Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Northon Detect [Multitimer] and more

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Mikos
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 30 čer 2019 09:23

Northon Detect [Multitimer] and more

#1 Příspěvek od Mikos »

Zdravim,
Zmazal som nejake podozrive applikacie ktore som mal a pre kontrolu by som chcel vediet ci je to uz ok. Dakujem.

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-06-2019
Ran by j_raj (administrator) on LAPTOP-O4MKONJ4 (Acer Swift SF314-54G) (30-06-2019 09:18:21)
Running from C:\Users\j_raj\Desktop
Loaded Profiles: j_raj (Available Profiles: j_raj)
Platform: Windows 10 Home Version 1803 17134.81 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ecc5716c205e60ea\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ecc5716c205e60ea\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ecc5716c205e60ea\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ecc5716c205e60ea\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\j_raj\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.15.0.88\nortonsecurity.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.15.0.88\nortonsecurity.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.15.0.88\nswscsvc.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2018-04-26] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18570424 2018-11-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_ASC] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1537312 2018-11-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-29] (Google LLC -> Google LLC)
InternetURL: C:\Users\j_raj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BznMMQqmAG.url -> 

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {13E4CBEE-84ED-4E55-A88D-1C57891ECB2E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23966488 2018-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {17C7E105-8788-4C90-BACA-0A1BBEF760AC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1190424 2018-08-14] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {1993A166-6C5B-4039-B3C2-7A2D8F754B41} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [745920 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1D14B2B8-077C-4BB4-AEBE-22F4C9295000} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent => {61f77d5e-afe9-400b-a5e6-e9e80fc8e601} C:\Windows\System32\RDXTaskFactory.dll [393728 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
Task: {21F0256A-4E92-4CD8-A187-6D393557CE09} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1864640 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {23132A80-F4A7-4678-A28A-CDFAEF92BEA6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2417448 2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {233C1E93-F1E4-444A-AB62-4069F9182E10} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3149E6C0-2473-417E-8C31-6BD934A2D385} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [87120 2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F7E40FF-CCC1-40D1-B6CC-5E63C67A3318} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-29] (Google Inc -> Google LLC)
Task: {6428BADA-B0B3-445A-B0CA-B9DBD875739D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23966488 2018-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {69E43318-5222-47D0-B6BC-5CF407746810} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [521152 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7455C2FB-E24F-4EC2-845F-10498AC1A94A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2417448 2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {759D4F22-2F7F-4FD3-AA0A-22545305F78D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [657856 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9786CC1D-C5ED-414C-9C30-A2FC4FA526BA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1527064 2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {A6C63C53-DF2F-4295-AEC2-E11E019BE82D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1527064 2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {BAE85FC7-0327-45FF-A416-D264D7AC66C6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [964544 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C900542C-A535-4518-B9D7-4E4ADA1F82CA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [745920 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CD7A4A6F-0698-4D13-9D8A-FF205E00602F} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.15.0.88\SymErr.exe [101904 2018-08-05] (Symantec Corporation -> Symantec Corporation)
Task: {D0236D38-48E2-4598-8A92-484B93286379} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.15.0.88\WSCStub.exe [2269144 2018-08-05] (Symantec Corporation -> Symantec Corporation)
Task: {D80C7135-C95F-4A97-BB09-F77A175994BB} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.15.0.88\SymErr.exe [101904 2018-08-05] (Symantec Corporation -> Symantec Corporation)
Task: {E7CC7CBC-3B0D-4A1C-815C-6ED0808C2AB3} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2018-04-12] (Acer Incorporated -> Acer Incorporated)
Task: {E8D31AC0-59AF-4620-AC10-7943AFEC6994} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.15.0.88\SymErr.exe [101904 2018-08-05] (Symantec Corporation -> Symantec Corporation)
Task: {F0AB76E8-E79C-47B1-ABDD-1665B4D031EC} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [657856 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F552E67C-9E6B-4184-BDF9-637BD8235FCE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-29] (Google Inc -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{35fdeadb-438c-46d1-acbb-adbd7fa72440}: [DhcpNameServer] 172.10.128.12
Tcpip\..\Interfaces\{dc0c5038-4372-49f4-b4f6-4e529e1c9abe}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NGC&pvid=22.14.1.6
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NGC&pvid=22.14.1.6
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NGC&pvid=22.14.1.6
HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NGC&pvid=22.14.1.6
HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: sij380ty.default
FF ProfilePath: C:\Users\j_raj\AppData\Roaming\Mozilla\Firefox\Profiles\sij380ty.default [2019-06-30]
FF Extension: (Amazon Assistant for Firefox) - C:\Users\j_raj\AppData\Roaming\Mozilla\Firefox\Profiles\sij380ty.default\Extensions\abb-acer@amazon.com [2019-06-29] [hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json]
FF Extension: (English (US) Language Pack) - C:\Users\j_raj\AppData\Roaming\Mozilla\Firefox\Profiles\sij380ty.default\Extensions\langpack-en-US@firefox.mozilla.org [2019-06-29]
FF Extension: (Mozilla Partner Defaults) - C:\Users\j_raj\AppData\Roaming\Mozilla\Firefox\Profiles\sij380ty.default\Extensions\partnerdefaults@mozilla.com [2019-06-29] [Legacy]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-06-29] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-06-29] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default [2019-06-30]
CHR Extension: (Prezentace) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-29]
CHR Extension: (Dokumenty) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-29]
CHR Extension: (Disk Google) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-06-29]
CHR Extension: (YouTube) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-29]
CHR Extension: (Tabulky) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-06-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-06-29]
CHR Extension: (Gmail) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-29]
CHR Extension: (Chrome Media Router) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-29]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.15.0.88\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.15.0.88\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9658664 2018-09-08] (Microsoft Corporation -> Microsoft Corporation)
R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1705040 2017-11-08] (Intel Corporation -> Intel Corporation)
S3 iaStorAfsService; C:\Windows\IAStorAfsService\iaStorAfsService.exe [2413024 2018-04-25] (Intel Corporation -> Intel Corporation)
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [542320 2018-01-11] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [743728 2017-11-17] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [720184 2017-11-17] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 IntelAudioService; C:\Windows\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe [230528 2018-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [205968 2017-12-04] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265864 2018-03-20] (Intel Corporation -> )
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.15.0.88\NortonSecurity.exe [328648 2018-08-05] (Symantec Corporation -> Symantec Corporation)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.15.0.88\nsWscSvc.exe [913128 2018-08-05] (Symantec Corporation -> Symantec Corporation)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105344 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848328 2018-03-20] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AcerAirplaneModeController; C:\Windows\System32\drivers\AcerAirplaneModeController.sys [29912 2019-05-17] (Acer Incorporated -> Acer Incorporated)
S3 AX88772; C:\Windows\System32\drivers\ax88772.sys [111616 2018-04-12] (Microsoft Windows -> ASIX Electronics Corp.)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.14.1.6\Definitions\BASHDefs\20190625.002\BHDrvx64.sys [1935880 2019-06-25] (Symantec Corporation -> Symantec Corporation)
R1 ccSet_NGC; C:\Windows\system32\drivers\NGCx64\160F000.058\ccSetx64.sys [187464 2018-08-05] (Symantec Corporation -> Symantec Corporation)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [74144 2017-11-08] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [69536 2017-11-08] (Intel Corporation -> Intel Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515592 2019-06-29] (Symantec Corporation -> Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153096 2019-06-29] (Symantec Corporation -> Symantec Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [382880 2017-11-08] (Intel Corporation -> Intel Corporation)
R3 ETDI2C; C:\Windows\System32\drivers\ETDI2C.sys [218184 2017-11-16] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [98968 2017-10-15] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 iaStorAC; C:\Windows\System32\drivers\iaStorAC.sys [906216 2018-04-25] (Intel Corporation -> Intel Corporation)
S3 iaStorAfs; C:\Windows\System32\drivers\iaStorAfs.sys [69096 2018-04-25] (Intel Corporation -> Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [136128 2018-01-11] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.14.1.6\Definitions\IPSDefs\20190628.061\IDSvia64.sys [1441800 2019-06-28] (Symantec Corporation -> Symantec Corporation)
R3 IntcDMic; C:\Windows\system32\DRIVERS\IntcDMic.sys [678008 2018-11-09] (Intel(R) Smart Sound Technology -> Intel(R) Corporation)
R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [8709656 2018-06-30] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvac.inf_amd64_2fc0d3600c3c3d39\nvlddmkm.sys [17036560 2018-01-09] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50624 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
U5 RTSUER; C:\Windows\System32\Drivers\RTSUER.sys [421312 2017-10-18] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NGCx64\160F000.058\SRTSP64.SYS [846928 2018-08-05] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NGCx64\160F000.058\SRTSPX64.SYS [49744 2018-08-05] (Symantec Corporation -> Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NGCx64\160F000.058\SYMEFASI64.SYS [1968720 2018-08-05] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NGCx64\160F000.058\SymELAM.sys [25608 2018-08-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [99920 2018-08-16] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NGCx64\160F000.058\Ironx64.SYS [307792 2018-08-05] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NGCx64\160F000.058\SYMNETS.SYS [566912 2018-08-05] (Symantec Corporation -> Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\Windows\System32\Drivers\NGCx64\160F000.058\wpCtrlDrv.sys [1002840 2018-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-30 09:18 - 2019-06-30 09:19 - 000028548 _____ C:\Users\j_raj\Desktop\FRST.txt
2019-06-30 09:17 - 2019-06-30 09:18 - 000000000 ____D C:\FRST
2019-06-30 09:02 - 2019-06-30 09:03 - 000000000 ____D C:\AdwCleaner
2019-06-30 09:02 - 2019-06-30 09:02 - 007025360 _____ (Malwarebytes) C:\Users\j_raj\Downloads\adwcleaner_7.3.exe
2019-06-30 09:01 - 2019-06-30 09:11 - 000000000 ____D C:\Windows\System32\Tasks\Norton Security
2019-06-30 08:58 - 2019-06-30 08:58 - 002418688 _____ (Farbar) C:\Users\j_raj\Desktop\FRST64.exe
2019-06-30 08:56 - 2019-06-30 08:56 - 000003376 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2019-06-30 08:56 - 2019-06-30 08:56 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2019-06-30 08:56 - 2019-06-30 08:56 - 000000000 ___HD C:\OneDriveTemp
2019-06-30 08:24 - 2019-06-30 08:24 - 000000000 ____D C:\Users\j_raj\AppData\Local\OneDrive
2019-06-30 08:24 - 2019-06-30 08:24 - 000000000 ____D C:\Program Files\UNP
2019-06-29 22:40 - 2019-06-29 22:40 - 000000000 ____D C:\Users\j_raj\AppData\Local\CrashDumps
2019-06-29 22:37 - 2019-06-29 22:37 - 000001222 _____ C:\Windows\system32\Drivers\etc\hosts.bak
2019-06-29 22:33 - 2019-06-30 08:25 - 000000000 ____D C:\Users\j_raj\AppData\Local\NPE
2019-06-29 22:33 - 2019-06-29 22:33 - 000000000 ____D C:\Users\j_raj\AppData\Local\DBG
2019-06-29 22:29 - 2019-06-29 22:29 - 000000000 ____D C:\Users\j_raj\AppData\Local\D3DSCache
2019-06-29 22:23 - 2019-06-29 22:40 - 000000000 ____D C:\Program Files\3UECHMM28T
2019-06-29 22:23 - 2019-06-29 22:40 - 000000000 ____D C:\Program Files (x86)\ZAfx
2019-06-29 22:23 - 2019-06-29 22:23 - 000825856 _____ C:\Default.xml
2019-06-29 22:23 - 2019-06-29 22:23 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Mozilla
2019-06-29 22:23 - 2019-06-29 22:23 - 000000000 ____D C:\Users\j_raj\AppData\LocalLow\Mozilla
2019-06-29 22:23 - 2019-06-29 22:23 - 000000000 ____D C:\Users\j_raj\AppData\Local\Mozilla
2019-06-29 22:22 - 2019-06-29 22:22 - 007942656 _____ C:\Users\j_raj\AppData\Local\agent.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 002039541 _____ C:\Users\j_raj\AppData\Local\Latfax.tst
2019-06-29 22:22 - 2019-06-29 22:22 - 000722944 _____ C:\Users\j_raj\AppData\Local\sha.db
2019-06-29 22:22 - 2019-06-29 22:22 - 000140800 _____ C:\Users\j_raj\AppData\Local\installer.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 000126464 _____ C:\Users\j_raj\AppData\Local\noah.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 000126464 _____ C:\Users\j_raj\AppData\Local\lobby.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 000072787 _____ C:\Users\j_raj\AppData\Local\SingleRon.tst
2019-06-29 22:22 - 2019-06-29 22:22 - 000070992 _____ C:\Users\j_raj\AppData\Local\Config.xml
2019-06-29 22:22 - 2019-06-29 22:22 - 000054272 _____ C:\Users\j_raj\AppData\Local\ApplicationHosting.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 000005568 _____ C:\Users\j_raj\AppData\Local\md.xml
2019-06-29 22:22 - 2019-06-29 22:22 - 000000000 ____D C:\Users\j_raj\AppData\Local\AdvinstAnalytics
2019-06-29 22:21 - 2019-06-29 22:21 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\WinRAR
2019-06-29 22:21 - 2019-06-29 22:21 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-06-29 22:21 - 2019-06-29 22:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-06-29 22:20 - 2019-06-29 22:21 - 000000000 ____D C:\Program Files\WinRAR
2019-06-29 22:20 - 2019-06-29 22:20 - 003145336 _____ (Alexander Roshal) C:\Users\j_raj\Downloads\winrar-x64-571.exe
2019-06-29 21:55 - 2019-06-29 21:55 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Skype
2019-06-29 21:54 - 2019-06-29 22:10 - 2050560300 _____ C:\Users\j_raj\Downloads\Microsoft Office Professional Plus 2019 v1812 Build 11126.20188 January 2019 (x86+x64).rar
2019-06-29 21:54 - 2019-06-29 21:54 - 000002502 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-06-29 21:54 - 2019-06-29 21:54 - 000002497 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-06-29 21:54 - 2019-06-29 21:54 - 000002496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-06-29 21:54 - 2019-06-29 21:54 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-06-29 21:54 - 2019-06-29 21:54 - 000002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-06-29 21:54 - 2019-06-29 21:54 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-06-29 21:54 - 2019-06-29 21:54 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-06-29 21:54 - 2019-06-29 21:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-06-29 21:50 - 2019-06-29 21:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-06-29 21:50 - 2019-06-29 21:50 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-06-29 21:25 - 2019-06-29 21:25 - 000000000 ____D C:\Users\j_raj\AppData\LocalLow\Adobe
2019-06-29 21:24 - 2019-06-29 21:24 - 000004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-06-29 21:23 - 2019-06-29 21:23 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-06-29 21:23 - 2019-06-29 21:23 - 000002128 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2019-06-29 21:22 - 2019-06-29 21:22 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-06-29 21:20 - 2019-06-29 21:20 - 000000000 ____D C:\ProgramData\Adobe
2019-06-29 21:19 - 2019-06-29 21:25 - 000000000 ____D C:\Users\j_raj\AppData\Local\Adobe
2019-06-29 21:18 - 2019-06-29 21:38 - 3549376512 _____ C:\Users\j_raj\Downloads\Microsoft Office 2019 ProPlus EN.iso
2019-06-29 20:55 - 2019-06-29 21:02 - 000000000 ____D C:\Users\j_raj\AppData\Local\Comms
2019-06-29 20:49 - 2019-06-30 09:04 - 000002393 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-29 20:49 - 2019-06-30 09:04 - 000002352 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-29 20:48 - 2019-06-29 21:16 - 000000000 ____D C:\Users\j_raj\AppData\Local\Google
2019-06-29 20:48 - 2019-06-29 20:48 - 000003472 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-06-29 20:48 - 2019-06-29 20:48 - 000003348 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-06-29 20:48 - 2019-06-29 20:48 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Intel Corporation
2019-06-29 20:48 - 2019-06-29 20:48 - 000000000 ____D C:\Program Files (x86)\Google
2019-06-29 20:47 - 2019-06-30 09:05 - 000000000 ___RD C:\Users\j_raj\OneDrive
2019-06-29 20:47 - 2019-06-29 20:47 - 000003380 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1459309241-3523518997-2302554534-1001
2019-06-29 20:47 - 2019-06-29 20:47 - 000000000 ____D C:\Users\j_raj\AppData\Local\PlaceholderTileLogoFolder
2019-06-29 20:46 - 2019-06-29 20:47 - 000000000 ____D C:\Users\j_raj\AppData\Local\NVIDIA Corporation
2019-06-29 20:46 - 2019-06-29 20:46 - 000000000 ____D C:\Windows\oem
2019-06-29 20:45 - 2019-06-30 09:05 - 000000000 __SHD C:\Users\j_raj\IntelGraphicsProfiles
2019-06-29 20:45 - 2019-06-30 08:49 - 000000000 ____D C:\Users\j_raj\AppData\Local\Packages
2019-06-29 20:45 - 2019-06-30 08:39 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\WildTangent
2019-06-29 20:45 - 2019-06-29 21:25 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Adobe
2019-06-29 20:45 - 2019-06-29 21:25 - 000000000 ____D C:\Users\j_raj\AppData\Local\ConnectedDevicesPlatform
2019-06-29 20:45 - 2019-06-29 20:46 - 000000000 ____D C:\Users\j_raj\AppData\Local\Intel
2019-06-29 20:45 - 2019-06-29 20:45 - 000000000 ___RD C:\Users\j_raj\3D Objects
2019-06-29 20:45 - 2019-06-29 20:45 - 000000000 ___HD C:\Users\j_raj\MicrosoftEdgeBackups
2019-06-29 20:45 - 2019-06-29 20:45 - 000000000 ___HD C:\ProgramData\O949
2019-06-29 20:45 - 2019-06-29 20:45 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Intel
2019-06-29 20:45 - 2019-06-29 20:45 - 000000000 ____D C:\Users\j_raj\AppData\Local\VirtualStore
2019-06-29 20:45 - 2019-06-29 20:45 - 000000000 ____D C:\Users\j_raj\AppData\Local\Publishers
2019-06-29 20:45 - 2019-06-29 20:45 - 000000000 ____D C:\Users\j_raj\AppData\Local\MicrosoftEdge
2019-06-29 20:38 - 2019-06-29 20:47 - 000002371 _____ C:\Users\j_raj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-06-29 20:38 - 2019-06-29 20:47 - 000000000 ____D C:\Users\j_raj
2019-06-29 20:38 - 2019-06-29 20:38 - 000000020 ___SH C:\Users\j_raj\ntuser.ini
2019-06-29 20:26 - 2019-06-29 20:26 - 000000000 ____D C:\Windows\system32\DAX3
2019-06-29 20:25 - 2019-06-29 20:26 - 000000000 ____D C:\Windows\LastGood.Tmp
2019-06-28 23:25 - 2019-06-28 23:25 - 000000000 _SHDL C:\Documents and Settings

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-30 11:18 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2019-06-30 09:14 - 2018-08-16 22:17 - 001692472 _____ C:\Windows\system32\PerfStringBackup.INI
2019-06-30 09:14 - 2018-04-28 19:50 - 000718734 _____ C:\Windows\system32\perfh005.dat
2019-06-30 09:14 - 2018-04-28 19:50 - 000145494 _____ C:\Windows\system32\perfc005.dat
2019-06-30 09:14 - 2018-04-12 00:36 - 000000000 ____D C:\Windows\INF
2019-06-30 09:09 - 2018-04-11 22:04 - 000032768 _____ C:\Windows\system32\config\ELAM
2019-06-30 09:05 - 2018-08-16 22:29 - 000000000 ____D C:\ProgramData\NVIDIA
2019-06-30 09:05 - 2018-08-16 22:05 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-30 09:05 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-30 09:04 - 2018-04-11 22:04 - 000524288 _____ C:\Windows\system32\config\BBI
2019-06-30 09:03 - 2018-04-12 00:38 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-06-30 08:56 - 2018-08-16 23:00 - 000000000 ____D C:\Windows\system32\Drivers\NGCx64
2019-06-30 08:49 - 2018-08-16 22:48 - 000000000 ____D C:\ProgramData\OEM
2019-06-30 08:49 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-30 08:49 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\AppReadiness
2019-06-30 08:47 - 2018-08-16 22:48 - 000000000 ____D C:\ProgramData\Acer
2019-06-30 08:47 - 2018-04-28 05:48 - 000000000 ___HD C:\OEM
2019-06-30 08:40 - 2018-08-16 22:57 - 000000000 ____D C:\ProgramData\WildTangent
2019-06-30 08:40 - 2018-08-16 22:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games
2019-06-30 08:23 - 2018-08-16 22:05 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-06-29 22:40 - 2018-08-16 22:05 - 000404904 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-29 22:33 - 2018-08-16 23:00 - 000000000 ____D C:\ProgramData\Norton
2019-06-29 21:50 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-06-29 20:47 - 2018-08-16 22:27 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-06-29 20:45 - 2018-08-16 22:13 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-29 20:27 - 2018-08-16 22:25 - 000000000 ____D C:\Windows\system32\Intel
2019-06-29 20:26 - 2018-08-16 22:40 - 000003325 _____ C:\Windows\system32\Drivers\rtkhdasetting.zip
2019-06-29 20:26 - 2018-08-16 22:40 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2019-06-29 20:26 - 2018-08-16 22:40 - 000000000 ____D C:\Windows\system32\DAX2
2019-06-29 20:23 - 2018-04-12 00:30 - 000000000 ____D C:\Windows\CbsTemp
2019-06-28 23:25 - 2018-08-16 22:48 - 000004302 _____ C:\Windows\System32\Tasks\Software Update Application
2019-06-28 23:25 - 2018-08-16 22:30 - 000003176 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-28 23:25 - 2018-08-16 22:30 - 000002914 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-28 23:25 - 2018-08-16 22:29 - 000003398 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-28 23:25 - 2018-08-16 22:29 - 000002984 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-28 23:25 - 2018-08-16 22:29 - 000002956 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-28 23:25 - 2018-08-16 22:29 - 000002838 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-28 23:25 - 2018-08-16 22:29 - 000002786 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-28 23:25 - 2018-08-16 22:29 - 000002744 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-28 23:25 - 2018-08-16 22:14 - 000002770 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2

==================== Files in the root of some directories ================

2019-06-29 22:22 - 2019-06-29 22:22 - 007942656 _____ () C:\Users\j_raj\AppData\Local\agent.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 000054272 _____ () C:\Users\j_raj\AppData\Local\ApplicationHosting.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 000070992 _____ () C:\Users\j_raj\AppData\Local\Config.xml
2019-06-29 22:22 - 2019-06-29 22:22 - 000140800 _____ () C:\Users\j_raj\AppData\Local\installer.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 002039541 _____ () C:\Users\j_raj\AppData\Local\Latfax.tst
2019-06-29 22:22 - 2019-06-29 22:22 - 000126464 _____ () C:\Users\j_raj\AppData\Local\lobby.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 000005568 _____ () C:\Users\j_raj\AppData\Local\md.xml
2019-06-29 22:22 - 2019-06-29 22:22 - 000126464 _____ () C:\Users\j_raj\AppData\Local\noah.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 000722944 _____ () C:\Users\j_raj\AppData\Local\sha.db
2019-06-29 22:22 - 2019-06-29 22:22 - 000072787 _____ () C:\Users\j_raj\AppData\Local\SingleRon.tst
2019-06-29 22:22 - 2019-06-29 22:22 - 000032038 _____ () C:\Users\j_raj\AppData\Local\uninstall_temp.ico

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Kód: Vybrat vše

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-06-2019
Ran by j_raj (30-06-2019 09:20:01)
Running from C:\Users\j_raj\Desktop
Windows 10 Home Version 1803 17134.81 (X64) (2019-06-28 22:26:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1459309241-3523518997-2302554534-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1459309241-3523518997-2302554534-503 - Limited - Disabled)
Guest (S-1-5-21-1459309241-3523518997-2302554534-501 - Limited - Disabled)
j_raj (S-1-5-21-1459309241-3523518997-2302554534-1001 - Administrator - Enabled) => C:\Users\j_raj
WDAGUtilityAccount (S-1-5-21-1459309241-3523518997-2302554534-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Enabled - Up to date) {E3FDBD9F-8140-1400-F32B-8B58923F7C4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Enabled) {DBC63CBA-CB2F-1558-D874-226D6CEC3B36}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.008.20071 - Adobe Systems Incorporated)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{44ded3eb-1686-46a6-9770-fd79096c29f7}) (Version: 10.1.1.45 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10207.5567 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1061 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.9.4.1041 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000030-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.30.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{ce28f51d-8881-481e-a776-0052065f05f0}) (Version: 20.50.2 - Intel Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.10730.20102 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Norton Security (HKLM-x32\...\NGC) (Version: 22.15.0.88 - Symantec Corporation)
NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.73 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.16299.31239 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8555 - Realtek Semiconductor Corp.)
SafeFinder (HKLM-x32\...\{A9233103-267B-4DD6-B644-C3C94B1C227C}) (Version: 1.0.0.0 - Linkury) <==== ATTENTION
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

Packages:
=========
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation) [MS Ad]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.1.1098.1000_x86__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-29] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation) [MS Ad]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.5.2.0_x64__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.15.0.88\NavShExt.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.15.0.88\NavShExt.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ecc5716c205e60ea\igfxDTCM.dll [2018-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-12-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.15.0.88\NavShExt.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%

==================== Loaded Modules (Whitelisted) ==============

2019-06-29 22:21 - 2019-06-29 22:21 - 000698368 _____ () [File not signed] C:\Program Files (x86)\Google\Chrome\Application\WINMM.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 00:38 - 2019-06-29 22:37 - 000000054 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Acer01.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DFA93940-8EB8-4A57-8A3B-D2EE46327B12}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1C5ACB09-66F7-4B0B-9467-BBAF0ECCAEA3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{202EBFAD-5114-4CEB-869A-B6EA6C6001BD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{07FA4CAB-2A9E-4568-BD65-EB58BE40F80E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{42A3FC01-12AB-4170-B594-DC42B021C41D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FC3223C8-2F67-4EB7-BA7D-10AC05AA373F}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{41C3F41E-B198-4535-8683-6BD7AA2FDC80}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe No File
FirewallRules: [{60F0B725-8128-49E7-92B0-051817F98238}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F4C98EA4-F3AF-405E-AFC1-889DDCC7863E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11727.20230.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{85365AE4-E307-4C06-903C-0DDC029CCC83}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B8F0688C-3525-453B-99E7-B56FC84E5B5A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B6B53094-2CEB-442A-A612-844C00C0A852}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F3E69E79-C453-4B67-B766-C0FA6BB67683}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{79520803-3080-4DFD-B1C4-4CF9E919612B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{44F3A0EC-115B-480F-A568-2DB778821267}] => (Allow) C:\Windows\rss\csrss.exe No File
FirewallRules: [{72716457-24DC-43C7-AE2A-7A0056B69E99}] => (Allow) C:\Users\j_raj\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe No File

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/30/2019 08:46:53 AM) (Source: MsiInstaller) (EventID: 11500) (User: LAPTOP-O4MKONJ4)
Description: Product: Care Center -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.

Error: (06/30/2019 08:46:43 AM) (Source: MsiInstaller) (EventID: 11500) (User: LAPTOP-O4MKONJ4)
Description: Product: Care Center -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.

Error: (06/30/2019 08:46:42 AM) (Source: MsiInstaller) (EventID: 11500) (User: LAPTOP-O4MKONJ4)
Description: Product: Care Center -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.

Error: (06/29/2019 10:40:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ACCStd.exe, version: 3.1.8002.0, time stamp: 0x5aff9afe
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00007ffd9e947598
Faulting process id: 0x263c
Faulting application start time: 0x01d52eb39b5de97a
Faulting application path: C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
Faulting module path: unknown
Report Id: 01af517b-5967-4747-900d-d1a82e19f84b
Faulting package full name: 
Faulting package-relative application ID:

Error: (06/29/2019 10:40:29 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: ACCStd.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
   at Acer.CareCenter.ACCStd.MainWindow.Window_Closing(System.Object, System.ComponentModel.CancelEventArgs)
   at System.Windows.Window.OnClosing(System.ComponentModel.CancelEventArgs)
   at System.Windows.Window.InternalClose(Boolean, Boolean)
   at System.Windows.Application.DoShutdown()
   at System.Windows.Application.ShutdownImpl()
   at System.Windows.Application.ShutdownCallback(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunDispatcher(System.Object)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at ACCStd.App.Main()

Error: (06/29/2019 10:23:19 PM) (Source: ESENT) (EventID: 333) (User: )
Description: wmydybde (12948,D,100) d: The database [C:\Program Files (x86)\ZAfx\d] version 1568.60.140 is higher than the maximum version configured by the application 1568.20.0. Current engine format version parameter setting: 0x40000001 (JET_efvUseEngineDefault)

Error: (06/29/2019 10:23:19 PM) (Source: ESENT) (EventID: 333) (User: )
Description: wmydybde (12948,D,100) d: The database [C:\Program Files (x86)\ZAfx\d] version 1568.60.140 is higher than the maximum version configured by the application 1568.20.0. Current engine format version parameter setting: 0x40000001 (JET_efvUseEngineDefault)

Error: (06/29/2019 09:54:34 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (06/30/2019 09:15:14 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/30/2019 09:07:11 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.WscBrokerManager
 and APPID 
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/30/2019 09:06:28 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-O4MKONJ4)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user LAPTOP-O4MKONJ4\j_raj SID (S-1-5-21-1459309241-3523518997-2302554534-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/30/2019 09:05:41 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-O4MKONJ4)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.WscCloudBackupProvider
 and APPID 
Unavailable
 to the user LAPTOP-O4MKONJ4\j_raj SID (S-1-5-21-1459309241-3523518997-2302554534-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/30/2019 09:05:18 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/30/2019 09:05:18 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/30/2019 09:04:49 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\system32\IntelWifiIhv04.dll

Error: (06/30/2019 09:04:49 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\system32\IntelWifiIhv04.dll


Windows Defender:
===================================
Date: 2019-06-30 09:10:17.453
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80508023
Error description: The program could not find the malware and other potentially unwanted software on this device. 
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

==================== Memory info =========================== 

BIOS: Insyde Corp. V1.07 05/25/2018
Motherboard: KBL Strongbow_KL
Processor: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz
Percentage of memory in use: 42%
Total physical RAM: 8076.47 MB
Available physical RAM: 4608.02 MB
Total Virtual: 9996.47 MB
Available Virtual: 6149.58 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:475.82 GB) (Free:424.32 GB) NTFS

\\?\Volume{6d13d745-41ce-400b-8e87-a56a6428b06f}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.62 GB) NTFS
\\?\Volume{d93cd461-1702-44de-8de8-506f86aa1d6f}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: C21053F6)

Partition: GPT.

==================== End of Addition.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118254
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Northon Detect [Multitimer] and more

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Mikos
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 30 čer 2019 09:23

Re: Northon Detect [Multitimer] and more

#3 Příspěvek od Mikos »

Kód: Vybrat vše

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-06-28.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    06-30-2019
# Duration: 00:00:00
# OS:       Windows 10 Home
# Cleaned:  2
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
Deleted       C:\Users\Public\Desktop\Google Chrome.lnk

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [9822 octets] - [30/06/2019 10:03:11]
AdwCleaner[C00].txt - [8504 octets] - [30/06/2019 10:03:30]
AdwCleaner[S01].txt - [1520 octets] - [30/06/2019 10:04:33]
AdwCleaner[C01].txt - [1668 octets] - [30/06/2019 10:04:42]
AdwCleaner[S02].txt - [1642 octets] - [30/06/2019 13:08:20]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118254
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Northon Detect [Multitimer] and more

#4 Příspěvek od Rudy »

Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Mikos
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 30 čer 2019 09:23

Re: Northon Detect [Multitimer] and more

#5 Příspěvek od Mikos »

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-06-2019
Ran by j_raj (administrator) on LAPTOP-O4MKONJ4 (Acer Swift SF314-54G) (01-07-2019 21:21:04)
Running from C:\Users\j_raj\Desktop
Loaded Profiles: j_raj (Available Profiles: j_raj)
Platform: Windows 10 Home Version 1803 17134.81 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ecc5716c205e60ea\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ecc5716c205e60ea\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ecc5716c205e60ea\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ecc5716c205e60ea\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11905.1001.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.15.0.88\nortonsecurity.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.15.0.88\nortonsecurity.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.15.0.88\nswscsvc.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2018-04-26] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18570424 2018-11-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_ASC] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1537312 2018-11-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22695280 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46993192 2019-06-11] (Google LLC -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-29] (Google LLC -> Google LLC)
InternetURL: C:\Users\j_raj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BznMMQqmAG.url -> 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{35fdeadb-438c-46d1-acbb-adbd7fa72440}: [DhcpNameServer] 172.10.128.12
Tcpip\..\Interfaces\{dc0c5038-4372-49f4-b4f6-4e529e1c9abe}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NGC&pvid=22.14.1.6
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NGC&pvid=22.14.1.6
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NGC&pvid=22.14.1.6
HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:NewsFeed
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-1459309241-3523518997-2302554534-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-1459309241-3523518997-2302554534-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: sij380ty.default
FF ProfilePath: C:\Users\j_raj\AppData\Roaming\Mozilla\Firefox\Profiles\sij380ty.default [2019-07-01]
FF Extension: (Amazon Assistant for Firefox) - C:\Users\j_raj\AppData\Roaming\Mozilla\Firefox\Profiles\sij380ty.default\Extensions\abb-acer@amazon.com [2019-06-29] [hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json]
FF Extension: (English (US) Language Pack) - C:\Users\j_raj\AppData\Roaming\Mozilla\Firefox\Profiles\sij380ty.default\Extensions\langpack-en-US@firefox.mozilla.org [2019-06-29]
FF Extension: (Mozilla Partner Defaults) - C:\Users\j_raj\AppData\Roaming\Mozilla\Firefox\Profiles\sij380ty.default\Extensions\partnerdefaults@mozilla.com [2019-06-29] [Legacy]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-06-29] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-06-29] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default [2019-07-01]
CHR Extension: (Prezentace) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-29]
CHR Extension: (Dokumenty) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-29]
CHR Extension: (Disk Google) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-06-29]
CHR Extension: (YouTube) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-29]
CHR Extension: (Tabulky) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-06-29]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-06-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-06-29]
CHR Extension: (Gmail) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-29]
CHR Extension: (Chrome Media Router) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-29]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.15.0.88\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.15.0.88\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11413600 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1705040 2017-11-08] (Intel Corporation -> Intel Corporation)
S3 iaStorAfsService; C:\Windows\IAStorAfsService\iaStorAfsService.exe [2413024 2018-04-25] (Intel Corporation -> Intel Corporation)
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [542320 2018-01-11] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [743728 2017-11-17] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [720184 2017-11-17] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 IntelAudioService; C:\Windows\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe [230528 2018-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [205968 2017-12-04] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265864 2018-03-20] (Intel Corporation -> )
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.16.2.22\NortonSecurity.exe [328648 2018-11-03] (Symantec Corporation -> Symantec Corporation)
R3 nsWscSvc; C:\Program Files\Norton Security\Engine\22.15.0.88\nsWscSvc.exe [913128 2018-08-05] (Symantec Corporation -> Symantec Corporation)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105344 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848328 2018-03-20] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AcerAirplaneModeController; C:\Windows\System32\drivers\AcerAirplaneModeController.sys [29912 2019-05-17] (Acer Incorporated -> Acer Incorporated)
S3 AX88772; C:\Windows\System32\drivers\ax88772.sys [111616 2018-04-12] (Microsoft Windows -> ASIX Electronics Corp.)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.14.1.6\Definitions\BASHDefs\20190625.002\BHDrvx64.sys [1935880 2019-06-25] (Symantec Corporation -> Symantec Corporation)
R1 ccSet_NGC; C:\Windows\system32\drivers\NGCx64\1610020.016\ccSetx64.sys [189120 2018-11-03] (Symantec Corporation -> Symantec Corporation)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [74144 2017-11-08] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [69536 2017-11-08] (Intel Corporation -> Intel Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515592 2019-06-29] (Symantec Corporation -> Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153096 2019-06-29] (Symantec Corporation -> Symantec Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [382880 2017-11-08] (Intel Corporation -> Intel Corporation)
R3 ETDI2C; C:\Windows\System32\drivers\ETDI2C.sys [218184 2017-11-16] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [98968 2017-10-15] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 iaStorAC; C:\Windows\System32\drivers\iaStorAC.sys [906216 2018-04-25] (Intel Corporation -> Intel Corporation)
S3 iaStorAfs; C:\Windows\System32\drivers\iaStorAfs.sys [69096 2018-04-25] (Intel Corporation -> Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [136128 2018-01-11] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.14.1.6\Definitions\IPSDefs\20190628.061\IDSvia64.sys [1441800 2019-06-28] (Symantec Corporation -> Symantec Corporation)
R3 IntcDMic; C:\Windows\system32\DRIVERS\IntcDMic.sys [678008 2018-11-09] (Intel(R) Smart Sound Technology -> Intel(R) Corporation)
R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [8709656 2018-06-30] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvac.inf_amd64_2fc0d3600c3c3d39\nvlddmkm.sys [17036560 2018-01-09] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50624 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
U5 RTSUER; C:\Windows\System32\Drivers\RTSUER.sys [421312 2017-10-18] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NGCx64\160F000.058\SRTSP64.SYS [846928 2018-08-05] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NGCx64\1610020.016\SRTSPX64.SYS [49648 2018-11-03] (Symantec Corporation -> Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NGCx64\1610020.016\SYMEFASI64.SYS [1969328 2018-11-03] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NGCx64\1610020.016\SymELAM.sys [25744 2018-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [99920 2018-08-17] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NGCx64\1610020.016\Ironx64.SYS [308416 2018-11-03] (Symantec Corporation -> Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NGCx64\160F000.058\SYMNETS.SYS [566912 2018-08-05] (Symantec Corporation -> Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\Windows\System32\Drivers\NGCx64\160F000.058\wpCtrlDrv.sys [1002840 2018-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-01 21:19 - 2019-07-01 21:19 - 000000000 ____D C:\Users\j_raj\Desktop\FRST-OlderVersion
2019-07-01 18:42 - 2019-07-01 18:42 - 000002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-07-01 18:42 - 2019-07-01 18:42 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-07-01 18:42 - 2019-07-01 18:42 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-07-01 18:42 - 2019-07-01 18:42 - 000002420 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-07-01 18:42 - 2019-07-01 18:42 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-07-01 18:42 - 2019-07-01 18:42 - 000002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-07-01 18:42 - 2019-07-01 18:42 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-07-01 18:42 - 2019-07-01 18:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-06-30 14:13 - 2019-06-30 14:13 - 000000000 ____D C:\Users\j_raj\Documents\Custom Office Templates
2019-06-30 13:37 - 2019-07-01 18:30 - 000000000 ___RD C:\Users\j_raj\Google Drive
2019-06-30 13:37 - 2019-06-30 13:37 - 000001768 _____ C:\Users\j_raj\Desktop\Google Drive.lnk
2019-06-30 13:35 - 2019-06-30 13:35 - 000002077 _____ C:\Users\Public\Desktop\Google Slides.lnk
2019-06-30 13:35 - 2019-06-30 13:35 - 000002075 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2019-06-30 13:35 - 2019-06-30 13:35 - 000002065 _____ C:\Users\Public\Desktop\Google Docs.lnk
2019-06-30 13:35 - 2019-06-30 13:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-06-30 13:35 - 2019-06-30 13:35 - 000000000 ____D C:\Program Files\Google
2019-06-30 13:33 - 2019-06-30 13:33 - 001151544 _____ (Google LLC) C:\Users\j_raj\Downloads\installbackupandsync.exe
2019-06-30 10:54 - 2019-06-30 10:54 - 000055190 _____ C:\Users\j_raj\Documents\cc_20190630_095409.reg
2019-06-30 10:51 - 2019-06-30 10:51 - 000003936 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-06-30 10:51 - 2019-06-30 10:51 - 000002888 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-06-30 10:51 - 2019-06-30 10:51 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-06-30 10:51 - 2019-06-30 10:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-06-30 10:51 - 2019-06-30 10:51 - 000000000 ____D C:\Program Files\CCleaner
2019-06-30 10:50 - 2019-06-30 10:50 - 020650160 _____ (Piriform Software Ltd) C:\Users\j_raj\Downloads\ccsetup559.exe
2019-06-30 10:47 - 2019-07-01 18:33 - 000004168 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{814DDB56-74B0-40C5-98BD-DA078CBCE763}
2019-06-30 10:47 - 2019-06-30 10:47 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Macromedia
2019-06-30 10:18 - 2019-07-01 21:21 - 000023795 _____ C:\Users\j_raj\Desktop\FRST.txt
2019-06-30 10:17 - 2019-07-01 21:20 - 000000000 ____D C:\FRST
2019-06-30 10:02 - 2019-06-30 10:03 - 000000000 ____D C:\AdwCleaner
2019-06-30 10:02 - 2019-06-30 10:02 - 007025360 _____ (Malwarebytes) C:\Users\j_raj\Downloads\adwcleaner_7.3.exe
2019-06-30 10:01 - 2019-06-30 17:16 - 000000000 ____D C:\Windows\System32\Tasks\Norton Security
2019-06-30 09:58 - 2019-07-01 21:19 - 002419200 _____ (Farbar) C:\Users\j_raj\Desktop\FRST64.exe
2019-06-30 09:56 - 2019-06-30 09:56 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2019-06-30 09:24 - 2019-06-30 09:24 - 000000000 ____D C:\Users\j_raj\AppData\Local\OneDrive
2019-06-30 09:24 - 2019-06-30 09:24 - 000000000 ____D C:\Program Files\UNP
2019-06-29 23:40 - 2019-06-30 10:53 - 000000000 ____D C:\Users\j_raj\AppData\Local\CrashDumps
2019-06-29 23:37 - 2019-06-29 23:37 - 000001222 _____ C:\Windows\system32\Drivers\etc\hosts.bak
2019-06-29 23:33 - 2019-06-30 09:25 - 000000000 ____D C:\Users\j_raj\AppData\Local\NPE
2019-06-29 23:33 - 2019-06-29 23:33 - 000000000 ____D C:\Users\j_raj\AppData\Local\DBG
2019-06-29 23:29 - 2019-06-29 23:29 - 000000000 ____D C:\Users\j_raj\AppData\Local\D3DSCache
2019-06-29 23:23 - 2019-07-01 07:54 - 000000000 ____D C:\Program Files\3UECHMM28T
2019-06-29 23:23 - 2019-06-29 23:40 - 000000000 ____D C:\Program Files (x86)\ZAfx
2019-06-29 23:23 - 2019-06-29 23:23 - 000825856 _____ C:\Default.xml
2019-06-29 23:23 - 2019-06-29 23:23 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Mozilla
2019-06-29 23:23 - 2019-06-29 23:23 - 000000000 ____D C:\Users\j_raj\AppData\LocalLow\Mozilla
2019-06-29 23:23 - 2019-06-29 23:23 - 000000000 ____D C:\Users\j_raj\AppData\Local\Mozilla
2019-06-29 23:22 - 2019-06-29 23:22 - 007942656 _____ C:\Users\j_raj\AppData\Local\agent.dat
2019-06-29 23:22 - 2019-06-29 23:22 - 002039541 _____ C:\Users\j_raj\AppData\Local\Latfax.tst
2019-06-29 23:22 - 2019-06-29 23:22 - 000722944 _____ C:\Users\j_raj\AppData\Local\sha.db
2019-06-29 23:22 - 2019-06-29 23:22 - 000140800 _____ C:\Users\j_raj\AppData\Local\installer.dat
2019-06-29 23:22 - 2019-06-29 23:22 - 000126464 _____ C:\Users\j_raj\AppData\Local\noah.dat
2019-06-29 23:22 - 2019-06-29 23:22 - 000126464 _____ C:\Users\j_raj\AppData\Local\lobby.dat
2019-06-29 23:22 - 2019-06-29 23:22 - 000072787 _____ C:\Users\j_raj\AppData\Local\SingleRon.tst
2019-06-29 23:22 - 2019-06-29 23:22 - 000070992 _____ C:\Users\j_raj\AppData\Local\Config.xml
2019-06-29 23:22 - 2019-06-29 23:22 - 000054272 _____ C:\Users\j_raj\AppData\Local\ApplicationHosting.dat
2019-06-29 23:22 - 2019-06-29 23:22 - 000005568 _____ C:\Users\j_raj\AppData\Local\md.xml
2019-06-29 23:22 - 2019-06-29 23:22 - 000000000 ____D C:\Users\j_raj\AppData\Local\AdvinstAnalytics
2019-06-29 23:21 - 2019-06-29 23:21 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\WinRAR
2019-06-29 23:21 - 2019-06-29 23:21 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-06-29 23:21 - 2019-06-29 23:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-06-29 23:20 - 2019-06-29 23:21 - 000000000 ____D C:\Program Files\WinRAR
2019-06-29 23:20 - 2019-06-29 23:20 - 003145336 _____ (Alexander Roshal) C:\Users\j_raj\Downloads\winrar-x64-571.exe
2019-06-29 22:55 - 2019-06-29 22:55 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Skype
2019-06-29 22:54 - 2019-06-29 23:10 - 2050560300 _____ C:\Users\j_raj\Downloads\Microsoft Office Professional Plus 2019 v1812 Build 11126.20188 January 2019 (x86+x64).rar
2019-06-29 22:50 - 2019-07-01 18:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-06-29 22:50 - 2019-06-29 22:50 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-06-29 22:25 - 2019-06-29 22:25 - 000000000 ____D C:\Users\j_raj\AppData\LocalLow\Adobe
2019-06-29 22:24 - 2019-07-01 21:20 - 000004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-06-29 22:23 - 2019-07-01 21:22 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-06-29 22:23 - 2019-06-29 22:23 - 000002128 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2019-06-29 22:22 - 2019-06-29 22:22 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-06-29 22:20 - 2019-07-01 05:12 - 000000000 ____D C:\ProgramData\Adobe
2019-06-29 22:19 - 2019-06-29 22:25 - 000000000 ____D C:\Users\j_raj\AppData\Local\Adobe
2019-06-29 22:18 - 2019-06-29 22:38 - 3549376512 _____ C:\Users\j_raj\Downloads\Microsoft Office 2019 ProPlus EN.iso
2019-06-29 21:55 - 2019-06-29 22:02 - 000000000 ____D C:\Users\j_raj\AppData\Local\Comms
2019-06-29 21:49 - 2019-06-30 13:09 - 000002393 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-29 21:49 - 2019-06-30 13:09 - 000002352 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-29 21:48 - 2019-06-30 13:35 - 000000000 ____D C:\Users\j_raj\AppData\Local\Google
2019-06-29 21:48 - 2019-06-29 21:48 - 000003472 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-06-29 21:48 - 2019-06-29 21:48 - 000003348 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-06-29 21:48 - 2019-06-29 21:48 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Intel Corporation
2019-06-29 21:48 - 2019-06-29 21:48 - 000000000 ____D C:\Program Files (x86)\Google
2019-06-29 21:47 - 2019-06-30 10:38 - 000000000 ___RD C:\Users\j_raj\OneDrive
2019-06-29 21:47 - 2019-06-29 21:47 - 000003380 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1459309241-3523518997-2302554534-1001
2019-06-29 21:47 - 2019-06-29 21:47 - 000000000 ____D C:\Users\j_raj\AppData\Local\PlaceholderTileLogoFolder
2019-06-29 21:46 - 2019-07-01 18:33 - 000000000 ____D C:\Users\j_raj\AppData\Local\NVIDIA Corporation
2019-06-29 21:46 - 2019-06-29 21:46 - 000000000 ____D C:\Windows\oem
2019-06-29 21:45 - 2019-07-01 19:36 - 000000000 ____D C:\Users\j_raj\AppData\Local\Packages
2019-06-29 21:45 - 2019-07-01 18:30 - 000000000 __SHD C:\Users\j_raj\IntelGraphicsProfiles
2019-06-29 21:45 - 2019-06-30 09:39 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\WildTangent
2019-06-29 21:45 - 2019-06-29 22:25 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Adobe
2019-06-29 21:45 - 2019-06-29 22:25 - 000000000 ____D C:\Users\j_raj\AppData\Local\ConnectedDevicesPlatform
2019-06-29 21:45 - 2019-06-29 21:46 - 000000000 ____D C:\Users\j_raj\AppData\Local\Intel
2019-06-29 21:45 - 2019-06-29 21:45 - 000000000 ___RD C:\Users\j_raj\3D Objects
2019-06-29 21:45 - 2019-06-29 21:45 - 000000000 ___HD C:\Users\j_raj\MicrosoftEdgeBackups
2019-06-29 21:45 - 2019-06-29 21:45 - 000000000 ___HD C:\ProgramData\O949
2019-06-29 21:45 - 2019-06-29 21:45 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Intel
2019-06-29 21:45 - 2019-06-29 21:45 - 000000000 ____D C:\Users\j_raj\AppData\Local\VirtualStore
2019-06-29 21:45 - 2019-06-29 21:45 - 000000000 ____D C:\Users\j_raj\AppData\Local\Publishers
2019-06-29 21:45 - 2019-06-29 21:45 - 000000000 ____D C:\Users\j_raj\AppData\Local\MicrosoftEdge
2019-06-29 21:38 - 2019-06-30 13:37 - 000000000 ____D C:\Users\j_raj
2019-06-29 21:38 - 2019-06-29 21:47 - 000002371 _____ C:\Users\j_raj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-06-29 21:38 - 2019-06-29 21:38 - 000000020 ___SH C:\Users\j_raj\ntuser.ini
2019-06-29 21:26 - 2019-06-29 21:26 - 000000000 ____D C:\Windows\system32\DAX3
2019-06-29 21:25 - 2019-06-29 21:26 - 000000000 ____D C:\Windows\LastGood.Tmp
2019-06-29 00:25 - 2019-06-29 00:25 - 000000000 _SHDL C:\Documents and Settings

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-01 21:19 - 2018-08-16 23:05 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-07-01 21:19 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-01 19:14 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\AppReadiness
2019-07-01 18:43 - 2018-04-12 01:36 - 000000000 ____D C:\Windows\INF
2019-07-01 18:33 - 2018-08-16 23:29 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-01 07:52 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\appcompat
2019-06-30 16:45 - 2018-08-17 00:00 - 000000000 ____D C:\Windows\system32\Drivers\NGCx64
2019-06-30 13:14 - 2018-08-16 23:17 - 001692472 _____ C:\Windows\system32\PerfStringBackup.INI
2019-06-30 13:14 - 2018-04-28 20:50 - 000718734 _____ C:\Windows\system32\perfh005.dat
2019-06-30 13:14 - 2018-04-28 20:50 - 000145494 _____ C:\Windows\system32\perfc005.dat
2019-06-30 13:10 - 2018-08-16 23:05 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-30 13:09 - 2018-04-11 23:04 - 000524288 _____ C:\Windows\system32\config\BBI
2019-06-30 12:18 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2019-06-30 10:53 - 2018-08-17 00:04 - 000000000 ____D C:\Windows\Panther
2019-06-30 10:40 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-30 10:09 - 2018-04-11 23:04 - 000032768 _____ C:\Windows\system32\config\ELAM
2019-06-30 10:03 - 2018-04-12 01:38 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-06-30 09:49 - 2018-08-16 23:48 - 000000000 ____D C:\ProgramData\OEM
2019-06-30 09:47 - 2018-08-16 23:48 - 000000000 ____D C:\ProgramData\Acer
2019-06-30 09:47 - 2018-04-28 06:48 - 000000000 ___HD C:\OEM
2019-06-30 09:40 - 2018-08-16 23:57 - 000000000 ____D C:\ProgramData\WildTangent
2019-06-30 09:40 - 2018-08-16 23:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games
2019-06-29 23:40 - 2018-08-16 23:05 - 000404904 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-29 23:33 - 2018-08-17 00:00 - 000000000 ____D C:\ProgramData\Norton
2019-06-29 22:50 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-06-29 21:47 - 2018-08-16 23:27 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-06-29 21:45 - 2018-08-16 23:13 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-29 21:27 - 2018-08-16 23:25 - 000000000 ____D C:\Windows\system32\Intel
2019-06-29 21:26 - 2018-08-16 23:40 - 000003325 _____ C:\Windows\system32\Drivers\rtkhdasetting.zip
2019-06-29 21:26 - 2018-08-16 23:40 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2019-06-29 21:26 - 2018-08-16 23:40 - 000000000 ____D C:\Windows\system32\DAX2
2019-06-29 21:23 - 2018-04-12 01:30 - 000000000 ____D C:\Windows\CbsTemp
2019-06-29 00:25 - 2018-08-16 23:48 - 000004302 _____ C:\Windows\System32\Tasks\Software Update Application
2019-06-29 00:25 - 2018-08-16 23:30 - 000003176 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-29 00:25 - 2018-08-16 23:30 - 000002914 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-29 00:25 - 2018-08-16 23:29 - 000003398 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-29 00:25 - 2018-08-16 23:29 - 000002984 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-29 00:25 - 2018-08-16 23:29 - 000002956 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-29 00:25 - 2018-08-16 23:29 - 000002838 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-29 00:25 - 2018-08-16 23:29 - 000002786 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-29 00:25 - 2018-08-16 23:29 - 000002744 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-29 00:25 - 2018-08-16 23:14 - 000002770 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2

==================== Files in the root of some directories ================

2019-06-29 23:22 - 2019-06-29 23:22 - 007942656 _____ () C:\Users\j_raj\AppData\Local\agent.dat
2019-06-29 23:22 - 2019-06-29 23:22 - 000054272 _____ () C:\Users\j_raj\AppData\Local\ApplicationHosting.dat
2019-06-29 23:22 - 2019-06-29 23:22 - 000070992 _____ () C:\Users\j_raj\AppData\Local\Config.xml
2019-06-29 23:22 - 2019-06-29 23:22 - 000140800 _____ () C:\Users\j_raj\AppData\Local\installer.dat
2019-06-29 23:22 - 2019-06-29 23:22 - 002039541 _____ () C:\Users\j_raj\AppData\Local\Latfax.tst
2019-06-29 23:22 - 2019-06-29 23:22 - 000126464 _____ () C:\Users\j_raj\AppData\Local\lobby.dat
2019-06-29 23:22 - 2019-06-29 23:22 - 000005568 _____ () C:\Users\j_raj\AppData\Local\md.xml
2019-06-29 23:22 - 2019-06-29 23:22 - 000126464 _____ () C:\Users\j_raj\AppData\Local\noah.dat
2019-06-29 23:22 - 2019-06-29 23:22 - 000722944 _____ () C:\Users\j_raj\AppData\Local\sha.db
2019-06-29 23:22 - 2019-06-29 23:22 - 000072787 _____ () C:\Users\j_raj\AppData\Local\SingleRon.tst
2019-06-29 23:22 - 2019-06-29 23:22 - 000032038 _____ () C:\Users\j_raj\AppData\Local\uninstall_temp.ico

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Kód: Vybrat vše

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-06-2019
Ran by j_raj (01-07-2019 21:22:09)
Running from C:\Users\j_raj\Desktop
Windows 10 Home Version 1803 17134.81 (X64) (2019-06-28 22:26:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1459309241-3523518997-2302554534-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1459309241-3523518997-2302554534-503 - Limited - Disabled)
Guest (S-1-5-21-1459309241-3523518997-2302554534-501 - Limited - Disabled)
j_raj (S-1-5-21-1459309241-3523518997-2302554534-1001 - Administrator - Enabled) => C:\Users\j_raj
WDAGUtilityAccount (S-1-5-21-1459309241-3523518997-2302554534-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Enabled - Up to date) {E3FDBD9F-8140-1400-F32B-8B58923F7C4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Enabled) {DBC63CBA-CB2F-1558-D874-226D6CEC3B36}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Backup and Sync from Google (HKLM\...\{A8306899-468A-4C8D-B7A7-0787C3956186}) (Version: 3.45.5264.1408 - Google, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.59 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{44ded3eb-1686-46a6-9770-fd79096c29f7}) (Version: 10.1.1.45 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10207.5567 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1061 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.9.4.1041 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000030-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.30.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{ce28f51d-8881-481e-a776-0052065f05f0}) (Version: 20.50.2 - Intel Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.11727.20230 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Norton Security (HKLM-x32\...\NGC) (Version: 22.15.0.88 - Symantec Corporation)
NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.73 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.16299.31239 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8555 - Realtek Semiconductor Corp.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

Packages:
=========
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation) [MS Ad]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.1.1098.1000_x86__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation) [MS Ad]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.5.2.0_x64__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-11] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-11] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-11] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-11] (Google LLC -> Google)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.15.0.88\NavShExt.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.15.0.88\NavShExt.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-11] (Google LLC -> Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ecc5716c205e60ea\igfxDTCM.dll [2018-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-12-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.15.0.88\NavShExt.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%

==================== Loaded Modules (Whitelisted) ==============

2019-07-01 18:30 - 2019-07-01 18:30 - 000113664 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\_ctypes.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000173568 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\_elementtree.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 001800192 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\_hashlib.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000032256 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\_multiprocessing.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000046080 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\_psutil_windows.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000047616 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\_socket.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 002230784 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\_ssl.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000026112 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\_yappi.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000080896 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\bz2.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 006277632 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\cello.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000014848 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\common.time34.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000007680 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\hashobjs_ext.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000301568 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\PIL._imaging.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000169472 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\pyexpat.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 001084416 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\pysqlite2._sqlite.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000548864 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\pythoncom27.dll
2019-07-01 18:30 - 2019-07-01 18:30 - 000137728 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\pywintypes27.dll
2019-07-01 18:30 - 2019-07-01 18:30 - 000010752 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\select.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000020992 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\thumbnails_ext.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000689664 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\unicodedata.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000118784 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\usb_ext.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000128512 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\win32api.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000438784 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\win32com.shell.shell.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000011776 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\win32crypt.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000023040 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\win32event.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000149504 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\win32file.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000223232 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\win32gui.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000048128 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\win32inet.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000029696 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\win32pdh.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000027648 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\win32pipe.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000044032 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\win32process.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000020480 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\win32profile.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000136192 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\win32security.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000026624 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\win32ts.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000034304 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\windows.conditional.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000038400 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\windows.connectivity.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000073216 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\windows.device_monitor.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000110592 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\windows.volumes.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000020480 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\windows.winwrap.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 001325056 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\wx._controls_.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 001489408 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\wx._core_.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 001007104 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\wx._gdi_.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000103424 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\wx._html2.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000916992 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\wx._misc_.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 001039872 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\wx._windows_.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\python27.dll
2019-07-01 18:30 - 2019-07-01 18:30 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\wxbase30u_net_vc90_x64.dll
2019-07-01 18:30 - 2019-07-01 18:30 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\wxbase30u_vc90_x64.dll
2019-07-01 18:30 - 2019-07-01 18:30 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\wxmsw30u_adv_vc90_x64.dll
2019-07-01 18:30 - 2019-07-01 18:30 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\wxmsw30u_core_vc90_x64.dll
2019-07-01 18:30 - 2019-07-01 18:30 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\wxmsw30u_html_vc90_x64.dll
2019-07-01 18:30 - 2019-07-01 18:30 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2019-06-29 23:37 - 000000054 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Acer01.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Block)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DFA93940-8EB8-4A57-8A3B-D2EE46327B12}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1C5ACB09-66F7-4B0B-9467-BBAF0ECCAEA3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{202EBFAD-5114-4CEB-869A-B6EA6C6001BD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{07FA4CAB-2A9E-4568-BD65-EB58BE40F80E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{42A3FC01-12AB-4170-B594-DC42B021C41D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FC3223C8-2F67-4EB7-BA7D-10AC05AA373F}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{60F0B725-8128-49E7-92B0-051817F98238}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F4C98EA4-F3AF-405E-AFC1-889DDCC7863E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11727.20230.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B8F0688C-3525-453B-99E7-B56FC84E5B5A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F3E69E79-C453-4B67-B766-C0FA6BB67683}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{07718990-B78D-4E78-BC24-5B920D6617B4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6999FEDA-7D55-41A4-ADDE-3047E6B88215}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D35E526D-E9B4-4E97-846F-D3E67F2CB4AF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/01/2019 07:21:51 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: LAPTOP-O4MKONJ4)
Description: httphttp-2147467263

Error: (07/01/2019 07:18:47 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: LAPTOP-O4MKONJ4)
Description: httphttp-2147467263

Error: (06/30/2019 04:45:36 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: LAPTOP-O4MKONJ4)
Description: httphttp-2147467263

Error: (06/30/2019 09:46:53 AM) (Source: MsiInstaller) (EventID: 11500) (User: LAPTOP-O4MKONJ4)
Description: Product: Care Center -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.

Error: (06/30/2019 09:46:43 AM) (Source: MsiInstaller) (EventID: 11500) (User: LAPTOP-O4MKONJ4)
Description: Product: Care Center -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.

Error: (06/30/2019 09:46:42 AM) (Source: MsiInstaller) (EventID: 11500) (User: LAPTOP-O4MKONJ4)
Description: Product: Care Center -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.

Error: (06/29/2019 11:40:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ACCStd.exe, version: 3.1.8002.0, time stamp: 0x5aff9afe
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00007ffd9e947598
Faulting process id: 0x263c
Faulting application start time: 0x01d52eb39b5de97a
Faulting application path: C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
Faulting module path: unknown
Report Id: 01af517b-5967-4747-900d-d1a82e19f84b
Faulting package full name: 
Faulting package-relative application ID:

Error: (06/29/2019 11:40:29 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: ACCStd.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
   at Acer.CareCenter.ACCStd.MainWindow.Window_Closing(System.Object, System.ComponentModel.CancelEventArgs)
   at System.Windows.Window.OnClosing(System.ComponentModel.CancelEventArgs)
   at System.Windows.Window.InternalClose(Boolean, Boolean)
   at System.Windows.Application.DoShutdown()
   at System.Windows.Application.ShutdownImpl()
   at System.Windows.Application.ShutdownCallback(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunDispatcher(System.Object)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at ACCStd.App.Main()


System errors:
=============
Error: (07/01/2019 08:45:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Computer Browser service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.

Error: (07/01/2019 08:45:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Auto Time Zone Updater service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.

Error: (07/01/2019 08:45:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Computer Browser service to connect.

Error: (07/01/2019 08:45:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Auto Time Zone Updater service to connect.

Error: (07/01/2019 07:35:39 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-O4MKONJ4)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user LAPTOP-O4MKONJ4\j_raj SID (S-1-5-21-1459309241-3523518997-2302554534-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (S-1-15-2-22437607-2858213274-1821620892-3814493774-3337350692-3136916095-4195425740). This security permission can be modified using the Component Services administrative tool.

Error: (07/01/2019 07:31:46 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-O4MKONJ4)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user LAPTOP-O4MKONJ4\j_raj SID (S-1-5-21-1459309241-3523518997-2302554534-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (S-1-15-2-2869185864-805672686-958563347-1125664951-3623643158-81981776-3601075226). This security permission can be modified using the Component Services administrative tool.

Error: (07/01/2019 06:30:46 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-O4MKONJ4)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user LAPTOP-O4MKONJ4\j_raj SID (S-1-5-21-1459309241-3523518997-2302554534-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/01/2019 06:30:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


Windows Defender:
===================================
Date: 2019-06-30 10:10:17.453
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80508023
Error description: The program could not find the malware and other potentially unwanted software on this device. 
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

==================== Memory info =========================== 

BIOS: Insyde Corp. V1.07 05/25/2018
Motherboard: KBL Strongbow_KL
Processor: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz
Percentage of memory in use: 40%
Total physical RAM: 8076.47 MB
Available physical RAM: 4819.18 MB
Total Virtual: 9996.47 MB
Available Virtual: 5843.63 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:475.82 GB) (Free:422.28 GB) NTFS

\\?\Volume{6d13d745-41ce-400b-8e87-a56a6428b06f}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.62 GB) NTFS
\\?\Volume{d93cd461-1702-44de-8de8-506f86aa1d6f}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: C21053F6)

Partition: GPT.

==================== End of Addition.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118254
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Northon Detect [Multitimer] and more

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-1459309241-3523518997-2302554534-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
SearchScopes: HKU\S-1-5-21-1459309241-3523518997-2302554534-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\LastGood.Tmp
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Mikos
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 30 čer 2019 09:23

Re: Northon Detect [Multitimer] and more

#7 Příspěvek od Mikos »

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x64) Version: 30-06-2019
Ran by j_raj (02-07-2019 06:25:49) Run:1
Running from C:\Users\j_raj\Desktop
Loaded Profiles: j_raj (Available Profiles: j_raj)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-1459309241-3523518997-2302554534-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-1459309241-3523518997-2302554534-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\LastGood.Tmp
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Windows\LastGood.Tmp => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found

=========== EmptyTemp: ==========

BITS transfer queue => 6578176 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 29633631 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 10483483 B
Edge => 3597 B
Chrome => 372650890 B
Firefox => 8248894 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1814 B
LocalService => 0 B
NetworkService => 134944456 B
NetworkService => 0 B
j_raj => 205057137 B

RecycleBin => 50458 B
EmptyTemp: => 732.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 06:26:08 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118254
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Northon Detect [Multitimer] and more

#8 Příspěvek od Rudy »

Smazáno, log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Mikos
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 30 čer 2019 09:23

Re: Northon Detect [Multitimer] and more

#9 Příspěvek od Mikos »

Díky moc! Budem ešte pozorovať či sa niečo nedeje :) (bohužiaľ nieje to môj notas)

btw. nebol som na tomto fore fuuu 10-15 rokov a som celkom prekvapený, že to tu ešte funguje a tak aktivne :)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118254
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Northon Detect [Multitimer] and more

#10 Příspěvek od Rudy »

Pokud je vše v pořádku, nic dalšího není třeba. Za ty roky se tu změnili jen lidé. Někdo odešel, jiný přišel. Víceméně ale fungujeme, jako tehdy. Nemnáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“