VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Podezření na nekalé živly v PC

https://forum.viry.cz:443/viewtopic.php?t=158883

Stránka 1 z 1

Podezření na nekalé živly v PC

Napsal: 18 lis 2022 20:54
od krysarr
Notebook se občas podivně zpomaluje a tvrdí, že má CPU na 100 procent vytížen, i když nic nedělám.
Jindy zase odmítá zobrazit obyčejný fotky v JPG pro nedodatek paměti, ačkoli je ještě 1 GB RAM volných.
Apod.
Prosím o kontrolu.

------------------------
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-11-2022
Ran by fbart (administrator) on DESKTOP-1NAN9QR (HP HP ProBook 450 G4) (18-11-2022 20:46:42)
Running from D:\SOFTWARE\FRST
Loaded Profiles: fbart
Platform: Microsoft Windows 10 Home Version 21H2 19044.2130 (X64) Language: Czech (Czech Republic) -> English (United Kingdom)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <5>
(C:\Program Files (x86)\Microsoft Office\Office10\WINWORD.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mfpmp.exe <13>
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe ->) (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(C:\Program Files\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Program Files\Opera\92.0.4561.43\opera_crashreporter.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\totalcmd\TOTALCMD64.EXE ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitPDFReader.exe
(C:\Windows\CxSvc\CxAudioSvc.exe ->) (Synaptics Incorporated -> Conexant Systems LLC.) C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SmartAudio3.exe
(C:\Windows\CxSvc\CxAudioSvc.exe ->) (Synaptics Incorporated -> Conexant Systems, Inc) C:\Program Files\CONEXANT\Flow\Flow.exe
(DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_e2143fc8249238dd\HotKeyServiceUWP.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_e2143fc8249238dd\HPHotkeyNotification.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxEM.exe
(explorer.exe ->) (Adobe Systems®, Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Audition 1.5\Audition.exe
(explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\66.0.3.0\crashpad_handler.exe <6>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Lingea s.r.o. -> Lingea s.r.o.) C:\Program Files (x86)\Lingea\Lexicon7\Lexicon.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office10\WINWORD.EXE
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mspaint.exe <2>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <3>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(explorer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <55>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <47>
(Opera Norway AS -> Opera Software) C:\Program Files\Opera\opera.exe <19>
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Avid Technology, Inc. -> Avid Technology, Inc.) C:\Program Files\Avid\Cloud Client Services\Hub.exe
(services.exe ->) (Avid Technology, Inc. -> Avid Technology, Inc.) C:\Program Files\Avid\Cloud Client Services\TransportClient.exe
(services.exe ->) (Avid Technology, Inc.) [File not signed] C:\Program Files\Avid\Pro Tools First\MMERefresh.exe
(services.exe ->) (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\COMODO\Dragon\dragon_updater.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(services.exe ->) (Conexant Systems LLC.) [File not signed] C:\Windows\CxSvc\CxUtilSvc.exe
(services.exe ->) (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (Hewlett Packard Enterprise Company -> Hewlett Packard Enterprise Company) C:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_e2143fc8249238dd\HotKeyServiceUWP.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_e2143fc8249238dd\LanWlanWwanSwitchingServiceUWP.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Shanghai Microvirt Software Technology Co., Ltd. -> ) D:\Program Files\Microvirt\MEmu\MemuService.exe
(services.exe ->) (Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe
(services.exe ->) (Synaptics Incorporated -> Conexant Systems LLC.) C:\Windows\CxSvc\CxAudioSvc.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Synaptics Incorporated -> Conexant) C:\Windows\System32\MicTray64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(WhatsApp LLC -> WhatsApp) C:\Users\fbart\AppData\Local\WhatsApp\app-2.2242.6\WhatsApp.exe <7>
(Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\fbart\AppData\Roaming\Zoom\bin\Zoom.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2018-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [212184 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [DigidesignMMERefresh] => C:\Program Files\Avid\Pro Tools First\MMERefresh.exe [117760 2018-04-03] (Avid Technology, Inc.) [File not signed]
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [644000 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [366960 2022-09-01] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-07-23] (Adobe Inc. -> )
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6206360 2021-03-23] (Acronis International GmbH -> )
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [446392 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [4095184 2021-08-11] (Opera Software AS -> Opera Software)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-03] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-03] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38502416 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [com.squirrel.Teams.Teams] => C:\Users\fbart\AppData\Local\Microsoft\Teams\Update.exe [2585824 2022-11-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-03] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [Titan Backup] => C:\Program Files (x86)\Titan Backup\Launcher.exe [142784 2008-12-18] (Neobyte Solutions SRL -> Neobyte Solutions)
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\fbart\AppData\Local\WhatsApp\Update.exe [2254048 2022-11-04] (WhatsApp LLC -> )
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [AvastBrowserAutoLaunch_A606C3A23F722394777472C3610F9B5A] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3012440 2022-10-31] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [MicrosoftEdgeAutoLaunch_CBC3A2C48DD08E53B4E467E37B52CD84] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3891624 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\66.0.3.0\GoogleDriveFS.exe [52475672 2022-11-03] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2017-01-10] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\doPDF 7 Monitor: C:\windows\system32\dopdfmn7.dll [25920 2016-12-29] (Softland S.R.L. -> Softland)
HKLM\...\Print\Monitors\HPLJ1020LM: C:\windows\system32\zlhp1020.dll [192512 2017-01-10] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\novaPDF 10 Port Monitor: C:\windows\system32\novamn10.dll [18944 2020-04-01] (Softland) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\92.2.11577.159\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\107.0.5304.107\Installer\chrmstp.exe [2022-11-11] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\106.0.19080.168\Installer\chrmstp.exe [2022-11-09] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6782.183\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{77B7ED10-A641-4766-A428-8B9EE42E830A}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{E85E7D14-653B-4E51-9BC5-E5F9EC9BC51D}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F0C31759-99A6-493E-AD7D-7F69126CDFBC}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F731030D-3272-4D8B-A21A-3940EF268453}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{DCFB2A33-814B-4236-BFBD-FFEA3F528385}] -> C:\windows\system32\DPCrProv2.dll [2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avid Link.lnk [2019-06-24]
ShortcutTarget: Avid Link.lnk -> C:\Program Files\Avid\Avid Link\Avid Link.exe (Avid Technology, Inc. -> Avid Technology, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2016-10-30]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{0F5EBB0D-DF6D-4DBE-9789-57BF05B3B0FD}\HPlogo_blue.ico () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2018-05-28]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01CB174C-AD1B-445F-A476-37D66715FBDC} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {0315D22F-55A8-4872-B593-CBA6743545C8} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {15F9F943-91F3-431B-A068-68EF69CFC841} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {1A0E7D9A-2E5D-49C7-A1B9-997A203B84D5} - System32\Tasks\doPDF 10 Telemetry => C:\Program Files\Softland\novaPDF 10\Driver\GoogleAnalytics.exe [51504 2020-04-01] (Softland SRL -> )
Task: {1B10606B-7AFC-408A-9FC6-8088E57FCC9A} - System32\Tasks\Opera scheduled assistant Autoupdate 1582720617 => C:\Program Files\Opera\launcher.exe [2569160 2022-11-03] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
Task: {1CC38B53-A328-4DB6-AEEB-82D4015A1931} - System32\Tasks\Adobe Creative Cloud => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779504 2021-07-23] (Adobe Inc. -> Adobe Inc.)
Task: {2364088E-19F8-4F7A-8A88-80C74475F615} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {335888FE-842D-43FA-9F1E-973E8FA2F4E4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u (No File)
Task: {338E88A2-EDFB-4A81-98EA-CBAD8E7F6728} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {468B8D09-A923-4767-A43B-646993EA1D39} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [17335976 2017-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {493ED88C-79E7-4817-9B2A-FE032ABEB371} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {4CD52400-C75D-42D4-87D7-47FD9001B222} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA (No File)
Task: {57F6E83D-22DD-4341-8377-BFB390D07DF8} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4666896 2022-09-12] (Piriform Software Ltd -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "d69b8913-fbe2-4c6b-8e6b-b8083f51231d" --version "6.04.10044" --silent
Task: {5EF6B28E-1257-4EE4-874B-7480E5A9F6F4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4936920 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
Task: {6E63C272-93D0-4442-908D-4D969E42433F} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {6EC8B7E2-E1D6-4D97-A743-AB1D424B0C9F} - System32\Tasks\GoogleUpdateTaskMachineUA{C9B41F03-CE97-46FC-9A53-217B962DE78D} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-13] (Google LLC -> Google LLC)
Task: {7C3AB1B9-ACF7-4703-89E5-D5CA83859B6C} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {91FB28D7-3A7F-47BA-9981-D86E369B45B5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-09-12] (Piriform Software Ltd -> Piriform)
Task: {93E3645D-9929-4696-B45E-6727B7D982D3} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {94333FE9-C5A2-412C-B30A-BFC66C47FF8E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {98A0AFCD-BB66-4C41-B5EE-F58EC42B9728} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {9BF8FCA5-10F7-470D-B2A8-275CC647D078} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [17335976 2017-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {A1BB5C1E-89C5-4735-83AF-816B7F0FCD4D} - System32\Tasks\GoogleUpdateTaskMachineCore{879116B2-1160-4F59-8641-0C214FB783CA} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-13] (Google LLC -> Google LLC)
Task: {A7577C0C-6E6F-455B-B904-811FCEC6C4A0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport (No File)
Task: {BD0EB86B-ADC0-476E-854A-748D90D679C8} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3012440 2022-10-31] (Avast Software s.r.o. -> AVAST Software)
Task: {BD5A8FA8-06EA-446B-A5F8-180A99237DD3} - System32\Tasks\Microsoft\Windows\Conexant\MicTray => C:\Windows\System32\MicTray64.exe [5009512 2020-06-13] (Synaptics Incorporated -> Conexant)
Task: {C0C70F2E-A974-4FF8-95A4-661E8091DA9C} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {C11EB089-78EE-48DE-9BA7-359A83745372} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {DF19A4FD-9F6B-452F-A8CB-CD00FB33FBF4} - System32\Tasks\Opera scheduled Autoupdate 1487236436 => C:\Program Files\Opera\launcher.exe [2569160 2022-11-03] (Opera Norway AS -> Opera Software)
Task: {E4043D11-6B42-41B7-A790-963B06103110} - System32\Tasks\CCleanerSkipUAC - fbart => C:\Program Files\CCleaner\CCleaner.exe [32204304 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E7302411-1508-44D7-8596-AC3C28BC26CD} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3012440 2022-10-31] (Avast Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5e93018d-e819-411c-a382-4ff97e6c7ce1}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7bb2afef-f054-4d68-bdc1-066d09ae6753}: [NameServer] 156.154.70.22,156.154.71.22
Tcpip\..\Interfaces\{7bb2afef-f054-4d68-bdc1-066d09ae6753}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9a41f277-0fa9-4555-953f-aa9788cd4df8}: [NameServer] 156.154.70.22,156.154.71.22

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\fbart\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-18]
Edge Session Restore: Default -> is enabled.

FireFox:
========
FF DefaultProfile: xs1zf06h.default-1602174025168
FF ProfilePath: C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168 [2022-11-18]
FF Session Restore: Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168 -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168 -> hxxps://app.slack.com
FF Extension: (Facebook Container) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168\Extensions\@contain-facebook.xpi [2022-11-03]
FF Extension: (German Dictionary, extended for Austria) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168\Extensions\de-AT@dictionaries.addons.mozilla.org.xpi [2020-10-08]
FF Extension: (German Dictionary (Switzerland)) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168\Extensions\de-CH@dictionaries.addons.mozilla.org.xpi [2020-10-08]
FF Extension: (German Dictionary) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168\Extensions\de-DE@dictionaries.addons.mozilla.org.xpi [2020-10-08]
FF Extension: (LexFox) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168\Extensions\info@lingea.com.xpi [2021-08-17] [UpdateUrl:hxxps://www.lingea.eu/updates/lexfox/update.json]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168\Extensions\langpack-de@firefox.mozilla.org.xpi [2022-11-04]
FF Extension: (Photon Colors) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\xs1zf06h.default-1602174025168\Extensions\{2c6c94f3-c656-41e9-aa4b-1edba5be9c21}.xpi [2021-07-31]
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-12-29] [Legacy] [not signed]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-07-23] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-02] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-07-23] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-08-05] (pdfforge GmbH -> pdfforge GmbH)

Chrome:
=======
CHR Profile: C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default [2022-07-14]
CHR HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\fbart\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx <not found>
CHR HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

Opera:
=======
OPR Profile: C:\Users\fbart\AppData\Roaming\Opera Software\Opera Stable [2022-11-18]
OPR Notifications: Opera Stable -> hxxps://drive.google.com; hxxps://www.instagram.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\fbart\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-11-09]
OPR Extension: (MyJDownloader Browser Extension) - C:\Users\fbart\AppData\Roaming\Opera Software\Opera Stable\Extensions\fbclnkmbcmdfamfeaagadifibbongnmf [2019-02-28]
OPR Extension: (Opera Wallet) - C:\Users\fbart\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-11-09]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\fbart\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-17]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 aakore; C:\Program Files (x86)\Acronis\Agent\aakore.exe [9022120 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [12952232 2021-03-23] (Acronis International GmbH -> )
S4 AcronisCyberProtectionService; C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe [1425256 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
S4 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1052280 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842480 2021-07-23] (Adobe Inc. -> Adobe Inc.)
S4 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6391536 2021-08-01] (Acronis International GmbH -> )
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3779840 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3547904 2021-07-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103280 2022-09-01] (Apple Inc. -> Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8539152 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [592600 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [592600 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\106.0.19080.168\elevation_service.exe [2047016 2022-10-31] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 AvidHubService; C:\Program Files\Avid\Cloud Client Services\Hub.exe [2299208 2017-11-09] (Avid Technology, Inc. -> Avid Technology, Inc.)
R2 AvidTransportClient; C:\Program Files\Avid\Cloud Client Services\TransportClient.exe [7067464 2017-11-09] (Avid Technology, Inc. -> Avid Technology, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7923888 2017-10-12] (Microsoft Corporation -> Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 CxAudioSvc; C:\WINDOWS\CxSvc\CxAudioSvc.exe [96432 2020-09-08] (Synaptics Incorporated -> Conexant Systems LLC.)
R2 CxUtilSvc; C:\WINDOWS\CxSvc\CxUtilSvc.exe [166400 2019-06-25] (Conexant Systems LLC.) [File not signed]
R2 DigiRefresh; C:\Program Files\Avid\Pro Tools First\MMERefresh.exe [117760 2018-04-03] (Avid Technology, Inc.) [File not signed]
S3 digiSPTIService64; C:\Program Files\Avid\Pro Tools First\digisptiservice64.exe [197632 2018-04-03] (Avid Technology, Inc.) [File not signed]
R2 DpHost; c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe [527296 2016-07-19] (DigitalPersona, Inc. -> Crossmatch, Inc.)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2259720 2022-08-04] (Comodo Security Solutions -> Comodo)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [567888 2016-08-11] (Hewlett Packard Enterprise Company -> Hewlett-Packard Company)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitPDFReaderUpdateService.exe [2358800 2022-05-20] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 fpCsEvtSvc; C:\WINDOWS\System32\fpCSEvtSvc.exe [22424 2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> )
S2 gupdate1d62962e9ffe133; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-13] (Google LLC -> Google LLC)
S3 gupdatem1d62962ea02435c; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-13] (Google LLC -> Google LLC)
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_e2143fc8249238dd\HotKeyServiceUWP.exe [1556592 2022-06-14] (HP Inc. -> HP Inc.)
R2 HpDamServiceHost; c:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe [20376 2016-08-09] (Hewlett Packard Enterprise Company -> Hewlett Packard Enterprise Company)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1083200 2016-12-22] (HP Inc. -> HP)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_e2143fc8249238dd\LanWlanWwanSwitchingServiceUWP.exe [602224 2022-06-14] (HP Inc. -> HP Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [File not signed]
R2 MEmuSVC; D:\Program Files\Microvirt\MEmu\MemuService.exe [85304 2019-09-12] (Shanghai Microvirt Software Technology Co., Ltd. -> )
S2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4878840 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [2136488 2021-03-23] (Acronis International GmbH -> )
R2 NovaPdf10Server; C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe [52528 2020-04-01] (Softland SRL -> Microsoft)
S4 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2438880 2016-12-29] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-12-29] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-12-29] (pdfforge GmbH -> pdfforge GmbH)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7398360 2021-03-23] (Acronis International GmbH -> )
R3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [5910328 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
R2 valWBFPolicyService; C:\WINDOWS\System32\valWBFPolicyService.exe [91032 2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\NisSrv.exe [2484256 2020-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MsMpEng.exe [103168 2020-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [42304 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [238152 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [382504 2022-11-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [306128 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [105936 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [48512 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [276520 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [564304 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [114464 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [90008 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [862936 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [672272 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221944 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327896 2022-11-06] (Avast Software s.r.o. -> AVAST Software)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2021-03-23] (Bitdefender SRL -> Bitdefender)
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17576 2020-01-27] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [38880 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [844000 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [47104 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 DAMDrv; C:\WINDOWS\system32\DRIVERS\DAMDrv64.sys [76432 2016-08-11] (Hewlett Packard Enterprise Company -> Hewlett-Packard Enterpise Company)
S3 ewusbmbb; C:\WINDOWS\System32\drivers\ewusbwwan.sys [421376 2010-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_hwusbdev; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [117248 2010-07-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 FFUsbAudio; C:\WINDOWS\System32\drivers\ffusbaudio.sys [53080 2011-10-31] (Focusrite Audio Engineering Limited -> Focusrite Audio Engineering Ltd.)
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [720392 2021-08-01] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [392840 2021-08-01] (Acronis International GmbH -> Acronis International GmbH)
R0 fltsrv; C:\WINDOWS\System32\DRIVERS\fltsrv.sys [183944 2021-08-01] (Acronis International GmbH -> Acronis International GmbH)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [86016 2011-01-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwdatacard; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [221312 2010-12-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [114304 2016-12-29] (Huawei Technologies Co., Ltd.) [File not signed]
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [130256 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63256 2018-08-29] (Comodo Security Solutions, Inc. -> COMODO)
R1 MEmuDrv; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [320360 2021-01-04] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
S0 ngelam; C:\WINDOWS\System32\drivers\ngelam.sys [15816 2021-03-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Acronis International GmbH)
R1 ngscan; C:\WINDOWS\System32\DRIVERS\ngscan.sys [179104 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
S3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [1063520 2017-04-06] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [887032 2021-08-01] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [175648 2021-08-01] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [694920 2021-08-01] (Acronis International GmbH -> Acronis International GmbH)
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [334984 2021-08-01] (Acronis International GmbH -> Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [251016 2021-08-01] (Acronis International GmbH -> Acronis International GmbH)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-06-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [401120 2020-06-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-06-01] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
S3 YMIDUSBW; C:\WINDOWS\system32\drivers\ymidusbx64.sys [43744 2015-07-28] (Yamaha Corporation -> Yamaha Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-18 18:52 - 2022-11-18 18:52 - 000801369 _____ C:\Users\fbart\Downloads\KET Test 1 - Reading Part 5.pdf
2022-11-16 23:04 - 2022-11-16 23:04 - 000011687 _____ C:\Users\fbart\Downloads\download.pdf
2022-11-16 21:42 - 2022-11-16 21:42 - 007639009 _____ C:\Users\fbart\Downloads\_Michael_Vince---Advanced-Language-Practice-With-Key.pdf
2022-11-16 17:11 - 2022-11-16 17:11 - 002816123 _____ C:\Users\fbart\Downloads\BSN5-24_PLANOVACI s anglictinou VN 2024 - corr FKB-1.pdf
2022-11-13 11:32 - 2022-11-13 11:33 - 002816123 _____ C:\Users\fbart\Downloads\BSN5-24_PLANOVACI s anglictinou VN 2024 - corr FKB.pdf
2022-11-12 23:16 - 2022-11-12 23:17 - 000172311 _____ C:\Users\fbart\Downloads\jak_jsi_krasne_zboží.pdf
2022-11-12 23:16 - 2022-11-12 23:16 - 000161720 _____ C:\Users\fbart\Downloads\Půjdem spolu nakupovat.pdf
2022-11-12 23:15 - 2022-11-12 23:16 - 000122513 _____ C:\Users\fbart\Downloads\Vondráši, Matóši.pdf
2022-11-12 23:13 - 2022-11-12 23:19 - 000100764 _____ C:\Users\fbart\Downloads\Nahodil se byznys plán-1.pdf
2022-11-12 23:13 - 2022-11-12 23:13 - 000110730 _____ C:\Users\fbart\Downloads\Nahodil se byznys plán.pdf
2022-11-12 22:58 - 2022-11-12 22:58 - 000502644 _____ C:\Users\fbart\Downloads\Adeste fideles.pdf
2022-11-11 11:10 - 2022-11-11 11:10 - 002830489 _____ C:\Users\fbart\Downloads\BSN5-24_PLANOVACI s anglictinou VN 2024.pdf
2022-11-11 10:01 - 2022-11-11 10:01 - 000596569 _____ C:\Users\fbart\Downloads\BSN5-24_PLANOVACI s anglictinou OB 2024.pdf
2022-11-10 10:50 - 2022-11-10 10:50 - 000255399 _____ C:\Users\fbart\Downloads\Oznameni-1(1).pdf
2022-11-10 10:50 - 2022-11-10 10:50 - 000000000 _____ C:\Users\fbart\Downloads\Oznameni-1.pdf
2022-11-10 09:50 - 2022-11-10 09:50 - 001649499 _____ C:\Users\fbart\Downloads\nahled-EK0136.pdf
2022-11-10 09:30 - 2022-11-10 09:31 - 000166924 _____ C:\Users\fbart\Downloads\data-sheet-wd-blue-pc-hard-drives-2879-771436.pdf
2022-11-09 18:17 - 2022-11-09 18:17 - 000166564 _____ C:\Users\fbart\Downloads\Faktura 202211091 - Zdenek_Kubes - F_Bartak.pdf
2022-11-09 18:15 - 2022-11-09 18:15 - 000166567 _____ C:\Users\fbart\Downloads\Faktura 202206211 - Zdenek_Kubes - F_Bartak.pdf
2022-11-08 19:50 - 2022-11-08 19:50 - 000255399 _____ C:\Users\fbart\Downloads\Oznameni.pdf
2022-11-07 23:52 - 2022-11-07 23:52 - 000010458 _____ C:\Users\fbart\Downloads\Zálohový list.pdf
2022-11-07 15:57 - 2022-11-07 15:57 - 000000000 ____D C:\Users\fbart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-11-07 10:35 - 2022-11-07 10:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-11-06 11:16 - 2022-11-06 11:16 - 000270552 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-11-06 11:16 - 2022-11-06 11:16 - 000221944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-11-04 18:11 - 2022-11-04 18:11 - 000068690 _____ C:\Users\fbart\Downloads\Vodafone Vyúčtování číslo 867892859.pdf
2022-11-01 18:28 - 2022-11-01 18:28 - 000984244 _____ C:\Users\fbart\Downloads\KET Test 1 - Reading Part 3.pdf
2022-11-01 09:24 - 2022-11-01 09:24 - 003591196 _____ C:\Users\fbart\Downloads\31-tipu-nj-pdf.pdf
2022-10-29 22:37 - 2022-10-29 22:37 - 004905648 _____ C:\Users\fbart\Downloads\bidnici.pdf
2022-10-26 17:34 - 2022-10-26 17:34 - 000180970 _____ C:\Users\fbart\Downloads\Hove_07_SchweizerHochdeutsch.pdf
2022-10-26 16:42 - 2022-10-26 16:42 - 000068886 _____ C:\Users\fbart\Downloads\Faktura vydaná_FV22156313-2.pdf
2022-10-26 16:39 - 2022-10-26 16:39 - 000201943 _____ C:\Users\fbart\Downloads\Objednavka_OBJ20179416-1.pdf
2022-10-25 15:15 - 2022-10-25 15:15 - 003704310 _____ C:\Users\fbart\Downloads\MFP_2022_3_web.pdf
2022-10-25 15:11 - 2022-10-25 15:11 - 006524960 _____ C:\Users\fbart\Downloads\MFP_2022_2_web.pdf
2022-10-25 15:09 - 2022-10-25 15:09 - 003580989 _____ C:\Users\fbart\Downloads\MFP_2022_1.pdf
2022-10-22 22:10 - 2022-10-22 22:10 - 013655207 _____ C:\Users\fbart\Downloads\Lord of the Rings Collection.pdf
2022-10-22 22:07 - 2022-10-22 22:07 - 000015715 _____ C:\Users\fbart\Downloads\prendreRDVImpressionPDF.pdf
2022-10-20 10:33 - 2022-10-20 10:33 - 000245198 _____ C:\Users\fbart\Downloads\a1-ubungen-in-deutscher-grammatik-fur-anfanger.pdf
2022-10-19 22:19 - 2022-10-19 22:19 - 000002285 _____ C:\Users\fbart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox Private Browsing.lnk
2022-10-19 19:16 - 2022-09-02 09:31 - 001905920 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-10-19 19:16 - 2022-09-02 09:31 - 001905920 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-10-19 19:16 - 2022-09-02 09:31 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-10-19 19:16 - 2022-09-02 09:31 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-10-19 19:16 - 2022-09-02 09:31 - 001432328 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-10-19 19:16 - 2022-09-02 09:31 - 001432328 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-10-19 19:16 - 2022-09-02 09:31 - 001145608 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-10-19 19:16 - 2022-09-02 09:31 - 001145608 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-10-19 19:16 - 2022-09-02 09:30 - 001471992 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-10-19 19:16 - 2022-09-02 09:30 - 001213424 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-10-19 19:16 - 2022-09-02 09:28 - 000865800 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-10-19 19:16 - 2022-09-02 09:28 - 000687624 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-10-19 19:16 - 2022-09-02 09:27 - 002127856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-10-19 19:16 - 2022-09-02 09:27 - 001607656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-10-19 19:16 - 2022-09-02 09:27 - 001536520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-10-19 19:16 - 2022-09-02 09:27 - 001182728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-10-19 19:16 - 2022-09-02 09:27 - 001059312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-10-19 19:16 - 2022-09-02 09:27 - 000845296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-10-19 19:16 - 2022-09-02 09:26 - 010269704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-10-19 19:16 - 2022-09-02 09:26 - 008803848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-10-19 19:16 - 2022-09-02 09:26 - 005362696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-10-19 19:16 - 2022-09-02 09:26 - 003066888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-10-19 19:16 - 2022-09-02 09:26 - 001734664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6451669.dll
2022-10-19 19:16 - 2022-09-02 09:26 - 001494000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6451669.dll
2022-10-19 19:16 - 2022-09-02 09:23 - 006367416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-10-19 19:11 - 2022-10-19 19:11 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-10-19 19:11 - 2022-10-19 19:11 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-10-19 19:11 - 2022-10-19 19:11 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-10-19 19:10 - 2022-10-19 19:10 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-10-19 19:10 - 2022-10-19 19:10 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-10-19 19:10 - 2022-10-19 19:10 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-10-19 19:10 - 2022-10-19 19:10 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-10-19 18:52 - 2022-10-19 18:52 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-18 20:47 - 2017-12-01 22:30 - 000000000 ____D C:\FRST
2022-11-18 20:38 - 2021-12-12 12:56 - 000000000 ____D C:\Users\fbart\AppData\Roaming\WhatsApp
2022-11-18 20:31 - 2020-05-13 21:13 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-18 20:29 - 2021-05-19 13:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-11-18 20:09 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-18 19:03 - 2022-10-05 12:57 - 000002878 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-11-18 19:03 - 2022-10-05 12:57 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-11-18 19:03 - 2022-08-30 09:26 - 000003424 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{C9B41F03-CE97-46FC-9A53-217B962DE78D}
2022-11-18 19:03 - 2022-07-18 15:04 - 000003200 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{879116B2-1160-4F59-8641-0C214FB783CA}
2022-11-18 19:03 - 2021-12-15 21:57 - 000002254 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - fbart
2022-11-18 19:03 - 2021-11-21 20:18 - 000002428 _____ C:\WINDOWS\system32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2022-11-18 19:03 - 2021-05-19 13:55 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-18 19:03 - 2021-05-19 13:55 - 000003306 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1487236436
2022-11-18 19:03 - 2021-05-19 13:55 - 000003240 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-18 19:03 - 2021-05-19 13:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2022-11-18 19:03 - 2019-11-17 10:37 - 000000000 ____D C:\Users\fbart\Documents\Zoom
2022-11-18 17:39 - 2016-12-26 16:31 - 000000000 ____D C:\Users\fbart\AppData\Roaming\vlc
2022-11-18 16:20 - 2016-12-30 20:15 - 000000000 ____D C:\Users\fbart\Documents\Lexicon
2022-11-17 18:21 - 2021-05-19 13:55 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-11-16 18:19 - 2018-05-28 17:39 - 000000000 ____D C:\Users\fbart\AppData\Local\D3DSCache
2022-11-16 13:43 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-16 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-15 09:16 - 2021-05-19 13:53 - 001885574 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-11-15 09:16 - 2019-12-07 15:41 - 000785556 _____ C:\WINDOWS\system32\perfh005.dat
2022-11-15 09:16 - 2019-12-07 15:41 - 000182314 _____ C:\WINDOWS\system32\perfc005.dat
2022-11-15 09:16 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-11-15 09:13 - 2019-01-14 14:47 - 000382504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-11-15 09:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-11-15 09:10 - 2017-06-12 18:13 - 000000000 ____D C:\ProgramData\Synaptics
2022-11-12 15:55 - 2021-10-11 14:15 - 000000000 ____D C:\Video
2022-11-12 15:53 - 2020-07-07 12:27 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-12 15:53 - 2020-07-07 12:27 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-11-11 10:59 - 2022-02-09 19:15 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-11-11 08:22 - 2020-05-13 21:14 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-11 08:22 - 2020-05-13 21:14 - 000002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-11-10 15:29 - 2021-07-20 14:10 - 000002421 _____ C:\Users\fbart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2022-11-10 15:29 - 2021-07-20 14:10 - 000002413 _____ C:\Users\fbart\Desktop\Microsoft Teams.lnk
2022-11-09 18:25 - 2017-06-28 13:38 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera browser.lnk
2022-11-09 18:25 - 2017-02-16 10:12 - 000000000 ____D C:\Program Files\Opera
2022-11-09 17:26 - 2018-04-16 16:25 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2022-11-09 17:26 - 2018-04-16 16:25 - 000002470 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2022-11-07 15:57 - 2020-05-12 13:02 - 000001984 _____ C:\Users\fbart\Desktop\Zoom.lnk
2022-11-07 15:57 - 2018-08-15 21:34 - 000000000 ____D C:\Users\fbart\AppData\Roaming\Zoom
2022-11-07 11:04 - 2018-04-16 16:25 - 000000000 ____D C:\Users\fbart\AppData\Local\AVAST Software
2022-11-07 10:35 - 2016-12-20 22:41 - 000000000 ____D C:\Users\fbart\AppData\LocalLow\Mozilla
2022-11-07 10:35 - 2016-12-20 22:40 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-11-07 10:35 - 2016-12-20 22:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-11-07 10:35 - 2016-12-20 22:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-11-07 10:31 - 2021-05-19 13:45 - 000000000 ____D C:\Users\fbart
2022-11-07 10:31 - 2016-12-20 22:34 - 000000000 __SHD C:\Users\fbart\IntelGraphicsProfiles
2022-11-07 10:30 - 2021-05-19 13:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-07 10:30 - 2021-05-19 13:41 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-07 10:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-11-07 10:30 - 2017-06-12 18:12 - 000000000 ____D C:\ProgramData\NVIDIA
2022-11-07 10:30 - 2016-10-29 23:18 - 000000000 ____D C:\Intel
2022-11-06 11:16 - 2020-10-24 17:03 - 000276520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-11-06 11:16 - 2020-04-20 20:08 - 000564304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-11-06 11:16 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-11-06 11:16 - 2019-01-14 14:47 - 000390096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys.166842975921801
2022-11-06 11:16 - 2019-01-09 12:05 - 000306128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-11-06 11:16 - 2019-01-09 12:05 - 000105936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-11-06 11:16 - 2019-01-09 12:05 - 000042304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-11-06 11:16 - 2018-10-23 23:01 - 000048512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-11-06 11:16 - 2018-03-09 10:33 - 000862936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-11-06 11:16 - 2018-03-09 10:33 - 000672272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-11-06 11:16 - 2018-03-09 10:33 - 000327896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-11-06 11:16 - 2018-03-09 10:33 - 000238152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-11-06 11:16 - 2018-03-09 10:33 - 000114464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-11-06 11:16 - 2018-03-09 10:33 - 000090008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-11-04 09:00 - 2021-12-12 12:55 - 000000000 ____D C:\Users\fbart\AppData\Local\WhatsApp
2022-11-03 13:36 - 2021-09-23 18:31 - 000002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-11-03 13:36 - 2021-09-23 18:31 - 000001906 _____ C:\Users\Default\Desktop\Google Slides.lnk
2022-11-03 13:36 - 2021-09-23 18:31 - 000001906 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2022-11-03 13:36 - 2021-09-23 18:31 - 000001894 _____ C:\Users\Default\Desktop\Google Docs.lnk
2022-11-03 13:36 - 2018-10-12 09:50 - 000001870 _____ C:\Users\fbart\Desktop\Google Drive.lnk
2022-10-31 16:01 - 2017-11-28 10:12 - 000000000 ____D C:\Users\fbart\AppData\Local\JDownloader v2.0
2022-10-29 17:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-10-23 22:23 - 2018-08-14 18:08 - 000000000 ____D C:\Users\fbart\AppData\Local\CrashDumps
2022-10-19 22:07 - 2021-05-19 13:41 - 000559744 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-10-19 22:07 - 2016-12-20 22:53 - 000000000 ____D C:\ProgramData\AVAST Software
2022-10-19 22:07 - 2016-12-20 22:45 - 000000000 ____D C:\Program Files\CCleaner
2022-10-19 22:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-10-19 22:06 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-10-19 22:05 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-19 22:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-10-19 22:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-10-19 22:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-10-19 22:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-10-19 22:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-10-19 22:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-10-19 22:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-10-19 19:18 - 2017-06-12 18:12 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-10-19 19:18 - 2017-06-12 18:12 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-10-19 19:16 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-10-19 19:15 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-10-19 19:15 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-10-19 19:10 - 2021-05-19 13:44 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-10-19 18:44 - 2016-12-22 19:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-10-19 18:29 - 2016-12-22 19:42 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ========

2022-09-19 14:35 - 2022-09-19 14:35 - 000000000 _____ () C:\Program Files (x86)\test.txt
2022-07-21 10:50 - 2022-07-21 10:50 - 000000171 _____ () C:\Users\fbart\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2019-06-24 15:45 - 2019-06-24 15:46 - 002535362 _____ () C:\Users\fbart\AppData\Roaming\AvidLink_Install.log
2018-06-26 21:25 - 2018-06-26 21:25 - 000000861 _____ () C:\Users\fbart\AppData\Roaming\Avid_CCS_Service_Stop.log
2021-07-23 18:06 - 2021-07-23 18:06 - 000000000 _____ () C:\Users\fbart\AppData\Local\oobelibMkey.log
2017-01-09 21:48 - 2022-05-19 15:05 - 000007593 _____ () C:\Users\fbart\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: Podezření na nekalé živly v PC

Napsal: 18 lis 2022 20:54
od krysarr
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-11-2022
Ran by fbart (18-11-2022 20:49:19)
Running from D:\SOFTWARE\FRST
Microsoft Windows 10 Home Version 21H2 19044.2130 (X64) (2021-05-19 12:55:54)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2002658774-1703651359-3694545506-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2002658774-1703651359-3694545506-503 - Limited - Disabled)
fbart (S-1-5-21-2002658774-1703651359-3694545506-1002 - Administrator - Enabled) => C:\Users\fbart
Guest (S-1-5-21-2002658774-1703651359-3694545506-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2002658774-1703651359-3694545506-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: COMODO Firewall (Disabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acronis Drivers (HKLM\...\{7C36ADC0-5219-4D31-90D1-4211321481EF}) (Version: 25.8.39216 - Acronis) Hidden
Acronis True Image (HKLM-x32\...\{F0A1A9E1-CD4B-4504-836F-1946F5815ECB}) (Version: 25.8.39216 - Acronis) Hidden
Acronis True Image (HKLM-x32\...\{F0A1A9E1-CD4B-4504-836F-1946F5815ECB}Visible) (Version: 25.8.39216 - Acronis)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.5.0.617 - Adobe Inc.)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.10 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Adobe Premiere Pro 2021 (HKLM-x32\...\PPRO_15_4) (Version: 15.4 - Adobe Inc.)
AIR Xpand!2 (HKLM\...\{69A89482-FEC4-4E34-97F9-46BB287D0953}) (Version: 2018.1.0.1440 - AIR Music Technology)
Aktualizace NVIDIA 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.0 - NVIDIA Corporation)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Apple Mobile Device Support (HKLM\...\{065D0CC8-C382-48AF-8A88-0DD3366EB26C}) (Version: 16.0.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.15_Beta2 - tippach engineering)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.10.6038 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 106.0.19080.168 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Avid Cloud Client Services (HKLM\...\{66E7D4F4-F044-428D-A734-59138A626A52}) (Version: 2.4.0.15 - Avid Technology, Inc.)
Avid Effects (HKLM\...\{F53B2C5A-9739-425A-B74C-E8D94DF2EFB5}) (Version: 18.4.0.317 - Avid Technology, Inc.)
Avid Link (HKLM\...\{4865F211-1BDF-42B1-A863-EA828CA43431}) (Version: 19.1.0.315 - Avid Technology, Inc.)
Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.)
Bandicut (HKLM-x32\...\Bandicut) (Version: 3.6.6.676 - Bandicam.com)
BandLab Assistant 8.1.1 (HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\9b08bea4-021c-5f9d-a74e-ac0ceb51fb28) (Version: 8.1.1 - BandLab Technologies)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.04 - Piriform)
CDex - Digital Audio CD Extractor and Converter (HKLM-x32\...\CDex) (Version: 1.82.0.2016 - CDex.mu)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 104.0.5112.81 - Comodo)
COMODO Firewall (HKLM\...\{0E9AFD45-C3BA-41D1-B54B-495A22CB3409}) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.) Hidden
COMODO Firewall (HKLM\...\COMODO Internet Security) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant ISST Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 9.0.239.70 - Conexant)
CPUID CPU-Z 1.86 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.86 - CPUID, Inc.)
CrystalDiskMark 5.2.0 (HKLM\...\CrystalDiskMark5_is1) (Version: 5.2.0 - Crystal Dew World)
doPDF (HKLM\...\{FB1982DB-B680-41EE-9B30-43BFFA2D7F33}) (Version: 10.7.124 - Softland) Hidden
doPDF 10 (HKLM-x32\...\{21a6faa3-2645-4c5e-9092-39093ff41d46}) (Version: 10.7.124 - Softland)
doPDF 10 add-in for Microsoft Office (x64) (HKLM\...\{A1C2AAB8-C06D-4593-9A9B-4B3760C019AF}) (Version: 10.7.124 - Softland)
doPDF 10 add-in for Microsoft Office (x86) (HKLM-x32\...\{73503AFE-4AEF-4671-930A-5EC755606EB1}) (Version: 10.7.124 - Softland)
doPDF 10 Printer Driver (HKLM\...\{12D66221-EFBC-4BEF-9382-5C7F33889C91}) (Version: 10.7.124 - Softland)
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version: - Softland)
DoulosSIL 5.000 (HKLM-x32\...\DoulosSIL) (Version: - )
DVDFab 12 (x64) (29/10/2020) (HKLM-x32\...\DVDFab 12 (x64)) (Version: 12.0.0.4 - DVDFab Software Inc.)
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Focusrite USB Audio Driver 1.10 (HKLM\...\Focusrite USB Audio Driver_is1) (Version: 1.10 - Focusrite Audio Engineering Ltd.)
FoneTool (HKLM-x32\...\{AD04677C-79B8-4B7A-BB39-FEE6F138E716}_is1) (Version: 2.0.0 - AOMEI International Network Limited.)
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 12.0.0.12394 - Foxit Software Inc.)
Free DOCX To DOC Converter (HKLM-x32\...\{775F4A03-DF72-4122-88F4-2D2549FB05F0}) (Version: 1.0.0 - Media Freeware)
Free Slideshow Maker (3.5.4.0) (HKLM-x32\...\Free Slideshow Maker_is1) (Version: 3.5.4.0 - Amazing Studio)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 107.0.5304.107 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 66.0.3.0 - Google LLC)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HP Client Security Manager (HKLM\...\{B4A0B76D-EAE6-4717-AEB3-58C1BCD7B9E8}) (Version: 9.0.0.2116 - HP Inc.) Hidden
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 9.0.0.2116 - HP Inc.)
HP Customer Experience Enhancements (HKLM-x32\...\{64228DFB-7450-49B7-935C-B97342CB6659}) (Version: 6.0.10.1 - HP Development Company, L.P.) Hidden
HP Device Access Manager (HKLM\...\{766ED263-4CA0-4D2F-9FA8-717827F718D6}) (Version: 8.3.16.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM\...\{872897C1-CDCD-4466-82AA-5483BCCF09C7}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{B0D5BCD0-8DFB-48A3-9BDF-4E183159E420}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{C0407127-4831-47CD-8A7A-E5ED7A2D398B}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{FC292FE3-B7B0-492C-BC2E-C0DFCA30FC92}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{39404020-C431-4331-9241-62956555DA49}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{3efaef38-ee9e-4421-bea3-e0a4d835d3f4}) (Version: 5.1.20088 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{C5AD7A64-6DDF-482A-8E7D-FA1DED0A201A}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ESU for Microsoft Windows 10 (HKLM-x32\...\{94D0EB60-8B2F-4A80-BA74-3D312434415F}) (Version: 11.2.2 - HP)
HP JumpStart Bridge (HKLM-x32\...\{6B4A5299-4837-485A-B71D-7F1CE6F8F018}) (Version: 1.0.0.143 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{0F5EBB0D-DF6D-4DBE-9789-57BF05B3B0FD}) (Version: 1.0.145.0 - HP Inc.)
HP Recovery Manager (HKLM-x32\...\{64BAA990-F1FC-4145-A7B1-E41FBBC9DA47}) (Version: 1.2.1510 - HP) Hidden
HP SoftPaq Download Manager (HKLM-x32\...\{92db00b4-c4ee-4893-bc4e-8be6548b2742}) (Version: 4.3.4.0 - HP)
HP Software Setup (HKLM-x32\...\{C968E860-054F-490F-95C6-C9A29601459E}) (Version: 9.2.2 - HP)
HP System Default Settings (HKLM-x32\...\{E570B9C2-9A83-4938-BBD5-0A8C068083C1}) (Version: 1.2.3.1 - HP INC)
HP Universal Camera Driver (HKLM-x32\...\{8B204728-0D90-48BE-97C0-BBEDDFDFA83C}) (Version: 3.5.8.11 - SunplusIT)
Intel(R) Chipset Device Software (HKLM\...\{3AE6FD56-D431-4B53-94F0-95E844206ADF}) (Version: 10.1.1.32 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{aaa7f0fb-02dc-4576-beef-7d24842c5fbe}) (Version: 10.1.1.32 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{00176A23-1A4E-4429-817E-44B40D9EF692}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{0854C811-6DAD-441D-AB36-2F73631A04A1}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1914.12.0.1255 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{650FF4FD-69E7-4AA4-9F46-6B7DFC8489F7}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{1535E647-D354-4775-9EE8-FD9E8ED0701A}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.0.2.1044 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{AD29B896-0901-4B3E-9C2A-BD59B38A9568}) (Version: 15.0.2.1044 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{3920BCB0-23AA-4D0D-93E5-404692DAF9D2}) (Version: 19.00.1621.3340 - Intel Corporation)
Intel(R) Wireless Manageability Driver (HKLM\...\{28C2C4DE-AAF6-424D-B018-5142729E1C67}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Wireless Manageability Driver Extension (HKLM\...\{03C415A8-0861-4BB7-8857-27089E6C298A}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® PROSet/Wireless WiFi Software (HKLM\...\{EF71AFFB-85B5-407C-A301-39EA25F98313}) (Version: 20.90.0.2270 - Intel Corporation) Hidden
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo)
iTunes (HKLM\...\{7204716B-87DE-4558-8D9D-2393096BEDE8}) (Version: 12.12.5.8 - Apple Inc.)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Jihosoft Photo Eraser version 1.2.3.0 (HKLM-x32\...\{7EE52565-A8FC-4DDB-9E97-479EF73F1AA0}_is1) (Version: 1.2.3.0 - Shenzhen Jihosoft CO., LIMITED)
Kigo Netflix Video Downloader version 1.73 (HKLM-x32\...\{42614667-F4C9-2021-1983-90091911AAA}_is1) (Version: 1.73 - )
Lingea Lexicon 7 (HKLM-x32\...\Lexicon7) (Version: - Lingea s.r.o.)
MASV 2.3.66 (HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\41a96b90-0c31-5459-8f90-9951b71f7636) (Version: 2.3.66 - The MASV Team)
MEmu (HKLM-x32\...\MEmu) (Version: 7.6.6.0 - Microvirt Software Technology Co. Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 107.0.1418.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.42 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office XP Professional s aplikací FrontPage (HKLM-x32\...\{90280405-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.11 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\OneDriveSetup.exe) (Version: 21.109.0530.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Teams) (Version: 1.5.00.28361 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{2FAF2A80-5906-467E-8AD2-B83C94383600}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{F85F7FF0-5DFF-4BC0-9045-C9573D1BC11F}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29325 (HKLM\...\{26AF0C35-55EC-4025-8D83-349E8FB1419F}) (Version: 14.28.29325 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29325 (HKLM\...\{7D0362D5-C699-4403-BC09-0C1DAD1D93AB}) (Version: 14.28.29325 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM-x32\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM-x32\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Movavi Slideshow Maker 3 (HKLM-x32\...\Movavi Slideshow Maker 3) (Version: 3.0.0 - Movavi)
Mozilla Firefox (x64 en-GB) (HKLM\...\Mozilla Firefox 106.0.5 (x64 en-GB)) (Version: 106.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 106.0.5.8343 - Mozilla)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
NVIDIA Ovladače grafiky 516.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 516.69 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
O2 (HKLM-x32\...\O2CZ) (Version: - O2)
Opera Stable 55.0.2994.61 (HKLM-x32\...\Opera 55.0.2994.61) (Version: 55.0.2994.61 - Opera Software)
Opera Stable 92.0.4561.43 (HKLM-x32\...\Opera 92.0.4561.43) (Version: 92.0.4561.43 - Opera Software)
PACE License Support Win64 (HKLM\...\{15ADFA42-BA79-47e4-945F-A8A997FB990C}) (Version: 4.0.3.2024 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{15ADFA42-BA79-47e4-945F-A8A997FB990C}) (Version: 4.0.3.2024 - PACE Anti-Piracy, Inc.)
PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.26.25466 - pdfforge GmbH)
PDF Architect 4 Asian Fonts Pack (HKLM\...\{E15E5BA3-68C2-4B55-8D38-4DBB3F9B21DD}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 Convert Module (HKLM\...\{58B672CE-84B3-4FCD-B2BC-85D6832081AF}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 Create Module (HKLM\...\{72B9DF2C-76FA-40B5-A469-16EAB159CE72}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 Edit Module (HKLM\...\{BDF7326B-7ED4-4034-B867-F4E88D4E628B}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 Forms Module (HKLM\...\{BBBB75A5-1B4B-404F-B441-C59E29AC887E}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 Insert Module (HKLM\...\{F9417A7E-A44D-4318-B479-56D2533F01F8}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 OCR Module (HKLM\...\{DCD772BD-5EE9-4B00-B976-5EC52C022981}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 Review Module (HKLM\...\{64D4BCF9-C439-4CBF-8E35-AF14C867F9A2}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 Secure Module (HKLM\...\{357F5B29-55DD-4799-B85A-C4C5F9CF061F}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 View Module (HKLM\...\{03E04B47-9270-4613-8D7E-DA4AD2B259A0}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PdfMerge (HKLM-x32\...\{238BE990-A412-4129-A434-D03B1A9E396E}) (Version: 1.22.0 - PdfMerge)
Personal Backup 6.2.16.0 (64-bit) (HKLM\...\Personal Backup 6_is1) (Version: 6.2.16.0 - Dr. J. Rathlev)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.131 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.9.422.2016 - Realtek)
Sibelius (HKLM\...\{62892434-57A6-44E7-9C58-7C248DE6181D}) (Version: 19.1.0.1145 - Avid Technology)
Sibelius OpenType Fonts (HKLM-x32\...\{603AEE7A-6967-4CDB-8528-0CAC729A004B}) (Version: 18.6.0 - Avid)
Skype version 8.83 (HKLM-x32\...\Skype_is1) (Version: 8.83 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.8.32 - Synaptics Incorporated)
Synaptics WBF Fingerprint Reader (HKLM\...\{FE645EDA-C5B2-4CF3-B9E7-AFABD5710EEF}) (Version: 4.5.335.0 - Synaptics)
SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 7.6.74.0 - 2BrightSparks)
Titan Backup (HKLM-x32\...\Titan Backup) (Version: 2.0 - Neobyte Solutions)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{A9AE164B-A435-4458-A2BF-178365A73505}) (Version: 1.12.0.0 - Microsoft Corporation) Hidden
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Weeny Free Audio Cutter 1.5 (HKLM-x32\...\Weeny Free Audio Cutter_is1) (Version: - Weeny Software)
Weeny Free PDF Cutter 1.4 (HKLM-x32\...\Weeny Free PDF Cutter_is1) (Version: - Weeny Software)
Weeny Free Video Cutter 1.4 (HKLM-x32\...\Weeny Free Video Cutter_is1) (Version: - Weeny Software)
WhatsApp (HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\WhatsApp) (Version: 2.2242.6 - WhatsApp)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Windows Video Editor 2021 (HKLM\...\{9CC29C6A-B5FE-497B-8F23-52A2557A92D9}}_is1) (Version: - VideoWin)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
WMPKeys (HKLM-x32\...\{5D4B3647-9842-4875-B081-EF8D98C02865}) (Version: 1.2.0.0 - lazymf and kbept)
Yamaha USB-MIDI Driver (HKLM\...\{2D488455-3E89-49EF-BA6E-92C2503DC89D}) (Version: 3.1.4.1 - Yamaha Corporation) Hidden
Yamaha USB-MIDI Driver (HKLM-x32\...\InstallShield_{2D488455-3E89-49EF-BA6E-92C2503DC89D}) (Version: 3.1.4.1 - Yamaha Corporation)
Zoom (HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\ZoomUMX) (Version: 5.12.2 (9281) - Zoom Video Communications, Inc.)

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2022-07-21] (Adobe Systems Incorporated)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.228.0_x64__v10z8vjag6ke6 [2022-07-21] (HP Inc.)
HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_8.10.29.0_x64__v10z8vjag6ke6 [2022-07-21] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-07-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-07-21] (Microsoft Corporation) [MS Ad]
Movie Creator : Video Editor -> C:\Program Files\WindowsApps\39691Videopix.MovieMakerFreeVideoEditor_1.1.119.0_x64__dxz7h1qnd1pge [2022-10-19] (Videopix)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-07-21] (Netflix, Inc.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-07-21] (Microsoft Corporation)
TeamViewer: Remote Control -> C:\Program Files\WindowsApps\TeamViewer.31414B719FA93_15.0.100.0_x86__89446h4zmeyyt [2022-07-21] (TeamViewer)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2022-07-21] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2002658774-1703651359-3694545506-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-89BC068FA487} -> [Creative Cloud Files] => C:\Users\fbart\Creative Cloud Files [2021-07-23 17:50]
CustomCLSID: HKU\S-1-5-21-2002658774-1703651359-3694545506-1002_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\fbart\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22234.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2002658774-1703651359-3694545506-1002_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-2002658774-1703651359-3694545506-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_8_39216.dll [2021-03-23] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_8_39216.dll [2021-03-23] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_8_39216.dll [2021-03-23] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_8_39216.dll [2021-03-23] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\66.0.3.0\drivefsext.dll [2022-11-03] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\66.0.3.0\drivefsext.dll [2022-11-03] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\66.0.3.0\drivefsext.dll [2022-11-03] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\66.0.3.0\drivefsext.dll [2022-11-03] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-03] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-03] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-03] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-11-06] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-11-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-03] (Adobe Inc. -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-11-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\66.0.3.0\drivefsext.dll [2022-11-03] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-11-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\66.0.3.0\drivefsext.dll [2022-11-03] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\66.0.3.0\drivefsext.dll [2022-11-03] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxDTCM.dll [2020-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2022-07-06] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-11-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => lvcod64.dll
HKLM\...\Drivers32-x32: [vidc.i420] => lvcodec2.dll
HKLM\...\Drivers32: [VIDC.MPG4] => C:\Windows\SysWOW64\mpg4c32.dll [427520 2000-06-02] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.MP42] => C:\Windows\SysWOW64\mpg4c32.dll [427520 2000-06-02] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.msaudio1] => C:\Windows\SysWOW64\msaud32.acm [305152 2000-06-02] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.sl_anet] => C:\Windows\SysWOW64\sl_anet.acm [102400 2000-06-02] (Sipro Lab Telecom Inc.) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\fbart\Desktop\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat ()
Shortcut: C:\Users\fbart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 12 (x64)\DVDFab 12 Online.lnk -> hxxp://www.dvdfab.cn/?s=dvdfab12&v=12.0.0.

==================== Loaded Modules (Whitelisted) =============

2020-04-08 04:10 - 2020-04-08 04:10 - 002063872 ____N () [File not signed] C:\Program Files (x86)\Lingea\Lexicon7\LibSnd.dll
2017-11-09 15:30 - 2017-11-09 15:30 - 004942848 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\AssetDeliveryCog.acf
2017-11-09 15:27 - 2017-11-09 15:27 - 002111488 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\AssetDeliveryInterfaceCog.acf
2017-11-09 15:21 - 2017-11-09 15:21 - 004502528 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\AvidAssetCog.acf
2017-11-09 15:23 - 2017-11-09 15:23 - 002041856 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\AvidAssetInterfaceCog.acf
2017-11-09 15:28 - 2017-11-09 15:28 - 002012160 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\CompressionCog.acf
2017-11-09 15:27 - 2017-11-09 15:27 - 001701376 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\FileMgrCog.acf
2017-11-09 15:19 - 2017-11-09 15:19 - 004383744 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\NetworkInterfaceCog.acf
2017-11-09 15:24 - 2017-11-09 15:24 - 002758144 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\ProjectSyncCog.acf
2017-11-09 15:25 - 2017-11-09 15:25 - 002073088 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\ProjectSyncInterfaceCog.acf
2017-04-03 21:16 - 2017-04-03 21:16 - 000098304 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\PXF\PXFPlugin.acf
2017-11-09 15:22 - 2017-11-09 15:22 - 001780224 _____ () [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\TransportCog.acf
2004-05-04 13:27 - 2004-05-04 13:27 - 000024064 _____ (Adobe Systems®, Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Audition 1.5\Audit.DLL
2004-05-04 13:58 - 2004-05-04 13:58 - 000045056 _____ (Adobe Systems®, Incorporated) [File not signed] c:\program files (x86)\adobe\audition 1.5\chamber.xfm
2004-05-04 13:58 - 2004-05-04 13:58 - 000061440 _____ (Adobe Systems®, Incorporated) [File not signed] c:\program files (x86)\adobe\audition 1.5\dynamics.xfm
2004-05-04 14:01 - 2004-05-04 14:01 - 000036352 _____ (Adobe Systems®, Incorporated) [File not signed] c:\program files (x86)\adobe\audition 1.5\echo.xfm
2004-05-04 13:56 - 2004-05-04 13:56 - 000009216 _____ (Adobe Systems®, Incorporated) [File not signed] c:\program files (x86)\adobe\audition 1.5\en_US\chamber.DLL
2004-05-04 13:56 - 2004-05-04 13:56 - 000015872 _____ (Adobe Systems®, Incorporated) [File not signed] c:\program files (x86)\adobe\audition 1.5\en_US\dynamics.DLL
2004-05-04 13:56 - 2004-05-04 13:56 - 000007168 _____ (Adobe Systems®, Incorporated) [File not signed] c:\program files (x86)\adobe\audition 1.5\en_US\echo.DLL
2004-05-04 13:56 - 2004-05-04 13:56 - 000004096 _____ (Adobe Systems®, Incorporated) [File not signed] c:\program files (x86)\adobe\audition 1.5\en_US\envelope.DLL
2004-05-04 13:52 - 2004-05-04 13:52 - 000002560 _____ (Adobe Systems®, Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Audition 1.5\en_US\ezbus.DLL
2004-05-04 13:53 - 2004-05-04 13:53 - 000053248 _____ (Adobe Systems®, Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Audition 1.5\en_US\fhtpro.dll
2004-05-04 13:56 - 2004-05-04 13:56 - 000015872 _____ (Adobe Systems®, Incorporated) [File not signed] c:\program files (x86)\adobe\audition 1.5\en_US\fullverb.DLL
2004-05-04 13:52 - 2004-05-04 13:52 - 000003072 _____ (Adobe Systems®, Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Audition 1.5\en_US\MackieC.DLL
2004-05-04 13:56 - 2004-05-04 13:56 - 000009728 _____ (Adobe Systems®, Incorporated) [File not signed] c:\program files (x86)\adobe\audition 1.5\en_US\noclick.DLL
2004-05-04 13:56 - 2004-05-04 13:56 - 000011264 _____ (Adobe Systems®, Incorporated) [File not signed] c:\program files (x86)\adobe\audition 1.5\en_US\nonoise.DLL
2004-05-04 13:56 - 2004-05-04 13:56 - 000003584 _____ (Adobe Systems®, Incorporated) [File not signed] c:\program files (x86)\adobe\audition 1.5\en_US\normal.DLL
2004-05-04 13:56 - 2004-05-04 13:56 - 000015360 _____ (Adobe Systems®, Incorporated) [File not signed] c:\program files (x86)\adobe\audition 1.5\en_US\pitchcorrect.DLL
2004-05-04 13:57 - 2004-05-04 13:57 - 000006656 _____ (Adobe Systems®, Incorporated) [File not signed] c:\program files (x86)\adobe\audition 1.5\en_US\qwikverb.DLL
2004-05-04 13:52 - 2004-05-04 13:52 - 000002560 _____ (Adobe Systems®, Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Audition 1.5\en_US\us224.DLL
2004-05-04 13:52 - 2004-05-04 13:52 - 000002560 _____ (Adobe Systems®, Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Audition 1.5\en_US\us428.DLL
2004-05-04 13:53 - 2004-05-04 13:53 - 000004096 _____ (Adobe Systems®, Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Audition 1.5\en_US\Wavepcm.DLL
2004-05-04 14:01 - 2004-05-04 14:01 - 000025088 _____ (Adobe Systems®, Incorporated) [File not signed] c:\program files (x86)\adobe\audition 1.5\envelope.xfm
2004-05-04 13:54 - 2004-05-04 13:54 - 000400896 _____ (Adobe Systems®, Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Audition 1.5\fhtpro.flt
2004-05-04 14:01 - 2004-05-04 14:01 - 000072704 _____ (Adobe Systems®, Incorporated) [File not signed] c:\program files (x86)\adobe\audition 1.5\fullverb.xfm
2004-05-04 14:01 - 2004-05-04 14:01 - 000074240 _____ (Adobe Systems®, Incorporated) [File not signed] c:\program files (x86)\adobe\audition 1.5\noclick.xfm
2004-05-04 14:00 - 2004-05-04 14:00 - 000051200 _____ (Adobe Systems®, Incorporated) [File not signed] c:\program files (x86)\adobe\audition 1.5\nonoise.xfm
2004-05-04 14:00 - 2004-05-04 14:00 - 000024576 _____ (Adobe Systems®, Incorporated) [File not signed] c:\program files (x86)\adobe\audition 1.5\normal.xfm
2004-05-04 13:57 - 2004-05-04 13:57 - 000186880 _____ (Adobe Systems®, Incorporated) [File not signed] c:\program files (x86)\adobe\audition 1.5\pitchcorrect.xfm
2004-05-04 14:00 - 2004-05-04 14:00 - 000043520 _____ (Adobe Systems®, Incorporated) [File not signed] c:\program files (x86)\adobe\audition 1.5\qwikverb.xfm
2004-05-04 13:53 - 2004-05-04 13:53 - 000035328 _____ (Adobe Systems®, Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Audition 1.5\Wavepcm.flt
2017-04-03 21:13 - 2017-04-03 21:13 - 000099840 _____ (Avid Technology, Inc.) [File not signed] C:\Program Files\Avid\Cloud Client Services\avx2_plug-ins\PXF\ACFString.avx
2022-01-22 17:06 - 2019-04-22 15:50 - 001370112 _____ (Conexant Systems LLC.) [File not signed] C:\Program Files\Conexant\SA3\HP-NB-AIO\CxHDAudioAPI.dll
2022-01-18 12:05 - 2020-03-04 17:16 - 000112128 _____ (Conexant Systems, Inc) [File not signed] [File is in use] C:\Program Files\CONEXANT\Flow\ReadMd.DLL
2016-07-19 11:00 - 2016-07-19 11:00 - 000384512 _____ (Crossmatch, Inc.) [File not signed] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPCPFelica.dll
2016-07-19 10:57 - 2016-07-19 10:57 - 000339968 _____ (Crossmatch, Inc.) [File not signed] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPDevice2.dll
2016-07-19 11:01 - 2016-07-19 11:01 - 000454144 _____ (Crossmatch, Inc.) [File not signed] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPDevice5.dll
2008-05-18 18:49 - 2008-05-18 18:49 - 000068096 _____ (lazymf and kbept) [File not signed] C:\Program Files (x86)\WMPKeys\wmpkeys.dll
2001-01-23 04:39 - 2001-01-23 04:39 - 002498560 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Common Files\Microsoft Shared\VBA\VBA6\VBE6.DLL
2001-02-10 04:12 - 2001-02-10 04:12 - 000524339 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\office10\riched20.dll
2000-12-19 20:01 - 2000-12-19 20:01 - 000180224 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Office10\ucs20.dll
2001-01-15 18:32 - 2001-01-15 18:32 - 000325120 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Office10\usp10.dll
1998-11-05 15:27 - 1998-11-05 15:27 - 000536576 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Proof\mslid.dll
2001-01-23 04:39 - 2001-01-23 04:39 - 000159744 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VBA\VBA6\1029\VBE6INTL.DLL
2001-01-16 05:55 - 2001-01-16 05:55 - 000163840 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\msdbg2.dll
2001-01-17 13:56 - 2001-01-17 13:56 - 000176128 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\pdm.dll
2001-02-15 06:45 - 2001-02-15 06:45 - 001318912 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\MSONSEXT.DLL
2001-01-22 02:25 - 2001-01-22 02:25 - 000086016 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMWS.DLL
2000-10-30 20:27 - 2000-10-30 20:27 - 000036864 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Microsoft Office\Office10\msostyle.dll
2001-01-03 02:57 - 2001-01-03 02:57 - 000110639 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Microsoft Office\Office10\saext.dll
2016-07-19 10:13 - 2016-07-19 10:13 - 000220160 _____ (RFIDeas) [File not signed] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\pcProxAPI.dll
2022-01-18 12:05 - 2020-03-04 17:16 - 001431552 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\CONEXANT\Flow\x64\SQLite.Interop.dll
2020-04-01 11:29 - 2020-04-01 11:29 - 000018944 _____ (Softland) [File not signed] C:\WINDOWS\System32\novamn10.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\DextUVCB_x64.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ZLhp1020.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ZSHP1020.EXE:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DextUVCB.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SPUVCBv64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\spool\prtprocs\x64\1_PPhp1020.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\spool\prtprocs\x64\PPhp1020.DLL:$CmdTcID [64]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-08-05] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-08-05] (pdfforge GmbH -> pdfforge GmbH)
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation) [File not signed]
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2021-11-21 18:09 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\Control Panel\Desktop\\Wallpaper -> c:\users\fbart\appdata\roaming\microsoft\windows photo viewer\windows photo viewer wallpaper.jpg
DNS Servers: 156.154.70.22 - 156.154.71.22
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is disabled.

Network Binding:
=============
Síťové připojení Bluetooth: COMODO Internet Security Firewall Driver -> inspect (enabled)
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)
Wi-Fi: COMODO Internet Security Firewall Driver -> inspect (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: aakore => 2
MSCONFIG\Services: AcronisActiveProtectionService => 2
MSCONFIG\Services: AcrSch2Svc => 2
MSCONFIG\Services: AdobeUpdateService => 3
MSCONFIG\Services: afcdpsrv => 2
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: CxMonSvc => 2
MSCONFIG\Services: CxUtilSvc => 2
MSCONFIG\Services: FoxitReaderService => 2
MSCONFIG\Services: FoxitReaderUpdateService => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: HPTouchpointAnalyticsService => 2
MSCONFIG\Services: PDF Architect 4 => 3
MSCONFIG\Services: PDF Architect 4 CrashHandler => 3
MSCONFIG\Services: PDF Architect 4 Creator => 2
MSCONFIG\Services: SkypeUpdate => 2
HKLM\...\StartupApproved\StartupFolder: => "HP JumpStart Launch.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Avid Application Manager.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Avid Link.lnk"
HKLM\...\StartupApproved\Run: => "DigidesignMMERefresh"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "Opera Browser Assistant"
HKLM\...\StartupApproved\Run32: => "O2CZ"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\StartupApproved\StartupFolder: => "Lingea Update Center.lnk"
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\StartupApproved\Run: => "Titan Backup"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{69A89086-06AC-46FC-ACB9-3DF31BA1F028}] => (Allow) C:\Users\fbart\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{6BE8D65A-D76B-4DB8-84B4-C411AA18E771}] => (Allow) C:\Users\fbart\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{DB6E35E8-7C7A-4663-8DE4-0AABEC0A5A2D}] => (Allow) C:\Users\fbart\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{E5D16002-4D79-43FD-B9D3-DC0380C52FE6}D:\software\skype portable 8\skype portable 8.36\skype.exe] => (Allow) D:\software\skype portable 8\skype portable 8.36\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{5C9BBFAA-855A-46F8-A69D-79948FA6C8FA}D:\software\skype portable 8\skype portable 8.36\skype.exe] => (Allow) D:\software\skype portable 8\skype portable 8.36\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{69363CBA-B7AD-48F2-9E95-D15CC644BF75}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{741FC9D5-21EF-49B6-A414-9A043727C774}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{0274FE66-2F18-48DB-80B7-B41B61B644DC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{E9268421-CF6B-4134-99FB-0A7D24B26D85}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{30287EF4-C3C0-47ED-8E39-C0D546051C7D}] => (Allow) C:\Program Files\Avid\Cloud Client Services\Hub.exe (Avid Technology, Inc. -> Avid Technology, Inc.)
FirewallRules: [{16DF23C8-46AD-414D-8CBD-070E67AF32CA}] => (Allow) C:\Program Files\Avid\Cloud Client Services\TransportClient.exe (Avid Technology, Inc. -> Avid Technology, Inc.)
FirewallRules: [{7FACE430-6E50-44E1-B0F2-C4363AF67676}] => (Allow) C:\Program Files\Avid\Application Manager\AvidApplicationManager.exe () [File not signed]
FirewallRules: [{7CF9D905-8017-4C04-924E-D574AA388477}] => (Allow) C:\Program Files\Opera\55.0.2994.44\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{93543409-6CA8-4039-A8FC-797D754BBACD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{3F3D06FD-A1CB-4B64-80D3-DD0BEDF5A325}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [TCP Query User{AB7A072F-3D79-4945-B6C2-2F1B1110E95E}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{C78EF2BD-6B06-4E19-B78D-0AAF2B88E559}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{67CA56C9-8518-4E50-8190-79804AE51376}] => (Allow) C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.)
FirewallRules: [{554A601E-836D-4B1D-9056-C7C5BF1CC7E2}] => (Allow) C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.)
FirewallRules: [{6B5E9738-6505-48F2-BC67-FB1074EA3180}] => (Allow) C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.)
FirewallRules: [{EE23C2E2-7DBF-4524-8702-127828CB43A9}] => (Allow) C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.)
FirewallRules: [{18586248-2882-4F5D-B6BA-8CA6B16AA77E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EE8FA4E5-C563-4A30-9910-8C4DF2E45B09}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{4E516BE0-D77D-40D0-BE7C-6AEF3186F7C1}D:\software\skype portable\skype portable\app\skype\phone\skype.exe] => (Allow) D:\software\skype portable\skype portable\app\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{A44ED964-FA70-4155-B08F-B0AE65979054}D:\software\skype portable\skype portable\app\skype\phone\skype.exe] => (Allow) D:\software\skype portable\skype portable\app\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3165B40D-1467-4483-9DC7-2FD8ADAAE27B}] => (Allow) C:\Program Files\Avid\Avid Link\jre\bin\java.exe
FirewallRules: [{933B3C40-BFE0-4DE4-B71A-E7375E14560C}] => (Allow) C:\Program Files\Avid\Avid Link\Avid Link.exe (Avid Technology, Inc. -> Avid Technology, Inc.)
FirewallRules: [{49B3BA3B-90C8-433C-9CBB-A7D5DEABE51C}] => (Allow) C:\Program Files\Avid\Avid Link\AvidAppManHelper.exe (Avid Technology, Inc. -> Avid Technology, Inc.)
FirewallRules: [{48D5F37A-2146-4F5D-8246-0BB057DB8581}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> )
FirewallRules: [{00C04EB6-9607-439B-8D17-CC197EE50EB0}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{E9DABEF8-95B0-4D1B-9FC9-F1EA0AB63398}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe (Acronis International GmbH -> )
FirewallRules: [{8D5F5A8A-C67C-4A07-B335-CF0F63961528}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> )
FirewallRules: [{75CFBEFE-8F86-49CC-9389-EE3346F15A53}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe (Acronis International GmbH -> ) [File not signed]
FirewallRules: [{CDD529B8-E767-4A52-9651-D2B3F9477C59}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe (Acronis International GmbH -> ) [File not signed]
FirewallRules: [{FBFB51B2-12DD-436C-B2C7-F979ED9DE3EC}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe (Acronis International GmbH -> )
FirewallRules: [{DCEEB958-D469-4956-9B9A-1440BF517274}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe (Acronis International GmbH -> )
FirewallRules: [{A4C15F3A-5442-4610-B7F6-D38A77B0778E}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\acronis_drive.exe (Acronis International GmbH -> )
FirewallRules: [{167E2105-A318-4055-AF8E-F328A162EBB7}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{0F58C658-5199-4FCC-A2DF-F9BC0F675A5A}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe (Acronis International GmbH -> )
FirewallRules: [{819A47DA-139F-45B4-B121-880B56D4FB0E}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe (Acronis International GmbH -> )
FirewallRules: [{13035695-483F-45EF-B111-ED4C1391553E}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\LicenseActivator.exe (Acronis International GmbH -> )
FirewallRules: [{2F1B3DA9-8BAF-40EB-9C08-646D9372A315}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Home\report_sender.exe (Acronis International GmbH -> )
FirewallRules: [{E0BB3257-DCB0-4B06-9782-C8914FF4BAF0}] => (Allow) C:\Program Files (x86)\Acronis\Agent\bin\bckp_amgr.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{46F02991-6EE7-4779-836E-D0167FE12CB4}] => (Allow) C:\Program Files (x86)\Acronis\Agent\bin\task-manager.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{2BA81B2D-829D-4A67-8341-039B06D1D2E4}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH -> )
FirewallRules: [{E0BD6580-C0C8-4FB1-B19E-B0BFED4B711B}] => (Allow) C:\Program Files (x86)\Acronis\Agent\aakore.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{DF4E5CC3-0508-47DA-A981-F23FC100624A}] => (Allow) C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{B67569F6-D1AA-4BE7-9FC7-7AB334FF9570}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C6968038-EDE4-4FCD-840A-6AD2775C443E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{AC1A7D32-9ADF-49D4-AF30-9569632752E2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E42664C3-1648-4D6B-93B6-96870BE50AF1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3272BB2E-EC48-464A-89F3-9ADB123CB9AA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B89E649A-9AF7-4899-9A55-2395C6AC352E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BA09A930-68BC-41FB-B640-76ED068DE9F8}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3713263E-8EF3-4A02-8F16-31118B5085C0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8DFA3F62-FAC3-4409-8491-C186AEDD17BC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4021B452-C1CF-4634-928F-42B7C4BDC5C5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A29B5804-A24D-4021-96D2-F75080F8F6D2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B64A9C2C-BA63-4BE8-A144-CAE4ABBF0913}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{75801220-214D-43C6-9B03-01276D52E4E5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{36B0A4CF-AB6D-418A-9768-0880807FB05A}] => (Allow) C:\Program Files\Opera\92.0.4561.33\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{EF5EA4C0-C799-45B9-ACAB-4ED55F4FD513}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{3BCB4CBF-8B05-481D-80D8-B3114CE3BE44}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0AF40654-5C64-4FBB-8242-63DF8970CEDC}] => (Allow) C:\Program Files\Opera\92.0.4561.43\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{81A8ED1C-193B-4B8E-80BA-FE2684EC1FB5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{7A10783C-F4AC-45F1-AD92-0A090498AFA3}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.42\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E83BCE05-1D20-40A5-8752-3545918F38A9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8A5DA67A-F9AF-43CE-AF75-C7DE9458E8A5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C8F51A8C-D128-4C6E-A47E-E30F30CC8A63}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E4C08D3C-30A5-4675-B132-3F840D443C7A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

19-10-2022 18:52:17 Instalační služba modulů systému Windows
07-11-2022 13:45:32 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/17/2022 11:53:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 DESKTOP-1NAN9QR.local. AAAA FE80:0000:0000:0000:80A8:7B1F:C2AD:4047

Error: (11/17/2022 11:53:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.151:5353 4 DESKTOP-1NAN9QR.local. Addr 192.168.0.151

Error: (11/17/2022 11:53:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 4 DESKTOP-1NAN9QR.local. Addr 169.254.64.71

Error: (11/17/2022 11:53:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.151:5353 4 DESKTOP-1NAN9QR.local. Addr 192.168.0.151

Error: (11/17/2022 10:59:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 DESKTOP-1NAN9QR.local. AAAA FE80:0000:0000:0000:80A8:7B1F:C2AD:4047

Error: (11/17/2022 10:59:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.151:5353 4 DESKTOP-1NAN9QR.local. Addr 192.168.0.151

Error: (11/17/2022 10:59:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 4 DESKTOP-1NAN9QR.local. Addr 169.254.64.71

Error: (11/17/2022 10:59:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.151:5353 4 DESKTOP-1NAN9QR.local. Addr 192.168.0.151


System errors:
=============
Error: (11/18/2022 08:34:19 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1NAN9QR)
Description: The server microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.

Error: (11/17/2022 06:20:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service.

Error: (11/17/2022 10:51:52 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1NAN9QR)
Description: The server microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.

Error: (11/16/2022 01:43:34 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.

Error: (11/16/2022 01:43:26 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (11/16/2022 10:17:28 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1NAN9QR)
Description: The server microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.

Error: (11/15/2022 09:08:04 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service.

Error: (11/15/2022 09:07:36 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1NAN9QR)
Description: The server microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.


CodeIntegrity:
===============
Date: 2022-11-18 20:51:41
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-11-18 20:50:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2022-11-18 20:49:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: HP P85 Ver. 01.23 07/18/2018
Motherboard: HP 8231
Processor: Intel(R) Core(TM) i3-7100U CPU @ 2.40GHz
Percentage of memory in use: 78%
Total physical RAM: 16279.75 MB
Available physical RAM: 3488 MB
Total Virtual: 35070.9 MB
Available Virtual: 4243.02 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:456.44 GB) (Free:39.84 GB) (Model: Samsung SSD 860 EVO M.2 500GB) NTFS
Drive d: (ProDisk II) (Fixed) (Total:931.5 GB) (Free:14.55 GB) (Model: WDC WD10JFCX-68N6GN0) NTFS
Drive e: (HP_TOOLS) (Fixed) (Total:7.87 GB) (Free:7.85 GB) (Model: Samsung SSD 860 EVO M.2 500GB) FAT32
Drive g: (Google Drive) (Fixed) (Total:100 GB) (Free:37.85 GB) (Model: WDC WD10JFCX-68N6GN0) FAT32

\\?\Volume{cb796dc7-0bc6-4a69-a971-345117323ae4}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.17 GB) NTFS
\\?\Volume{4da5b32f-2de3-41b7-9586-92e24a9b437e}\ (SYSTEM) (Fixed) (Total:0.35 GB) (Free:0.26 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 459B2DC9)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Podezření na nekalé živly v PC

Napsal: 18 lis 2022 21:52
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Podezření na nekalé živly v PC

Napsal: 19 lis 2022 00:27
od krysarr
Stejně jako minule (před nějakou dobou jsem zde řešil podobný problém) se program AdwCleaner chová jinak, než popisujete. :-o
Místo "Clean and Repair" nabízí "Basic Repair" a log se objeví i bez restartu.
Tak nevím, zda to dělám dobře. :-.

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-19-2022
# Duration: 00:00:04
# OS: Windows 10 (Build 19044.2130)
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1322 octets] - [29/09/2018 20:12:15]
AdwCleaner[C00].txt - [1468 octets] - [29/09/2018 20:12:50]
AdwCleaner[S01].txt - [1435 octets] - [17/03/2019 14:56:12]
AdwCleaner[C01].txt - [1601 octets] - [17/03/2019 14:58:20]
AdwCleaner[S02].txt - [1494 octets] - [17/03/2019 15:08:06]
AdwCleaner_Debug.log - [210134 octets] - [16/11/2019 20:47:42]
AdwCleaner[S03].txt - [6812 octets] - [16/11/2019 20:48:15]
AdwCleaner[S04].txt - [6873 octets] - [16/11/2019 21:12:12]
AdwCleaner[C04].txt - [7606 octets] - [16/11/2019 21:12:50]
AdwCleaner[S05].txt - [2127 octets] - [18/04/2020 17:06:18]
AdwCleaner[C05].txt - [2341 octets] - [18/04/2020 17:07:10]
AdwCleaner[S06].txt - [2080 octets] - [07/06/2020 16:44:06]
AdwCleaner[C06].txt - [2270 octets] - [07/06/2020 16:46:19]
AdwCleaner[S07].txt - [2202 octets] - [06/09/2020 20:44:01]
AdwCleaner[S08].txt - [2263 octets] - [06/09/2020 20:48:37]
AdwCleaner[S09].txt - [2324 octets] - [22/12/2020 18:21:46]
AdwCleaner[C09].txt - [2514 octets] - [22/12/2020 18:24:20]
AdwCleaner[S10].txt - [2446 octets] - [26/07/2021 19:04:29]
AdwCleaner[C10].txt - [2636 octets] - [26/07/2021 20:20:51]
AdwCleaner[S11].txt - [2568 octets] - [21/11/2021 12:27:20]
AdwCleaner[C11].txt - [2758 octets] - [21/11/2021 12:27:30]
AdwCleaner[S12].txt - [2704 octets] - [19/11/2022 00:19:03]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C12].txt ##########

Re: Podezření na nekalé živly v PC

Napsal: 19 lis 2022 11:25
od Rudy
Log se objeví bez restartu jen tehdy, pokud restart není třeba. Ve vašem případě je log OK. Otevřte poznámkový blok a zkopírujte do něj:
Start
AlternateDataStreams: C:\WINDOWS\system32\DextUVCB_x64.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ZLhp1020.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ZSHP1020.EXE:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DextUVCB.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SPUVCBv64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\spool\prtprocs\x64\1_PPhp1020.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\spool\prtprocs\x64\PPhp1020.DLL:$CmdTcID [64]
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {335888FE-842D-43FA-9F1E-973E8FA2F4E4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u (No File)
Task: {4CD52400-C75D-42D4-87D7-47FD9001B222} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA (No File)
Task: {4CD52400-C75D-42D4-87D7-47FD9001B222} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA (No File)
Task: {A7577C0C-6E6F-455B-B904-811FCEC6C4A0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport (No File)
Task: {A1BB5C1E-89C5-4735-83AF-816B7F0FCD4D} - System32\Tasks\GoogleUpdateTaskMachineCore{879116B2-1160-4F59-8641-0C214FB783CA} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-13] (Google LLC -> Google LLC)
Task: {6EC8B7E2-E1D6-4D97-A743-AB1D424B0C9F} - System32\Tasks\GoogleUpdateTaskMachineUA{C9B41F03-CE97-46FC-9A53-217B962DE78D} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-13] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{C9B41F03-CE97-46FC-9A53-217B962DE78D}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{879116B2-1160-4F59-8641-0C214FB783CA}
C:\DumpStack.log.tmp
C:\Users\fbart\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0

EmptyTemp:
End
Uložte do D:\SOFTWARE\FRST jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Podezření na nekalé živly v PC

Napsal: 19 lis 2022 12:09
od krysarr
Opět to proběhlo jinak. :-o
Čištění nastalo, restart také, ale log se neobjevil a není ani ve složce FRST. :-.

Re: Podezření na nekalé živly v PC

Napsal: 19 lis 2022 12:27
od Rudy
Máte asi nějaký divný Windows :D . No nic, dejte tedy nový log FRST, budu to muset projít, zda tam něco nezbylo.

Re: Podezření na nekalé živly v PC

Napsal: 19 lis 2022 13:01
od krysarr
Aha, tak jsem spustil FRST a log se objevil. :D :D

Fix result of Farbar Recovery Scan Tool (x64) Version: 18-11-2022
Ran by fbart (19-11-2022 11:53:18) Run:17
Running from D:\SOFTWARE\FRST
Loaded Profiles: fbart
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
AlternateDataStreams: C:\WINDOWS\system32\DextUVCB_x64.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ZLhp1020.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ZSHP1020.EXE:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DextUVCB.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SPUVCBv64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\spool\prtprocs\x64\1_PPhp1020.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\spool\prtprocs\x64\PPhp1020.DLL:$CmdTcID [64]
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {335888FE-842D-43FA-9F1E-973E8FA2F4E4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u (No File)
Task: {4CD52400-C75D-42D4-87D7-47FD9001B222} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA (No File)
Task: {4CD52400-C75D-42D4-87D7-47FD9001B222} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA (No File)
Task: {A7577C0C-6E6F-455B-B904-811FCEC6C4A0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport (No File)
Task: {A1BB5C1E-89C5-4735-83AF-816B7F0FCD4D} - System32\Tasks\GoogleUpdateTaskMachineCore{879116B2-1160-4F59-8641-0C214FB783CA} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-13] (Google LLC -> Google LLC)
Task: {6EC8B7E2-E1D6-4D97-A743-AB1D424B0C9F} - System32\Tasks\GoogleUpdateTaskMachineUA{C9B41F03-CE97-46FC-9A53-217B962DE78D} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-13] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{C9B41F03-CE97-46FC-9A53-217B962DE78D}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{879116B2-1160-4F59-8641-0C214FB783CA}
C:\DumpStack.log.tmp
C:\Users\fbart\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0

EmptyTemp:
End
*****************

C:\WINDOWS\system32\DextUVCB_x64.ax => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ZLhp1020.DLL => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ZSHP1020.EXE => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\DextUVCB.ax => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\SPUVCBv64.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\spool\prtprocs\x64\1_PPhp1020.DLL => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\spool\prtprocs\x64\PPhp1020.DLL => ":$CmdTcID" ADS could not remove.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{335888FE-842D-43FA-9F1E-973E8FA2F4E4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{335888FE-842D-43FA-9F1E-973E8FA2F4E4}" => removed successfully
C:\WINDOWS\System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4CD52400-C75D-42D4-87D7-47FD9001B222}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CD52400-C75D-42D4-87D7-47FD9001B222}" => removed successfully
C:\WINDOWS\System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA)" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CD52400-C75D-42D4-87D7-47FD9001B222}" => not found
"C:\WINDOWS\System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA)" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA)" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A7577C0C-6E6F-455B-B904-811FCEC6C4A0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7577C0C-6E6F-455B-B904-811FCEC6C4A0}" => removed successfully
C:\WINDOWS\System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\Product Configurator" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A1BB5C1E-89C5-4735-83AF-816B7F0FCD4D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1BB5C1E-89C5-4735-83AF-816B7F0FCD4D}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore{879116B2-1160-4F59-8641-0C214FB783CA} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{879116B2-1160-4F59-8641-0C214FB783CA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6EC8B7E2-E1D6-4D97-A743-AB1D424B0C9F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6EC8B7E2-E1D6-4D97-A743-AB1D424B0C9F}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA{C9B41F03-CE97-46FC-9A53-217B962DE78D} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{C9B41F03-CE97-46FC-9A53-217B962DE78D}" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{C9B41F03-CE97-46FC-9A53-217B962DE78D}" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{879116B2-1160-4F59-8641-0C214FB783CA}" => not found
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\Users\fbart\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0 => moved successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 139735684 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 11968 B
Windows/system/drivers => 4536428 B
Edge => 0 B
Chrome => 0 B
Firefox => 1197291548 B
Opera => 81012050 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 247004 B
NetworkService => 249802 B
fbart => 62323090 B

RecycleBin => 18286185 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 19-11-2022 12:59:56)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 13:00:01 ====

Re: Podezření na nekalé živly v PC

Napsal: 19 lis 2022 14:50
od Rudy
Teď je to OK. Nastala nějaká změna?

Re: Podezření na nekalé živly v PC

Napsal: 19 lis 2022 18:33
od krysarr
Zatím šlape jak hodinky, díky! :)

Re: Podezření na nekalé živly v PC

Napsal: 19 lis 2022 18:49
od Rudy
Rádo se stalo! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz