Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola logu a vyčištění

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
danek
Návštěvník
Návštěvník
Příspěvky: 250
Registrován: 29 zář 2014 22:07

Kontrola logu a vyčištění

#1 Příspěvek od danek »

Dobrý den, prosím o kontrolu logu a vyčištní registrů. Počítač hlásil chybu, pak vyžadoval restart.

Přikládám log FRST:


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.03.2024
Ran by Dan (administrator) on JILM (HP HP Pavilion x360 Convertible 14-dh0xxx) (26-03-2024 15:36:17)
Running from C:\Users\danie\Downloads\FRST64.exe
Loaded Profiles: Dan
Platform: Microsoft Windows 10 Home Version 22H2 19045.4170 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe ->) (Avast Software s.r.o. -> Software Security System) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\Ekag20nt.exe
(C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe ->) (Avast Software s.r.o. -> The CefSharp Authors) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
(C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe ->) (Adobe Inc. -> Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.4.11.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.4.11.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc) C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\ssonsvr.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_6eefa7742d2487c3\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6eefa7742d2487c3\igfxEM.exe
(DriverStore\FileRepository\hpanalyticscomp.inf_amd64_fe3afc9d28b2c978\x64\TouchpointAnalyticsClientService.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_fe3afc9d28b2c978\x64\TouchpointGpuInfo.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_18c14e57f0966c7f\x64\NetworkCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_18c14e57f0966c7f\x64\BridgeCommunication.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.4.11.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe
(explorer.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe <4>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <19>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AntiTrackSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe
(services.exe ->) (GoPro Media, Inc. -> ) C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_fe3afc9d28b2c978\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_18c14e57f0966c7f\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_18c14e57f0966c7f\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_18c14e57f0966c7f\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_18c14e57f0966c7f\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc; HP Development Company, L.P.) C:\Program Files\HP\HP One Agent\hp-one-agent-service.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ba273d0ffb93e225\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_e2af5870d35e2824\aesm_service.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6eefa7742d2487c3\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_f75fa513cf0ccec1\esif_uf.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_667c6615c75bd143\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_14a5bb6045f923bf\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_14a5bb6045f923bf\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_a93205b6238060e4\lib\SocketHeciServer.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Oracle America, Inc. -> ) C:\Program Files\MySQL\MySQL Server 8.2\bin\mysqld.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\iCloudOutlookConfig64.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple, Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe
(svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mmgaserver.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-04-18] (Realtek Semiconductor Corp. -> Realtek)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [423320 2024-03-26] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [9831832 2024-03-18] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [DriverUpdUI.exe] => C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe [10276248 2024-03-18] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [3177544 2023-10-05] (Corel Corporation -> Corel Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [367456 2023-11-27] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [EzTiltPenSrvc] => C:\Program Files\ELAN\EzTiltPen\EzTiltPenAgent.exe [238280 2019-04-22] (ELAN Microelectronics Corporation -> ELAN) [File not signed]
HKLM\...\Run: [HPOneAgentService] => C:\Program Files\HP\HP One Agent\hp-one-agent-service.exe [1576464 2024-01-25] (HP Inc. -> HP Inc; HP Development Company, L.P.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard Company -> Hewlett-Packard)
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [3306400 2024-03-24] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\Run: [CiscoSpark] => C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webex\Webex.lnk [1618 2021-07-17] () [File not signed]
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\danie\AppData\Local\WebEx\WebexHost.exe [7754168 2022-05-19] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [116060024 2022-05-17] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\Run: [MicrosoftEdgeAutoLaunch_E0359248083FDB44B7852C7D3585D0D2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060712 2024-03-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Users\danie\AppData\Local\Programs\Zoner\ZPS X\binary\Program32\ZPSTRAY.EXE [814240 2022-01-13] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [11504544 2024-03-12] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2023-11-05] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3050 J610 series): C:\WINDOWS\system32\HPDiscoPM9311.dll [741536 2021-12-06] (HP Inc. -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\rica6Slm: C:\WINDOWS\system32\rica6Slm.dll [28160 2013-12-26] (Microsoft Windows Hardware Compatibility Publisher -> RICOH CO.,Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\123.0.6312.59\Installer\chrmstp.exe [2024-03-26] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2024-01-29]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2023-11-15]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {99630074-96FB-47C8-B917-DC4AF05428B2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {82B9815B-AE86-46B1-AED4-FD0266CDB72A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {63D3AD59-5F8F-401A-BAFA-377E3AE549D1} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5167512 2024-03-26] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {CFE54047-44F1-4B00-BC8F-BFA389B3559A} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1425816 2024-01-26] (Avast Software s.r.o. -> AVAST Software)
Task: {9CFC1269-4331-4D56-9A7E-557F474E585B} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4979096 2024-03-18] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\A (the data entry has 70 more characters).
Task: {E43CC5BF-43F8-4DAA-8BF3-BA8F07C83F1B} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [7786904 2024-03-14] (Avast Software s.r.o. -> Avast Software)
Task: {61206386-D307-4890-BFD8-60FC33CC5E90} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4979096 2024-03-18] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --log (the data entry has 99 more characters).
Task: {A5BC104A-69E2-479F-B977-D66394565874} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [7786904 2024-03-14] (Avast Software s.r.o. -> Avast Software)
Task: {6DD77523-3DB6-466D-BBD7-066FE545F706} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4920728 2024-01-26] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramDat (the data entry has 80 more characters).
Task: {B4DF6EA7-3271-45F2-842A-F171A0D658D0} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [7498648 2024-01-23] (Avast Software s.r.o. -> Avast Software)
Task: {469A15B7-9FAF-4711-8FC0-E98228F51D45} - System32\Tasks\Avast Software\AvastAntiTrackPremiumStart => C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe [812456 2024-01-31] (Avast Software s.r.o. -> AVAST Software)
Task: {4B843749-2454-4F39-B076-E7E088F6F9E7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-02] (Avast Software s.r.o. -> Avast Software)
Task: {9AE8C32D-B3C6-4845-BC58-85D097DA9E1C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [847392 2023-04-04] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {75A86C2E-68EB-45FE-9BFD-888AF11BEF25} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-04-04] (HP Inc. -> HP Inc.)
Task: {15838234-17F2-4AE5-8242-0684AAEB498F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [228888 2023-04-04] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {9A1FA14D-EA23-47D5-BC0A-BD54DFF3B6EF} - System32\Tasks\HP\Consent Manager Launcher => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {316C40DF-6532-47DB-A2D6-B337C4FBE915} - System32\Tasks\HPCustParticipation HP Deskjet 3050 J610 series => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe [4119200 2021-12-06] (HP Inc. -> Hewlett-Packard Co.)
Task: {C1CFF0D6-3497-4DBE-9EF1-2B1C02D0C49A} - System32\Tasks\HPOneAgentRepairTask => C:\ProgramData\Package Cache\{e08f5975-1059-4836-a2ea-4e67c397a686}\HPOneAgent.exe [791744 2024-02-08] (HP Inc. -> HP Inc.)
Task: {C49D1AEA-6851-4624-AE87-95398D322FC5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28491744 2024-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {2EFBA627-4CA3-4248-B4DA-69DEEF6A3FD4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28491744 2024-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {8D89F006-C1D3-424A-9E4F-DA14F956FB83} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309184 2024-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {2FDCE407-FFD8-4926-8D40-C2131EF82709} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309184 2024-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D8827DF8-E038-48AC-92DE-AB89E702680F} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [170136 2024-03-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {02BBAC2C-E0D4-4C23-9ED3-1D6D37B70647} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671136 2024-03-22] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {5C54BABD-3009-4738-92F7-2DC88F1E3CDA} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-93754314-3111490570-4120607304-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671136 2024-03-22] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {7166787D-836F-42B0-8F24-6470CD7608C1} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-03-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {D5F5B8EE-7A0D-4CC8-B066-0391E217C9E7} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4205984 2024-03-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {CF5E213F-2CB6-4EF7-82D8-444C22FF46D7} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-93754314-3111490570-4120607304-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4205984 2024-03-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {919ECE32-6FEB-40BD-BDED-E37BAACB9776} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\RtkAudUService64.exe [1141544 2020-09-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {EC63A907-5539-4593-AE53-F0C050C60876} - System32\Tasks\WinZip - Deduplicator - Documents - Dan => C:\Program Files\WinZip\WzBGTToolsManager64.exe [335456 2023-10-05] (Corel Corporation -> WinZip Computing)
Task: {DCC90ECB-2D6B-4A04-9E3A-DFAA6C0A4A27} - System32\Tasks\WinZip - Deduplicator - Downloads - Dan => C:\Program Files\WinZip\WzBGTToolsManager64.exe [335456 2023-10-05] (Corel Corporation -> WinZip Computing)
Task: {67212402-BBA4-447F-8E73-16E897B500A3} - System32\Tasks\WinZip - Deduplicator - Pictures - Dan => C:\Program Files\WinZip\WzBGTToolsManager64.exe [335456 2023-10-05] (Corel Corporation -> WinZip Computing)
Task: {F8DD45A0-282D-4776-AFF8-9C680BAA8274} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [3177544 2023-10-05] (Corel Corporation -> Corel Corporation)
Task: {D3358C95-0385-4819-9560-1F219AF03465} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [3177544 2023-10-05] (Corel Corporation -> Corel Corporation)
Task: {9EF72F4A-1D97-484F-B523-D4C76CAE5AB4} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [3177544 2023-10-05] (Corel Corporation -> Corel Corporation)
Task: {3F8F3091-B223-4C4C-9A5C-5305012FEB55} - System32\Tasks\WinZip Updater - Dan => C:\Program Files\WinZip\WzUpdater.exe [446560 2023-10-05] (Corel Corporation -> )
Task: {1B87C309-4202-47DD-94FF-B5CF2541A8C1} - System32\Tasks\Zoner.Updater.S-1-5-21-93754314-3111490570-4120607304-1001 => C:\ProgramData\Zoner\Zoner.Installer.Core\updater.exe [1615168 2024-01-03] (ZONER a.s. -> ZONER a.s.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\SentryBayUpdateTaskMachineCore.job => C:\Program Files (x86)\SentryBay\Update\SentryBayUpdate.exe
Task: C:\WINDOWS\Tasks\SentryBayUpdateTaskMachineUA.job => C:\Program Files (x86)\SentryBay\Update\SentryBayUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.11.254 79.98.72.27 79.98.72.2
Tcpip\..\Interfaces\{082f372d-431e-48b2-b9bd-127e8bf4a128}: [DhcpNameServer] 192.168.11.254 79.98.72.27 79.98.72.2
Tcpip\..\Interfaces\{1f41dc66-e77d-42c0-afd3-917fd95ff16a}: [NameServer] 100.124.154.1
Tcpip\..\Interfaces\{319facf1-c9ca-44a0-b2f9-b15813f65d0a}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{319facf1-c9ca-44a0-b2f9-b15813f65d0a}\051627B6: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{319facf1-c9ca-44a0-b2f9-b15813f65d0a}\052796671647020333: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{319facf1-c9ca-44a0-b2f9-b15813f65d0a}\2516B6F66796E616: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{319facf1-c9ca-44a0-b2f9-b15813f65d0a}\2516B6F66796E616: [DhcpDomain] .home
Tcpip\..\Interfaces\{319facf1-c9ca-44a0-b2f9-b15813f65d0a}\84D23547162747570737: [DhcpNameServer] 1.1.1.1 8.8.8.8
Tcpip\..\Interfaces\{319facf1-c9ca-44a0-b2f9-b15813f65d0a}\84D27457563747: [DhcpNameServer] 1.1.1.1 8.8.8.8
Tcpip\..\Interfaces\{319facf1-c9ca-44a0-b2f9-b15813f65d0a}\D42454D27457563747: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{41766173-7453-6f66-7477-617265415357}: [NameServer] 100.126.0.1
Tcpip\..\Interfaces\{c6c67d0a-14ee-46f0-a5bd-6c2dbc95ae39}: [DhcpNameServer] 172.168.0.5

Edge:
=======
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-29]
Edge Extension: (Dokumenty Google offline) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-29]
Edge Extension: (Edge relevant text changes) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-29]
Edge Profile: C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2024-03-26]
Edge Extension: (Dokumenty Google offline) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-09]
Edge Extension: (Edge relevant text changes) - C:\Users\danie\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]

FireFox:
========
FF DefaultProfile: gorjaooa.default
FF ProfilePath: C:\Users\danie\AppData\Roaming\Mozilla\Firefox\Profiles\gorjaooa.default [2023-09-25]
FF Homepage: Mozilla\Firefox\Profiles\gorjaooa.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\gorjaooa.default -> about:newtab
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\danie\AppData\Roaming\Mozilla\Firefox\Profiles\gorjaooa.default\Extensions\sp@avast.com.xpi [2019-10-02]
FF ProfilePath: C:\Users\danie\AppData\Roaming\Mozilla\Firefox\Profiles\8pzs0hk1.default-release-1682693655055 [2024-03-26]
FF Notifications: Mozilla\Firefox\Profiles\8pzs0hk1.default-release-1682693655055 -> hxxps://meet.google.com; hxxps://www.cleverandsmart.cz; hxxps://www.instagram.com; hxxps://www.eurosport.com
FF Extension: (No Name) - C:\Users\danie\AppData\Roaming\Mozilla\Firefox\Profiles\8pzs0hk1.default-release-1682693655055\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2024-03-11]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-03-12] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2020-03-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-02-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-02-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.sentrybay.com/SentryBay Update;version=8 -> C:\Program Files (x86)\SentryBay\Update\1.0.0.13544\npSentryBayOneClick8.dll [2021-02-09] (SentryBay Limited -> SentryBay)
FF Plugin ProgramFiles/Appdata: C:\Users\danie\AppData\Roaming\mozilla\plugins\npatgpc.dll [2020-12-17]
StartMenuInternet: Firefox-CEDE86F0486F9A4E - C:\Program Files (x86)\SentryBay\ArmoredClient.exe

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default [2024-03-24]
CHR Notifications: Default -> hxxps://meet.google.com
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-03-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-09]
CHR Extension: (Avast AntiTrack Premium) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppdidpcihajhihmghhhkfnpklgdehold [2023-12-19]
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-03-14]
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-03-14]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-03-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-03-14]
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\System Profile [2024-03-14]
CHR HKU\S-1-5-21-93754314-3111490570-4120607304-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103776 2023-10-02] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [9138072 2024-03-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [765848 2024-03-26] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2243480 2024-03-26] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1180568 2024-03-26] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastAntiTrackSvc; C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe [6013848 2024-01-26] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-05-20] (Avast Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [18727320 2024-03-18] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14097992 2024-03-15] (Microsoft Corporation -> Microsoft Corporation)
R2 CWAUpdaterService; C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe [40544 2020-03-11] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [16925592 2024-03-18] (Avast Software s.r.o. -> AVAST Software)
S4 epinjectsvc; C:\Program Files (x86)\SentryBay\EntryProtect\inject.exe [498216 2019-07-22] (SentryBay Limited -> SentryBay)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.045.0303.0003\FileSyncHelper.exe [3516960 2024-03-24] (Microsoft Corporation -> Microsoft Corporation)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [38328 2018-08-31] (GoPro Media, Inc. -> )
R2 hp-one-agent-service; C:\Program Files\HP\HP One Agent\hp-one-agent-service.exe [1576464 2024-01-25] (HP Inc. -> HP Inc; HP Development Company, L.P.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_18c14e57f0966c7f\x64\AppHelperCap.exe [895016 2024-02-03] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_18c14e57f0966c7f\x64\DiagsCap.exe [893888 2024-02-03] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_18c14e57f0966c7f\x64\NetworkCap.exe [890408 2024-02-03] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [234968 2024-03-10] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_18c14e57f0966c7f\x64\SysInfoCap.exe [893992 2024-02-03] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_fe3afc9d28b2c978\x64\TouchpointAnalyticsClientService.exe [493296 2023-11-20] (HP Inc. -> HP Inc.)
R2 MySQL82; C:\Program Files\MySQL\MySQL Server 8.2\bin\mysqld.exe [54819400 2023-10-12] (Oracle America, Inc. -> )
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.045.0303.0003\OneDriveUpdaterService.exe [3856288 2024-03-24] (Microsoft Corporation -> Microsoft Corporation)
S4 sbupdate; C:\Program Files (x86)\SentryBay\Update\SentryBayUpdate.exe [149512 2021-02-09] (SentryBay Limited -> SentryBay)
S4 SECUREACCESSSYSTEM; C:\Program Files (x86)\SentryBay\Armored Client\service.exe [5601200 2020-06-16] (SentryBay Limited -> SentryBay)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [11913112 2024-01-26] (Avast Software s.r.o. -> AVAST Software)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2303.8-0\NisSrv.exe [3228400 2023-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2303.8-0\MsMpEng.exe [133536 2023-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [39272 2023-06-27] (Apple Inc. -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [55608 2023-06-27] (Apple Inc. -> Apple Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [230968 2024-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [379960 2024-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [292920 2024-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [84536 2024-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [27760 2024-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [28728 2024-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [264760 2024-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [548920 2024-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [93752 2024-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [69176 2024-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [935480 2024-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [694728 2024-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [201680 2024-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2020-09-13] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [306120 2024-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [78632 2024-01-18] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
R3 aswWintun; C:\WINDOWS\System32\drivers\aswWintun.sys [40832 2024-01-18] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
S3 aswWireGuard; C:\WINDOWS\System32\drivers\aswWireguard.sys [174480 2024-01-18] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
R2 entryprotectdrv; C:\Program Files (x86)\SentryBay\EntryProtect\entryprotect.sys [61480 2019-07-22] (SentryBay Limited -> SentryBay)
R1 epinject6; C:\Program Files (x86)\SentryBay\EntryProtect\epinject.sys [154664 2019-07-22] (SentryBay Limited -> )
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [124952 2022-10-12] (Avast Software s.r.o. -> Windows (R) Win 7 DDK provider)
R3 rtump64x64; C:\WINDOWS\System32\drivers\rtump64x64.sys [1049936 2022-02-25] (Realtek Semiconductor Corp. -> Realtek Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 vbdenum; C:\WINDOWS\System32\drivers\vbdenum.sys [119432 2019-12-16] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49600 2023-04-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [497920 2023-04-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-04-13] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40200 2023-11-17] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-26 15:26 - 2024-03-26 15:26 - 000000165 ____H C:\Users\danie\Downloads\~$20KV06_MARCIKOVA_Ujezd_u_Pruhonic_240321_realizace_vyúčto_březen2024_odesláno(1).xlsx
2024-03-26 15:25 - 2024-03-26 15:25 - 000220890 _____ C:\Users\danie\Downloads\20KV06_MARCIKOVA_Ujezd_u_Pruhonic_240321_realizace_vyúčto_březen2024_odesláno(1).xlsx
2024-03-26 13:07 - 2024-03-26 13:07 - 003160396 _____ C:\WINDOWS\Minidump\032624-15140-01.dmp
2024-03-26 11:50 - 2024-03-26 11:53 - 000062887 _____ C:\Users\danie\Downloads\Addition.txt
2024-03-26 11:49 - 2024-03-26 15:37 - 000044764 _____ C:\Users\danie\Downloads\FRST.txt
2024-03-26 11:49 - 2024-03-26 11:48 - 000314264 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe
2024-03-26 11:48 - 2024-03-26 11:48 - 002391552 _____ (Farbar) C:\Users\danie\Downloads\FRST64.exe
2024-03-26 11:47 - 2024-03-26 11:47 - 003832716 _____ C:\WINDOWS\Minidump\032624-28781-01.dmp
2024-03-24 19:34 - 2024-03-24 19:34 - 000122789 _____ C:\Users\danie\Downloads\20KV06_MARCIKOVA_Ujezd_u_Pruhonic_231026(3).xlsx
2024-03-24 19:33 - 2024-03-24 19:33 - 000122789 _____ C:\Users\danie\Downloads\20KV06_MARCIKOVA_Ujezd_u_Pruhonic_231026(2).xlsx
2024-03-24 17:51 - 2024-03-24 17:51 - 000220890 _____ C:\Users\danie\Downloads\20KV06_MARCIKOVA_Ujezd_u_Pruhonic_240321_realizace_vyúčto_březen2024_odesláno.xlsx
2024-03-24 14:39 - 2024-03-24 14:39 - 000000000 _____ C:\Users\danie\Downloads\wjcTmysY.htm
2024-03-22 18:37 - 2024-03-26 11:46 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-03-18 23:02 - 2024-03-18 23:10 - 000000000 ____D C:\Users\danie\Desktop\Nová složka (2)
2024-03-17 15:33 - 2024-03-16 17:37 - 000027278 _____ C:\Users\danie\Desktop\Sešit1.xlsx
2024-03-16 17:33 - 2024-03-18 23:11 - 000000000 ____D C:\Users\danie\Desktop\Nová složka
2024-03-14 22:16 - 2024-03-14 22:16 - 000019530 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-14 22:16 - 2024-03-14 22:16 - 000019530 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-03-14 22:06 - 2024-03-14 22:06 - 000000000 ___HD C:\$WinREAgent
2024-03-14 21:59 - 2024-03-14 21:59 - 003386780 _____ C:\WINDOWS\Minidump\031424-13953-01.dmp
2024-03-14 21:57 - 2024-03-14 21:57 - 000006883 _____ C:\Users\danie\Downloads\Výplatní_lístek_02-2024.pdf
2024-03-09 11:49 - 2024-03-09 11:49 - 000059712 _____ C:\Users\danie\Downloads\NetflixViewingHistory(1).csv
2024-03-09 11:48 - 2024-03-09 11:48 - 000059712 _____ C:\Users\danie\Downloads\NetflixViewingHistory.csv
2024-03-09 11:10 - 2024-03-09 11:10 - 000000000 _____ C:\Users\danie\Downloads\clukmL8W.htm
2024-03-09 09:44 - 2024-03-09 09:44 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-03-09 09:43 - 2024-03-22 18:37 - 000000980 _____ C:\WINDOWS\system32\x509Req.pem
2024-03-08 18:12 - 2024-03-08 18:13 - 000028779 _____ C:\Users\danie\Downloads\Potvrzení_rezervace _Den_v_největších_evropských_lázních_Bad_Füssing_St_8._5._2024.eml

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-26 15:36 - 2021-02-09 10:05 - 000000000 ____D C:\FRST
2024-03-26 15:30 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-26 15:26 - 2019-09-23 20:28 - 000000000 ____D C:\Users\danie\AppData\Local\Packages
2024-03-26 15:25 - 2019-10-09 21:42 - 000000000 ____D C:\Users\danie\AppData\Roaming\Microsoft\Excel
2024-03-26 15:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-03-26 15:02 - 2023-12-27 23:39 - 000000000 ____D C:\ProgramData\Package Cache
2024-03-26 15:02 - 2023-12-16 14:47 - 000000000 ___RD C:\Users\danie\iCloudDrive
2024-03-26 15:02 - 2022-02-11 08:19 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-03-26 15:01 - 2023-09-26 09:37 - 000000000 ____D C:\Users\danie\AppData\Local\AvastAntiTrackPremium
2024-03-26 15:00 - 2020-09-14 12:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-03-26 15:00 - 2020-09-14 12:08 - 000000000 ____D C:\Users\danie
2024-03-26 13:18 - 2021-12-15 23:33 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-03-26 13:18 - 2019-10-02 18:13 - 000000000 ____D C:\Program Files (x86)\Google
2024-03-26 13:13 - 2020-09-14 12:08 - 000000000 ____D C:\Users\defaultuser100000
2024-03-26 13:11 - 2020-09-14 12:27 - 001884940 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-03-26 13:11 - 2019-12-07 15:41 - 000782458 _____ C:\WINDOWS\system32\perfh005.dat
2024-03-26 13:11 - 2019-12-07 15:41 - 000178392 _____ C:\WINDOWS\system32\perfc005.dat
2024-03-26 13:11 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-03-26 13:07 - 2023-09-26 02:13 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2024-03-26 13:07 - 2021-01-28 15:28 - 000000000 ____D C:\WINDOWS\Minidump
2024-03-26 13:07 - 2020-09-14 12:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-03-26 13:07 - 2020-09-14 12:19 - 000008192 ___SH C:\DumpStack.log.tmp
2024-03-26 13:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2024-03-26 13:07 - 2019-08-08 23:05 - 000000000 ____D C:\Intel
2024-03-26 13:00 - 2024-02-05 11:45 - 000003062 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-93754314-3111490570-4120607304-1001
2024-03-26 13:00 - 2024-01-28 18:25 - 000002890 _____ C:\WINDOWS\system32\Tasks\HPOneAgentRepairTask
2024-03-26 13:00 - 2024-01-10 15:16 - 000002926 _____ C:\WINDOWS\system32\Tasks\WinZip - Deduplicator - Downloads - Dan
2024-03-26 13:00 - 2024-01-10 15:16 - 000002926 _____ C:\WINDOWS\system32\Tasks\WinZip - Deduplicator - Documents - Dan
2024-03-26 13:00 - 2024-01-10 15:16 - 000002924 _____ C:\WINDOWS\system32\Tasks\WinZip - Deduplicator - Pictures - Dan
2024-03-26 13:00 - 2023-11-15 09:23 - 000002882 _____ C:\WINDOWS\system32\Tasks\WinZip Updater - Dan
2024-03-26 13:00 - 2023-11-15 09:23 - 000002668 _____ C:\WINDOWS\system32\Tasks\WinZip Update Notifier 2
2024-03-26 13:00 - 2023-11-15 09:23 - 000002666 _____ C:\WINDOWS\system32\Tasks\WinZip Update Notifier 3
2024-03-26 13:00 - 2023-11-15 09:23 - 000002666 _____ C:\WINDOWS\system32\Tasks\WinZip Update Notifier 1
2024-03-26 13:00 - 2023-04-20 13:43 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-03-26 13:00 - 2022-08-05 16:57 - 000002698 _____ C:\WINDOWS\system32\Tasks\HPCustParticipation HP Deskjet 3050 J610 series
2024-03-26 13:00 - 2021-09-22 21:56 - 000003158 _____ C:\WINDOWS\system32\Tasks\Zoner.Updater.S-1-5-21-93754314-3111490570-4120607304-1001
2024-03-26 13:00 - 2020-09-14 12:26 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-26 13:00 - 2020-09-14 12:26 - 000003344 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-26 13:00 - 2020-09-14 12:26 - 000002716 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-03-26 13:00 - 2020-09-14 12:26 - 000002314 _____ C:\WINDOWS\system32\Tasks\RtkAudUService64_BG
2024-03-26 12:57 - 2020-09-14 12:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2024-03-26 11:50 - 2023-06-13 20:22 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-26 11:49 - 2020-10-15 19:02 - 000264760 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2024-03-26 11:49 - 2020-09-14 12:26 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2024-03-26 11:49 - 2020-04-03 15:11 - 000548920 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2024-03-26 11:49 - 2020-04-03 15:11 - 000306120 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswVmm.sys
2024-03-26 11:49 - 2020-04-03 15:11 - 000292920 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2024-03-26 11:49 - 2020-04-03 15:11 - 000093752 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2024-03-26 11:49 - 2020-04-03 15:11 - 000084536 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2024-03-26 11:49 - 2020-04-03 15:11 - 000069176 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2024-03-26 11:49 - 2020-04-03 15:11 - 000028728 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswKbd.sys
2024-03-26 11:49 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-03-26 11:48 - 2020-04-03 15:11 - 000935480 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2024-03-26 11:48 - 2020-04-03 15:11 - 000379960 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2024-03-26 11:48 - 2020-04-03 15:11 - 000230968 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArPot.sys
2024-03-26 11:46 - 2024-02-06 14:50 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-03-26 11:46 - 2022-09-09 09:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-03-25 11:32 - 2023-06-13 20:21 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-03-24 23:49 - 2019-09-30 21:33 - 000000000 ____D C:\Users\danie\AppData\Roaming\Microsoft\Word
2024-03-24 12:56 - 2020-01-04 15:00 - 000002137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-22 01:55 - 2022-11-12 08:41 - 000000000 ____D C:\Program Files\RUXIM
2024-03-20 21:39 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-20 20:25 - 2023-10-06 11:21 - 000000000 ____D C:\Users\danie\AppData\Local\CrashDumps
2024-03-18 20:21 - 2024-02-09 14:20 - 000000000 ____D C:\ProgramData\SecTaskMan
2024-03-18 20:21 - 2020-09-30 23:21 - 000000000 ____D C:\Users\danie\AppData\Roaming\Microsoft\HTML Help
2024-03-17 22:32 - 2021-04-05 14:33 - 000000000 ____D C:\Users\danie\AppData\Roaming\vlc
2024-03-17 22:27 - 2023-12-05 20:57 - 000000000 ____D C:\Users\danie\AppData\Local\Apple Inc
2024-03-16 10:19 - 2020-06-03 06:22 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-15 20:56 - 2019-05-14 00:54 - 000000000 ____D C:\Program Files\Microsoft Office
2024-03-15 20:43 - 2019-09-30 21:37 - 000000000 ____D C:\ProgramData\AVAST Software
2024-03-15 20:43 - 2019-08-08 22:57 - 000000000 ____D C:\ProgramData\Realtek
2024-03-14 23:39 - 2019-12-07 10:03 - 001835008 _____ C:\WINDOWS\system32\config\BBI
2024-03-14 23:38 - 2024-02-05 11:43 - 000551384 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-03-14 23:37 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-03-14 23:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-03-14 23:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-03-14 23:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-03-14 23:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-03-14 23:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-03-14 23:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-03-14 23:37 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2024-03-14 22:49 - 2020-03-20 17:55 - 000000000 ____D C:\Users\danie\AppData\Local\D3DSCache
2024-03-14 22:24 - 2023-04-27 16:16 - 000000000 ____D C:\Users\danie\AppData\Roaming\com.adobe.dunamis
2024-03-14 22:20 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-03-14 22:16 - 2020-09-14 12:21 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-03-14 22:06 - 2019-09-26 23:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-03-14 22:03 - 2019-09-26 23:43 - 190470136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-03-13 23:45 - 2023-11-29 14:34 - 000002091 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2024-03-13 23:45 - 2023-09-01 13:14 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-03-13 23:45 - 2023-09-01 13:14 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-03-10 19:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-03-10 14:58 - 2023-06-15 23:12 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-03-10 14:56 - 2020-09-14 12:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2024-03-09 09:43 - 2019-12-17 13:19 - 000000000 ____D C:\Users\danie\AppData\Local\HP
2024-03-09 09:40 - 2020-04-03 15:11 - 000694728 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSP.sys
2024-03-08 18:07 - 2021-09-22 21:56 - 000000000 ____D C:\ProgramData\Zoner

==================== Files in the root of some directories ========

2020-01-03 00:19 - 2020-01-03 00:19 - 000002151 _____ () C:\Program Files\GOM Player.lnk
2021-01-24 12:05 - 2021-01-24 12:05 - 000370070 _____ () C:\Users\danie\AppData\Roaming\logo_empire_desktop.ico
2020-04-30 11:58 - 2020-04-30 11:58 - 000006908 _____ () C:\Users\danie\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================



A z Addition.txt:


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.03.2024
Ran by Dan (26-03-2024 15:37:26)
Running from C:\Users\danie\Downloads
Microsoft Windows 10 Home Version 22H2 19045.4170 (X64) (2020-09-14 11:26:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-93754314-3111490570-4120607304-500 - Administrator - Disabled)
Dan (S-1-5-21-93754314-3111490570-4120607304-1001 - Administrator - Enabled) => C:\Users\danie
DefaultAccount (S-1-5-21-93754314-3111490570-4120607304-503 - Limited - Disabled)
Guest (S-1-5-21-93754314-3111490570-4120607304-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-93754314-3111490570-4120607304-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 24.001.20604 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Anaconda3 2023.09-0 (Python 3.11.5 64-bit) (HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\Anaconda3 2023.09-0 (Python 3.11.5 64-bit)) (Version: 2023.09-0 - Anaconda, Inc.)
Apple Mobile Device Support (HKLM\...\{95040521-FCB6-4D6B-A44D-089DBACD5494}) (Version: 17.0.0.24 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
Armored Client (HKLM-x32\...\{12F2FF45-4DA6-11DF-BFFB-3516A1BE09AA}) (Version: 6.3.4.11189 - SentryBay)
Avast AntiTrack Premium (HKLM-x32\...\AvastAntiTrackPremium) (Version: 3.4.1477.2066 - Avast Software)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 23.4.15807.16040 - Avast Software)
Avast Driver Updater (HKLM\...\Avast Driver Updater) (Version: 23.4.4881.16862 - Avast Software)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 24.2.6105 - Avast Software)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.29.9498.11096 - Avast Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cisco Webex Meetings (HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\ActiveTouchMeetingClient) (Version: 42.5.3 - Cisco Webex LLC)
Citrix Authentication Manager (HKLM-x32\...\{5EE2BE4A-7CA6-4D05-96C9-72F0DB5B6135}) (Version: 19.12.0.16 - Citrix Systems, Inc.) Hidden
Citrix Screen Casting for Windows (HKLM-x32\...\{AD72F1CD-E4D5-4B34-ADF6-43062ABB2F2B}) (Version: 19.11.100.46 - Citrix Systems, Inc) Hidden
Citrix Web Helper (HKLM-x32\...\{0ECC35D1-D66E-44F5-96AD-F5F9AE7D2153}) (Version: 19.12.0.51 - Citrix Systems, Inc.) Hidden
Citrix Workspace 1912 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 19.12.0.119 - Citrix Systems, Inc.)
Citrix Workspace Inside (HKLM-x32\...\{82926F96-934B-4B81-9CF4-0D97642AF74F}) (Version: 19.12.0.65534 - Citrix Systems, Inc.) Hidden
Citrix Workspace(Aero) (HKLM-x32\...\{03F6DEF8-B74D-4268-A233-382BF7E5A6CD}) (Version: 19.12.0.119 - Citrix Systems, Inc.) Hidden
Citrix Workspace(DV) (HKLM-x32\...\{EBD1B68E-9240-4C68-A17D-97A911440781}) (Version: 19.12.0.119 - Citrix Systems, Inc.) Hidden
Citrix Workspace(SSON) (HKLM-x32\...\{2129D6F4-BE2C-4C2C-B64E-0CE92F4BBD58}) (Version: 19.12.0.119 - Citrix Systems, Inc.) Hidden
Citrix Workspace(USB) (HKLM-x32\...\{666870E5-41C4-4A13-B3D8-860644918AAC}) (Version: 19.12.0.119 - Citrix Systems, Inc.) Hidden
Dynamic Application Loader Host Interface Service (HKLM\...\{3252E69D-9075-40FD-A9EF-F6D96091B5BF}) (Version: 1.0.0.0 - Intel Corporation) Hidden
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
EzTiltPen (HKLM\...\{359DAC8D-CE33-4729-84E9-22D3367A44A9}_is1) (Version: 1.0.0.25 - ELAN microelectronics Crop.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 123.0.6312.59 - Google LLC)
GoPro Quik (HKLM\...\{AA5F7FCE-311C-46D8-B93A-ABF4DDCAB832}) (Version: 0.1.945 - GoPro, Inc.) Hidden
GoPro Quik (HKLM-x32\...\{a23df978-67ca-4fe3-a740-a7b5ae7ec82f}) (Version: 2.7.0.945 - GoPro, Inc.)
GPS Track Editor (HKLM-x32\...\GpsTrackEditor) (Version: 1.15 (build 141) - MapSphere)
HP Deskjet 3050 J610 series Nápověda (HKLM-x32\...\{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}) (Version: 140.0.63.63 - Hewlett Packard)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP One Agent (HKLM\...\{D64C4C4A-B642-423D-A918-C185BFDFC6F4}) (Version: 1.1.0.45421 - HP Inc.) Hidden
HP One Agent (HKLM-x32\...\{e08f5975-1059-4836-a2ea-4e67c397a686}) (Version: 1.1.0.45421 - HP Inc.)
HP Software Framework (HKLM-x32\...\{71E18A14-1BDB-4B58-A67F-1BCDA12462FD}) (Version: 7.1.15.1 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
iCloud Outlook (HKLM\...\{2B18FDBD-1C9F-485B-ADB3-9957F9020D9C}) (Version: 14.2.0.122 - Apple Inc.)
Intel(R) Chipset Device Software (HKLM\...\{D4DC16D3-5547-4A3B-A9EB-FF9B4C2EA4A1}) (Version: 10.1.17969.8134 - Intel Corporation) Hidden
Intel(R) Icls (HKLM\...\{4625C928-49BB-44DC-92E3-B9EC0972C72D}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{0854C811-6DAD-441D-AB36-2F73631A04A1}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1914.12.0.1255 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{7715518B-08D0-4754-BB81-FE4FC61DFDF7}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{4C230277-5515-4B51-B9E6-97880684B10C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) OEM Extension (HKLM\...\{FEB772C1-919E-4145-9691-AFFAC915496F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{3d2240de-3c21-4e14-84b3-1c6cd02bfab4}) (Version: 10.1.17969.8134 - Intel(R) Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{94979CD2-0904-47DE-A4AC-04F1C4524650}) (Version: 17.2.8.1029 - Intel Corporation)
iTunes (HKLM\...\{045CC211-B431-4FE7-9AD0-276EADC3A22B}) (Version: 12.13.1.3 - Apple Inc.)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.17328.20184 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.17328.20184 - Microsoft Corporation)
Microsoft Office Professionnel Plus 2019 - fr-fr (HKLM\...\ProPlus2019Retail - fr-fr) (Version: 16.0.17328.20184 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.045.0303.0003 - Microsoft Corporation)
Microsoft Support and Recovery Assistant (HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\f9a89bd2a46a7606) (Version: 17.0.4058.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{2FAF2A80-5906-467E-8AD2-B83C94383600}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{F85F7FF0-5DFF-4BC0-9045-C9573D1BC11F}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40649 (HKLM\...\{20C1086D-C843-36B1-B678-990089D1BD44}) (Version: 12.0.40649 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40649 (HKLM\...\{ABB19BB4-838D-3082-BDA4-87C6604181A2}) (Version: 12.0.40649 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.24.28127 (HKLM-x32\...\{EAC73207-74BD-4B13-AACF-8C0E751FA4E8}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.24.28127 (HKLM-x32\...\{2E72FA1F-BADB-4337-B8AE-F7C17EC57D1D}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 124.0.1 (x64 cs)) (Version: 124.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 114.0.1 - Mozilla)
MySQL Server 8.2 (HKLM\...\{033DCBD9-CA0B-4C02-A8BB-B4DBFD3E0777}) (Version: 8.2.0 - Oracle Corporation)
MySQL Workbench 8.0 CE (HKLM\...\{F7FFB7C8-1738-4FE0-A80B-61E5ED01B033}) (Version: 8.0.34 - Oracle Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20142 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.17328.20142 - Microsoft Corporation) Hidden
Online Plug-in (HKLM-x32\...\{B955EF60-1259-47BF-9B24-DFC73F71C0EA}) (Version: 19.12.0.119 - Citrix Systems, Inc.) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PyCharm Community Edition 2023.3.2 (HKLM-x32\...\PyCharm Community Edition 2023.3.2) (Version: 233.13135.95 - JetBrains s.r.o.)
Python 3.12.1 (64-bit) (HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\{86e52725-ef45-452f-ac4c-b8958718bfea}) (Version: 3.12.1150.0 - Python Software Foundation)
Python 3.12.1 Core Interpreter (64-bit) (HKLM\...\{AC82C1A3-9597-40F2-893D-F02F778FBA4D}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 Development Libraries (64-bit) (HKLM\...\{8C53CBDD-4DAF-426F-9478-6C7C2920CDDA}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 Documentation (64-bit) (HKLM\...\{62667662-A580-409C-8044-55B06F774AE2}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 Executables (64-bit) (HKLM\...\{44BC9F9C-15C2-46C1-B88D-3135A9DA555F}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 pip Bootstrap (64-bit) (HKLM\...\{1662F43B-2337-4FD8-8CE6-BEA38FC94DD4}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 Standard Library (64-bit) (HKLM\...\{47957EE3-0E23-4075-B825-F202E913670F}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 Tcl/Tk Support (64-bit) (HKLM\...\{926CDC62-3AE2-422B-9858-D6EC3BAD473F}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 Test Suite (64-bit) (HKLM\...\{E309AE00-4FB1-4817-9172-7E198668375D}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{4C8D4EC3-F620-4CEE-8BAD-B59A3C6815F3}) (Version: 3.12.1150.0 - Python Software Foundation)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Security Task Manager 2.4 (HKLM-x32\...\Security Task Manager) (Version: 2.4 - Neuber Software)
Self-service Plug-in (HKLM-x32\...\{EAD247BC-48BB-42E7-979A-00D984C80898}) (Version: 19.12.0.51 - Citrix Systems, Inc.) Hidden
SentryBay Update Helper (HKLM-x32\...\{BA38CDB0-B61C-4490-9A9C-92241C05FA33}) (Version: 1.0.0.13544 - SentryBay) Hidden
Skype verze 8.83 (HKLM-x32\...\Skype_is1) (Version: 8.83 - Skype Technologies S.A.)
Studie vylepšování produktu HP Deskjet 3050 J610 series (HKLM\...\{99F30737-F6F1-4DA5-B1D7-BE7D42E92BD1}) (Version: 28.1.1328.0 - Hewlett-Packard Co.)
Tableau Public 2023.3 (20233.23.1017.0948) (HKLM\...\{43C56656-41F7-4C45-8B51-17C97582CC03}) (Version: 23.3.345 - Tableau Software, LLC) Hidden
Tableau Public 2023.3 (20233.23.1017.0948) (HKLM-x32\...\{c9b7d9a7-5bed-474d-8962-5a12fc879ed9}) (Version: 23.3.345 - Tableau Software, LLC)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)
Verbatim Hard Drive Info 1.04 (HKLM-x32\...\Verbatim Hard Drive Info_is1) (Version: - Verbatim)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Webex (HKLM\...\{95987FB7-2B32-50CB-9BEF-5174ADD8049E}) (Version: 41.3.0.18143 - Cisco Systems, Inc)
WinRAR 6.24 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH)
WinZip 28.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24151}) (Version: 28.0.15640 - Corel Corporation)
Základní software zařízení HP Deskjet 3050 J610 series (HKLM\...\{EF0B3791-69B3-4A28-8BA8-2027B75F36D5}) (Version: 28.1.1328.0 - Hewlett-Packard Co.)
Zoner Photo Studio X CS (HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\ZPS X) (Version: 19.2109.2.356 - ZONER software)
Zoom (HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\ZoomUMX) (Version: 5.17.0 (28375) - Zoom Video Communications, Inc.)

Packages:
=========

Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2023-11-29] (Adobe Systems Incorporated)
Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC [2024-03-13] ()
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-03-13] ()
B&O Audio Control -> C:\Program Files\WindowsApps\AD2F1837.BOAudioControl_1.15.226.0_x64__v10z8vjag6ke6 [2022-07-27] (HP Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-01-11] (Microsoft Corporation)
HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_1.3.176.0_x64__dt26b99r8h8gj [2021-01-28] (Realtek Semiconductor Corp)
HP CoolSense -> C:\Program Files\WindowsApps\AD2F1837.HPCoolSense_1.0.6.0_x64__v10z8vjag6ke6 [2019-08-08] (HP Inc.)
HP JumpStarts -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6 [2023-03-22] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_2.5.0.0_x64__v10z8vjag6ke6 [2024-02-29] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.3.7.0_x64__v10z8vjag6ke6 [2023-08-21] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6 [2024-03-10] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.29.24.0_x64__v10z8vjag6ke6 [2023-10-10] ()
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.33.28.0_x64__v10z8vjag6ke6 [2024-02-07] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.4.11.0_x64__v10z8vjag6ke6 [2024-02-09] (HP Inc.)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa [2024-02-14] (Apple Inc.) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2021-02-08] (INTEL CORP)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1041.0_x64__8j3eq9eme6ctt [2024-03-10] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-09-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-09-26] (Microsoft Corporation) [MS Ad]
Microsoft Office Outlook Desktop Integration -> C:\Program Files\WindowsApps\Microsoft.OutlookDesktopIntegrationServices_16009.11426.10000.0_x64__8wekyb3d8bbwe [2019-09-26] (Microsoft Corporation)
Notepads App -> C:\Program Files\WindowsApps\19282JackieLiu.Notepads-Beta_1.5.4.0_x64__echhpq9pdbte8 [2024-01-09] (Jackie Liu)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5390.0_x64__8j3eq9eme6ctt [2024-03-13] (INTEL CORP) [Startup Task]
Power BI Desktop -> C:\Program Files\WindowsApps\Microsoft.MicrosoftPowerBIDesktop_2.126.1261.0_x64__8wekyb3d8bbwe [2024-03-08] (Microsoft Corporation)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-21] (Microsoft Corporation)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.14.0_x64__kx24dqmazqk8j [2023-05-28] (Random Salad Games LLC)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-93754314-3111490570-4120607304-1001_Classes\CLSID\{0E0CF271-DF6E-4525-9F69-864617BC7570} -> [Fotky na iCloudu] => C:\Users\danie\Pictures\iCloud Photos\Photos [2023-12-16 14:47]
CustomCLSID: HKU\S-1-5-21-93754314-3111490570-4120607304-1001_Classes\CLSID\{32E26FD9-F435-4A20-A561-35D4B987CFDC}\InprocServer32 -> C:\Users\danie\AppData\Local\WebEx\WebEx64\Meetings_slow\atucfobj.dll (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-93754314-3111490570-4120607304-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-93754314-3111490570-4120607304-1001_Classes\CLSID\{547FA7EF-3CE2-455C-882F-6B989EB3D515} -> [iCloud Drive] => C:\Users\danie\iCloudDrive [2023-12-16 14:47]
CustomCLSID: HKU\S-1-5-21-93754314-3111490570-4120607304-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll (Corel Corporation -> )
CustomCLSID: HKU\S-1-5-21-93754314-3111490570-4120607304-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\danie\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.045.0303.0003\FileSyncShell64.dll [2024-03-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.045.0303.0003\FileSyncShell64.dll [2024-03-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.045.0303.0003\FileSyncShell64.dll [2024-03-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.045.0303.0003\FileSyncShell64.dll [2024-03-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.045.0303.0003\FileSyncShell64.dll [2024-03-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.045.0303.0003\FileSyncShell64.dll [2024-03-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.045.0303.0003\FileSyncShell64.dll [2024-03-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_59691a4ee8d947dd\OptaneShellExt.dll [2021-10-12] (Intel Corporation -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-03-26] (Avast Software s.r.o. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.045.0303.0003\FileSyncShell64.dll [2024-03-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.045.0303.0003\FileSyncShell64.dll [2024-03-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.045.0303.0003\FileSyncShell64.dll [2024-03-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.045.0303.0003\FileSyncShell64.dll [2024-03-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.045.0303.0003\FileSyncShell64.dll [2024-03-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.045.0303.0003\FileSyncShell64.dll [2024-03-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.045.0303.0003\FileSyncShell64.dll [2024-03-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-03-26] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.045.0303.0003\FileSyncShell64.dll [2024-03-24] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-03-12] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-03-26] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2023-10-05] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-03-26] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_59691a4ee8d947dd\OptaneShellExt.dll [2021-10-12] (Intel Corporation -> )
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.045.0303.0003\FileSyncShell64.dll [2024-03-24] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2022-06-15] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2023-10-05] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.045.0303.0003\FileSyncShell64.dll [2024-03-24] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-03-12] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-03-26] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2022-06-15] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2023-10-05] (Corel Corporation -> WinZip Computing)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\Users\danie\anaconda3\Scripts\activate.bat C:\Users\danie\anaconda3
ShortcutWithArgument: C:\Users\danie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\danie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\188f5ec9d11ded56\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2021-02-01 21:49 - 2021-02-01 21:49 - 000010240 _____ () [File not signed] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\cs_cz\AcroTray.cze
2024-03-12 00:55 - 2024-03-12 00:55 - 000177152 _____ () [File not signed] C:\Program Files\Adobe\Acrobat DC\Acrobat\Locale\cs_cz\PDFMaker\PDFMOfficeAddin.CZE
2023-08-21 15:11 - 2023-08-21 15:11 - 000495616 _____ () [File not signed] C:\Program Files\MySQL\MySQL Server 8.2\bin\jemalloc.dll
2023-10-12 15:06 - 2023-10-12 15:06 - 000058880 _____ () [File not signed] C:\Program Files\MySQL\MySQL Server 8.2\lib\plugin\component_reference_cache.dll
2023-10-12 15:04 - 2023-10-12 15:04 - 000598528 _____ (Google Inc.) [File not signed] C:\Program Files\MySQL\MySQL Server 8.2\bin\libprotobuf-lite.dll
2024-01-20 19:40 - 2024-01-20 19:40 - 000431616 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LauncherSDK\93f179886a7c319c0772a53ad7e3d3be\LauncherSDK.ni.dll
2024-01-20 19:40 - 2024-01-20 19:40 - 000037888 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Logging\c9e7ad9a2c7a310f060de316249a8ba5\Logging.ni.dll
2024-02-15 16:54 - 2024-02-15 16:54 - 000152576 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\RpcClient\d494e7daabfd7da42f86b4e61d1b4add\RpcClient.ni.dll
2024-02-15 16:55 - 2024-02-15 16:55 - 000118272 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\WMISDK\de6fad3842c20eabbb8d5e7b303683bc\WMISDK.ni.dll
2020-04-20 23:04 - 2020-04-20 23:04 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppvIsvSubsystems64.dll
2020-04-20 23:04 - 2020-04-20 23:04 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2024-02-15 16:54 - 2024-02-15 16:54 - 003863040 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\d0f5182c4b30cfd01a41605a18361e11\Newtonsoft.Json.ni.dll
2021-06-08 04:12 - 2021-06-08 04:12 - 000180224 _____ (Software Security System) [File not signed] C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\Ekc3220.dll
2023-09-22 15:04 - 2023-09-22 15:04 - 005153280 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\MySQL\MySQL Server 8.2\bin\libcrypto-3-x64.dll
2023-09-22 15:04 - 2023-09-22 15:04 - 000778240 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\MySQL\MySQL Server 8.2\bin\libssl-3-x64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKLM -> {034AB8C8-A73D-4D8B-AA21-D72EAB185BF9} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-03-12] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2023-04-04] (HP Inc. -> HP Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-03-12] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-02-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-03-12] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2023-04-04] (HP Inc. -> HP Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-03-12] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-03-12] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-03-12] (Adobe Inc. -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\sharepoint.com -> hxxps://zsmilicov-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2023-09-25 22:47 - 000000753 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

2023-10-24 08:45 - 2023-11-26 23:27 - 000000434 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
92.168.137.1 Jilm.mshome.net # 2028 10 0 22 7 48 58 524

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKCU\Environment\\Path -> %USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\danie\Desktop\Pico Ruivo.jpg
DNS Servers: 192.168.11.254 - 79.98.72.27
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "Avast SecureLine VPN.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk"
HKLM\...\StartupApproved\Run: => "EzTiltPenSrvc"
HKLM\...\StartupApproved\Run: => "RtlS5Wake"
HKLM\...\StartupApproved\Run: => "WinZip UN"
HKLM\...\StartupApproved\Run: => "WinZip FAH"
HKLM\...\StartupApproved\Run: => "DriverUpdUI.exe"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "HPOneAgentService"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\StartupApproved\Run: => "CiscoSpark"
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\StartupApproved\Run: => "CiscoMeetingDaemon"
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_E0359248083FDB44B7852C7D3585D0D2"
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-93754314-3111490570-4120607304-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9F8994AD-4273-4D2B-BC29-DDE97070F36C}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe (GoPro Media, Inc. -> )
FirewallRules: [{1D88F7A8-F47B-4FBC-959F-5A6C6AD6256C}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe (GoPro Media, Inc. -> )
FirewallRules: [{7252D2A9-C491-4EAB-ACD5-0EFDF11DB803}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe (GoPro Media, Inc. -> )
FirewallRules: [{9AD5D310-18E4-45F6-8826-733EA907C78C}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro Quik.exe (GoPro Media, Inc. -> )
FirewallRules: [{60E38CF1-3BB9-474B-9E1E-6115CE07547A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{366BB2ED-FBE1-4502-9781-0EA01CD9D400}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{31E4DAD4-A10A-4626-B101-844138661586}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{C8FEBE3C-B913-4F52-AA59-D85A778F4C2C}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{2DEEEA67-5665-4579-BAB5-116A05DD181F}] => (Allow) C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{53AAC872-B028-4154-BEDD-DFE4991F5565}] => (Allow) C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{7296F038-63B6-40EE-85D8-14392A9560AA}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F56D23FC-F894-4CF5-9E2F-7B79FCD853C1}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{62E350F2-F7CE-4BA0-8B7B-02E1D133755E}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{596BBBAD-D9F3-4F8D-B18B-F95F632EB228}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B0379FA9-15FE-4F92-97CD-C6BB3241FF77}] => (Allow) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe (Avast Software s.r.o. -> The CefSharp Authors)
FirewallRules: [{A067C57B-0D74-4735-9D92-4C96B536605E}] => (Allow) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe (Avast Software s.r.o. -> The CefSharp Authors)
FirewallRules: [{5A69AC61-DD5A-4E9A-A3A3-AEDD141360D3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E41ED0CE-69A3-47B6-8503-BFBACF12A91A}] => (Allow) C:\Users\danie\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{9316DFC3-BF2F-4D66-8D49-5E61608F5D92}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2FF4F798-090E-4983-89CA-6B3E4964A8D0}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D4F3B2B6-367C-48E0-BD28-035A3A2A6E6E}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe (HP Inc. -> Hewlett-Packard Co.)
FirewallRules: [{715B40F3-4CE3-4045-A116-9303BFFD2A0F}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe (HP Inc. -> Hewlett-Packard Co.)
FirewallRules: [{69CC208C-B028-4908-B544-19CB44C1091B}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> Hewlett-Packard Co.)
FirewallRules: [{485535DF-A63A-42DD-9800-0080C62F6D4B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{98707110-F7E8-4E12-9FF3-08E094B8A707}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F0E87537-8563-4856-8495-01BA5581D7BD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F6F89709-409D-45F4-8834-F082DC01384E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E70244A9-7082-4733-8A85-B50F2E4BD46F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DF0A17CF-7683-441A-BA9A-E3902F8D2F0D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CB116FC2-4698-4000-BECF-5E664F7C514F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FD3D2B28-33B2-4944-B497-CA542FD595A5}] => (Allow) C:\Users\danie\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{F7377ADB-2BC3-4E88-ABA9-B57B5C24C744}] => (Allow) C:\Users\danie\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{9DCDBDCD-C4F7-448F-B2E7-9B8312B897E4}] => (Allow) C:\Users\danie\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{68F59B78-9400-4073-B582-13A84FB27BE5}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{493B67BE-A8A4-4611-825F-E7AA5F1B41AA}] => (Allow) LPort=3306
FirewallRules: [{2084531F-BD09-49D7-93E6-31B41C6C5F5D}] => (Allow) LPort=33060
FirewallRules: [{903E389B-133D-4D83-9037-741D56BFA385}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3A9592D1-7C4D-433B-AB69-F4D1628D646A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{334AF163-582B-461C-8E5B-B2660CDABBCE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B8543BB2-8BEE-4A27-8013-D6238F6CCE34}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CB91C6AF-C6C5-4162-A46A-AA389C14455D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{203BD9C5-C67E-4C28-8247-8B800656EB4C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/26/2024 03:05:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: hp-plugin-executor.exe, verze: 4.1.44926.0, časové razítko: 0x65a95184
Název chybujícího modulu: hp-telemetry-hw-info-collector.dll, verze: 3.0.45332.0, časové razítko: 0x65b1a5d7
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000083e5
ID chybujícího procesu: 0xb6c
Čas spuštění chybující aplikace: 0x01da7f86969230bb
Cesta k chybující aplikaci: C:\Program Files\HP\HP One Agent\hp-plugin-executor.exe
Cesta k chybujícímu modulu: C:\ProgramData\HP\Telemetry\collectors\hp-telemetry-hw-info-collector_ver_3.0.4533244\hp-telemetry-hw-info-collector.dll
ID zprávy: cb687743-7da8-4898-9ef4-2394369bdaf9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/26/2024 03:02:28 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač..

Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (03/26/2024 03:00:53 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe, identifikátor PID: 3672, identifikátor PID ProfSvc: 2120.

Error: (03/26/2024 01:27:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AntiTrackSvc.exe, verze: 2.0.0.208, časové razítko: 0x65a9f939
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.3636, časové razítko: 0x6763d3a2
Kód výjimky: 0xc0000409
Posun chyby: 0x0009eddb
ID chybujícího procesu: 0x2a30
Čas spuštění chybující aplikace: 0x01da7f779afe4500
Cesta k chybující aplikaci: C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: e05b13fa-586c-4eb0-b05a-066f0e7e7e1e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/26/2024 01:17:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AntiTrackSvc.exe, verze: 2.0.0.208, časové razítko: 0x65a9f939
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.3636, časové razítko: 0x6763d3a2
Kód výjimky: 0xc0000409
Posun chyby: 0x0009eddb
ID chybujícího procesu: 0x18e0
Čas spuštění chybující aplikace: 0x01da7f762ed2dfd4
Cesta k chybující aplikaci: C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: fe6e2f48-67cf-4e57-93da-a57b43e5c109
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/26/2024 11:48:52 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač..

Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (03/25/2024 04:42:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: hp-plugin-executor.exe, verze: 4.1.44926.0, časové razítko: 0x65a95184
Název chybujícího modulu: hp-telemetry-hw-info-collector.dll, verze: 3.0.45332.0, časové razítko: 0x65b1a5d7
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000083e5
ID chybujícího procesu: 0x87ec
Čas spuštění chybující aplikace: 0x01da7ecb09443fad
Cesta k chybující aplikaci: C:\Program Files\HP\HP One Agent\hp-plugin-executor.exe
Cesta k chybujícímu modulu: C:\ProgramData\HP\Telemetry\collectors\hp-telemetry-hw-info-collector_ver_3.0.4533244\hp-telemetry-hw-info-collector.dll
ID zprávy: 9ddd7c75-0b89-4b4c-a796-ec6eb1c334cd
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/25/2024 02:43:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: hp-plugin-executor.exe, verze: 4.1.44926.0, časové razítko: 0x65a95184
Název chybujícího modulu: hp-telemetry-hw-info-collector.dll, verze: 3.0.45332.0, časové razítko: 0x65b1a5d7
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000083e5
ID chybujícího procesu: 0x21e8
Čas spuštění chybující aplikace: 0x01da7eba5ae9c1dd
Cesta k chybující aplikaci: C:\Program Files\HP\HP One Agent\hp-plugin-executor.exe
Cesta k chybujícímu modulu: C:\ProgramData\HP\Telemetry\collectors\hp-telemetry-hw-info-collector_ver_3.0.4533244\hp-telemetry-hw-info-collector.dll
ID zprávy: f8ca1e71-8ab8-4149-be47-75b4483a8b5e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (03/26/2024 03:00:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avast AntiTrack Service byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (03/26/2024 01:17:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avast AntiTrack Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (03/26/2024 01:07:30 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x000000d1 (0x0000000000000008, 0x0000000000000002, 0x0000000000000000, 0xfffff80246e4d4b8). Výpis byl uložen do: C:\WINDOWS\MEMORY.DMP. ID hlášení: bed03b6b-ad54-4856-9253-177eb3acbfde

Error: (03/26/2024 01:07:23 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (12:54:33, ‎26.‎03.‎2024) bylo neočekávané.

Error: (03/26/2024 12:52:41 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec %2. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.

Error: (03/26/2024 12:52:41 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec %2. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.

Error: (03/26/2024 11:53:26 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{082F372D-431E-48B2-B9BD-127E8BF4A128}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (03/26/2024 11:53:26 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{082F372D-431E-48B2-B9BD-127E8BF4A128}, protože jiný počítač v síti má stejný název. Server nelze spustit.


Windows Defender:
================Event[0]:

Date: 2023-05-13 03:41:45
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.389.1084.0
Předchozí verze bezpečnostních informací: 1.387.857.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.20300.3
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.

Date: 2023-05-13 03:41:45
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.389.1084.0
Předchozí verze bezpečnostních informací: 1.387.857.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.20300.3
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.

Date: 2023-05-13 03:41:45
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.20300.3
Předchozí verze modulu: 1.1.20200.4
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.

Date: 2023-03-21 08:20:11
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.379.57.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19800.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2023-03-21 08:20:11
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.379.57.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19800.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

CodeIntegrity:
===============
Date: 2024-03-26 15:36:12
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Avast Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: Insyde F.07 07/03/2019
Motherboard: HP 85C4
Processor: Intel(R) Core(TM) i5-8265U CPU @ 1.60GHz
Percentage of memory in use: 85%
Total physical RAM: 8013.43 MB
Available physical RAM: 1135.44 MB
Total Virtual: 16026.85 MB
Available Virtual: 6745.98 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:237.26 GB) (Free:19.35 GB) (Model: SK hynix BC501 HFM256GDJTNG-8310A) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:0.01 GB) (Model: WDC WD10SPZX-60Z10T0) NTFS

\\?\Volume{4b7122c4-c8dd-474c-86b0-9c89f4ce261b}\ () (Fixed) (Total:0.94 GB) (Free:0.08 GB) NTFS
\\?\Volume{73ee637a-f6bf-4282-8ec2-3d4bb3c69d1d}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: A50E1C7D)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 0C9B4EB9)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu a vyčištění

#2 Příspěvek od Rudy »

Zdravím!

Otevřte poznámkový blok a zkopírujte do něj:
Start
CloseProcesses:
C:\Program Files\Bonjour
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
C:\DumpStack.log.tmp

EmptyTemp:
End
Uložte do C:\Users\danie\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte. FRST není specializovaný program na čištění registry. Nejlépe vám je vyčistí CCleaner: https://www.ccleaner.com/cs-cz. Stáhněte, nainstalujte, spusťte další jeho ovládání je intuitivní. Nastavovat ho není třeba, stačí default.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
danek
Návštěvník
Návštěvník
Příspěvky: 250
Registrován: 29 zář 2014 22:07

Re: Kontrola logu a vyčištění

#3 Příspěvek od danek »

Dobrý den,

přikládám log fixlist.txt:

Fix result of Farbar Recovery Scan Tool (x64) Version: 25.03.2024
Ran by Dan (26-03-2024 18:00:12) Run:10
Running from C:\Users\danie\Downloads
Loaded Profiles: Dan
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
C:\Program Files\Bonjour
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
C:\DumpStack.log.tmp

EmptyTemp:
End
*****************

Processes closed successfully.

"C:\Program Files\Bonjour" Folder move:

C:\Program Files\Bonjour => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 30618795 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 80476615 B
Edge => 0 B
Chrome => 94946109 B
Firefox => 1072834519 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 61698 B
NetworkService => 61698 B
danie => 152508282 B
defaultuser100000 => 152508282 B
SAS => 152508282 B
SAS.JAVOR => 152508282 B
SAS.JILM => 152508282 B

RecycleBin => 8049873560 B
EmptyTemp: => 9.4 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 26-03-2024 18:12:16)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 18:12:16 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu a vyčištění

#4 Příspěvek od Rudy »

Smazáno, log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
danek
Návštěvník
Návštěvník
Příspěvky: 250
Registrován: 29 zář 2014 22:07

Re: Kontrola logu a vyčištění

#5 Příspěvek od danek »

Díky !
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu a vyčištění

#6 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“