Zmazal som nejake podozrive applikacie ktore som mal a pre kontrolu by som chcel vediet ci je to uz ok. Dakujem.
Kód: Vybrat vše
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-06-2019
Ran by j_raj (administrator) on LAPTOP-O4MKONJ4 (Acer Swift SF314-54G) (30-06-2019 09:18:21)
Running from C:\Users\j_raj\Desktop
Loaded Profiles: j_raj (Available Profiles: j_raj)
Platform: Windows 10 Home Version 1803 17134.81 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ecc5716c205e60ea\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ecc5716c205e60ea\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ecc5716c205e60ea\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ecc5716c205e60ea\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\j_raj\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.15.0.88\nortonsecurity.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.15.0.88\nortonsecurity.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.15.0.88\nswscsvc.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2018-04-26] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18570424 2018-11-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_ASC] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1537312 2018-11-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-29] (Google LLC -> Google LLC)
InternetURL: C:\Users\j_raj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BznMMQqmAG.url ->
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {13E4CBEE-84ED-4E55-A88D-1C57891ECB2E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23966488 2018-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {17C7E105-8788-4C90-BACA-0A1BBEF760AC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1190424 2018-08-14] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {1993A166-6C5B-4039-B3C2-7A2D8F754B41} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [745920 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1D14B2B8-077C-4BB4-AEBE-22F4C9295000} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent => {61f77d5e-afe9-400b-a5e6-e9e80fc8e601} C:\Windows\System32\RDXTaskFactory.dll [393728 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
Task: {21F0256A-4E92-4CD8-A187-6D393557CE09} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1864640 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {23132A80-F4A7-4678-A28A-CDFAEF92BEA6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2417448 2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {233C1E93-F1E4-444A-AB62-4069F9182E10} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3149E6C0-2473-417E-8C31-6BD934A2D385} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [87120 2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F7E40FF-CCC1-40D1-B6CC-5E63C67A3318} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-29] (Google Inc -> Google LLC)
Task: {6428BADA-B0B3-445A-B0CA-B9DBD875739D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23966488 2018-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {69E43318-5222-47D0-B6BC-5CF407746810} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [521152 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7455C2FB-E24F-4EC2-845F-10498AC1A94A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2417448 2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {759D4F22-2F7F-4FD3-AA0A-22545305F78D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [657856 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9786CC1D-C5ED-414C-9C30-A2FC4FA526BA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1527064 2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {A6C63C53-DF2F-4295-AEC2-E11E019BE82D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1527064 2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {BAE85FC7-0327-45FF-A416-D264D7AC66C6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [964544 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C900542C-A535-4518-B9D7-4E4ADA1F82CA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [745920 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CD7A4A6F-0698-4D13-9D8A-FF205E00602F} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.15.0.88\SymErr.exe [101904 2018-08-05] (Symantec Corporation -> Symantec Corporation)
Task: {D0236D38-48E2-4598-8A92-484B93286379} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.15.0.88\WSCStub.exe [2269144 2018-08-05] (Symantec Corporation -> Symantec Corporation)
Task: {D80C7135-C95F-4A97-BB09-F77A175994BB} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.15.0.88\SymErr.exe [101904 2018-08-05] (Symantec Corporation -> Symantec Corporation)
Task: {E7CC7CBC-3B0D-4A1C-815C-6ED0808C2AB3} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2018-04-12] (Acer Incorporated -> Acer Incorporated)
Task: {E8D31AC0-59AF-4620-AC10-7943AFEC6994} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.15.0.88\SymErr.exe [101904 2018-08-05] (Symantec Corporation -> Symantec Corporation)
Task: {F0AB76E8-E79C-47B1-ABDD-1665B4D031EC} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [657856 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F552E67C-9E6B-4184-BDF9-637BD8235FCE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-29] (Google Inc -> Google LLC)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{35fdeadb-438c-46d1-acbb-adbd7fa72440}: [DhcpNameServer] 172.10.128.12
Tcpip\..\Interfaces\{dc0c5038-4372-49f4-b4f6-4e529e1c9abe}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NGC&pvid=22.14.1.6
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NGC&pvid=22.14.1.6
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NGC&pvid=22.14.1.6
HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NGC&pvid=22.14.1.6
HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: sij380ty.default
FF ProfilePath: C:\Users\j_raj\AppData\Roaming\Mozilla\Firefox\Profiles\sij380ty.default [2019-06-30]
FF Extension: (Amazon Assistant for Firefox) - C:\Users\j_raj\AppData\Roaming\Mozilla\Firefox\Profiles\sij380ty.default\Extensions\abb-acer@amazon.com [2019-06-29] [hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json]
FF Extension: (English (US) Language Pack) - C:\Users\j_raj\AppData\Roaming\Mozilla\Firefox\Profiles\sij380ty.default\Extensions\langpack-en-US@firefox.mozilla.org [2019-06-29]
FF Extension: (Mozilla Partner Defaults) - C:\Users\j_raj\AppData\Roaming\Mozilla\Firefox\Profiles\sij380ty.default\Extensions\partnerdefaults@mozilla.com [2019-06-29] [Legacy]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-06-29] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-06-29] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default [2019-06-30]
CHR Extension: (Prezentace) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-29]
CHR Extension: (Dokumenty) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-29]
CHR Extension: (Disk Google) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-06-29]
CHR Extension: (YouTube) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-29]
CHR Extension: (Tabulky) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-06-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-06-29]
CHR Extension: (Gmail) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-29]
CHR Extension: (Chrome Media Router) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-29]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.15.0.88\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.15.0.88\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9658664 2018-09-08] (Microsoft Corporation -> Microsoft Corporation)
R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1705040 2017-11-08] (Intel Corporation -> Intel Corporation)
S3 iaStorAfsService; C:\Windows\IAStorAfsService\iaStorAfsService.exe [2413024 2018-04-25] (Intel Corporation -> Intel Corporation)
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [542320 2018-01-11] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [743728 2017-11-17] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [720184 2017-11-17] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 IntelAudioService; C:\Windows\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe [230528 2018-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [205968 2017-12-04] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265864 2018-03-20] (Intel Corporation -> )
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.15.0.88\NortonSecurity.exe [328648 2018-08-05] (Symantec Corporation -> Symantec Corporation)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.15.0.88\nsWscSvc.exe [913128 2018-08-05] (Symantec Corporation -> Symantec Corporation)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105344 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848328 2018-03-20] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AcerAirplaneModeController; C:\Windows\System32\drivers\AcerAirplaneModeController.sys [29912 2019-05-17] (Acer Incorporated -> Acer Incorporated)
S3 AX88772; C:\Windows\System32\drivers\ax88772.sys [111616 2018-04-12] (Microsoft Windows -> ASIX Electronics Corp.)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.14.1.6\Definitions\BASHDefs\20190625.002\BHDrvx64.sys [1935880 2019-06-25] (Symantec Corporation -> Symantec Corporation)
R1 ccSet_NGC; C:\Windows\system32\drivers\NGCx64\160F000.058\ccSetx64.sys [187464 2018-08-05] (Symantec Corporation -> Symantec Corporation)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [74144 2017-11-08] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [69536 2017-11-08] (Intel Corporation -> Intel Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515592 2019-06-29] (Symantec Corporation -> Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153096 2019-06-29] (Symantec Corporation -> Symantec Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [382880 2017-11-08] (Intel Corporation -> Intel Corporation)
R3 ETDI2C; C:\Windows\System32\drivers\ETDI2C.sys [218184 2017-11-16] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [98968 2017-10-15] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 iaStorAC; C:\Windows\System32\drivers\iaStorAC.sys [906216 2018-04-25] (Intel Corporation -> Intel Corporation)
S3 iaStorAfs; C:\Windows\System32\drivers\iaStorAfs.sys [69096 2018-04-25] (Intel Corporation -> Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [136128 2018-01-11] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.14.1.6\Definitions\IPSDefs\20190628.061\IDSvia64.sys [1441800 2019-06-28] (Symantec Corporation -> Symantec Corporation)
R3 IntcDMic; C:\Windows\system32\DRIVERS\IntcDMic.sys [678008 2018-11-09] (Intel(R) Smart Sound Technology -> Intel(R) Corporation)
R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [8709656 2018-06-30] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvac.inf_amd64_2fc0d3600c3c3d39\nvlddmkm.sys [17036560 2018-01-09] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50624 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
U5 RTSUER; C:\Windows\System32\Drivers\RTSUER.sys [421312 2017-10-18] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NGCx64\160F000.058\SRTSP64.SYS [846928 2018-08-05] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NGCx64\160F000.058\SRTSPX64.SYS [49744 2018-08-05] (Symantec Corporation -> Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NGCx64\160F000.058\SYMEFASI64.SYS [1968720 2018-08-05] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NGCx64\160F000.058\SymELAM.sys [25608 2018-08-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [99920 2018-08-16] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NGCx64\160F000.058\Ironx64.SYS [307792 2018-08-05] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NGCx64\160F000.058\SYMNETS.SYS [566912 2018-08-05] (Symantec Corporation -> Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\Windows\System32\Drivers\NGCx64\160F000.058\wpCtrlDrv.sys [1002840 2018-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Symantec Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-30 09:18 - 2019-06-30 09:19 - 000028548 _____ C:\Users\j_raj\Desktop\FRST.txt
2019-06-30 09:17 - 2019-06-30 09:18 - 000000000 ____D C:\FRST
2019-06-30 09:02 - 2019-06-30 09:03 - 000000000 ____D C:\AdwCleaner
2019-06-30 09:02 - 2019-06-30 09:02 - 007025360 _____ (Malwarebytes) C:\Users\j_raj\Downloads\adwcleaner_7.3.exe
2019-06-30 09:01 - 2019-06-30 09:11 - 000000000 ____D C:\Windows\System32\Tasks\Norton Security
2019-06-30 08:58 - 2019-06-30 08:58 - 002418688 _____ (Farbar) C:\Users\j_raj\Desktop\FRST64.exe
2019-06-30 08:56 - 2019-06-30 08:56 - 000003376 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2019-06-30 08:56 - 2019-06-30 08:56 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2019-06-30 08:56 - 2019-06-30 08:56 - 000000000 ___HD C:\OneDriveTemp
2019-06-30 08:24 - 2019-06-30 08:24 - 000000000 ____D C:\Users\j_raj\AppData\Local\OneDrive
2019-06-30 08:24 - 2019-06-30 08:24 - 000000000 ____D C:\Program Files\UNP
2019-06-29 22:40 - 2019-06-29 22:40 - 000000000 ____D C:\Users\j_raj\AppData\Local\CrashDumps
2019-06-29 22:37 - 2019-06-29 22:37 - 000001222 _____ C:\Windows\system32\Drivers\etc\hosts.bak
2019-06-29 22:33 - 2019-06-30 08:25 - 000000000 ____D C:\Users\j_raj\AppData\Local\NPE
2019-06-29 22:33 - 2019-06-29 22:33 - 000000000 ____D C:\Users\j_raj\AppData\Local\DBG
2019-06-29 22:29 - 2019-06-29 22:29 - 000000000 ____D C:\Users\j_raj\AppData\Local\D3DSCache
2019-06-29 22:23 - 2019-06-29 22:40 - 000000000 ____D C:\Program Files\3UECHMM28T
2019-06-29 22:23 - 2019-06-29 22:40 - 000000000 ____D C:\Program Files (x86)\ZAfx
2019-06-29 22:23 - 2019-06-29 22:23 - 000825856 _____ C:\Default.xml
2019-06-29 22:23 - 2019-06-29 22:23 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Mozilla
2019-06-29 22:23 - 2019-06-29 22:23 - 000000000 ____D C:\Users\j_raj\AppData\LocalLow\Mozilla
2019-06-29 22:23 - 2019-06-29 22:23 - 000000000 ____D C:\Users\j_raj\AppData\Local\Mozilla
2019-06-29 22:22 - 2019-06-29 22:22 - 007942656 _____ C:\Users\j_raj\AppData\Local\agent.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 002039541 _____ C:\Users\j_raj\AppData\Local\Latfax.tst
2019-06-29 22:22 - 2019-06-29 22:22 - 000722944 _____ C:\Users\j_raj\AppData\Local\sha.db
2019-06-29 22:22 - 2019-06-29 22:22 - 000140800 _____ C:\Users\j_raj\AppData\Local\installer.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 000126464 _____ C:\Users\j_raj\AppData\Local\noah.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 000126464 _____ C:\Users\j_raj\AppData\Local\lobby.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 000072787 _____ C:\Users\j_raj\AppData\Local\SingleRon.tst
2019-06-29 22:22 - 2019-06-29 22:22 - 000070992 _____ C:\Users\j_raj\AppData\Local\Config.xml
2019-06-29 22:22 - 2019-06-29 22:22 - 000054272 _____ C:\Users\j_raj\AppData\Local\ApplicationHosting.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 000005568 _____ C:\Users\j_raj\AppData\Local\md.xml
2019-06-29 22:22 - 2019-06-29 22:22 - 000000000 ____D C:\Users\j_raj\AppData\Local\AdvinstAnalytics
2019-06-29 22:21 - 2019-06-29 22:21 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\WinRAR
2019-06-29 22:21 - 2019-06-29 22:21 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-06-29 22:21 - 2019-06-29 22:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-06-29 22:20 - 2019-06-29 22:21 - 000000000 ____D C:\Program Files\WinRAR
2019-06-29 22:20 - 2019-06-29 22:20 - 003145336 _____ (Alexander Roshal) C:\Users\j_raj\Downloads\winrar-x64-571.exe
2019-06-29 21:55 - 2019-06-29 21:55 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Skype
2019-06-29 21:54 - 2019-06-29 22:10 - 2050560300 _____ C:\Users\j_raj\Downloads\Microsoft Office Professional Plus 2019 v1812 Build 11126.20188 January 2019 (x86+x64).rar
2019-06-29 21:54 - 2019-06-29 21:54 - 000002502 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-06-29 21:54 - 2019-06-29 21:54 - 000002497 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-06-29 21:54 - 2019-06-29 21:54 - 000002496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-06-29 21:54 - 2019-06-29 21:54 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-06-29 21:54 - 2019-06-29 21:54 - 000002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-06-29 21:54 - 2019-06-29 21:54 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-06-29 21:54 - 2019-06-29 21:54 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-06-29 21:54 - 2019-06-29 21:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-06-29 21:50 - 2019-06-29 21:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-06-29 21:50 - 2019-06-29 21:50 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-06-29 21:25 - 2019-06-29 21:25 - 000000000 ____D C:\Users\j_raj\AppData\LocalLow\Adobe
2019-06-29 21:24 - 2019-06-29 21:24 - 000004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-06-29 21:23 - 2019-06-29 21:23 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-06-29 21:23 - 2019-06-29 21:23 - 000002128 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2019-06-29 21:22 - 2019-06-29 21:22 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-06-29 21:20 - 2019-06-29 21:20 - 000000000 ____D C:\ProgramData\Adobe
2019-06-29 21:19 - 2019-06-29 21:25 - 000000000 ____D C:\Users\j_raj\AppData\Local\Adobe
2019-06-29 21:18 - 2019-06-29 21:38 - 3549376512 _____ C:\Users\j_raj\Downloads\Microsoft Office 2019 ProPlus EN.iso
2019-06-29 20:55 - 2019-06-29 21:02 - 000000000 ____D C:\Users\j_raj\AppData\Local\Comms
2019-06-29 20:49 - 2019-06-30 09:04 - 000002393 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-29 20:49 - 2019-06-30 09:04 - 000002352 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-29 20:48 - 2019-06-29 21:16 - 000000000 ____D C:\Users\j_raj\AppData\Local\Google
2019-06-29 20:48 - 2019-06-29 20:48 - 000003472 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-06-29 20:48 - 2019-06-29 20:48 - 000003348 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-06-29 20:48 - 2019-06-29 20:48 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Intel Corporation
2019-06-29 20:48 - 2019-06-29 20:48 - 000000000 ____D C:\Program Files (x86)\Google
2019-06-29 20:47 - 2019-06-30 09:05 - 000000000 ___RD C:\Users\j_raj\OneDrive
2019-06-29 20:47 - 2019-06-29 20:47 - 000003380 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1459309241-3523518997-2302554534-1001
2019-06-29 20:47 - 2019-06-29 20:47 - 000000000 ____D C:\Users\j_raj\AppData\Local\PlaceholderTileLogoFolder
2019-06-29 20:46 - 2019-06-29 20:47 - 000000000 ____D C:\Users\j_raj\AppData\Local\NVIDIA Corporation
2019-06-29 20:46 - 2019-06-29 20:46 - 000000000 ____D C:\Windows\oem
2019-06-29 20:45 - 2019-06-30 09:05 - 000000000 __SHD C:\Users\j_raj\IntelGraphicsProfiles
2019-06-29 20:45 - 2019-06-30 08:49 - 000000000 ____D C:\Users\j_raj\AppData\Local\Packages
2019-06-29 20:45 - 2019-06-30 08:39 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\WildTangent
2019-06-29 20:45 - 2019-06-29 21:25 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Adobe
2019-06-29 20:45 - 2019-06-29 21:25 - 000000000 ____D C:\Users\j_raj\AppData\Local\ConnectedDevicesPlatform
2019-06-29 20:45 - 2019-06-29 20:46 - 000000000 ____D C:\Users\j_raj\AppData\Local\Intel
2019-06-29 20:45 - 2019-06-29 20:45 - 000000000 ___RD C:\Users\j_raj\3D Objects
2019-06-29 20:45 - 2019-06-29 20:45 - 000000000 ___HD C:\Users\j_raj\MicrosoftEdgeBackups
2019-06-29 20:45 - 2019-06-29 20:45 - 000000000 ___HD C:\ProgramData\O949
2019-06-29 20:45 - 2019-06-29 20:45 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Intel
2019-06-29 20:45 - 2019-06-29 20:45 - 000000000 ____D C:\Users\j_raj\AppData\Local\VirtualStore
2019-06-29 20:45 - 2019-06-29 20:45 - 000000000 ____D C:\Users\j_raj\AppData\Local\Publishers
2019-06-29 20:45 - 2019-06-29 20:45 - 000000000 ____D C:\Users\j_raj\AppData\Local\MicrosoftEdge
2019-06-29 20:38 - 2019-06-29 20:47 - 000002371 _____ C:\Users\j_raj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-06-29 20:38 - 2019-06-29 20:47 - 000000000 ____D C:\Users\j_raj
2019-06-29 20:38 - 2019-06-29 20:38 - 000000020 ___SH C:\Users\j_raj\ntuser.ini
2019-06-29 20:26 - 2019-06-29 20:26 - 000000000 ____D C:\Windows\system32\DAX3
2019-06-29 20:25 - 2019-06-29 20:26 - 000000000 ____D C:\Windows\LastGood.Tmp
2019-06-28 23:25 - 2019-06-28 23:25 - 000000000 _SHDL C:\Documents and Settings
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-30 11:18 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2019-06-30 09:14 - 2018-08-16 22:17 - 001692472 _____ C:\Windows\system32\PerfStringBackup.INI
2019-06-30 09:14 - 2018-04-28 19:50 - 000718734 _____ C:\Windows\system32\perfh005.dat
2019-06-30 09:14 - 2018-04-28 19:50 - 000145494 _____ C:\Windows\system32\perfc005.dat
2019-06-30 09:14 - 2018-04-12 00:36 - 000000000 ____D C:\Windows\INF
2019-06-30 09:09 - 2018-04-11 22:04 - 000032768 _____ C:\Windows\system32\config\ELAM
2019-06-30 09:05 - 2018-08-16 22:29 - 000000000 ____D C:\ProgramData\NVIDIA
2019-06-30 09:05 - 2018-08-16 22:05 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-30 09:05 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-30 09:04 - 2018-04-11 22:04 - 000524288 _____ C:\Windows\system32\config\BBI
2019-06-30 09:03 - 2018-04-12 00:38 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-06-30 08:56 - 2018-08-16 23:00 - 000000000 ____D C:\Windows\system32\Drivers\NGCx64
2019-06-30 08:49 - 2018-08-16 22:48 - 000000000 ____D C:\ProgramData\OEM
2019-06-30 08:49 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-30 08:49 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\AppReadiness
2019-06-30 08:47 - 2018-08-16 22:48 - 000000000 ____D C:\ProgramData\Acer
2019-06-30 08:47 - 2018-04-28 05:48 - 000000000 ___HD C:\OEM
2019-06-30 08:40 - 2018-08-16 22:57 - 000000000 ____D C:\ProgramData\WildTangent
2019-06-30 08:40 - 2018-08-16 22:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games
2019-06-30 08:23 - 2018-08-16 22:05 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-06-29 22:40 - 2018-08-16 22:05 - 000404904 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-29 22:33 - 2018-08-16 23:00 - 000000000 ____D C:\ProgramData\Norton
2019-06-29 21:50 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-06-29 20:47 - 2018-08-16 22:27 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-06-29 20:45 - 2018-08-16 22:13 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-29 20:27 - 2018-08-16 22:25 - 000000000 ____D C:\Windows\system32\Intel
2019-06-29 20:26 - 2018-08-16 22:40 - 000003325 _____ C:\Windows\system32\Drivers\rtkhdasetting.zip
2019-06-29 20:26 - 2018-08-16 22:40 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2019-06-29 20:26 - 2018-08-16 22:40 - 000000000 ____D C:\Windows\system32\DAX2
2019-06-29 20:23 - 2018-04-12 00:30 - 000000000 ____D C:\Windows\CbsTemp
2019-06-28 23:25 - 2018-08-16 22:48 - 000004302 _____ C:\Windows\System32\Tasks\Software Update Application
2019-06-28 23:25 - 2018-08-16 22:30 - 000003176 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-28 23:25 - 2018-08-16 22:30 - 000002914 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-28 23:25 - 2018-08-16 22:29 - 000003398 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-28 23:25 - 2018-08-16 22:29 - 000002984 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-28 23:25 - 2018-08-16 22:29 - 000002956 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-28 23:25 - 2018-08-16 22:29 - 000002838 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-28 23:25 - 2018-08-16 22:29 - 000002786 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-28 23:25 - 2018-08-16 22:29 - 000002744 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-28 23:25 - 2018-08-16 22:14 - 000002770 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
==================== Files in the root of some directories ================
2019-06-29 22:22 - 2019-06-29 22:22 - 007942656 _____ () C:\Users\j_raj\AppData\Local\agent.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 000054272 _____ () C:\Users\j_raj\AppData\Local\ApplicationHosting.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 000070992 _____ () C:\Users\j_raj\AppData\Local\Config.xml
2019-06-29 22:22 - 2019-06-29 22:22 - 000140800 _____ () C:\Users\j_raj\AppData\Local\installer.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 002039541 _____ () C:\Users\j_raj\AppData\Local\Latfax.tst
2019-06-29 22:22 - 2019-06-29 22:22 - 000126464 _____ () C:\Users\j_raj\AppData\Local\lobby.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 000005568 _____ () C:\Users\j_raj\AppData\Local\md.xml
2019-06-29 22:22 - 2019-06-29 22:22 - 000126464 _____ () C:\Users\j_raj\AppData\Local\noah.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 000722944 _____ () C:\Users\j_raj\AppData\Local\sha.db
2019-06-29 22:22 - 2019-06-29 22:22 - 000072787 _____ () C:\Users\j_raj\AppData\Local\SingleRon.tst
2019-06-29 22:22 - 2019-06-29 22:22 - 000032038 _____ () C:\Users\j_raj\AppData\Local\uninstall_temp.ico
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Kód: Vybrat vše
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-06-2019
Ran by j_raj (30-06-2019 09:20:01)
Running from C:\Users\j_raj\Desktop
Windows 10 Home Version 1803 17134.81 (X64) (2019-06-28 22:26:01)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1459309241-3523518997-2302554534-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1459309241-3523518997-2302554534-503 - Limited - Disabled)
Guest (S-1-5-21-1459309241-3523518997-2302554534-501 - Limited - Disabled)
j_raj (S-1-5-21-1459309241-3523518997-2302554534-1001 - Administrator - Enabled) => C:\Users\j_raj
WDAGUtilityAccount (S-1-5-21-1459309241-3523518997-2302554534-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Enabled - Up to date) {E3FDBD9F-8140-1400-F32B-8B58923F7C4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Enabled) {DBC63CBA-CB2F-1558-D874-226D6CEC3B36}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.008.20071 - Adobe Systems Incorporated)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{44ded3eb-1686-46a6-9770-fd79096c29f7}) (Version: 10.1.1.45 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10207.5567 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1061 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.9.4.1041 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000030-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.30.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{ce28f51d-8881-481e-a776-0052065f05f0}) (Version: 20.50.2 - Intel Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.10730.20102 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Norton Security (HKLM-x32\...\NGC) (Version: 22.15.0.88 - Symantec Corporation)
NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.73 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.16299.31239 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8555 - Realtek Semiconductor Corp.)
SafeFinder (HKLM-x32\...\{A9233103-267B-4DD6-B644-C3C94B1C227C}) (Version: 1.0.0.0 - Linkury) <==== ATTENTION
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Packages:
=========
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation) [MS Ad]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.1.1098.1000_x86__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-29] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation) [MS Ad]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.5.2.0_x64__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.15.0.88\NavShExt.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.15.0.88\NavShExt.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ecc5716c205e60ea\igfxDTCM.dll [2018-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-12-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.15.0.88\NavShExt.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%
==================== Loaded Modules (Whitelisted) ==============
2019-06-29 22:21 - 2019-06-29 22:21 - 000698368 _____ () [File not signed] C:\Program Files (x86)\Google\Chrome\Application\WINMM.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 00:38 - 2019-06-29 22:37 - 000000054 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Acer01.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{DFA93940-8EB8-4A57-8A3B-D2EE46327B12}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1C5ACB09-66F7-4B0B-9467-BBAF0ECCAEA3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{202EBFAD-5114-4CEB-869A-B6EA6C6001BD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{07FA4CAB-2A9E-4568-BD65-EB58BE40F80E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{42A3FC01-12AB-4170-B594-DC42B021C41D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FC3223C8-2F67-4EB7-BA7D-10AC05AA373F}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{41C3F41E-B198-4535-8683-6BD7AA2FDC80}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe No File
FirewallRules: [{60F0B725-8128-49E7-92B0-051817F98238}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F4C98EA4-F3AF-405E-AFC1-889DDCC7863E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11727.20230.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{85365AE4-E307-4C06-903C-0DDC029CCC83}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B8F0688C-3525-453B-99E7-B56FC84E5B5A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B6B53094-2CEB-442A-A612-844C00C0A852}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F3E69E79-C453-4B67-B766-C0FA6BB67683}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{79520803-3080-4DFD-B1C4-4CF9E919612B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{44F3A0EC-115B-480F-A568-2DB778821267}] => (Allow) C:\Windows\rss\csrss.exe No File
FirewallRules: [{72716457-24DC-43C7-AE2A-7A0056B69E99}] => (Allow) C:\Users\j_raj\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe No File
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/30/2019 08:46:53 AM) (Source: MsiInstaller) (EventID: 11500) (User: LAPTOP-O4MKONJ4)
Description: Product: Care Center -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.
Error: (06/30/2019 08:46:43 AM) (Source: MsiInstaller) (EventID: 11500) (User: LAPTOP-O4MKONJ4)
Description: Product: Care Center -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.
Error: (06/30/2019 08:46:42 AM) (Source: MsiInstaller) (EventID: 11500) (User: LAPTOP-O4MKONJ4)
Description: Product: Care Center -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.
Error: (06/29/2019 10:40:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ACCStd.exe, version: 3.1.8002.0, time stamp: 0x5aff9afe
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00007ffd9e947598
Faulting process id: 0x263c
Faulting application start time: 0x01d52eb39b5de97a
Faulting application path: C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
Faulting module path: unknown
Report Id: 01af517b-5967-4747-900d-d1a82e19f84b
Faulting package full name:
Faulting package-relative application ID:
Error: (06/29/2019 10:40:29 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: ACCStd.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
at Acer.CareCenter.ACCStd.MainWindow.Window_Closing(System.Object, System.ComponentModel.CancelEventArgs)
at System.Windows.Window.OnClosing(System.ComponentModel.CancelEventArgs)
at System.Windows.Window.InternalClose(Boolean, Boolean)
at System.Windows.Application.DoShutdown()
at System.Windows.Application.ShutdownImpl()
at System.Windows.Application.ShutdownCallback(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.DispatcherOperation.InvokeImpl()
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Windows.Threading.DispatcherOperation.Invoke()
at System.Windows.Threading.Dispatcher.ProcessQueue()
at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
at System.Windows.Application.RunDispatcher(System.Object)
at System.Windows.Application.RunInternal(System.Windows.Window)
at ACCStd.App.Main()
Error: (06/29/2019 10:23:19 PM) (Source: ESENT) (EventID: 333) (User: )
Description: wmydybde (12948,D,100) d: The database [C:\Program Files (x86)\ZAfx\d] version 1568.60.140 is higher than the maximum version configured by the application 1568.20.0. Current engine format version parameter setting: 0x40000001 (JET_efvUseEngineDefault)
Error: (06/29/2019 10:23:19 PM) (Source: ESENT) (EventID: 333) (User: )
Description: wmydybde (12948,D,100) d: The database [C:\Program Files (x86)\ZAfx\d] version 1568.60.140 is higher than the maximum version configured by the application 1568.20.0. Current engine format version parameter setting: 0x40000001 (JET_efvUseEngineDefault)
Error: (06/29/2019 09:54:34 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
System errors:
=============
Error: (06/30/2019 09:15:14 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/30/2019 09:07:11 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/30/2019 09:06:28 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-O4MKONJ4)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user LAPTOP-O4MKONJ4\j_raj SID (S-1-5-21-1459309241-3523518997-2302554534-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/30/2019 09:05:41 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-O4MKONJ4)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscCloudBackupProvider
and APPID
Unavailable
to the user LAPTOP-O4MKONJ4\j_raj SID (S-1-5-21-1459309241-3523518997-2302554534-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/30/2019 09:05:18 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/30/2019 09:05:18 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/30/2019 09:04:49 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\Windows\system32\IntelWifiIhv04.dll
Error: (06/30/2019 09:04:49 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\Windows\system32\IntelWifiIhv04.dll
Windows Defender:
===================================
Date: 2019-06-30 09:10:17.453
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80508023
Error description: The program could not find the malware and other potentially unwanted software on this device.
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
==================== Memory info ===========================
BIOS: Insyde Corp. V1.07 05/25/2018
Motherboard: KBL Strongbow_KL
Processor: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz
Percentage of memory in use: 42%
Total physical RAM: 8076.47 MB
Available physical RAM: 4608.02 MB
Total Virtual: 9996.47 MB
Available Virtual: 6149.58 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:475.82 GB) (Free:424.32 GB) NTFS
\\?\Volume{6d13d745-41ce-400b-8e87-a56a6428b06f}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.62 GB) NTFS
\\?\Volume{d93cd461-1702-44de-8de8-506f86aa1d6f}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: C21053F6)
Partition: GPT.
==================== End of Addition.txt ============================