. -> HP Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [File not signed]
R2 MEmuSVC; D:\Program Files\Microvirt\MEmu\MemuService.exe [85304 2019-09-12] (Shanghai Microvirt Software Technology Co., Ltd. -> )
S2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4878840 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [2136488 2021-03-23] (Acronis International GmbH -> )
R2 NovaPdf10Server; C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe [52528 2020-04-01] (Softland SRL -> Microsoft)
S4 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2438880 2016-12-29] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-12-29] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-12-29] (pdfforge GmbH -> pdfforge GmbH)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7398360 2021-03-23] (Acronis International GmbH -> )
R3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [5910328 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
R2 valWBFPolicyService; C:\WINDOWS\System32\valWBFPolicyService.exe [91032 2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\NisSrv.exe [2484256 2020-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MsMpEng.exe [103168 2020-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [42304 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [238152 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [382504 2022-11-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [306128 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [105936 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [48512 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [276520 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [564304 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [114464 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [90008 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [862936 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [672272 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221944 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327896 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2021-03-23] (Bitdefender SRL -> Bitdefender)
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17576 2020-01-27] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [38880 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [844000 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [47104 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 DAMDrv; C:\WINDOWS\system32\DRIVERS\DAMDrv64.sys [76432 2016-08-11] (Hewlett Packard Enterprise Company -> Hewlett-Packard Enterpise Company)
S3 ewusbmbb; C:\WINDOWS\System32\drivers\ewusbwwan.sys [421376 2010-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_hwusbdev; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [117248 2010-07-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 FFUsbAudio; C:\WINDOWS\System32\drivers\ffusbaudio.sys [53080 2011-10-31] (Focusrite Audio Engineering Limited -> Focusrite Audio Engineering Ltd.)
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [720392 2021-08-01] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [392840 2021-08-01] (Acronis International GmbH -> Acronis International GmbH)
R0 fltsrv; C:\WINDOWS\System32\DRIVERS\fltsrv.sys [183944 2021-08-01] (Acronis International GmbH -> Acronis International GmbH)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [86016 2011-01-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwdatacard; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [221312 2010-12-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [114304 2016-12-29] (Huawei Technologies Co., Ltd.) [File not signed]
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [130256 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63256 2018-08-29] (Comodo Security Solutions, Inc. -> COMODO)
R1 MEmuDrv; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [320360 2021-01-04] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
S0 ngelam; C:\WINDOWS\System32\drivers\ngelam.sys [15816 2021-03-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Acronis International GmbH)
R1 ngscan; C:\WINDOWS\System32\DRIVERS\ngscan.sys [179104 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
S3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [1063520 2017-04-06] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [887032 2021-08-01] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [175648 2021-08-01] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [694920 2021-08-01] (Acronis International GmbH -> Acronis International GmbH)
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [334984 2021-08-01] (Acronis International GmbH -> Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [251016 2021-08-01] (Acronis International GmbH -> Acronis International GmbH)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-06-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [401120 2020-06-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-06-01] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
S3 YMIDUSBW; C:\WINDOWS\system32\drivers\ymidusbx64.sys [43744 2015-07-28] (Yamaha Corporation -> Yamaha Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-11-18 18:52 - 2022-11-18 18:52 - 000801369 _____ C:\Users\fbart\Downloads\KET Test 1 - Reading Part 5.pdf
2022-11-16 23:04 - 2022-11-16 23:04 - 000011687 _____ C:\Users\fbart\Downloads\download.pdf
2022-11-16 21:42 - 2022-11-16 21:42 - 007639009 _____ C:\Users\fbart\Downloads\_Michael_Vince---Advanced-Language-Practice-With-Key.pdf
2022-11-16 17:11 - 2022-11-16 17:11 - 002816123 _____ C:\Users\fbart\Downloads\BSN5-24_PLANOVACI s anglictinou VN 2024 - corr FKB-1.pdf
2022-11-13 11:32 - 2022-11-13 11:33 - 002816123 _____ C:\Users\fbart\Downloads\BSN5-24_PLANOVACI s anglictinou VN 2024 - corr FKB.pdf
2022-11-12 23:16 - 2022-11-12 23:17 - 000172311 _____ C:\Users\fbart\Downloads\jak_jsi_krasne_zboží.pdf
2022-11-12 23:16 - 2022-11-12 23:16 - 000161720 _____ C:\Users\fbart\Downloads\Půjdem spolu nakupovat.pdf
2022-11-12 23:15 - 2022-11-12 23:16 - 000122513 _____ C:\Users\fbart\Downloads\Vondráši, Matóši.pdf
2022-11-12 23:13 - 2022-11-12 23:19 - 000100764 _____ C:\Users\fbart\Downloads\Nahodil se byznys plán-1.pdf
2022-11-12 23:13 - 2022-11-12 23:13 - 000110730 _____ C:\Users\fbart\Downloads\Nahodil se byznys plán.pdf
2022-11-12 22:58 - 2022-11-12 22:58 - 000502644 _____ C:\Users\fbart\Downloads\Adeste fideles.pdf
2022-11-11 11:10 - 2022-11-11 11:10 - 002830489 _____ C:\Users\fbart\Downloads\BSN5-24_PLANOVACI s anglictinou VN 2024.pdf
2022-11-11 10:01 - 2022-11-11 10:01 - 000596569 _____ C:\Users\fbart\Downloads\BSN5-24_PLANOVACI s anglictinou OB 2024.pdf
2022-11-10 10:50 - 2022-11-10 10:50 - 000255399 _____ C:\Users\fbart\Downloads\Oznameni-1(1).pdf
2022-11-10 10:50 - 2022-11-10 10:50 - 000000000 _____ C:\Users\fbart\Downloads\Oznameni-1.pdf
2022-11-10 09:50 - 2022-11-10 09:50 - 001649499 _____ C:\Users\fbart\Downloads\nahled-EK0136.pdf
2022-11-10 09:30 - 2022-11-10 09:31 - 000166924 _____ C:\Users\fbart\Downloads\data-sheet-wd-blue-pc-hard-drives-2879-771436.pdf
2022-11-09 18:17 - 2022-11-09 18:17 - 000166564 _____ C:\Users\fbart\Downloads\Faktura 202211091 - Zdenek_Kubes - F_Bartak.pdf
2022-11-09 18:15 - 2022-11-09 18:15 - 000166567 _____ C:\Users\fbart\Downloads\Faktura 202206211 - Zdenek_Kubes - F_Bartak.pdf
2022-11-08 19:50 - 2022-11-08 19:50 - 000255399 _____ C:\Users\fbart\Downloads\Oznameni.pdf
2022-11-07 23:52 - 2022-11-07 23:52 - 000010458 _____ C:\Users\fbart\Downloads\Zálohový list.pdf
2022-11-07 15:57 - 2022-11-07 15:57 - 000000000 ____D C:\Users\fbart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-11-07 10:35 - 2022-11-07 10:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-11-06 11:16 - 2022-11-06 11:16 - 000270552 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-11-06 11:16 - 2022-11-06 11:16 - 000221944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-11-04 18:11 - 2022-11-04 18:11 - 000068690 _____ C:\Users\fbart\Downloads\Vodafone Vyúčtování číslo 867892859.pdf
2022-11-01 18:28 - 2022-11-01 18:28 - 000984244 _____ C:\Users\fbart\Downloads\KET Test 1 - Reading Part 3.pdf
2022-11-01 09:24 - 2022-11-01 09:24 - 003591196 _____ C:\Users\fbart\Downloads\31-tipu-nj-pdf.pdf
2022-10-29 22:37 - 2022-10-29 22:37 - 004905648 _____ C:\Users\fbart\Downloads\bidnici.pdf
2022-10-26 17:34 - 2022-10-26 17:34 - 000180970 _____ C:\Users\fbart\Downloads\Hove_07_SchweizerHochdeutsch.pdf
2022-10-26 16:42 - 2022-10-26 16:42 - 000068886 _____ C:\Users\fbart\Downloads\Faktura vydaná_FV22156313-2.pdf
2022-10-26 16:39 - 2022-10-26 16:39 - 000201943 _____ C:\Users\fbart\Downloads\Objednavka_OBJ20179416-1.pdf
2022-10-25 15:15 - 2022-10-25 15:15 - 003704310 _____ C:\Users\fbart\Downloads\MFP_2022_3_web.pdf
2022-10-25 15:11 - 2022-10-25 15:11 - 006524960 _____ C:\Users\fbart\Downloads\MFP_2022_2_web.pdf
2022-10-25 15:09 - 2022-10-25 15:09 - 003580989 _____ C:\Users\fbart\Downloads\MFP_2022_1.pdf
2022-10-22 22:10 - 2022-10-22 22:10 - 013655207 _____ C:\Users\fbart\Downloads\Lord of the Rings Collection.pdf
2022-10-22 22:07 - 2022-10-22 22:07 - 000015715 _____ C:\Users\fbart\Downloads\prendreRDVImpressionPDF.pdf
2022-10-20 10:33 - 2022-10-20 10:33 - 000245198 _____ C:\Users\fbart\Downloads\a1-ubungen-in-deutscher-grammatik-fur-anfanger.pdf
2022-10-19 22:19 - 2022-10-19 22:19 - 000002285 _____ C:\Users\fbart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox Private Browsing.lnk
2022-10-19 19:16 - 2022-09-02 09:31 - 001905920 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-10-19 19:16 - 2022-09-02 09:31 - 001905920 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-10-19 19:16 - 2022-09-02 09:31 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-10-19 19:16 - 2022-09-02 09:31 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-10-19 19:16 - 2022-09-02 09:31 - 001432328 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-10-19 19:16 - 2022-09-02 09:31 - 001432328 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-10-19 19:16 - 2022-09-02 09:31 - 001145608 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-10-19 19:16 - 2022-09-02 09:31 - 001145608 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-10-19 19:16 - 2022-09-02 09:30 - 001471992 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-10-19 19:16 - 2022-09-02 09:30 - 001213424 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-10-19 19:16 - 2022-09-02 09:28 - 000865800 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-10-19 19:16 - 2022-09-02 09:28 - 000687624 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-10-19 19:16 - 2022-09-02 09:27 - 002127856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-10-19 19:16 - 2022-09-02 09:27 - 001607656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-10-19 19:16 - 2022-09-02 09:27 - 001536520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-10-19 19:16 - 2022-09-02 09:27 - 001182728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-10-19 19:16 - 2022-09-02 09:27 - 001059312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-10-19 19:16 - 2022-09-02 09:27 - 000845296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-10-19 19:16 - 2022-09-02 09:26 - 010269704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-10-19 19:16 - 2022-09-02 09:26 - 008803848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-10-19 19:16 - 2022-09-02 09:26 - 005362696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-10-19 19:16 - 2022-09-02 09:26 - 003066888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-10-19 19:16 - 2022-09-02 09:26 - 001734664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6451669.dll
2022-10-19 19:16 - 2022-09-02 09:26 - 001494000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6451669.dll
2022-10-19 19:16 - 2022-09-02 09:23 - 006367416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-10-19 19:11 - 2022-10-19 19:11 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-10-19 19:11 - 2022-10-19 19:11 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-10-19 19:11 - 2022-10-19 19:11 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-10-19 19:10 - 2022-10-19 19:10 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-10-19 19:10 - 2022-10-19 19:10 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-10-19 19:10 - 2022-10-19 19:10 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-10-19 19:10 - 2022-10-19 19:10 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-10-19 18:52 - 2022-10-19 18:52 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-11-18 20:47 - 2017-12-01 22:30 - 000000000 ____D C:\FRST
2022-11-18 20:38 - 2021-12-12 12:56 - 000000000 ____D C:\Users\fbart\AppData\Roaming\WhatsApp
2022-11-18 20:31 - 2020-05-13 21:13 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-18 20:29 - 2021-05-19 13:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-11-18 20:09 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-18 19:03 - 2022-10-05 12:57 - 000002878 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-11-18 19:03 - 2022-10-05 12:57 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-11-18 19:03 - 2022-08-30 09:26 - 000003424 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{C9B41F03-CE97-46FC-9A53-217B962DE78D}
2022-11-18 19:03 - 2022-07-18 15:04 - 000003200 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{879116B2-1160-4F59-8641-0C214FB783CA}
2022-11-18 19:03 - 2021-12-15 21:57 - 000002254 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - fbart
2022-11-18 19:03 - 2021-11-21 20:18 - 000002428 _____ C:\WINDOWS\system32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2022-11-18 19:03 - 2021-05-19 13:55 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-18 19:03 - 2021-05-19 13:55 - 000003306 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1487236436
2022-11-18 19:03 - 2021-05-19 13:55 - 000003240 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-18 19:03 - 2021-05-19 13:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2022-11-18 19:03 - 2019-11-17 10:37 - 000000000 ____D C:\Users\fbart\Documents\Zoom
2022-11-18 17:39 - 2016-12-26 16:31 - 000000000 ____D C:\Users\fbart\AppData\Roaming\vlc
2022-11-18 16:20 - 2016-12-30 20:15 - 000000000 ____D C:\Users\fbart\Documents\Lexicon
2022-11-17 18:21 - 2021-05-19 13:55 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-11-16 18:19 - 2018-05-28 17:39 - 000000000 ____D C:\Users\fbart\AppData\Local\D3DSCache
2022-11-16 13:43 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-16 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-15 09:16 - 2021-05-19 13:53 - 001885574 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-11-15 09:16 - 2019-12-07 15:41 - 000785556 _____ C:\WINDOWS\system32\perfh005.dat
2022-11-15 09:16 - 2019-12-07 15:41 - 000182314 _____ C:\WINDOWS\system32\perfc005.dat
2022-11-15 09:16 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-11-15 09:13 - 2019-01-14 14:47 - 000382504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-11-15 09:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-11-15 09:10 - 2017-06-12 18:13 - 000000000 ____D C:\ProgramData\Synaptics
2022-11-12 15:55 - 2021-10-11 14:15 - 000000000 ____D C:\Video
2022-11-12 15:53 - 2020-07-07 12:27 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-12 15:53 - 2020-07-07 12:27 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-11-11 10:59 - 2022-02-09 19:15 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-11-11 08:22 - 2020-05-13 21:14 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-11 08:22 - 2020-05-13 21:14 - 000002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-11-10 15:29 - 2021-07-20 14:10 - 000002421 _____ C:\Users\fbart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2022-11-10 15:29 - 2021-07-20 14:10 - 000002413 _____ C:\Users\fbart\Desktop\Microsoft Teams.lnk
2022-11-09 18:25 - 2017-06-28 13:38 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera browser.lnk
2022-11-09 18:25 - 2017-02-16 10:12 - 000000000 ____D C:\Program Files\Opera
2022-11-09 17:26 - 2018-04-16 16:25 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2022-11-09 17:26 - 2018-04-16 16:25 - 000002470 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2022-11-07 15:57 - 2020-05-12 13:02 - 000001984 _____ C:\Users\fbart\Desktop\Zoom.lnk
2022-11-07 15:57 - 2018-08-15 21:34 - 000000000 ____D C:\Users\fbart\AppData\Roaming\Zoom
2022-11-07 11:04 - 2018-04-16 16:25 - 000000000 ____D C:\Users\fbart\AppData\Local\AVAST Software
2022-11-07 10:35 - 2016-12-20 22:41 - 000000000 ____D C:\Users\fbart\AppData\LocalLow\Mozilla
2022-11-07 10:35 - 2016-12-20 22:40 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-11-07 10:35 - 2016-12-20 22:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-11-07 10:35 - 2016-12-20 22:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-11-07 10:31 - 2021-05-19 13:45 - 000000000 ____D C:\Users\fbart
2022-11-07 10:31 - 2016-12-20 22:34 - 000000000 __SHD C:\Users\fbart\IntelGraphicsProfiles
2022-11-07 10:30 - 2021-05-19 13:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-07 10:30 - 2021-05-19 13:41 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-07 10:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-11-07 10:30 - 2017-06-12 18:12 - 000000000 ____D C:\ProgramData\NVIDIA
2022-11-07 10:30 - 2016-10-29 23:18 - 000000000 ____D C:\Intel
2022-11-06 11:16 - 2020-10-24 17:03 - 000276520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-11-06 11:16 - 2020-04-20 20:08 - 000564304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-11-06 11:16 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-11-06 11:16 - 2019-01-14 14:47 - 000390096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys.166842975921801
2022-11-06 11:16 - 2019-01-09 12:05 - 000306128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-11-06 11:16 - 2019-01-09 12:05 - 000105936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-11-06 11:16 - 2019-01-09 12:05 - 000042304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-11-06 11:16 - 2018-10-23 23:01 - 000048512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-11-06 11:16 - 2018-03-09 10:33 - 000862936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-11-06 11:16 - 2018-03-09 10:33 - 000672272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-11-06 11:16 - 2018-03-09 10:33 - 000327896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-11-06 11:16 - 2018-03-09 10:33 - 000238152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-11-06 11:16 - 2018-03-09 10:33 - 000114464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-11-06 11:16 - 2018-03-09 10:33 - 000090008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-11-04 09:00 - 2021-12-12 12:55 - 000000000 ____D C:\Users\fbart\AppData\Local\WhatsApp
2022-11-03 13:36 - 2021-09-23 18:31 - 000002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-11-03 13:36 - 2021-09-23 18:31 - 000001906 _____ C:\Users\Default\Desktop\Google Slides.lnk
2022-11-03 13:36 - 2021-09-23 18:31 - 000001906 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2022-11-03 13:36 - 2021-09-23 18:31 - 000001894 _____ C:\Users\Default\Desktop\Google Docs.lnk
2022-11-03 13:36 - 2018-10-12 09:50 - 000001870 _____ C:\Users\fbart\Desktop\Google Drive.lnk
2022-10-31 16:01 - 2017-11-28 10:12 - 000000000 ____D C:\Users\fbart\AppData\Local\JDownloader v2.0
2022-10-29 17:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-10-23 22:23 - 2018-08-14 18:08 - 000000000 ____D C:\Users\fbart\AppData\Local\CrashDumps
2022-10-19 22:07 - 2021-05-19 13:41 - 000559744 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-10-19 22:07 - 2016-12-20 22:53 - 000000000 ____D C:\ProgramData\AVAST Software
2022-10-19 22:07 - 2016-12-20 22:45 - 000000000 ____D C:\Program Files\CCleaner
2022-10-19 22:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-10-19 22:06 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-10-19 22:05 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-19 22:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-10-19 22:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-10-19 22:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-10-19 22:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-10-19 22:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-10-19 22:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-10-19 22:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-10-19 19:18 - 2017-06-12 18:12 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-10-19 19:18 - 2017-06-12 18:12 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-10-19 19:16 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-10-19 19:15 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-10-19 19:15 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-10-19 19:10 - 2021-05-19 13:44 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-10-19 18:44 - 2016-12-22 19:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-10-19 18:29 - 2016-12-22 19:42 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories ========
2022-09-19 14:35 - 2022-09-19 14:35 - 000000000 _____ () C:\Program Files (x86)\test.txt
2022-07-21 10:50 - 2022-07-21 10:50 - 000000171 _____ () C:\Users\fbart\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2019-06-24 15:45 - 2019-06-24 15:46 - 002535362 _____ () C:\Users\fbart\AppData\Roaming\AvidLink_Install.log
2018-06-26 21:25 - 2018-06-26 21:25 - 000000861 _____ () C:\Users\fbart\AppData\Roaming\Avid_CCS_Service_Stop.log
2021-07-23 18:06 - 2021-07-23 18:06 - 000000000 _____ () C:\Users\fbart\AppData\Local\oobelibMkey.log
2017-01-09 21:48 - 2022-05-19 15:05 - 000007593 _____ () C:\Users\fbart\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Jindy zase odmítá zobrazit obyčejný fotky v JPG pro nedodatek paměti, ačkoli je ještě 1 GB RAM volných.
Apod.
Prosím o kontrolu.
------------------------
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-11-2022
Ran by fbart (administrator) on DESKTOP-1NAN9QR (HP HP ProBook 450 G4) (18-11-2022 20:46:42)
Running from D:\SOFTWARE\FRST
Loaded Profiles: fbart
Platform: Microsoft Windows 10 Home Version 21H2 19044.2130 (X64) Language: Czech (Czech Republic) -> English (United Kingdom)
Default browser: Opera
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <5>
(C:\Program Files (x86)\Microsoft Office\Office10\WINWORD.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mfpmp.exe <13>
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe ->) (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(C:\Program Files\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Program Files\Opera\92.0.4561.43\opera_crashreporter.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\totalcmd\TOTALCMD64.EXE ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitPDFReader.exe
(C:\Windows\CxSvc\CxAudioSvc.exe ->) (Synaptics Incorporated -> Conexant Systems LLC.) C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SmartAudio3.exe
(C:\Windows\CxSvc\CxAudioSvc.exe ->) (Synaptics Incorporated -> Conexant Systems, Inc) C:\Program Files\CONEXANT\Flow\Flow.exe
(DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_e2143fc8249238dd\HotKeyServiceUWP.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_e2143fc8249238dd\HPHotkeyNotification.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxEM.exe
(explorer.exe ->) (Adobe Systems®, Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Audition 1.5\Audition.exe
(explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\66.0.3.0\crashpad_handler.exe <6>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Lingea s.r.o. -> Lingea s.r.o.) C:\Program Files (x86)\Lingea\Lexicon7\Lexicon.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office10\WINWORD.EXE
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mspaint.exe <2>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <3>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(explorer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <55>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <47>
(Opera Norway AS -> Opera Software) C:\Program Files\Opera\opera.exe <19>
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Avid Technology, Inc. -> Avid Technology, Inc.) C:\Program Files\Avid\Cloud Client Services\Hub.exe
(services.exe ->) (Avid Technology, Inc. -> Avid Technology, Inc.) C:\Program Files\Avid\Cloud Client Services\TransportClient.exe
(services.exe ->) (Avid Technology, Inc.) [File not signed] C:\Program Files\Avid\Pro Tools First\MMERefresh.exe
(services.exe ->) (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\COMODO\Dragon\dragon_updater.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(services.exe ->) (Conexant Systems LLC.) [File not signed] C:\Windows\CxSvc\CxUtilSvc.exe
(services.exe ->) (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (Hewlett Packard Enterprise Company -> Hewlett Packard Enterprise Company) C:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_e2143fc8249238dd\HotKeyServiceUWP.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_e2143fc8249238dd\LanWlanWwanSwitchingServiceUWP.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Shanghai Microvirt Software Technology Co., Ltd. -> ) D:\Program Files\Microvirt\MEmu\MemuService.exe
(services.exe ->) (Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe
(services.exe ->) (Synaptics Incorporated -> Conexant Systems LLC.) C:\Windows\CxSvc\CxAudioSvc.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Synaptics Incorporated -> Conexant) C:\Windows\System32\MicTray64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(WhatsApp LLC -> WhatsApp) C:\Users\fbart\AppData\Local\WhatsApp\app-2.2242.6\WhatsApp.exe <7>
(Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\fbart\AppData\Roaming\Zoom\bin\Zoom.exe <2>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2018-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [212184 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [DigidesignMMERefresh] => C:\Program Files\Avid\Pro Tools First\MMERefresh.exe [117760 2018-04-03] (Avid Technology, Inc.) [File not signed]
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [644000 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [366960 2022-09-01] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-07-23] (Adobe Inc. -> )
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6206360 2021-03-23] (Acronis International GmbH -> )
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [446392 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [4095184 2021-08-11] (Opera Software AS -> Opera Software)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-03] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-03] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38502416 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [com.squirrel.Teams.Teams] => C:\Users\fbart\AppData\Local\Microsoft\Teams\Update.exe [2585824 2022-11-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-03] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [Titan Backup] => C:\Program Files (x86)\Titan Backup\Launcher.exe [142784 2008-12-18] (Neobyte Solutions SRL -> Neobyte Solutions)
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\fbart\AppData\Local\WhatsApp\Update.exe [2254048 2022-11-04] (WhatsApp LLC -> )
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [AvastBrowserAutoLaunch_A606C3A23F722394777472C3610F9B5A] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3012440 2022-10-31] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [MicrosoftEdgeAutoLaunch_CBC3A2C48DD08E53B4E467E37B52CD84] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3891624 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-03] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2017-01-10] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\doPDF 7 Monitor: C:\windows\system32\dopdfmn7.dll [25920 2016-12-29] (Softland S.R.L. -> Softland)
HKLM\...\Print\Monitors\HPLJ1020LM: C:\windows\system32\zlhp1020.dll [192512 2017-01-10] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\novaPDF 10 Port Monitor: C:\windows\system32\novamn10.dll [18944 2020-04-01] (Softland) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\92.2.11577.159\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\107.0.5304.107\Installer\chrmstp.exe [2022-11-11] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\106.0.19080.168\Installer\chrmstp.exe [2022-11-09] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6782.183\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{77B7ED10-A641-4766-A428-8B9EE42E830A}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{E85E7D14-653B-4E51-9BC5-E5F9EC9BC51D}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F0C31759-99A6-493E-AD7D-7F69126CDFBC}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F731030D-3272-4D8B-A21A-3940EF268453}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{DCFB2A33-814B-4236-BFBD-FFEA3F528385}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avid Link.lnk [2019-06-24]
ShortcutTarget: Avid Link.lnk -> C:\Program Files\Avid\Avid Link\Avid Link.exe (Avid Technology, Inc. -> Avid Technology, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2016-10-30]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{0F5EBB0D-DF6D-4DBE-9789-57BF05B3B0FD}\HPlogo_blue.ico () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2018-05-28]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01CB174C-AD1B-445F-A476-37D66715FBDC} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {0315D22F-55A8-4872-B593-CBA6743545C8} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {15F9F943-91F3-431B-A068-68EF69CFC841} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {1A0E7D9A-2E5D-49C7-A1B9-997A203B84D5} - System32\Tasks\doPDF 10 Telemetry => C:\Program Files\Softland\novaPDF 10\Driver\GoogleAnalytics.exe [51504 2020-04-01] (Softland SRL -> )
Task: {1B10606B-7AFC-408A-9FC6-8088E57FCC9A} - System32\Tasks\Opera scheduled assistant Autoupdate 1582720617 => C:\Program Files\Opera\launcher.exe [2569160 2022-11-03] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
Task: {1CC38B53-A328-4DB6-AEEB-82D4015A1931} - System32\Tasks\Adobe Creative Cloud => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779504 2021-07-23] (Adobe Inc. -> Adobe Inc.)
Task: {2364088E-19F8-4F7A-8A88-80C74475F615} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {335888FE-842D-43FA-9F1E-973E8FA2F4E4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u (No File)
Task: {338E88A2-EDFB-4A81-98EA-CBAD8E7F6728} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {468B8D09-A923-4767-A43B-646993EA1D39} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [17335976 2017-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {493ED88C-79E7-4817-9B2A-FE032ABEB371} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {4CD52400-C75D-42D4-87D7-47FD9001B222} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA (No File)
Task: {57F6E83D-22DD-4341-8377-BFB390D07DF8} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4666896 2022-09-12] (Piriform Software Ltd -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "d69b8913-fbe2-4c6b-8e6b-b8083f51231d" --version "6.04.10044" --silent
Task: {5EF6B28E-1257-4EE4-874B-7480E5A9F6F4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4936920 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
Task: {6E63C272-93D0-4442-908D-4D969E42433F} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {6EC8B7E2-E1D6-4D97-A743-AB1D424B0C9F} - System32\Tasks\GoogleUpdateTaskMachineUA{C9B41F03-CE97-46FC-9A53-217B962DE78D} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-13] (Google LLC -> Google LLC)
Task: {7C3AB1B9-ACF7-4703-89E5-D5CA83859B6C} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {91FB28D7-3A7F-47BA-9981-D86E369B45B5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-09-12] (Piriform Software Ltd -> Piriform)
Task: {93E3645D-9929-4696-B45E-6727B7D982D3} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {94333FE9-C5A2-412C-B30A-BFC66C47FF8E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {98A0AFCD-BB66-4C41-B5EE-F58EC42B9728} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {9BF8FCA5-10F7-470D-B2A8-275CC647D078} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [17335976 2017-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {A1BB5C1E-89C5-4735-83AF-816B7F0FCD4D} - System32\Tasks\GoogleUpdateTaskMachineCore{879116B2-1160-4F59-8641-0C214FB783CA} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-13] (Google LLC -> Google LLC)
Task: {A7577C0C-6E6F-455B-B904-811FCEC6C4A0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport (No File)
Task: {BD0EB86B-ADC0-476E-854A-748D90D679C8} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3012440 2022-10-31] (Avast Software s.r.o. -> AVAST Software)
Task: {BD5A8FA8-06EA-446B-A5F8-180A99237DD3} - System32\Tasks\Microsoft\Windows\Conexant\MicTray => C:\Windows\System32\MicTray64.exe [5009512 2020-06-13] (Synaptics Incorporated -> Conexant)
Task: {C0C70F2E-A974-4FF8-95A4-661E8091DA9C} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {C11EB089-78EE-48DE-9BA7-359A83745372} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {DF19A4FD-9F6B-452F-A8CB-CD00FB33FBF4} - System32\Tasks\Opera scheduled Autoupdate 1487236436 => C:\Program Files\Opera\launcher.exe [2569160 2022-11-03] (Opera Norway AS -> Opera Software)
Task: {E4043D11-6B42-41B7-A790-963B06103110} - System32\Tasks\CCleanerSkipUAC - fbart => C:\Program Files\CCleaner\CCleaner.exe [32204304 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E7302411-1508-44D7-8596-AC3C28BC26CD} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3012440 2022-10-31] (Avast Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5e93018d-e819-411c-a382-4ff97e6c7ce1}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7bb2afef-f054-4d68-bdc1-066d09ae6753}: [NameServer] 156.154.70.22,156.154.71.22
Tcpip\..\Interfaces\{7bb2afef-f054-4d68-bdc1-066d09ae6753}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9a41f277-0fa9-4555-953f-aa9788cd4df8}: [NameServer] 156.154.70.22,156.154.71.22
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\fbart\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-18]
Edge Session Restore: Default -> is enabled.
FireFox:
========
FF DefaultProfile: xs1zf06h.default-1602174025168
FF ProfilePath: C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168 [2022-11-18]
FF Session Restore: Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168 -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168 -> hxxps://app.slack.com
FF Extension: (Facebook Container) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168\Extensions\@contain-facebook.xpi [2022-11-03]
FF Extension: (German Dictionary, extended for Austria) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168\Extensions\de-AT@dictionaries.addons.mozilla.org.xpi [2020-10-08]
FF Extension: (German Dictionary (Switzerland)) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168\Extensions\de-CH@dictionaries.addons.mozilla.org.xpi [2020-10-08]
FF Extension: (German Dictionary) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168\Extensions\de-DE@dictionaries.addons.mozilla.org.xpi [2020-10-08]
FF Extension: (LexFox) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168\Extensions\info@lingea.com.xpi [2021-08-17] [UpdateUrl:hxxps://www.lingea.eu/updates/lexfox/update.json]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168\Extensions\langpack-de@firefox.mozilla.org.xpi [2022-11-04]
FF Extension: (Photon Colors) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168\Extensions\{2c6c94f3-c656-41e9-aa4b-1edba5be9c21}.xpi [2021-07-31]
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-12-29] [Legacy] [not signed]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-07-23] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-07-23] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-08-05] (pdfforge GmbH -> pdfforge GmbH)
Chrome:
=======
CHR Profile: C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default [2022-07-14]
CHR HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\fbart\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx <not found>
CHR HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
Opera:
=======
OPR Profile: C:\Users\fbart\AppData\Roaming\Opera Software\Opera Stable [2022-11-18]
OPR Notifications: Opera Stable -> hxxps://drive.google.com; hxxps://www.instagram.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\fbart\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-11-09]
OPR Extension: (MyJDownloader Browser Extension) - C:\Users\fbart\AppData\Roaming\Opera Software\Opera Stable\Extensions\fbclnkmbcmdfamfeaagadifibbongnmf [2019-02-28]
OPR Extension: (Opera Wallet) - C:\Users\fbart\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-11-09]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\fbart\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-17]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 aakore; C:\Program Files (x86)\Acronis\Agent\aakore.exe [9022120 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [12952232 2021-03-23] (Acronis International GmbH -> )
S4 AcronisCyberProtectionService; C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe [1425256 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
S4 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1052280 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842480 2021-07-23] (Adobe Inc. -> Adobe Inc.)
S4 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6391536 2021-08-01] (Acronis International GmbH -> )
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3779840 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3547904 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103280 2022-09-01] (Apple Inc. -> Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8539152 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [592600 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [592600 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\106.0.19080.168\elevation_service.exe [2047016 2022-10-31] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 AvidHubService; C:\Program Files\Avid\Cloud Client Services\Hub.exe [2299208 2017-11-09] (Avid Technology, Inc. -> Avid Technology, Inc.)
R2 AvidTransportClient; C:\Program Files\Avid\Cloud Client Services\TransportClient.exe [7067464 2017-11-09] (Avid Technology, Inc. -> Avid Technology, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7923888 2017-10-12] (Microsoft Corporation -> Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 CxAudioSvc; C:\WINDOWS\CxSvc\CxAudioSvc.exe [96432 2020-09-08] (Synaptics Incorporated -> Conexant Systems LLC.)
R2 CxUtilSvc; C:\WINDOWS\CxSvc\CxUtilSvc.exe [166400 2019-06-25] (Conexant Systems LLC.) [File not signed]
R2 DigiRefresh; C:\Program Files\Avid\Pro Tools First\MMERefresh.exe [117760 2018-04-03] (Avid Technology, Inc.) [File not signed]
S3 digiSPTIService64; C:\Program Files\Avid\Pro Tools First\digisptiservice64.exe [197632 2018-04-03] (Avid Technology, Inc.) [File not signed]
R2 DpHost; c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe [527296 2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2259720 2022-08-04] (Comodo Security Solutions -> Comodo)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [567888 2016-08-11] (Hewlett Packard Enterprise Company -> Hewlett-Packard Company)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitPDFReaderUpdateService.exe [2358800 2022-05-20] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 fpCsEvtSvc; C:\WINDOWS\System32\fpCSEvtSvc.exe [22424 2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> )
S2 gupdate1d62962e9ffe133; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-13] (Google LLC -> Google LLC)
S3 gupdatem1d62962ea02435c; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-13] (Google LLC -> Google LLC)
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_e2143fc8249238dd\HotKeyServiceUWP.exe [1556592 2022-06-14] (HP Inc. -> HP Inc.)
R2 HpDamServiceHost; c:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe [20376 2016-08-09] (Hewlett Packard Enterprise Company -> Hewlett Packard Enterprise Company)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1083200 2016-12-22] (HP Inc. -> HP)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_e2143fc8249238dd\LanWlanWwanSwitchingServiceUWP.exe [602224 2022-06-14] (HP Inc. -> HP Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [File not signed]
R2 MEmuSVC; D:\Program Files\Microvirt\MEmu\MemuService.exe [85304 2019-09-12] (Shanghai Microvirt Software Technology Co., Ltd. -> )
S2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4878840 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [2136488 2021-03-23] (Acronis International GmbH -> )
R2 NovaPdf10Server; C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe [52528 2020-04-01] (Softland SRL -> Microsoft)
S4 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2438880 2016-12-29] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-12-29] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-12-29] (pdfforge GmbH -> pdfforge GmbH)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7398360 2021-03-23] (Acronis International GmbH -> )
R3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [5910328 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
R2 valWBFPolicyService; C:\WINDOWS\System32\valWBFPolicyService.exe [91032 2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\NisSrv.exe [2484256 2020-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MsMpEng.exe [103168 2020-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [42304 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [238152 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [382504 2022-11-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [306128 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [105936 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [48512 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [276520 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [564304 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [114464 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [90008 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [862936 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [672272 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221944 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327896 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2021-03-23] (Bitdefender SRL -> Bitdefender)
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17576 2020-01-27] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [38880 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [844000 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [47104 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 DAMDrv; C:\WINDOWS\system32\DRIVERS\DAMDrv64.sys [76432 2016-08-11] (Hewlett Packard Enterprise Company -> Hewlett-Packard Enterpise Company)
S3 ewusbmbb; C:\WINDOWS\System32\drivers\ewusbwwan.sys [421376 2010-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_hwusbdev; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [117248 2010-07-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 FFUsbAudio; C:\WINDOWS\System32\drivers\ffusbaudio.sys [53080 2011-10-31] (Focusrite Audio Engineering Limited -> Focusrite Audio Engineering Ltd.)
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [720392 2021-08-01] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [392840 2021-08-01] (Acronis International GmbH -> Acronis International GmbH)
R0 fltsrv; C:\WINDOWS\System32\DRIVERS\fltsrv.sys [183944 2021-08-01] (Acronis International GmbH -> Acronis International GmbH)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [86016 2011-01-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwdatacard; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [221312 2010-12-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [114304 2016-12-29] (Huawei Technologies Co., Ltd.) [File not signed]
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [130256 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63256 2018-08-29] (Comodo Security Solutions, Inc. -> COMODO)
R1 MEmuDrv; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [320360 2021-01-04] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
S0 ngelam; C:\WINDOWS\System32\drivers\ngelam.sys [15816 2021-03-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Acronis International GmbH)
R1 ngscan; C:\WINDOWS\System32\DRIVERS\ngscan.sys [179104 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
S3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [1063520 2017-04-06] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [887032 2021-08-01] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [175648 2021-08-01] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [694920 2021-08-01] (Acronis International GmbH -> Acronis International GmbH)
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [334984 2021-08-01] (Acronis International GmbH -> Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [251016 2021-08-01] (Acronis International GmbH -> Acronis International GmbH)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-06-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [401120 2020-06-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-06-01] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
S3 YMIDUSBW; C:\WINDOWS\system32\drivers\ymidusbx64.sys [43744 2015-07-28] (Yamaha Corporation -> Yamaha Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-11-18 18:52 - 2022-11-18 18:52 - 000801369 _____ C:\Users\fbart\Downloads\KET Test 1 - Reading Part 5.pdf
2022-11-16 23:04 - 2022-11-16 23:04 - 000011687 _____ C:\Users\fbart\Downloads\download.pdf
2022-11-16 21:42 - 2022-11-16 21:42 - 007639009 _____ C:\Users\fbart\Downloads\_Michael_Vince---Advanced-Language-Practice-With-Key.pdf
2022-11-16 17:11 - 2022-11-16 17:11 - 002816123 _____ C:\Users\fbart\Downloads\BSN5-24_PLANOVACI s anglictinou VN 2024 - corr FKB-1.pdf
2022-11-13 11:32 - 2022-11-13 11:33 - 002816123 _____ C:\Users\fbart\Downloads\BSN5-24_PLANOVACI s anglictinou VN 2024 - corr FKB.pdf
2022-11-12 23:16 - 2022-11-12 23:17 - 000172311 _____ C:\Users\fbart\Downloads\jak_jsi_krasne_zboží.pdf
2022-11-12 23:16 - 2022-11-12 23:16 - 000161720 _____ C:\Users\fbart\Downloads\Půjdem spolu nakupovat.pdf
2022-11-12 23:15 - 2022-11-12 23:16 - 000122513 _____ C:\Users\fbart\Downloads\Vondráši, Matóši.pdf
2022-11-12 23:13 - 2022-11-12 23:19 - 000100764 _____ C:\Users\fbart\Downloads\Nahodil se byznys plán-1.pdf
2022-11-12 23:13 - 2022-11-12 23:13 - 000110730 _____ C:\Users\fbart\Downloads\Nahodil se byznys plán.pdf
2022-11-12 22:58 - 2022-11-12 22:58 - 000502644 _____ C:\Users\fbart\Downloads\Adeste fideles.pdf
2022-11-11 11:10 - 2022-11-11 11:10 - 002830489 _____ C:\Users\fbart\Downloads\BSN5-24_PLANOVACI s anglictinou VN 2024.pdf
2022-11-11 10:01 - 2022-11-11 10:01 - 000596569 _____ C:\Users\fbart\Downloads\BSN5-24_PLANOVACI s anglictinou OB 2024.pdf
2022-11-10 10:50 - 2022-11-10 10:50 - 000255399 _____ C:\Users\fbart\Downloads\Oznameni-1(1).pdf
2022-11-10 10:50 - 2022-11-10 10:50 - 000000000 _____ C:\Users\fbart\Downloads\Oznameni-1.pdf
2022-11-10 09:50 - 2022-11-10 09:50 - 001649499 _____ C:\Users\fbart\Downloads\nahled-EK0136.pdf
2022-11-10 09:30 - 2022-11-10 09:31 - 000166924 _____ C:\Users\fbart\Downloads\data-sheet-wd-blue-pc-hard-drives-2879-771436.pdf
2022-11-09 18:17 - 2022-11-09 18:17 - 000166564 _____ C:\Users\fbart\Downloads\Faktura 202211091 - Zdenek_Kubes - F_Bartak.pdf
2022-11-09 18:15 - 2022-11-09 18:15 - 000166567 _____ C:\Users\fbart\Downloads\Faktura 202206211 - Zdenek_Kubes - F_Bartak.pdf
2022-11-08 19:50 - 2022-11-08 19:50 - 000255399 _____ C:\Users\fbart\Downloads\Oznameni.pdf
2022-11-07 23:52 - 2022-11-07 23:52 - 000010458 _____ C:\Users\fbart\Downloads\Zálohový list.pdf
2022-11-07 15:57 - 2022-11-07 15:57 - 000000000 ____D C:\Users\fbart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-11-07 10:35 - 2022-11-07 10:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-11-06 11:16 - 2022-11-06 11:16 - 000270552 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-11-06 11:16 - 2022-11-06 11:16 - 000221944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-11-04 18:11 - 2022-11-04 18:11 - 000068690 _____ C:\Users\fbart\Downloads\Vodafone Vyúčtování číslo 867892859.pdf
2022-11-01 18:28 - 2022-11-01 18:28 - 000984244 _____ C:\Users\fbart\Downloads\KET Test 1 - Reading Part 3.pdf
2022-11-01 09:24 - 2022-11-01 09:24 - 003591196 _____ C:\Users\fbart\Downloads\31-tipu-nj-pdf.pdf
2022-10-29 22:37 - 2022-10-29 22:37 - 004905648 _____ C:\Users\fbart\Downloads\bidnici.pdf
2022-10-26 17:34 - 2022-10-26 17:34 - 000180970 _____ C:\Users\fbart\Downloads\Hove_07_SchweizerHochdeutsch.pdf
2022-10-26 16:42 - 2022-10-26 16:42 - 000068886 _____ C:\Users\fbart\Downloads\Faktura vydaná_FV22156313-2.pdf
2022-10-26 16:39 - 2022-10-26 16:39 - 000201943 _____ C:\Users\fbart\Downloads\Objednavka_OBJ20179416-1.pdf
2022-10-25 15:15 - 2022-10-25 15:15 - 003704310 _____ C:\Users\fbart\Downloads\MFP_2022_3_web.pdf
2022-10-25 15:11 - 2022-10-25 15:11 - 006524960 _____ C:\Users\fbart\Downloads\MFP_2022_2_web.pdf
2022-10-25 15:09 - 2022-10-25 15:09 - 003580989 _____ C:\Users\fbart\Downloads\MFP_2022_1.pdf
2022-10-22 22:10 - 2022-10-22 22:10 - 013655207 _____ C:\Users\fbart\Downloads\Lord of the Rings Collection.pdf
2022-10-22 22:07 - 2022-10-22 22:07 - 000015715 _____ C:\Users\fbart\Downloads\prendreRDVImpressionPDF.pdf
2022-10-20 10:33 - 2022-10-20 10:33 - 000245198 _____ C:\Users\fbart\Downloads\a1-ubungen-in-deutscher-grammatik-fur-anfanger.pdf
2022-10-19 22:19 - 2022-10-19 22:19 - 000002285 _____ C:\Users\fbart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox Private Browsing.lnk
2022-10-19 19:16 - 2022-09-02 09:31 - 001905920 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-10-19 19:16 - 2022-09-02 09:31 - 001905920 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-10-19 19:16 - 2022-09-02 09:31 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-10-19 19:16 - 2022-09-02 09:31 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-10-19 19:16 - 2022-09-02 09:31 - 001432328 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-10-19 19:16 - 2022-09-02 09:31 - 001432328 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-10-19 19:16 - 2022-09-02 09:31 - 001145608 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-10-19 19:16 - 2022-09-02 09:31 - 001145608 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-10-19 19:16 - 2022-09-02 09:30 - 001471992 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-10-19 19:16 - 2022-09-02 09:30 - 001213424 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-10-19 19:16 - 2022-09-02 09:28 - 000865800 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-10-19 19:16 - 2022-09-02 09:28 - 000687624 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-10-19 19:16 - 2022-09-02 09:27 - 002127856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-10-19 19:16 - 2022-09-02 09:27 - 001607656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-10-19 19:16 - 2022-09-02 09:27 - 001536520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-10-19 19:16 - 2022-09-02 09:27 - 001182728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-10-19 19:16 - 2022-09-02 09:27 - 001059312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-10-19 19:16 - 2022-09-02 09:27 - 000845296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-10-19 19:16 - 2022-09-02 09:26 - 010269704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-10-19 19:16 - 2022-09-02 09:26 - 008803848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-10-19 19:16 - 2022-09-02 09:26 - 005362696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-10-19 19:16 - 2022-09-02 09:26 - 003066888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-10-19 19:16 - 2022-09-02 09:26 - 001734664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6451669.dll
2022-10-19 19:16 - 2022-09-02 09:26 - 001494000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6451669.dll
2022-10-19 19:16 - 2022-09-02 09:23 - 006367416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-10-19 19:11 - 2022-10-19 19:11 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-10-19 19:11 - 2022-10-19 19:11 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-10-19 19:11 - 2022-10-19 19:11 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-10-19 19:10 - 2022-10-19 19:10 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-10-19 19:10 - 2022-10-19 19:10 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-10-19 19:10 - 2022-10-19 19:10 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-10-19 19:10 - 2022-10-19 19:10 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-10-19 18:52 - 2022-10-19 18:52 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-11-18 20:47 - 2017-12-01 22:30 - 000000000 ____D C:\FRST
2022-11-18 20:38 - 2021-12-12 12:56 - 000000000 ____D C:\Users\fbart\AppData\Roaming\WhatsApp
2022-11-18 20:31 - 2020-05-13 21:13 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-18 20:29 - 2021-05-19 13:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-11-18 20:09 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-18 19:03 - 2022-10-05 12:57 - 000002878 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-11-18 19:03 - 2022-10-05 12:57 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-11-18 19:03 - 2022-08-30 09:26 - 000003424 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{C9B41F03-CE97-46FC-9A53-217B962DE78D}
2022-11-18 19:03 - 2022-07-18 15:04 - 000003200 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{879116B2-1160-4F59-8641-0C214FB783CA}
2022-11-18 19:03 - 2021-12-15 21:57 - 000002254 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - fbart
2022-11-18 19:03 - 2021-11-21 20:18 - 000002428 _____ C:\WINDOWS\system32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2022-11-18 19:03 - 2021-05-19 13:55 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-18 19:03 - 2021-05-19 13:55 - 000003306 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1487236436
2022-11-18 19:03 - 2021-05-19 13:55 - 000003240 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-18 19:03 - 2021-05-19 13:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2022-11-18 19:03 - 2019-11-17 10:37 - 000000000 ____D C:\Users\fbart\Documents\Zoom
2022-11-18 17:39 - 2016-12-26 16:31 - 000000000 ____D C:\Users\fbart\AppData\Roaming\vlc
2022-11-18 16:20 - 2016-12-30 20:15 - 000000000 ____D C:\Users\fbart\Documents\Lexicon
2022-11-17 18:21 - 2021-05-19 13:55 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-11-16 18:19 - 2018-05-28 17:39 - 000000000 ____D C:\Users\fbart\AppData\Local\D3DSCache
2022-11-16 13:43 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-16 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-15 09:16 - 2021-05-19 13:53 - 001885574 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-11-15 09:16 - 2019-12-07 15:41 - 000785556 _____ C:\WINDOWS\system32\perfh005.dat
2022-11-15 09:16 - 2019-12-07 15:41 - 000182314 _____ C:\WINDOWS\system32\perfc005.dat
2022-11-15 09:16 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-11-15 09:13 - 2019-01-14 14:47 - 000382504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-11-15 09:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-11-15 09:10 - 2017-06-12 18:13 - 000000000 ____D C:\ProgramData\Synaptics
2022-11-12 15:55 - 2021-10-11 14:15 - 000000000 ____D C:\Video
2022-11-12 15:53 - 2020-07-07 12:27 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-12 15:53 - 2020-07-07 12:27 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-11-11 10:59 - 2022-02-09 19:15 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-11-11 08:22 - 2020-05-13 21:14 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-11 08:22 - 2020-05-13 21:14 - 000002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-11-10 15:29 - 2021-07-20 14:10 - 000002421 _____ C:\Users\fbart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2022-11-10 15:29 - 2021-07-20 14:10 - 000002413 _____ C:\Users\fbart\Desktop\Microsoft Teams.lnk
2022-11-09 18:25 - 2017-06-28 13:38 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera browser.lnk
2022-11-09 18:25 - 2017-02-16 10:12 - 000000000 ____D C:\Program Files\Opera
2022-11-09 17:26 - 2018-04-16 16:25 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2022-11-09 17:26 - 2018-04-16 16:25 - 000002470 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2022-11-07 15:57 - 2020-05-12 13:02 - 000001984 _____ C:\Users\fbart\Desktop\Zoom.lnk
2022-11-07 15:57 - 2018-08-15 21:34 - 000000000 ____D C:\Users\fbart\AppData\Roaming\Zoom
2022-11-07 11:04 - 2018-04-16 16:25 - 000000000 ____D C:\Users\fbart\AppData\Local\AVAST Software
2022-11-07 10:35 - 2016-12-20 22:41 - 000000000 ____D C:\Users\fbart\AppData\LocalLow\Mozilla
2022-11-07 10:35 - 2016-12-20 22:40 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-11-07 10:35 - 2016-12-20 22:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-11-07 10:35 - 2016-12-20 22:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-11-07 10:31 - 2021-05-19 13:45 - 000000000 ____D C:\Users\fbart
2022-11-07 10:31 - 2016-12-20 22:34 - 000000000 __SHD C:\Users\fbart\IntelGraphicsProfiles
2022-11-07 10:30 - 2021-05-19 13:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-07 10:30 - 2021-05-19 13:41 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-07 10:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-11-07 10:30 - 2017-06-12 18:12 - 000000000 ____D C:\ProgramData\NVIDIA
2022-11-07 10:30 - 2016-10-29 23:18 - 000000000 ____D C:\Intel
2022-11-06 11:16 - 2020-10-24 17:03 - 000276520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-11-06 11:16 - 2020-04-20 20:08 - 000564304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-11-06 11:16 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-11-06 11:16 - 2019-01-14 14:47 - 000390096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys.166842975921801
2022-11-06 11:16 - 2019-01-09 12:05 - 000306128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-11-06 11:16 - 2019-01-09 12:05 - 000105936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-11-06 11:16 - 2019-01-09 12:05 - 000042304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-11-06 11:16 - 2018-10-23 23:01 - 000048512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-11-06 11:16 - 2018-03-09 10:33 - 000862936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-11-06 11:16 - 2018-03-09 10:33 - 000672272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-11-06 11:16 - 2018-03-09 10:33 - 000327896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-11-06 11:16 - 2018-03-09 10:33 - 000238152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-11-06 11:16 - 2018-03-09 10:33 - 000114464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-11-06 11:16 - 2018-03-09 10:33 - 000090008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-11-04 09:00 - 2021-12-12 12:55 - 000000000 ____D C:\Users\fbart\AppData\Local\WhatsApp
2022-11-03 13:36 - 2021-09-23 18:31 - 000002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-11-03 13:36 - 2021-09-23 18:31 - 000001906 _____ C:\Users\Default\Desktop\Google Slides.lnk
2022-11-03 13:36 - 2021-09-23 18:31 - 000001906 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2022-11-03 13:36 - 2021-09-23 18:31 - 000001894 _____ C:\Users\Default\Desktop\Google Docs.lnk
2022-11-03 13:36 - 2018-10-12 09:50 - 000001870 _____ C:\Users\fbart\Desktop\Google Drive.lnk
2022-10-31 16:01 - 2017-11-28 10:12 - 000000000 ____D C:\Users\fbart\AppData\Local\JDownloader v2.0
2022-10-29 17:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-10-23 22:23 - 2018-08-14 18:08 - 000000000 ____D C:\Users\fbart\AppData\Local\CrashDumps
2022-10-19 22:07 - 2021-05-19 13:41 - 000559744 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-10-19 22:07 - 2016-12-20 22:53 - 000000000 ____D C:\ProgramData\AVAST Software
2022-10-19 22:07 - 2016-12-20 22:45 - 000000000 ____D C:\Program Files\CCleaner
2022-10-19 22:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-10-19 22:06 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-10-19 22:05 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-19 22:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-10-19 22:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-10-19 22:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-10-19 22:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-10-19 22:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-10-19 22:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-10-19 22:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-10-19 19:18 - 2017-06-12 18:12 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-10-19 19:18 - 2017-06-12 18:12 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-10-19 19:16 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-10-19 19:15 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-10-19 19:15 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-10-19 19:10 - 2021-05-19 13:44 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-10-19 18:44 - 2016-12-22 19:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-10-19 18:29 - 2016-12-22 19:42 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories ========
2022-09-19 14:35 - 2022-09-19 14:35 - 000000000 _____ () C:\Program Files (x86)\test.txt
2022-07-21 10:50 - 2022-07-21 10:50 - 000000171 _____ () C:\Users\fbart\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2019-06-24 15:45 - 2019-06-24 15:46 - 002535362 _____ () C:\Users\fbart\AppData\Roaming\AvidLink_Install.log
2018-06-26 21:25 - 2018-06-26 21:25 - 000000861 _____ () C:\Users\fbart\AppData\Roaming\Avid_CCS_Service_Stop.log
2021-07-23 18:06 - 2021-07-23 18:06 - 000000000 _____ () C:\Users\fbart\AppData\Local\oobelibMkey.log
2017-01-09 21:48 - 2022-05-19 15:05 - 000007593 _____ () C:\Users\fbart\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================