VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Popup vir

https://forum.viry.cz:443/viewtopic.php?t=159013

Stránka 1 z 1

Popup vir

Napsal: 09 úno 2023 21:39
od Mr.Moon
Dobrý den, objevil se mi v PC problém s popup virem v Opeře a nevím si s tím rady.
Níže zasílám log a prosím o pomoc.
Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-02-2023 01
Ran by Mr.Moon (administrator) on DESKTOP-NPUD7BO (HP HP ProBook 450 G4) (09-02-2023 21:33:27)
Running from C:\Users\Mr.Moon\Desktop
Loaded Profiles: Mr.Moon
Platform: Microsoft Windows 10 Home Version 22H2 19045.2486 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <5>
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe ->) (DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpAgent.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe ->) (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Users\Mr.Moon\AppData\Local\Programs\Opera\launcher.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Mr.Moon\AppData\Local\Programs\Opera\95.0.4635.37_0\opera_autoupdate.exe <2>
(C:\Windows\CxSvc\CxAudioSvc.exe ->) (Synaptics Incorporated -> Conexant Systems LLC.) C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SmartAudio3.exe
(C:\Windows\CxSvc\CxAudioSvc.exe ->) (Synaptics Incorporated -> Conexant Systems, Inc) C:\Program Files\CONEXANT\Flow\Flow.exe
(DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HotKeyServiceUWP.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HPHotkeyNotification.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxEM.exe
(explorer.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(Hewlett-Packard -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Mr.Moon\AppData\Local\Microsoft\OneDrive\23.011.0115.0009\Microsoft.SharePoint.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Conexant Systems LLC.) [File not signed] C:\Windows\CxSvc\CxUtilSvc.exe
(services.exe ->) (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe
(services.exe ->) (Hewlett Packard Enterprise Company -> Hewlett Packard Enterprise Company) C:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe
(services.exe ->) (Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HotKeyServiceUWP.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\LanWlanWwanSwitchingServiceUWP.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(services.exe ->) (HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(services.exe ->) (Synaptics Incorporated -> Conexant Systems LLC.) C:\Windows\CxSvc\CxAudioSvc.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.3DBuilder_20.0.3.0_x64__8wekyb3d8bbwe\Builder3D.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21318.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21318.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Mr.Moon\AppData\Local\Programs\Opera\launcher.exe
(svchost.exe ->) (Synaptics Incorporated -> Conexant) C:\Windows\System32\MicTray64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(winlogon.exe ->) (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtsCM] => C:\windows\RTSCM64.EXE [225248 2019-10-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-11-10] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [215960 2023-01-02] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [664848 2016-04-26] (Hewlett-Packard Company -> HP Inc.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [338000 2015-06-22] (Hewlett-Packard -> Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [109324536 2021-03-12] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [708840 2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe, <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38935376 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\Run: [utweb] => C:\Users\Mr.Moon\AppData\Roaming\uTorrent Web\utweb.exe [5617792 2020-12-01] (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\Run: [Zoner Photo Studio Autoupdate] => "C:\Users\Mr.Moon\AppData\Local\Programs\Zoner\ZPS X\binary\Program32\ZPSTRAY.EXE" (No File)
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31193432 2022-01-12] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\Run: [Opera Stable] => C:\Users\Mr.Moon\AppData\Local\Programs\Opera\launcher.exe [2635208 2023-02-08] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\Policies\Explorer: []
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\MountPoints2: {1be875f9-60b9-11ec-bc90-c8d3ffceea71} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\MountPoints2: {291e4d01-8079-11ec-bc97-c8d3ffceea71} - "H:\Lenovo_Suite.exe"
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\MountPoints2: {7333d0d9-89ac-11eb-bc6d-c8d3ffceea71} - "H:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\novaPDF Port Monitor: C:\windows\system32\novamn8.dll [18944 2017-08-16] (Softland) [File not signed]
HKLM\...\Print\Monitors\Software602 XPS port monitor: C:\windows\system32\602localmon.dll [36864 2015-07-14] (Windows (R) Win 7 DDK provider) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\110.0.5481.77\Installer\chrmstp.exe [2023-02-09] (Google LLC -> Google LLC)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2021-03-21]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2016-11-16]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{0F5EBB0D-DF6D-4DBE-9789-57BF05B3B0FD}\HPlogo_blue.ico () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk [2021-03-21]
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00F93CFB-A63E-4928-A1D3-3FEF5C32BD58} - System32\Tasks\doPDF Update => C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [687544 2017-08-16] (Softland SRL -> )
Task: {0E081A31-2220-4DD7-AF34-890FD21FE622} - System32\Tasks\DllKitPRO => C:\Program Files (x86)\DllKitPRO\dllkitpro.exe start (No File)
Task: {1AED1D44-B8F7-4E37-ADDB-4D487C273A52} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {21B44A73-09A8-415E-9C73-9827E10D3165} - System32\Tasks\Microsoft\Windows\Conexant\SynaMonApp => C:\Windows\System32\SynaMonApp.exe [170496 2018-10-30] (Synaptics Incorporated) [File not signed]
Task: {2524EC0E-425E-404A-8528-3AAD4233DED6} - System32\Tasks\pCon.update DataClient (Mr.Moon) => C:\Program Files (x86)\EasternGraphics\pCon.update\DataClient\bin\dc.exe [2369840 2014-10-09] (EasternGraphics GmbH -> EasternGraphics GmbH)
Task: {463EAA14-060A-42CB-AA34-F3972032A11C} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {4D1CA2BD-B029-44CE-8A37-BCFC0AE5535D} - System32\Tasks\HP\HP Hotkey Support\Start QLBController Process => C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe (No File)
Task: {5D659CCA-F194-41CA-892D-E362190BD10F} - System32\Tasks\{523C9502-07C9-4D95-BD39-FBF3CA50DE96} => C:\WINDOWS\system32\pcalua.exe -a "H:\games\Warcraft III 1.24.4\Frozen Throne.exe" -d "H:\games\Warcraft III 1.24.4"
Task: {62A7092E-F5A9-4D9E-8A87-7983F0424E37} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114616 2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {655F6F98-F59C-4D86-B1BF-6C95AF61E88E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-01-10] (Google Inc -> Google Inc.)
Task: {658CC622-28D8-47E7-9750-FAF32B9B303E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (No File)
Task: {65FD24C3-1D64-434B-999A-C7C2E51DB714} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
Task: {727E8868-54AF-481B-AC35-5A29EF4697EC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [715744 2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {7AD9D03E-CE4C-4DB0-957F-1C68B8E53F22} - System32\Tasks\Microsoft\Windows\Conexant\MicTray => C:\Windows\System32\MicTray64.exe [5009512 2020-06-13] (Synaptics Incorporated -> Conexant)
Task: {7CA79BAB-829C-4275-BF9C-E3362685FB4C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-01-11] (Piriform Software Ltd -> Piriform)
Task: {7E78516A-F814-45DB-8FCA-5FD933D75321} - System32\Tasks\CCleanerSkipUAC - Mr.Moon => C:\Program Files\CCleaner\CCleaner.exe [32617808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {803C5FF4-9A82-400E-B619-80DA2AF3A986} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [26968 2022-01-12] (Garmin International, Inc. -> )
Task: {813572DB-9805-4BE7-A142-C7F97B6D2D3D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334160 2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {A683C5CC-1526-4C4D-A4FC-C5FC268FEDE8} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114616 2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {A6B655F7-3344-4CA9-976A-590E6E60DB76} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334160 2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {A9AB0F59-30B2-4C9C-B63A-A464F4A37C4F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4954008 2023-01-02] (Avast Software s.r.o. -> AVAST Software)
Task: {AE290EBB-2275-4B36-8A28-A42DD7314E80} - System32\Tasks\Thuhaent Reports => C:\Program Files (x86)\Ckudalycotaied\coerheght.exe dd5f483f-22ba-4fe2-8731-37dce570a7c0 (No File)
Task: {B6D0A447-368C-488C-A0CF-1E075E976F58} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_130_pepper.exe [1286144 2017-09-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {BE729E7E-ED7D-4120-B5B9-497A96FBB95A} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-09-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {C2586D29-12F5-41D8-AC84-BC68EFAAC805} - System32\Tasks\Opera scheduled Autoupdate 1675974763 => C:\Users\Mr.Moon\AppData\Local\Programs\Opera\launcher.exe [2635208 2023-02-08] (Opera Norway AS -> Opera Software)
Task: {CCC0CD41-79D5-4470-8655-050F46813CA7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2295192 2023-01-31] (Avast Software s.r.o. -> Avast Software)
Task: {CD680D71-6095-48DA-9A99-074659A43730} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-01-10] (HP Inc. -> HP Inc.)
Task: {D365EE47-5E0B-4BFD-B554-935D035F9A75} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4713808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "7865719a-0b92-450b-8023-026ab5e0a8c2" --version "6.08.10255" --silent
Task: {D3C65CC6-E22E-4B01-9215-1F706FACCC92} - System32\Tasks\{BB1F8A39-41B8-40F4-B1AC-45CE6088176A} => C:\WINDOWS\system32\pcalua.exe -a "D:\Mr.Moon\hry\games\Warcraft III 1.24.4\Frozen Throne.exe" -d "D:\Mr.Moon\hry\games\Warcraft III 1.24.4"
Task: {D41E5BC5-0000-4967-A341-323C5CBE770D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-01-10] (Google Inc -> Google Inc.)
Task: {D939445E-0B3C-4CFB-AAE3-941F253D1A55} - System32\Tasks\HPJumpStartProvider => C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe [843800 2016-06-02] (HP Inc. -> )
Task: {F0DE5D4A-D04D-4195-8551-56F1827ECD84} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [847392 2023-01-10] (HP Inc. -> HP Inc.)
Task: {F582EAD5-8902-4AD0-926B-1867A0DEDD26} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\pCon.update DataClient (Mr.Moon).job => C:\Program Files (x86)\EasternGraphics\pCon.update\DataClient\bin\dc.exe-tray_modeDESKTOP-NPUD7BO\Mr.MoonnAutomatically created task for pCon.update.Please do not change this taskmanually, use pCon.upd

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{5f4b3815-d773-4ae4-8886-bfbf1114f62a}: [DhcpNameServer] 10.255.255.10 10.255.255.20

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\Mr.Moon\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-22]

FireFox:
========
FF DefaultProfile: 0j8jzqcd.default
FF ProfilePath: C:\Users\Mr.Moon\AppData\Roaming\Firefox\Firefox\Profiles\0j8jzqcd.default [2017-05-10] <==== ATTENTION
FF Homepage: Firefox\Firefox\Profiles\0j8jzqcd.default -> about:home
FF NewTab: Firefox\Firefox\Profiles\0j8jzqcd.default -> about:newtab
FF Extension: (Czech (CZ) Language Pack) - C:\Users\Mr.Moon\AppData\Roaming\Firefox\Firefox\Profiles\0j8jzqcd.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2017-05-09] [Legacy] [not signed]
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-01-21] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @graphisoft.com/GDL Web Plug-in -> C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll [2012-09-04] () [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.333.2 -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\dtplugin\npDeployJava1.dll [2023-01-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.333.2 -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\plugin2\npjp2.dll [2023-01-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s. -> Software602 a.s.)

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR Profile: C:\Users\Mr.Moon\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2023-02-09] <==== ATTENTION
CHR Notifications: ChromeDefaultData -> hxxps://badoo.com
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\Mr.Moon\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-02-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\Mr.Moon\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-09]
CHR Extension: (HP Network Check Launcher) - C:\Users\Mr.Moon\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2021-11-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mr.Moon\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-03]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Mr.Moon\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-11-03]
CHR HKU\S-1-5-21-2855870008-473113554-853457262-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [jkfpchpiljkaemlpmpebnglgkomamfeo]
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj]

Opera:
=======
OPR Profile: C:\Users\Mr.Moon\AppData\Roaming\Opera Software\Opera Stable [2023-02-09]
OPR DownloadDir: D:\
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Mr.Moon\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-10-29]
OPR Extension: (Opera Wallet) - C:\Users\Mr.Moon\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-01-21]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Mr.Moon\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-17]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-09-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8553880 2023-01-02] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [597400 2023-01-02] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [597400 2023-01-02] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
S2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12553648 2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
S4 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [9760664 2018-12-19] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
R2 CxAudioSvc; C:\WINDOWS\CxSvc\CxAudioSvc.exe [96432 2020-09-08] (Synaptics Incorporated -> Conexant Systems LLC.)
R2 CxUtilSvc; C:\WINDOWS\CxSvc\CxUtilSvc.exe [166400 2019-06-25] (Conexant Systems LLC.) [File not signed]
R2 DpHost; C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe [524736 2016-08-24] (DigitalPersona, Inc. -> Crossmatch, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-11-11] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [567888 2016-08-11] (Hewlett Packard Enterprise Company -> Hewlett-Packard Company)
R2 fpCsEvtSvc; C:\WINDOWS\System32\fpCSEvtSvc.exe [22424 2019-10-02] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HotKeyServiceUWP.exe [1561032 2022-10-12] (HP Inc. -> HP Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [File not signed]
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [797640 2023-01-10] (HP Inc. -> HP Inc.)
R2 HpDamServiceHost; c:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe [20376 2016-08-09] (Hewlett Packard Enterprise Company -> Hewlett Packard Enterprise Company)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [796616 2023-01-10] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [459800 2016-06-02] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [793000 2023-01-10] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1077752 2016-09-28] (HP Inc. -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [796584 2023-01-10] (HP Inc. -> HP Inc.)
S2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-04-18] (Hewlett-Packard Company -> HP Inc.)
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\LanWlanWwanSwitchingServiceUWP.exe [606664 2022-10-12] (HP Inc. -> HP Inc.)
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [53176 2017-08-16] (Softland SRL -> Microsoft)
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Miroslav Topolar -> Mister Group)
R2 valWBFPolicyService; C:\WINDOWS\System32\valWBFPolicyService.exe [91032 2019-10-02] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [28760 2019-11-29] (LAVASOFT SOFTWARE CANADA INC -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [31424 2023-01-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [229208 2023-01-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [391272 2023-01-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297832 2023-01-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95960 2023-01-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-18] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39648 2023-01-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [267888 2023-01-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [555560 2023-01-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105248 2023-01-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80376 2023-01-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [852000 2023-01-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [695504 2023-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [212632 2023-01-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318456 2023-01-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [284672 2021-04-17] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 DAMDrv; C:\WINDOWS\system32\DRIVERS\DAMDrv64.sys [76432 2016-08-11] (Hewlett Packard Enterprise Company -> Hewlett-Packard Enterpise Company)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-04-27] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-04-27] (Disc Soft Ltd -> Disc Soft Ltd)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-01-02] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 WIBUKEY; C:\WINDOWS\System32\DRIVERS\WibuKey64.sys [118200 2019-06-21] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-02-09 21:32 - 2023-02-09 21:32 - 000004222 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1675974763
2023-02-09 21:32 - 2023-02-09 21:32 - 000001520 ____C C:\Users\Mr.Moon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2023-02-09 21:31 - 2023-02-09 21:31 - 002862960 _____ (Opera Software) C:\Users\Mr.Moon\Downloads\OperaSetup (1).exe
2023-02-09 21:28 - 2023-02-09 21:28 - 000000000 ___HD C:\$AV_ASW
2023-02-09 21:24 - 2023-02-09 21:34 - 000037536 ____C C:\Users\Mr.Moon\Desktop\FRST.txt
2023-02-09 21:11 - 2023-02-09 21:33 - 000000000 ____D C:\FRST
2023-02-09 21:10 - 2023-02-09 21:10 - 002378240 _____ (Farbar) C:\Users\Mr.Moon\Desktop\FRST64.exe
2023-02-09 21:09 - 2023-02-09 21:09 - 002080256 _____ (Farbar) C:\Users\Mr.Moon\Downloads\FRST (1).exe
2023-02-09 21:08 - 2023-02-09 21:09 - 002080256 _____ (Farbar) C:\Users\Mr.Moon\Desktop\FRST.exe
2023-02-09 21:01 - 2023-02-09 21:02 - 002862960 _____ (Opera Software) C:\Users\Mr.Moon\Downloads\OperaSetup.exe
2023-01-21 01:12 - 2023-02-04 16:34 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-01-14 10:00 - 2023-01-14 10:00 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-02-09 21:11 - 2017-01-10 18:13 - 000000000 ____D C:\Program Files (x86)\Google
2023-02-09 21:00 - 2017-01-09 17:47 - 000000000 ____D C:\Program Files (x86)\Opera
2023-02-09 20:57 - 2017-05-05 21:03 - 000000000 ____D C:\Program Files\CCleaner
2023-02-09 20:40 - 2021-01-18 20:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-02-09 18:26 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-02-09 17:38 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-02-09 17:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-02-09 17:11 - 2021-01-18 20:19 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-02-09 17:10 - 2021-01-18 20:19 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-02-09 17:10 - 2021-01-18 20:19 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-02-09 17:10 - 2017-01-10 18:13 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-02-09 17:09 - 2017-10-21 16:29 - 000000000 ___DC C:\Users\Mr.Moon\AppData\Local\AVAST Software
2023-02-09 17:09 - 2017-01-09 11:37 - 000000000 ___RD C:\Users\Mr.Moon\OneDrive
2023-02-09 17:08 - 2017-01-09 11:35 - 000000000 __SHD C:\Users\Mr.Moon\IntelGraphicsProfiles
2023-02-07 23:03 - 2017-09-26 20:51 - 000000000 ____D C:\ProgramData\NVIDIA
2023-02-07 22:49 - 2022-09-22 11:36 - 000003044 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-02-07 22:49 - 2022-09-22 11:36 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-02-07 22:49 - 2021-12-12 14:14 - 000003058 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2855870008-473113554-853457262-1002
2023-02-07 22:49 - 2021-08-22 19:12 - 000002254 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Mr.Moon
2023-02-07 22:49 - 2021-01-18 20:19 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-02-07 22:49 - 2021-01-18 20:19 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-02-07 22:49 - 2021-01-18 20:19 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-02-07 22:49 - 2021-01-18 20:19 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-02-07 22:49 - 2021-01-18 20:19 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2855870008-473113554-853457262-1002
2023-02-07 22:49 - 2021-01-18 20:19 - 000002520 _____ C:\WINDOWS\system32\Tasks\DllKitPRO
2023-02-07 22:49 - 2021-01-18 20:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2023-02-07 22:25 - 2021-03-18 19:02 - 000000000 ___RD C:\Users\Mr.Moon\Budweis Discgolf Club, z.s
2023-02-04 16:34 - 2020-06-05 23:17 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-02-04 16:33 - 2021-01-18 20:11 - 000002436 ____C C:\Users\Mr.Moon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-02-01 19:58 - 2021-03-21 11:33 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-02-01 19:58 - 2017-01-14 14:29 - 000695504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2023-01-31 19:56 - 2022-10-29 18:43 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-01-31 19:56 - 2022-10-29 18:43 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-01-24 22:38 - 2019-06-23 17:17 - 000000000 ___DC C:\Users\Mr.Moon\AppData\Local\BitTorrentHelper
2023-01-24 22:38 - 2017-05-05 15:25 - 000000000 ___DC C:\Users\Mr.Moon\AppData\Roaming\uTorrent
2023-01-24 22:35 - 2022-01-24 21:39 - 000000000 ____D C:\Users\Mr.Moon\AppData\Roaming\vlc
2023-01-24 22:12 - 2020-12-24 00:06 - 000000000 ___DC C:\Users\Mr.Moon\AppData\LocalLow\uTorrent
2023-01-22 16:35 - 2016-11-16 16:26 - 000000000 ____D C:\ProgramData\HP
2023-01-22 16:35 - 2016-09-02 09:01 - 000000000 ____D C:\Program Files\HP
2023-01-22 16:30 - 2020-09-30 20:46 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-01-22 16:07 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-01-22 15:27 - 2021-03-21 14:45 - 000000000 ___DC C:\Users\Mr.Moon\Desktop\Křemže
2023-01-22 15:27 - 2018-04-22 10:33 - 000000000 ___DC C:\Users\Mr.Moon\AppData\Roaming\Graphisoft
2023-01-22 15:27 - 2018-04-22 10:33 - 000000000 ___DC C:\Users\Mr.Moon\AppData\Local\Graphisoft
2023-01-22 15:27 - 2018-04-22 10:33 - 000000000 ____D C:\Users\Mr.Moon\Graphisoft
2023-01-21 01:09 - 2021-01-18 20:15 - 001841486 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-01-21 01:09 - 2019-12-07 15:41 - 000766654 _____ C:\WINDOWS\system32\perfh005.dat
2023-01-21 01:09 - 2019-12-07 15:41 - 000170398 _____ C:\WINDOWS\system32\perfc005.dat
2023-01-21 01:09 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-01-21 01:02 - 2017-01-14 14:27 - 000000000 ____D C:\ProgramData\AVAST Software
2023-01-21 01:01 - 2021-01-18 20:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-01-21 01:01 - 2021-01-18 20:08 - 000008192 ___SH C:\DumpStack.log.tmp
2023-01-21 01:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-01-21 01:01 - 2017-09-26 20:52 - 000000000 ____D C:\ProgramData\Synaptics
2023-01-21 01:01 - 2016-11-16 16:19 - 000000000 ___DC C:\Intel
2023-01-15 21:05 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-01-15 21:04 - 2021-01-18 20:08 - 000499456 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-01-15 21:04 - 2017-03-09 12:47 - 000000000 ____D C:\Program Files\WinRAR
2023-01-15 21:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-01-15 21:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-01-15 21:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-01-15 21:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-01-15 19:13 - 2018-08-14 09:34 - 000000000 ___DC C:\Users\Mr.Moon\AppData\Local\D3DSCache
2023-01-15 19:07 - 2021-01-18 20:08 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-01-14 10:00 - 2017-01-11 13:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-01-14 09:37 - 2017-01-10 19:57 - 150199536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ========

2014-07-10 07:16 - 2014-07-10 07:16 - 002174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2019-10-16 12:04 - 2019-10-16 12:04 - 000000218 _____ () C:\Users\Mr.Moon\AppData\Local\recently-used.xbel
2018-03-29 20:51 - 2018-03-29 20:51 - 000000000 ____C () C:\Users\Mr.Moon\AppData\Local\{AB9A71B7-5220-47BF-88CB-9C023A673E5D}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: Popup vir

Napsal: 09 úno 2023 21:56
od Rudy
Zdravím!
Spusťte tuto utilitu:


Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Popup vir

Napsal: 13 úno 2023 20:17
od Mr.Moon
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-13-2023
# Duration: 00:00:06
# OS: Windows 10 (Build 19045.2486)
# Cleaned: 38
# Failed: 0


***** [ Services ] *****

Deleted WCAssistantService

***** [ Folders ] *****

Deleted C:\Insist
Deleted C:\Program Files (x86)\Lavasoft\Web Companion
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\Lavasoft\Web Companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\Users\Mr.Moon\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
Deleted C:\Users\Mr.Moon\AppData\Roaming\Firefox
Deleted C:\Users\Mr.Moon\AppData\Roaming\Lavasoft\Web Companion
Deleted C:\Users\Mr.Moon\AppData\Roaming\Seznam.cz

***** [ Files ] *****

Deleted C:\Users\Public\Documents\report.dat
Deleted C:\Users\Public\Documents\temp.dat

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\SOFTWARE\ADC0E0D1B3B66C7DE6BE216AD908E4E0
Deleted HKCU\Software\Conduit
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\SOFTWARE\ADC0E0D1B3B66C7DE6BE216AD908E4E0
Deleted HKLM\Software\InterSect Alliance
Deleted HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit
Deleted HKLM\Software\Wow6432Node\ADC0E0D1B3B66C7DE6BE216AD908E4E0
Deleted HKLM\Software\Wow6432Node\Conduit
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{72e636e0-c563-400f-a778-dd726807eb1f}|DisplayIcon
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{72e636e0-c563-400f-a778-dd726807eb1f}|DisplayName
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{72e636e0-c563-400f-a778-dd726807eb1f}|UninstallString
Deleted HKLM\System\Setup\FirstBoot\Services\WCAssistantService
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\.DEFAULT\Software\Mozilla\NativeMessagingHosts\com.webcompanion.native
Deleted HKU\S-1-5-18\SOFTWARE\Mozilla\NativeMessagingHosts\com.webcompanion.native
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

Deleted Seznam doplněk - Esko - olfeabkoenfaoljndfecamgilllcpiak

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [8436 octets] - [13/02/2023 20:11:22]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: Popup vir

Napsal: 13 úno 2023 20:58
od Rudy
OK. Dejte nové logy FRST+Addition.

Re: Popup vir

Napsal: 14 úno 2023 20:16
od Mr.Moon
U mě se to zdá být OK.... ?

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-02-2023 01
Ran by Mr.Moon (14-02-2023 20:12:44)
Running from C:\Users\Mr.Moon\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2486 (X64) (2021-01-18 19:20:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2855870008-473113554-853457262-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2855870008-473113554-853457262-503 - Limited - Disabled)
Guest (S-1-5-21-2855870008-473113554-853457262-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2855870008-473113554-853457262-1005 - Limited - Enabled)
Mr.Moon (S-1-5-21-2855870008-473113554-853457262-1002 - Administrator - Enabled) => C:\Users\Mr.Moon
WDAGUtilityAccount (S-1-5-21-2855870008-473113554-853457262-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\uTorrent) (Version: 3.5.5.46096 - BitTorrent Inc.)
4K Video Downloader 4.3 (HKLM-x32\...\{D0CA3944-0FD5-40FF-97A1-FEDFFB5EE31F}) (Version: 4.3.2.2215 - Open Media LLC)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20314 - Adobe)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Aiseesoft Total Video Converter 9.2.56 (HKLM-x32\...\{E09CEBAA-4435-4404-8D82-4C029F6391E4}_is1) (Version: 9.2.56 - Aiseesoft Studio)
Akamai NetSession Interface (HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\Akamai) (Version: - Akamai Technologies, Inc)
ANT Drivers Installer x64 (HKLM\...\{7664AF65-7B0D-4171-9F0F-50455278B428}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ANT Drivers Installer x64 (HKLM\...\{AB7F8484-10C7-430B-8062-BA4D840BC328}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Any Video Converter 6.1.3 (HKLM-x32\...\Any Video Converter) (Version: 6.1.3 - Anvsoft)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{ebb1b402-cb45-43ea-bce4-ea5eaa2580b9}) (Version: 21.10.0 - Intel Corporation)
Aplikácie Microsoft 365 pre podnikateľov - sk-sk (HKLM\...\O365BusinessRetail - sk-sk) (Version: 16.0.16026.20146 - Microsoft Corporation)
ArchiCAD 16 CZE (HKLM\...\001FFF2FFF16FF00FF1101F01F02F000-R1) (Version: 16.0 - GRAPHISOFT)
ARCHICAD 23 Goodies Suite R1 CZE (HKLM\...\Goodies 23.0 CZE FULL R1 1) (Version: 23.0.0.3003 - GRAPHISOFT SE)
ARCHICAD 23 R1 CZE (HKLM\...\ARCHICAD 23.0 CZE FULL R1 1) (Version: 23.0.0.3003 - GRAPHISOFT SE)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.12.6044 - Avast Software)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.76.1090 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 6.08 - Piriform)
CodeMeter Runtime Kit v6.80 (HKLM\...\{8F3C9680-6728-4AD2-992D-9615C0DA06C0}) (Version: 6.80.3312.500 - WIBU-SYSTEMS AG)
Conexant ISST Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 9.0.239.70 - Conexant)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.6722 - CyberLink Corp.)
doPDF (HKLM\...\{F64C7477-8040-4993-9554-EC22AE7FA2C0}) (Version: 8.9.951 - Softland) Hidden
doPDF 8 (HKLM-x32\...\{3e04b5b8-dfc4-4bb3-99a1-a57ad01e1d55}) (Version: 8.9.951 - Softland)
doPDF 8 (HKLM-x32\...\{d60f1f61-f188-4d19-b6ba-318807183789}) (Version: 8.8.947 - Softland)
downloadhotfile.com Free Image Converter (HKLM-x32\...\downloadhotfile.com Free Image Converter_is1) (Version: - downloadhotfile.com)
EGR-ShellExtension (HKLM-x32\...\EGR-ShellExtension) (Version: 1.2.0.100 - EasternGraphics)
Elevated Installer (HKLM-x32\...\{917F39C7-FBD3-45F2-99DF-3A97EB981D5D}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Garmin Express (HKLM-x32\...\{3e2be2c6-99a0-4538-8f40-231106165750}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{A0D75BFE-F68C-450A-8353-C42A3F264BED}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{bd8bd200-9a60-4969-b267-6b565f36e3da}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 110.0.5481.77 - Google LLC)
GRAPHISOFT BIMx Desktop Viewer (HKLM\...\BIMx Viewer 23.0 GEN FULL R1 1) (Version: 2019.2.2328.0 - GRAPHISOFT SE)
GRAPHISOFT License Manager Tool (HKLM\...\License Manager Tool 20.0 INT FULL R1 1) (Version: 20.0.0.4800 - GRAPHISOFT SE)
Hi-Rez Studios Games (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP Client Security Manager (HKLM\...\{2E1A694B-79B5-4BBC-83BC-659BDEA51B9D}) (Version: 9.0.1.2128 - HP Inc.) Hidden
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 9.0.1.2128 - HP Inc.)
HP Device Access Manager (HKLM\...\{766ED263-4CA0-4D2F-9FA8-717827F718D6}) (Version: 8.3.16.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM\...\{872897C1-CDCD-4466-82AA-5483BCCF09C7}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{B0D5BCD0-8DFB-48A3-9BDF-4E183159E420}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{C0407127-4831-47CD-8A7A-E5ED7A2D398B}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{FC292FE3-B7B0-492C-BC2E-C0DFCA30FC92}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{39404020-C431-4331-9241-62956555DA49}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{3efaef38-ee9e-4421-bea3-e0a4d835d3f4}) (Version: 5.1.20088 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{C5AD7A64-6DDF-482A-8E7D-FA1DED0A201A}) (Version: 5.1.20088 - HP Inc.) Hidden
HP ESU for Microsoft Windows 10 (HKLM-x32\...\{94D0EB60-8B2F-4A80-BA74-3D312434415F}) (Version: 11.2.2 - HP)
HP Hotkey Support (HKLM-x32\...\{6E7401DB-B722-4428-BE94-DD4740CF6464}) (Version: 5.0.28.1 - Hewlett-Packard Company)
HP JumpStart Bridge (HKLM-x32\...\{6B4A5299-4837-485A-B71D-7F1CE6F8F018}) (Version: 1.0.0.143 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{0F5EBB0D-DF6D-4DBE-9789-57BF05B3B0FD}) (Version: 1.0.145.0 - HP Inc.)
HP Recovery Manager (HKLM-x32\...\{64BAA990-F1FC-4145-A7B1-E41FBBC9DA47}) (Version: 1.2.1510 - HP) Hidden
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8357.5639 - HP Inc.)
HP SoftPaq Download Manager (HKLM-x32\...\{92db00b4-c4ee-4893-bc4e-8be6548b2742}) (Version: 4.3.4.0 - HP)
HP Software Setup (HKLM-x32\...\{C968E860-054F-490F-95C6-C9A29601459E}) (Version: 9.2.2 - HP)
HP Support Solutions Framework (HKLM-x32\...\{2B5A1E68-6617-406D-B797-5DAB5B4630B8}) (Version: 12.18.34.21 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)
HP System Default Settings (HKLM-x32\...\{E570B9C2-9A83-4938-BBD5-0A8C068083C1}) (Version: 1.2.3.1 - HP INC)
HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.13 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{3DAC4F8C-80E6-4204-8A58-747FA4CBAA03}) (Version: 16.0.246 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM\...\{C7CC96C7-C99C-40DD-BB6B-C7BFC2899979}) (Version: 10.1.17809.8096 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{00176A23-1A4E-4429-817E-44B40D9EF692}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{0854C811-6DAD-441D-AB36-2F73631A04A1}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1914.12.0.1255 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{650FF4FD-69E7-4AA4-9F46-6B7DFC8489F7}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{1535E647-D354-4775-9EE8-FD9E8ED0701A}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{06886E89-6E1B-4DD9-87F9-B9E25F63D74F}) (Version: 15.2.3.1031 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.3.1031 - Intel Corporation)
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{9F1AF949-EE77-4767-B771-1869DB586422}) (Version: 19.30.1649.0953 - Intel Corporation)
Intel(R) Wireless Manageability Driver (HKLM\...\{28C2C4DE-AAF6-424D-B018-5142729E1C67}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Wireless Manageability Driver Extension (HKLM\...\{03C415A8-0861-4BB7-8857-27089E6C298A}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{bd366c5e-00cd-46ed-b647-0b9874f32140}) (Version: 10.1.17809.8096 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless WiFi Software (HKLM\...\{0DD553C6-5E1A-4F52-889D-00AD0854F863}) (Version: 21.10.0.3096 - Intel Corporation) Hidden
Java 8 Update 333 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180333F0}) (Version: 8.0.3330.2 - Oracle Corporation)
Kodi (HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\Kodi) (Version: - XBMC-Foundation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Malwarebytes version 4.5.22.236 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.22.236 - Malwarebytes)
Microsoft 365 Apps for business - en-us (HKLM\...\O365BusinessRetail - en-us) (Version: 16.0.16026.20146 - Microsoft Corporation)
Microsoft 365 Apps pro firmy - cs-cz (HKLM\...\O365BusinessRetail - cs-cz) (Version: 16.0.16026.20146 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.41 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.78 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\OneDriveSetup.exe) (Version: 23.020.0125.0003 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\Teams) (Version: 1.4.00.19572 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{2FAF2A80-5906-467E-8AD2-B83C94383600}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{F85F7FF0-5DFF-4BC0-9045-C9573D1BC11F}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 x64 Additional Runtime - 14.11.25325 (HKLM\...\{B13B3E11-1555-353F-A63A-8933EE104FBD}) (Version: 14.11.25325 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.11.25325 (HKLM\...\{B0037450-526D-3448-A370-CACBD87769A0}) (Version: 14.11.25325 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM-x32\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM-x32\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
mkv2vob (HKLM-x32\...\{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}) (Version: 2.4.9 - 3r1c)
novaPDF 8 add-in for Microsoft Office (x64) (HKLM\...\{9F60F614-829C-4DE0-8671-C977529A0CAE}) (Version: 8.9.951 - Softland)
novaPDF 8 add-in for Microsoft Office (x86) (HKLM-x32\...\{D175C46B-DDC1-49B2-95C4-93825A97E718}) (Version: 8.9.951 - Softland)
novaPDF 8 Printer Driver (HKLM\...\{C5275556-5365-45C5-9586-1F6D56CD4BB4}) (Version: 8.9.951 - Softland)
NVIDIA Ovladače grafiky 516.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 516.69 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16026.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OpenOffice 4.1.4 (HKLM-x32\...\{6CA4F7F3-B909-4292-B791-AAA959155DE0}) (Version: 4.14.9788 - Apache Software Foundation)
Opera Stable 95.0.4635.37 (HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\Opera 95.0.4635.37) (Version: 95.0.4635.37 - Opera Software)
pCon.planner ME (HKLM-x32\...\{81C6067F-C199-48DA-B146-83BACD756321}) (Version: 7.0.0.101 - EasternGraphics)
pCon.update DataClient 1.8.2 Patch 3 (HKLM-x32\...\{554EA232-0BF1-4248-B474-07FB0EF7F9CF}) (Version: 1.8.2.103 - EasternGraphics) Hidden
pCon.update DataClient 1.8.2 Patch 3 (HKLM-x32\...\pCon.update DataClient) (Version: 1.8.2.103 - EasternGraphics)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.148 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.9.422.2016 - Realtek)
Skype for Business Basic 2016 - en-us (HKLM\...\SkypeforBusinessEntryRetail - en-us) (Version: 16.0.16026.20146 - Microsoft Corporation)
Software602 Form Filler (HKLM-x32\...\{04703FE3-1A8B-4467-88E6-3D6A1A0FA65A}) (Version: 4.70 - Software602 a.s.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.8.32 - Synaptics Incorporated)
Synaptics WBF Fingerprint Reader (HKLM\...\{2EB365E9-44C2-4501-AC32-2535B29A7FDE}) (Version: 4.5.338.0 - Synaptics)
System Explorer 7.0.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.7174 - Microsoft Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
TZB modelár AC23 R1 CZE (HKLM\...\ARCHICAD MEP Add-On 23.0 CZE FULL R1 1) (Version: 23.0.0.3003 - GRAPHISOFT SE)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
uTorrent Web (HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\utweb) (Version: 1.1.2 - BitTorrent, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VirtualDJ 8 (HKLM-x32\...\{F7A68F9D-BBF0-48FF-B138-2EFB5165638C}) (Version: 8.0.2048.0 - Atomix Productions)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.40 of 2016-Dec-22 (Build 2402) (Setup) - WIBU-SYSTEMS AG)
Windows Movie Maker 2019 (HKLM\...\{9CC29C6A-B5FE-497B-8F23-52A2557A92C0}}_is1) (Version: - VideoWin)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
XnViewMP 0.98.4 (HKLM\...\XnViewMP_is1) (Version: 0.98.4 - Gougelet Pierre-e)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-12] (Autodesk Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-10] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-12-08] (Microsoft Corporation)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.228.0_x64__v10z8vjag6ke6 [2023-01-22] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.23.20.0_x64__v10z8vjag6ke6 [2023-01-22] (HP Inc.)
HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_8.10.29.0_x64__v10z8vjag6ke6 [2022-04-02] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-02] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2855870008-473113554-853457262-1002_Classes\CLSID\{04271989-C4D2-858D-75A1-086687E6BE6F} -> [Budweis Discgolf Club, z.s] => C:\Users\Mr.Moon\Budweis Discgolf Club, z.s [2021-03-18 19:02]
CustomCLSID: HKU\S-1-5-21-2855870008-473113554-853457262-1002_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Mr.Moon\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21105.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2855870008-473113554-853457262-1002_Classes\CLSID\{DEDBE4C9-9E87-40C5-B437-9AAB7EB9C667}\InprocServer32 -> C:\Program Files (x86)\EasternGraphics\EGR-ShellExtension\Win64\egr_se.dll (EasternGraphics GmbH -> EasternGraphics)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-01-02] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-01-02] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-01-02] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-01-02] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-02-13] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxDTCM.dll [2020-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2022-07-06] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-01-02] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-02-13] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Mr.Moon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
Shortcut: C:\Users\Mr.Moon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com
ShortcutWithArgument: C:\Users\Mr.Moon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=ChromeDefaultData

==================== Loaded Modules (Whitelisted) =============

2023-01-02 10:47 - 2023-01-02 10:47 - 000122368 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\7fddf0feec7e99896c1e5a6cf1927a1b\BRIDGECommon.ni.dll
2023-01-02 10:48 - 2023-01-02 10:48 - 000113152 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\ce7a2bdda4ab4126b61cac38931c0d87\BridgeExtension.ni.dll
2022-01-24 00:19 - 2019-04-22 15:50 - 001370112 _____ (Conexant Systems LLC.) [File not signed] C:\Program Files\Conexant\SA3\HP-NB-AIO\CxHDAudioAPI.dll
2016-08-24 18:45 - 2016-08-24 18:45 - 000382464 _____ (Crossmatch, Inc.) [File not signed] C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPCPFelica.dll
2016-08-24 18:43 - 2016-08-24 18:43 - 000337920 _____ (Crossmatch, Inc.) [File not signed] C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPDevice2.dll
2016-08-24 18:46 - 2016-08-24 18:46 - 000456192 _____ (Crossmatch, Inc.) [File not signed] C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPDevice5.dll
2013-01-23 23:03 - 2013-01-23 23:03 - 000113496 _____ (Hewlett-Packard Company -> Hewlett-Packard Development Company L.P.) [File not signed] [File is in use] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\CaslShared.dll
2013-01-23 23:03 - 2013-01-23 23:03 - 000092504 _____ (Hewlett-Packard Company -> Hewlett-Packard Development Company L.P.) [File not signed] [File is in use] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\hpcasl.dll
2013-03-26 21:12 - 2013-03-26 21:12 - 000056832 _____ (Hewlett-Packard Development Company, L.P.) [File not signed] [File is in use] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HP.Mobile.Shared.dll
2016-08-24 18:09 - 2016-08-24 18:09 - 000220160 _____ (RFIDeas) [File not signed] C:\Program Files\HP\HP ProtectTools Security Manager\Bin\pcProxAPI.dll
2022-01-23 15:55 - 2020-03-04 17:16 - 001431552 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\CONEXANT\Flow\x64\SQLite.Interop.dll
2017-08-16 13:15 - 2017-08-16 13:15 - 000018944 _____ (Softland) [File not signed] C:\WINDOWS\System32\novamn8.dll
2017-10-23 19:15 - 2015-07-14 11:27 - 000036864 _____ (Windows (R) Win 7 DDK provider) [File not signed] C:\WINDOWS\System32\602localmon.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2023-01-10] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\ssv.dll [2023-01-02] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\jp2ssv.dll [2023-01-02] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2023-01-10] (HP Inc. -> HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-01] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\sharepoint.com -> hxxps://discgolfcb-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2019-01-05 00:42 - 000000769 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64_win\compiler;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-2855870008-473113554-853457262-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Mr.Moon\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{de29e945-9597-41f6-9bc0-9ed4db73ed2b}.jpg
DNS Servers: 10.255.255.10 - 10.255.255.20
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "CodeMeter Control Center.lnk"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\StartupApproved\Run: => "GarminExpress"
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B344C037-3AD5-4C0E-82E9-35D1BD54C745}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [UDP Query User{E35F2E31-2D89-487F-9379-8F04722A04D9}C:\program files\graphisoft\archicad 16\licensefilegenerator.exe] => (Allow) C:\program files\graphisoft\archicad 16\licensefilegenerator.exe (Graphisoft SE) [File not signed]
FirewallRules: [TCP Query User{F44998A4-61C2-4E98-B1EE-01E5211721B0}C:\program files\graphisoft\archicad 16\licensefilegenerator.exe] => (Allow) C:\program files\graphisoft\archicad 16\licensefilegenerator.exe (Graphisoft SE) [File not signed]
FirewallRules: [{B2F204C1-49EF-41F6-8EC6-5377E0BD79E2}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 16\GSQuickTimeServer\GSQTServer.exe (Graphisoft SE) [File not signed]
FirewallRules: [{E23839F9-9B05-4A2E-99B7-C5A975808A53}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 16\GSQuickTimeServer\GSQTServer.exe (Graphisoft SE) [File not signed]
FirewallRules: [{549F409D-9B27-4CE6-9830-1F7E0EC91958}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 16\ArchiCAD.exe (Graphisoft SE) [File not signed]
FirewallRules: [{9D6A03E7-149B-47F7-9BD3-E1101E747355}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 16\ArchiCAD.exe (Graphisoft SE) [File not signed]
FirewallRules: [UDP Query User{B6176517-924A-485F-9F3B-CC7D7919F4B6}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [TCP Query User{A751A77F-09EC-42F9-A7B3-43FF81503918}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [{7E246655-5DE0-4BD0-B13F-E51CDF7A4E8D}] => (Allow) LPort=8501
FirewallRules: [{5C965D92-A274-43E9-B08F-CDFAFE7D9578}] => (Allow) LPort=8501
FirewallRules: [UDP Query User{1D0127EC-084C-4052-A632-762E56D4B491}D:\mr.moon\hry\games\warcraft iii 1.24.4\war3.exe] => (Block) D:\mr.moon\hry\games\warcraft iii 1.24.4\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [TCP Query User{71DE31FA-A031-4A54-B487-49DAE45FC8EB}D:\mr.moon\hry\games\warcraft iii 1.24.4\war3.exe] => (Block) D:\mr.moon\hry\games\warcraft iii 1.24.4\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [UDP Query User{3065A6F1-B139-4956-AFF4-5B1BCD4D3AFD}H:\games\warcraft iii 1.24.4\war3.exe] => (Allow) H:\games\warcraft iii 1.24.4\war3.exe => No File
FirewallRules: [TCP Query User{D1B95E1E-8C89-4D05-982D-BD218B147D0C}H:\games\warcraft iii 1.24.4\war3.exe] => (Allow) H:\games\warcraft iii 1.24.4\war3.exe => No File
FirewallRules: [{DE61AB0D-6F6F-4EEA-A6B4-4F491607F4F0}] => (Allow) C:\Users\Mr.Moon\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6A68A78F-8648-42B3-8CD9-5678599E33FD}] => (Allow) C:\Users\Mr.Moon\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{AC92156B-EA3D-4673-B57E-825F8C71936C}] => (Allow) C:\Users\Mr.Moon\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{599398A9-216C-4A0B-BD03-06CCE72461B3}] => (Allow) C:\Users\Mr.Moon\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6F2ABEC5-1223-4D80-90AE-6B55F8B14756}] => (Allow) C:\Users\Mr.Moon\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{1A1865C4-06C1-4C53-9743-1ACC41D9CA20}] => (Allow) C:\Users\Mr.Moon\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{ACC04BC1-A965-417C-BB02-6FE711C19F8F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{34A8FC4F-3AD5-4FCA-A1D1-A40B8E4048CB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{20AC8B10-B3DE-4E41-AF4F-E6D8BD66EAAD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{C99C296A-3499-4F1F-BF69-0FBCABE44FC6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{05E89346-EF4A-436D-A511-0F64240334D8}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{6C5AD390-A115-4054-BBC2-ECD17351C01D}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{1E97EDFA-41C0-4B23-90B5-7F7550333A48}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{FC89D26D-CC7B-4E2C-96D9-554731B1F4AD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [TCP Query User{FE4E0B16-4B82-4A3B-8C64-8E1BD3A77D55}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe => No File
FirewallRules: [UDP Query User{D6E5F161-EF8F-4B52-98B2-7EA0E84456A4}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe => No File
FirewallRules: [{C2EE5572-087E-4651-B3EB-200BAC23A2B6}] => (Allow) C:\Users\Mr.Moon\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
FirewallRules: [{9D1011E0-635B-46BD-BCD7-6FD63A7E3B8B}] => (Allow) C:\Users\Mr.Moon\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
FirewallRules: [TCP Query User{077CA15D-5C4B-48E5-A6EF-863813F59FBA}C:\users\mr.moon\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\mr.moon\appdata\roaming\utorrent web\utweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
FirewallRules: [UDP Query User{AE85C399-09F8-46F5-80A0-0B796CB32A3E}C:\users\mr.moon\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\mr.moon\appdata\roaming\utorrent web\utweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
FirewallRules: [{8537EFD9-B3E1-4A82-A7C1-96CC663C315A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{51201C49-EE54-4FA7-8958-E0CA856170B3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A77CC712-4518-4886-9CFB-D7924A1CFABE}] => (Block) C:\Program Files\GRAPHISOFT\ARCHICAD 23\ARCHICAD.exe (GRAPHISOFT SE) [File not signed]
FirewallRules: [{3B6F887F-1575-4AA8-ADA5-DB62A4F14F83}] => (Block) C:\Program Files\GRAPHISOFT\ARCHICAD 23\ARCHICAD Starter.exe (GRAPHISOFT SE) [File not signed]
FirewallRules: [{C0C64277-62CA-4DBA-8316-EA4DCF5D529A}] => (Block) C:\Program Files\GRAPHISOFT\ARCHICAD 23\CineRender\CineRenderNEM.exe (MAXON Computer GmbH -> MAXON Computer GmbH)
FirewallRules: [{CD3A4FDA-6A98-4521-8365-D3E24D667AA1}] => (Block) C:\Program Files\GRAPHISOFT\ARCHICAD 23\BIMxUploader.exe (GRAPHISOFT SE) [File not signed]
FirewallRules: [{84C7714F-7665-4633-88B0-9F08D01584CE}] => (Block) C:\Program Files\GRAPHISOFT\ARCHICAD 23\OverwatchServer.exe (GRAPHISOFT SE) [File not signed]
FirewallRules: [{D3E0E303-C50A-4B19-BBAD-0F78D7335792}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{E0EC93DA-1261-4D89-AE5D-BBD8BDCC1BA5}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{CE346013-1FF9-49A3-8A96-AA9E8D06C58F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{30A3386D-1562-4352-86FA-35F27BD899DF}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C182720D-4BDA-43BF-BB3A-2E8660959656}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DB2FFA86-F62A-4264-80FC-8826563AF8A4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{04BAB891-ACBF-4542-8364-4BB647F4C2AA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{A959C7DE-23AF-458F-AD67-27BAAD31F7EB}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{7EFB2377-C568-4F62-B132-D81C852A5F21}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{893EBD6D-A7C9-40C0-923F-C15B5A8EA6DC}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.78\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EED5E5BC-ED3C-4929-847F-EDF13111E1E1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server

==================== Restore Points =========================

09-02-2023 19:11:26 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/13/2023 08:16:52 PM) (Source: HPTouchpointAnalyticsService) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
at HP.TouchpointAnalyticsClient.Commons.Utils.HpsaUtils.get_HpsaVersion()
at HP.TouchpointAnalyticsClient.Commons.Objects.Unit.DefaultAccountNameProvider.get_Hpsa()
at HP.TouchpointAnalyticsClient.Commons.Objects.Unit.FindAccountName(IAccountNameProvider nameProvider)
at HP.TouchpointAnalyticsClient.Commons.Objects.Unit.CreateDefault()
at HP.TouchpointAnalyticsClient.Service.ClientScheduler..ctor()
at HP.TouchpointAnalyticsClient.Service.TouchpointAnalyticsClientService.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/13/2023 08:16:07 PM) (Source: CertEnroll) (EventID: 87) (User: NT AUTHORITY)
Description: Registrace certifikátu SCEP pro WORKGROUP\DESKTOP-NPUD7BO$ přes https://IFX-KeyId-9c7df5a91c3d49bbe7378 ... s/Aik/scep se nepovedla:

SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request. TPM firmware needs update."}
HTTP/1.1 400 Bad Request
Date: Mon, 13 Feb 2023 19:16:07 GMT
Content-Length: 101
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 7b2e9b7d-6022-4aec-83b5-92ea1dad35b8

Metoda: POST(7125ms)
Fáze: SubmitDone
Chybná žádost (400) 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)

Error: (02/13/2023 08:13:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe, verze: 10.0.19041.1806, časové razítko: 0x7dcad237
Název chybujícího modulu: SyncController.dll, verze: 10.0.19041.746, časové razítko: 0x2aa6ba67
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000003d3bc
ID chybujícího procesu: 0x1008
Čas spuštění chybující aplikace: 0x01d93fd65904cf28
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\SyncController.dll
ID zprávy: 11692ea9-4b71-49f5-9466-14d120521102
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/13/2023 07:09:52 PM) (Source: HPTouchpointAnalyticsService) (EventID: 0) (User: )
Description: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object.
at HP.TouchpointAnalyticsClient.Commons.Utils.HpsaUtils.get_HpsaVersion()
at HP.TouchpointAnalyticsClient.Commons.Objects.Unit.DefaultAccountNameProvider.get_Hpsa()
at HP.TouchpointAnalyticsClient.Commons.Objects.Unit.FindAccountName(IAccountNameProvider nameProvider)
at HP.TouchpointAnalyticsClient.Commons.Objects.Unit.CreateDefault()
at HP.TouchpointAnalyticsClient.Service.ClientScheduler..ctor()
at HP.TouchpointAnalyticsClient.Service.TouchpointAnalyticsClientService.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/13/2023 07:09:05 PM) (Source: CertEnroll) (EventID: 87) (User: NT AUTHORITY)
Description: Registrace certifikátu SCEP pro WORKGROUP\DESKTOP-NPUD7BO$ přes https://IFX-KeyId-9c7df5a91c3d49bbe7378 ... s/Aik/scep se nepovedla:

SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request. TPM firmware needs update."}
HTTP/1.1 400 Bad Request
Date: Mon, 13 Feb 2023 18:09:05 GMT
Content-Length: 101
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: f762e6d7-0a0e-48d3-94ad-3459b869e9f2

Metoda: POST(3063ms)
Fáze: SubmitDone
Chybná žádost (400) 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)

Error: (02/13/2023 07:07:04 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (02/13/2023 07:07:04 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (02/13/2023 07:07:03 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.


System errors:
=============
Error: (02/14/2023 08:14:10 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (02/14/2023 08:11:58 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (02/14/2023 08:11:34 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (02/14/2023 08:11:10 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (02/14/2023 08:10:15 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (02/14/2023 08:10:12 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (02/14/2023 08:09:33 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (02/14/2023 08:09:10 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.


CodeIntegrity:
===============
Date: 2023-02-14 20:10:14
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2023-02-14 20:08:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2023-02-14 20:08:10
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: HP P85 Ver. 01.35 07/14/2020
Motherboard: HP 8231
Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 52%
Total physical RAM: 8083.75 MB
Available physical RAM: 3866.29 MB
Total Virtual: 9491.75 MB
Available Virtual: 4452.29 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:115.8 GB) (Free:8.77 GB) (Model: SAMSUNG MZNTY128HDHP-000H1) NTFS
Drive d: (DATADRIVE0) (Fixed) (Total:931.39 GB) (Free:293.82 GB) (Model: TOSHIBA MQ01ABD100) NTFS
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.99 GB) (Model: SAMSUNG MZNTY128HDHP-000H1) FAT32
Drive f: (THE_FORCE_AWAKENS) (CDROM) (Total:7.05 GB) (Free:0 GB) UDF

\\?\Volume{9f8328ee-4e74-4bf3-8a0e-6d505b3db78b}\ () (Fixed) (Total:0.96 GB) (Free:0.18 GB) NTFS
\\?\Volume{146b9a2b-751e-4f23-ad4c-72482e958cbb}\ (SYSTEM) (Fixed) (Total:0.35 GB) (Free:0.26 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4D5962CF)

Partition: GPT.

==========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: A4776A55)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Popup vir

Napsal: 14 úno 2023 21:11
od Rudy
Kde je log FRST? Bez něj to nedočistíme.

Re: Popup vir

Napsal: 14 úno 2023 21:27
od Mr.Moon
Omlouvám se, špatný okno.
Znovu zde:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-02-2023 01
Ran by Mr.Moon (administrator) on DESKTOP-NPUD7BO (HP HP ProBook 450 G4) (14-02-2023 20:10:46)
Running from C:\Users\Mr.Moon\Desktop
Loaded Profiles: Mr.Moon
Platform: Microsoft Windows 10 Home Version 22H2 19045.2486 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe ->) (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Users\Mr.Moon\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Mr.Moon\AppData\Local\Microsoft\OneDrive\23.020.0125.0003\Microsoft.SharePoint.exe
(C:\Users\Mr.Moon\AppData\Local\Programs\Opera\launcher.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Mr.Moon\AppData\Local\Programs\Opera\95.0.4635.37_0\opera_autoupdate.exe <2>
(C:\Windows\CxSvc\CxAudioSvc.exe ->) (Synaptics Incorporated -> Conexant Systems LLC.) C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SmartAudio3.exe
(C:\Windows\CxSvc\CxAudioSvc.exe ->) (Synaptics Incorporated -> Conexant Systems, Inc) C:\Program Files\CONEXANT\Flow\Flow.exe
(DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HotKeyServiceUWP.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HPHotkeyNotification.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxEM.exe
(explorer.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(Hewlett-Packard -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe <2>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Conexant Systems LLC.) [File not signed] C:\Windows\CxSvc\CxUtilSvc.exe
(services.exe ->) (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe
(services.exe ->) (Hewlett Packard Enterprise Company -> Hewlett Packard Enterprise Company) C:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe
(services.exe ->) (Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HotKeyServiceUWP.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\LanWlanWwanSwitchingServiceUWP.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(services.exe ->) (HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(services.exe ->) (Synaptics Incorporated -> Conexant Systems LLC.) C:\Windows\CxSvc\CxAudioSvc.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Mr.Moon\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe <2>
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22122.94.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Mr.Moon\AppData\Local\Programs\Opera\launcher.exe
(svchost.exe ->) (Synaptics Incorporated -> Conexant) C:\Windows\System32\MicTray64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtsCM] => C:\windows\RTSCM64.EXE [225248 2019-10-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-11-10] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [215960 2023-01-02] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [664848 2016-04-26] (Hewlett-Packard Company -> HP Inc.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [338000 2015-06-22] (Hewlett-Packard -> Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [109324536 2021-03-12] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [708840 2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38935376 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\Run: [utweb] => C:\Users\Mr.Moon\AppData\Roaming\uTorrent Web\utweb.exe [5617792 2020-12-01] (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\Run: [Zoner Photo Studio Autoupdate] => "C:\Users\Mr.Moon\AppData\Local\Programs\Zoner\ZPS X\binary\Program32\ZPSTRAY.EXE" (No File)
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31193432 2022-01-12] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\Run: [Opera Stable] => C:\Users\Mr.Moon\AppData\Local\Programs\Opera\launcher.exe [2635208 2023-02-08] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\Policies\Explorer: []
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\MountPoints2: {1be875f9-60b9-11ec-bc90-c8d3ffceea71} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\MountPoints2: {291e4d01-8079-11ec-bc97-c8d3ffceea71} - "H:\Lenovo_Suite.exe"
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\MountPoints2: {7333d0d9-89ac-11eb-bc6d-c8d3ffceea71} - "H:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\novaPDF Port Monitor: C:\windows\system32\novamn8.dll [18944 2017-08-16] (Softland) [File not signed]
HKLM\...\Print\Monitors\Software602 XPS port monitor: C:\windows\system32\602localmon.dll [36864 2015-07-14] (Windows (R) Win 7 DDK provider) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\110.0.5481.77\Installer\chrmstp.exe [2023-02-09] (Google LLC -> Google LLC)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2021-03-21]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2016-11-16]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{0F5EBB0D-DF6D-4DBE-9789-57BF05B3B0FD}\HPlogo_blue.ico () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk [2021-03-21]
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00F93CFB-A63E-4928-A1D3-3FEF5C32BD58} - System32\Tasks\doPDF Update => C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [687544 2017-08-16] (Softland SRL -> )
Task: {1AED1D44-B8F7-4E37-ADDB-4D487C273A52} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {21B44A73-09A8-415E-9C73-9827E10D3165} - System32\Tasks\Microsoft\Windows\Conexant\SynaMonApp => C:\Windows\System32\SynaMonApp.exe [170496 2018-10-30] (Synaptics Incorporated) [File not signed]
Task: {2524EC0E-425E-404A-8528-3AAD4233DED6} - System32\Tasks\pCon.update DataClient (Mr.Moon) => C:\Program Files (x86)\EasternGraphics\pCon.update\DataClient\bin\dc.exe [2369840 2014-10-09] (EasternGraphics GmbH -> EasternGraphics GmbH)
Task: {463EAA14-060A-42CB-AA34-F3972032A11C} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {4D1CA2BD-B029-44CE-8A37-BCFC0AE5535D} - System32\Tasks\HP\HP Hotkey Support\Start QLBController Process => C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe (No File)
Task: {5D659CCA-F194-41CA-892D-E362190BD10F} - System32\Tasks\{523C9502-07C9-4D95-BD39-FBF3CA50DE96} => C:\WINDOWS\system32\pcalua.exe -a "H:\games\Warcraft III 1.24.4\Frozen Throne.exe" -d "H:\games\Warcraft III 1.24.4"
Task: {62A7092E-F5A9-4D9E-8A87-7983F0424E37} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114616 2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {655F6F98-F59C-4D86-B1BF-6C95AF61E88E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-01-10] (Google Inc -> Google Inc.)
Task: {658CC622-28D8-47E7-9750-FAF32B9B303E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (No File)
Task: {65FD24C3-1D64-434B-999A-C7C2E51DB714} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
Task: {727E8868-54AF-481B-AC35-5A29EF4697EC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [715744 2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {7AD9D03E-CE4C-4DB0-957F-1C68B8E53F22} - System32\Tasks\Microsoft\Windows\Conexant\MicTray => C:\Windows\System32\MicTray64.exe [5009512 2020-06-13] (Synaptics Incorporated -> Conexant)
Task: {7CA79BAB-829C-4275-BF9C-E3362685FB4C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-01-11] (Piriform Software Ltd -> Piriform)
Task: {7E78516A-F814-45DB-8FCA-5FD933D75321} - System32\Tasks\CCleanerSkipUAC - Mr.Moon => C:\Program Files\CCleaner\CCleaner.exe [32617808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {803C5FF4-9A82-400E-B619-80DA2AF3A986} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [26968 2022-01-12] (Garmin International, Inc. -> )
Task: {813572DB-9805-4BE7-A142-C7F97B6D2D3D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334160 2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {A683C5CC-1526-4C4D-A4FC-C5FC268FEDE8} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114616 2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {A6B655F7-3344-4CA9-976A-590E6E60DB76} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334160 2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {A9AB0F59-30B2-4C9C-B63A-A464F4A37C4F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4954008 2023-01-02] (Avast Software s.r.o. -> AVAST Software)
Task: {AE290EBB-2275-4B36-8A28-A42DD7314E80} - System32\Tasks\Thuhaent Reports => C:\Program Files (x86)\Ckudalycotaied\coerheght.exe dd5f483f-22ba-4fe2-8731-37dce570a7c0 (No File)
Task: {B6D0A447-368C-488C-A0CF-1E075E976F58} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_130_pepper.exe [1286144 2017-09-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {BE729E7E-ED7D-4120-B5B9-497A96FBB95A} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-09-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {C2586D29-12F5-41D8-AC84-BC68EFAAC805} - System32\Tasks\Opera scheduled Autoupdate 1675974763 => C:\Users\Mr.Moon\AppData\Local\Programs\Opera\launcher.exe [2635208 2023-02-08] (Opera Norway AS -> Opera Software)
Task: {CCC0CD41-79D5-4470-8655-050F46813CA7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2295192 2023-01-31] (Avast Software s.r.o. -> Avast Software)
Task: {CD680D71-6095-48DA-9A99-074659A43730} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-01-10] (HP Inc. -> HP Inc.)
Task: {D365EE47-5E0B-4BFD-B554-935D035F9A75} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4713808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "7865719a-0b92-450b-8023-026ab5e0a8c2" --version "6.08.10255" --silent
Task: {D3C65CC6-E22E-4B01-9215-1F706FACCC92} - System32\Tasks\{BB1F8A39-41B8-40F4-B1AC-45CE6088176A} => C:\WINDOWS\system32\pcalua.exe -a "D:\Mr.Moon\hry\games\Warcraft III 1.24.4\Frozen Throne.exe" -d "D:\Mr.Moon\hry\games\Warcraft III 1.24.4"
Task: {D41E5BC5-0000-4967-A341-323C5CBE770D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-01-10] (Google Inc -> Google Inc.)
Task: {D939445E-0B3C-4CFB-AAE3-941F253D1A55} - System32\Tasks\HPJumpStartProvider => C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe [843800 2016-06-02] (HP Inc. -> )
Task: {F0DE5D4A-D04D-4195-8551-56F1827ECD84} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [847392 2023-01-10] (HP Inc. -> HP Inc.)
Task: {F582EAD5-8902-4AD0-926B-1867A0DEDD26} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\pCon.update DataClient (Mr.Moon).job => C:\Program Files (x86)\EasternGraphics\pCon.update\DataClient\bin\dc.exe-tray_modeDESKTOP-NPUD7BO\Mr.MoonnAutomatically created task for pCon.update.Please do not change this taskmanually, use pCon.upd

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{5f4b3815-d773-4ae4-8886-bfbf1114f62a}: [DhcpNameServer] 10.255.255.10 10.255.255.20

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\Mr.Moon\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-22]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-01-21] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @graphisoft.com/GDL Web Plug-in -> C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll [2012-09-04] () [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.333.2 -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\dtplugin\npDeployJava1.dll [2023-01-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.333.2 -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\plugin2\npjp2.dll [2023-01-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s. -> Software602 a.s.)

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR Profile: C:\Users\Mr.Moon\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2023-02-14] <==== ATTENTION
CHR Notifications: ChromeDefaultData -> hxxps://badoo.com
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\Mr.Moon\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-02-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\Mr.Moon\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-09]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Mr.Moon\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-02-13]
CHR Extension: (HP Network Check Launcher) - C:\Users\Mr.Moon\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2021-11-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mr.Moon\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-03]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Mr.Moon\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2023-02-13]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKU\S-1-5-21-2855870008-473113554-853457262-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [jkfpchpiljkaemlpmpebnglgkomamfeo]

Opera:
=======
OPR Profile: C:\Users\Mr.Moon\AppData\Roaming\Opera Software\Opera Stable [2023-02-14]
OPR DownloadDir: D:\
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Mr.Moon\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-10-29]
OPR Extension: (Opera Wallet) - C:\Users\Mr.Moon\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-01-21]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Mr.Moon\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-17]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-09-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8553880 2023-01-02] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [597400 2023-01-02] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [597400 2023-01-02] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12553648 2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
S4 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [9760664 2018-12-19] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
R2 CxAudioSvc; C:\WINDOWS\CxSvc\CxAudioSvc.exe [96432 2020-09-08] (Synaptics Incorporated -> Conexant Systems LLC.)
R2 CxUtilSvc; C:\WINDOWS\CxSvc\CxUtilSvc.exe [166400 2019-06-25] (Conexant Systems LLC.) [File not signed]
R2 DpHost; C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe [524736 2016-08-24] (DigitalPersona, Inc. -> Crossmatch, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-11-11] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [567888 2016-08-11] (Hewlett Packard Enterprise Company -> Hewlett-Packard Company)
R2 fpCsEvtSvc; C:\WINDOWS\System32\fpCSEvtSvc.exe [22424 2019-10-02] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HotKeyServiceUWP.exe [1561032 2022-10-12] (HP Inc. -> HP Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [File not signed]
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [797640 2023-01-10] (HP Inc. -> HP Inc.)
R2 HpDamServiceHost; c:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe [20376 2016-08-09] (Hewlett Packard Enterprise Company -> Hewlett Packard Enterprise Company)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [796616 2023-01-10] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [459800 2016-06-02] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [793000 2023-01-10] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1077752 2016-09-28] (HP Inc. -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [796584 2023-01-10] (HP Inc. -> HP Inc.)
S2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-04-18] (Hewlett-Packard Company -> HP Inc.)
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\LanWlanWwanSwitchingServiceUWP.exe [606664 2022-10-12] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8967840 2023-02-13] (Malwarebytes Inc. -> Malwarebytes)
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [53176 2017-08-16] (Softland SRL -> Microsoft)
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Miroslav Topolar -> Mister Group)
R2 valWBFPolicyService; C:\WINDOWS\System32\valWBFPolicyService.exe [91032 2019-10-02] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [31424 2023-01-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [229208 2023-01-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [391272 2023-01-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297832 2023-01-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95960 2023-01-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-18] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39648 2023-01-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [267888 2023-01-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [555560 2023-01-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105248 2023-01-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80376 2023-01-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [852000 2023-01-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [695504 2023-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [212632 2023-01-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318456 2023-01-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [284672 2021-04-17] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 DAMDrv; C:\WINDOWS\system32\DRIVERS\DAMDrv64.sys [76432 2016-08-11] (Hewlett Packard Enterprise Company -> Hewlett-Packard Enterpise Company)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-04-27] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-04-27] (Disc Soft Ltd -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-02-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-02-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-02-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198088 2023-02-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [76216 2023-02-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-02-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181816 2023-02-13] (Malwarebytes Inc. -> Malwarebytes)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-01-02] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 WIBUKEY; C:\WINDOWS\System32\DRIVERS\WibuKey64.sys [118200 2019-06-21] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-02-14 20:11 - 2023-02-14 20:11 - 000000000 ___HD C:\$WinREAgent
2023-02-13 20:15 - 2023-02-13 20:15 - 000181816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-02-13 20:13 - 2023-02-13 20:13 - 000004204 ____C C:\Users\Mr.Moon\Desktop\AdwCleaner[C00].txt
2023-02-13 20:11 - 2023-02-13 20:11 - 000000000 ____D C:\AdwCleaner
2023-02-13 20:10 - 2023-02-13 20:10 - 008791352 _____ (Malwarebytes) C:\Users\Mr.Moon\Desktop\adwcleaner.exe
2023-02-13 19:06 - 2023-02-13 19:06 - 000617381 ____C C:\Users\Mr.Moon\Desktop\txt.txt
2023-02-13 18:49 - 2023-02-13 20:15 - 000000000 ___DC C:\Users\Mr.Moon\AppData\LocalLow\IGDump
2023-02-13 18:47 - 2023-02-13 18:47 - 000000000 ____D C:\Users\Mr.Moon\AppData\Local\mbam
2023-02-13 18:45 - 2023-02-13 18:45 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-02-13 18:45 - 2023-02-13 18:45 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-02-13 18:44 - 2023-02-13 18:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-02-13 18:44 - 2023-02-13 18:44 - 000000000 ____D C:\Program Files\Malwarebytes
2023-02-13 18:41 - 2023-02-13 18:41 - 002555248 ____C (Malwarebytes) C:\Users\Mr.Moon\Desktop\MBSetup.exe
2023-02-09 21:34 - 2023-02-09 21:36 - 000056380 ____C C:\Users\Mr.Moon\Desktop\Addition.txt
2023-02-09 21:32 - 2023-02-09 21:32 - 000004222 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1675974763
2023-02-09 21:32 - 2023-02-09 21:32 - 000001520 ____C C:\Users\Mr.Moon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2023-02-09 21:31 - 2023-02-09 21:31 - 002862960 _____ (Opera Software) C:\Users\Mr.Moon\Downloads\OperaSetup (1).exe
2023-02-09 21:28 - 2023-02-09 21:28 - 000000000 ___HD C:\$AV_ASW
2023-02-09 21:24 - 2023-02-14 20:11 - 000037884 ____C C:\Users\Mr.Moon\Desktop\FRST.txt
2023-02-09 21:11 - 2023-02-14 20:11 - 000000000 ____D C:\FRST
2023-02-09 21:10 - 2023-02-09 21:10 - 002378240 _____ (Farbar) C:\Users\Mr.Moon\Desktop\FRST64.exe
2023-02-09 21:09 - 2023-02-09 21:09 - 002080256 _____ (Farbar) C:\Users\Mr.Moon\Downloads\FRST (1).exe
2023-02-09 21:08 - 2023-02-09 21:09 - 002080256 _____ (Farbar) C:\Users\Mr.Moon\Desktop\FRST.exe
2023-02-09 21:01 - 2023-02-09 21:02 - 002862960 _____ (Opera Software) C:\Users\Mr.Moon\Downloads\OperaSetup.exe
2023-01-21 01:12 - 2023-02-13 19:17 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-02-14 20:10 - 2017-05-05 21:03 - 000000000 ____D C:\Program Files\CCleaner
2023-02-14 20:10 - 2017-01-10 18:13 - 000000000 ____D C:\Program Files (x86)\Google
2023-02-14 20:07 - 2021-01-18 20:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-02-14 20:07 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-02-13 20:18 - 2021-01-18 20:15 - 001841486 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-02-13 20:18 - 2019-12-07 15:41 - 000766654 _____ C:\WINDOWS\system32\perfh005.dat
2023-02-13 20:18 - 2019-12-07 15:41 - 000170398 _____ C:\WINDOWS\system32\perfc005.dat
2023-02-13 20:18 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-02-13 20:16 - 2017-10-21 16:29 - 000000000 ___DC C:\Users\Mr.Moon\AppData\Local\AVAST Software
2023-02-13 20:15 - 2021-03-18 19:02 - 000000000 ___RD C:\Users\Mr.Moon\Budweis Discgolf Club, z.s
2023-02-13 20:15 - 2017-01-09 11:37 - 000000000 ___RD C:\Users\Mr.Moon\OneDrive
2023-02-13 20:14 - 2021-01-18 20:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-02-13 20:14 - 2021-01-18 20:08 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-13 20:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-02-13 20:14 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-02-13 20:14 - 2018-09-04 17:27 - 000000000 ___DC C:\Users\Mr.Moon\AppData\Local\CrashDumps
2023-02-13 20:14 - 2017-09-26 20:52 - 000000000 ____D C:\ProgramData\Synaptics
2023-02-13 20:14 - 2017-09-26 20:51 - 000000000 ____D C:\ProgramData\NVIDIA
2023-02-13 20:14 - 2017-01-14 14:27 - 000000000 ____D C:\ProgramData\AVAST Software
2023-02-13 20:14 - 2017-01-09 11:35 - 000000000 __SHD C:\Users\Mr.Moon\IntelGraphicsProfiles
2023-02-13 20:14 - 2016-11-16 16:19 - 000000000 ___DC C:\Intel
2023-02-13 20:12 - 2019-03-30 23:29 - 000000000 ___DC C:\Users\Mr.Moon\AppData\Local\Lavasoft
2023-02-13 20:12 - 2019-03-30 23:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2023-02-13 20:12 - 2019-03-30 23:28 - 000000000 ___DC C:\Users\Mr.Moon\AppData\Roaming\Lavasoft
2023-02-13 20:12 - 2019-03-30 23:28 - 000000000 ____D C:\ProgramData\Lavasoft
2023-02-13 20:12 - 2019-03-30 23:28 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2023-02-13 19:17 - 2020-06-05 23:17 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-02-13 19:17 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-02-13 19:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-02-13 19:06 - 2021-01-18 20:11 - 000000000 ____D C:\Users\Mr.Moon
2023-02-13 19:05 - 2018-08-14 09:34 - 000000000 ___DC C:\Users\Mr.Moon\AppData\Local\D3DSCache
2023-02-13 19:03 - 2017-04-27 21:13 - 000000000 ___DC C:\Users\Mr.Moon\AppData\Local\Mezety
2023-02-13 18:45 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-02-13 18:41 - 2021-12-12 14:14 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2855870008-473113554-853457262-1002
2023-02-13 18:41 - 2021-01-18 20:19 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2855870008-473113554-853457262-1002
2023-02-13 18:41 - 2021-01-18 20:11 - 000002436 ____C C:\Users\Mr.Moon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-02-13 18:40 - 2021-01-18 20:19 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-02-13 18:38 - 2022-09-22 11:36 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-02-13 18:38 - 2017-01-09 17:47 - 000000000 ____D C:\Program Files (x86)\Opera
2023-02-09 17:10 - 2021-01-18 20:19 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-02-09 17:10 - 2021-01-18 20:19 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-02-09 17:10 - 2017-01-10 18:13 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-02-07 22:49 - 2022-09-22 11:36 - 000003044 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-02-07 22:49 - 2021-08-22 19:12 - 000002254 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Mr.Moon
2023-02-07 22:49 - 2021-01-18 20:19 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-02-07 22:49 - 2021-01-18 20:19 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-02-07 22:49 - 2021-01-18 20:19 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-02-07 22:49 - 2021-01-18 20:19 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-02-07 22:49 - 2021-01-18 20:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2023-02-01 19:58 - 2021-03-21 11:33 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-02-01 19:58 - 2017-01-14 14:29 - 000695504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2023-01-31 19:56 - 2022-10-29 18:43 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-01-31 19:56 - 2022-10-29 18:43 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-01-24 22:38 - 2019-06-23 17:17 - 000000000 ___DC C:\Users\Mr.Moon\AppData\Local\BitTorrentHelper
2023-01-24 22:38 - 2017-05-05 15:25 - 000000000 ___DC C:\Users\Mr.Moon\AppData\Roaming\uTorrent
2023-01-24 22:35 - 2022-01-24 21:39 - 000000000 ____D C:\Users\Mr.Moon\AppData\Roaming\vlc
2023-01-24 22:12 - 2020-12-24 00:06 - 000000000 ___DC C:\Users\Mr.Moon\AppData\LocalLow\uTorrent
2023-01-22 16:35 - 2016-11-16 16:26 - 000000000 ____D C:\ProgramData\HP
2023-01-22 16:35 - 2016-09-02 09:01 - 000000000 ____D C:\Program Files\HP
2023-01-22 16:30 - 2020-09-30 20:46 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-01-22 16:07 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-01-22 15:27 - 2021-03-21 14:45 - 000000000 ___DC C:\Users\Mr.Moon\Desktop\Křemže
2023-01-22 15:27 - 2018-04-22 10:33 - 000000000 ___DC C:\Users\Mr.Moon\AppData\Roaming\Graphisoft
2023-01-22 15:27 - 2018-04-22 10:33 - 000000000 ___DC C:\Users\Mr.Moon\AppData\Local\Graphisoft
2023-01-22 15:27 - 2018-04-22 10:33 - 000000000 ____D C:\Users\Mr.Moon\Graphisoft
2023-01-15 21:04 - 2021-01-18 20:08 - 000499456 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-01-15 21:04 - 2017-03-09 12:47 - 000000000 ____D C:\Program Files\WinRAR
2023-01-15 21:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-01-15 21:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-01-15 21:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-01-15 21:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-01-15 19:07 - 2021-01-18 20:08 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

==================== Files in the root of some directories ========

2014-07-10 07:16 - 2014-07-10 07:16 - 002174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2019-10-16 12:04 - 2019-10-16 12:04 - 000000218 _____ () C:\Users\Mr.Moon\AppData\Local\recently-used.xbel
2018-03-29 20:51 - 2018-03-29 20:51 - 000000000 ____C () C:\Users\Mr.Moon\AppData\Local\{AB9A71B7-5220-47BF-88CB-9C023A673E5D}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: Popup vir

Napsal: 14 úno 2023 22:04
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [708840 2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\Policies\Explorer: []
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\MountPoints2: {1be875f9-60b9-11ec-bc90-c8d3ffceea71} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\MountPoints2: {291e4d01-8079-11ec-bc97-c8d3ffceea71} - "H:\Lenovo_Suite.exe"
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\MountPoints2: {7333d0d9-89ac-11eb-bc6d-c8d3ffceea71} - "H:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\novaPDF Port Monitor: C:\windows\system32\novamn8.dll [18944 2017-08-16] (Softland) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {4D1CA2BD-B029-44CE-8A37-BCFC0AE5535D} - System32\Tasks\HP\HP Hotkey Support\Start QLBController Process => C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe (No File)
Task: {5D659CCA-F194-41CA-892D-E362190BD10F} - System32\Tasks\{523C9502-07C9-4D95-BD39-FBF3CA50DE96} => C:\WINDOWS\system32\pcalua.exe -a "H:\games\Warcraft III 1.24.4\Frozen Throne.exe" -d "H:\games\Warcraft III 1.24.4"
Task: {655F6F98-F59C-4D86-B1BF-6C95AF61E88E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-01-10] (Google Inc -> Google Inc.)
Task: {658CC622-28D8-47E7-9750-FAF32B9B303E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (No File)
Task: {D41E5BC5-0000-4967-A341-323C5CBE770D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-01-10] (Google Inc -> Google Inc.)
Task: {F582EAD5-8902-4AD0-926B-1867A0DEDD26} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\Users\Mr.Moon\AppData\Local\{AB9A71B7-5220-47BF-88CB-9C023A673E5D}

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Popup vir

Napsal: 16 úno 2023 16:06
od Mr.Moon
Fix result of Farbar Recovery Scan Tool (x64) Version: 09-02-2023 01
Ran by Mr.Moon (16-02-2023 15:57:34) Run:1
Running from C:\Users\Mr.Moon\Desktop
Loaded Profiles: Mr.Moon
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [708840 2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\Policies\Explorer: []
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\MountPoints2: {1be875f9-60b9-11ec-bc90-c8d3ffceea71} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\MountPoints2: {291e4d01-8079-11ec-bc97-c8d3ffceea71} - "H:\Lenovo_Suite.exe"
HKU\S-1-5-21-2855870008-473113554-853457262-1002\...\MountPoints2: {7333d0d9-89ac-11eb-bc6d-c8d3ffceea71} - "H:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\novaPDF Port Monitor: C:\windows\system32\novamn8.dll [18944 2017-08-16] (Softland) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {4D1CA2BD-B029-44CE-8A37-BCFC0AE5535D} - System32\Tasks\HP\HP Hotkey Support\Start QLBController Process => C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe (No File)
Task: {5D659CCA-F194-41CA-892D-E362190BD10F} - System32\Tasks\{523C9502-07C9-4D95-BD39-FBF3CA50DE96} => C:\WINDOWS\system32\pcalua.exe -a "H:\games\Warcraft III 1.24.4\Frozen Throne.exe" -d "H:\games\Warcraft III 1.24.4"
Task: {655F6F98-F59C-4D86-B1BF-6C95AF61E88E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-01-10] (Google Inc -> Google Inc.)
Task: {658CC622-28D8-47E7-9750-FAF32B9B303E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (No File)
Task: {D41E5BC5-0000-4967-A341-323C5CBE770D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-01-10] (Google Inc -> Google Inc.)
Task: {F582EAD5-8902-4AD0-926B-1867A0DEDD26} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\Users\Mr.Moon\AppData\Local\{AB9A71B7-5220-47BF-88CB-9C023A673E5D}

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION => restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-2855870008-473113554-853457262-1002\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
HKU\S-1-5-21-2855870008-473113554-853457262-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1be875f9-60b9-11ec-bc90-c8d3ffceea71} => removed successfully
HKU\S-1-5-21-2855870008-473113554-853457262-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{291e4d01-8079-11ec-bc97-c8d3ffceea71} => removed successfully
HKU\S-1-5-21-2855870008-473113554-853457262-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7333d0d9-89ac-11eb-bc6d-c8d3ffceea71} => removed successfully
HKLM\System\CurrentControlSet\Control\Print\Monitors\novaPDF Port Monitor => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4D1CA2BD-B029-44CE-8A37-BCFC0AE5535D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D1CA2BD-B029-44CE-8A37-BCFC0AE5535D}" => removed successfully
C:\WINDOWS\System32\Tasks\HP\HP Hotkey Support\Start QLBController Process => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP\HP Hotkey Support\Start QLBController Process" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D659CCA-F194-41CA-892D-E362190BD10F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D659CCA-F194-41CA-892D-E362190BD10F}" => removed successfully
C:\WINDOWS\System32\Tasks\{523C9502-07C9-4D95-BD39-FBF3CA50DE96} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{523C9502-07C9-4D95-BD39-FBF3CA50DE96}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{655F6F98-F59C-4D86-B1BF-6C95AF61E88E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{655F6F98-F59C-4D86-B1BF-6C95AF61E88E}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{658CC622-28D8-47E7-9750-FAF32B9B303E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{658CC622-28D8-47E7-9750-FAF32B9B303E}" => removed successfully
C:\WINDOWS\System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D41E5BC5-0000-4967-A341-323C5CBE770D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D41E5BC5-0000-4967-A341-323C5CBE770D}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F582EAD5-8902-4AD0-926B-1867A0DEDD26}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F582EAD5-8902-4AD0-926B-1867A0DEDD26}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
C:\Users\Mr.Moon\AppData\Local\{AB9A71B7-5220-47BF-88CB-9C023A673E5D} => moved successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 57091335 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 47898658 B
Windows/system/drivers => 9632690 B
Edge => 72781 B
Chrome => 2052096 B
Firefox => 0 B
Opera => 250178725 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 29436 B
NetworkService => 29436 B
Mr.Moon => 1079627899 B

RecycleBin => 102441 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:58:14 ====

Re: Popup vir

Napsal: 16 úno 2023 16:19
od Rudy
Smazáno. Nastala nějaká změna?

Re: Popup vir

Napsal: 19 úno 2023 21:17
od Mr.Moon
Vše se zdá v pořádku, děkuji za to o děláte :thumbsup:

Re: Popup vir

Napsal: 19 úno 2023 22:00
od Rudy
Rádo se stalo! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz