Prosím o kontrolu logu, mám vyskakovacie reklamy na ploche

Zpráva

element · #1 Příspěvek od **element** » 02 led 2020 16:45

Zdravím,

Už cca mesiac mám takéto vyskakovacie reklamy a skúšal som malwarebytes, spybot, nod32, avg, malware remover a neviem čo všetko a neviem sa toho zbaviť. Je to ako keby vo Chrome vo vyskakovacích oknách, pokúšal som sa to tam aj nájsť, ale márne.

Posielam tu log z RSIT

Logfile of random's system information tool 1.10 (written by random/random)
Run by T450 at 2020-01-02 16:41:58
Microsoft Windows 10 Pro
System drive C: has 35 GB (15%) free of 237 GB
Total RAM: 7888 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:42:10, on 2. 1. 2020

Vďaka za pomoc
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)
Boot mode: Normal

Running processes:
C:\Program Files\TPFanControl\TPFanControl.exe
C:\Users\T450\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\Disig\Disig Web Signer 1.0.7\Updater\WebSignerTray.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Program Files\trend micro\T450.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKCU\..\Run: [f.lux] "C:\Users\T450\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Gram MultiTool 2.lnk = C:\Users\T450\AppData\Local\gmt2\GramMultiToolUI.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Web Signer.lnk = C:\Program Files (x86)\Disig\Disig Web Signer 1.0.7\Updater\WebSignerTray.exe
O9 - Extra button: Odoslat do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslat do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Antivirus - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\AVGSvc.exe
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\aswidsagent.exe
O23 - Service: AvgWscReporter - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\wsc_proxy.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_97edd2c - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\vmcomputeagent.exe,-100 (gcs) - Unknown owner - C:\WINDOWS\system32\vmcomputeagent.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem2.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe (file missing)
O23 - Service: @oem24.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyResume Service (Lenovo Instant On) - Unknown owner - C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\EasyResume.exe (file missing)
O23 - Service: @oem2.inf,%Lenovo.svcDesc1%;Lenovo Platform Service (LPlatSvc) - Unknown owner - C:\WINDOWS\System32\LPlatSvc.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SolidConverterPDFReadSpool (SCPDFReadSpool) - Solid Documents, LLC - C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDFV6\SolidConverterPDFServicex64.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_a6dc7343c725f003\driver\TPHKLOAD.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vmcompute.exe,-100 (vmcompute) - Unknown owner - C:\WINDOWS\system32\vmcompute.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 14411 bytes

======Listing Processes======

\??\C:\WINDOWS\system32\lsaiso.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\System32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s HvHost
C:\WINDOWS\System32\LPlatSvc.exe
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp

C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection

C:\WINDOWS\system32\WLANExt.exe 2989780314736
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -s CertPropSvc
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\WINDOWS\system32\vmcompute.exe
C:\WINDOWS\SysWOW64\svchost.exe -k hpdevmgmt -s hpqddsvc
C:\WINDOWS\system32\svchost.exe -k NetSvcs -p -s hns
C:\WINDOWS\system32\ibtsiva
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s IKEEXT
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer

"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDFV6\SolidConverterPDFServicex64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_a6dc7343c725f003\driver\TPHKLOAD.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k LocalService -s W32Time
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s SharedAccess
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -s CmService
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\WINDOWS\system32\svchost.exe -k NetSvcs -s nvagent
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\SysWOW64\svchost.exe -k hpdevmgmt -s hpqcxs08
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hvsics
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc

C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\System32\svchost.exe -k netsvcs -p

"C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe"
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s AppMgmt
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s QWAVE
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"fontdrvhost.exe"
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
"C:\WINDOWS\System32\LPlatSvc.exe" -EM
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
C:\WINDOWS\System32\DriverStore\FileRepository\FNE799~1.INF\driver\TPNUMLKD.EXE \\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.LockOSD
C:\WINDOWS\System32\DriverStore\FileRepository\FNE799~1.INF\driver\TPOSD.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
C:\WINDOWS\System32\DriverStore\FileRepository\FNE799~1.INF\driver\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\vmwp.exe" FD4BC053-3BC0-4286-9200-DDE92663075F 0x538
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}

igfxEM.exe
igfxHK.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
ClassicStartMenu.exe -startup
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19112.111.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
"C:\Windows\System32\SecurityHealthSystray.exe"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files\TPFanControl\TPFanControl.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Users\T450\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" -Embedding
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
C:\Windows\System32\hvsimgr.exe -Embedding
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files (x86)\Disig\Disig Web Signer 1.0.7\Updater\WebSignerTray.exe"
C:\WINDOWS\system32\HvsiRpcD.exe 1548
C:\WINDOWS\system32\HvsiRdpClient.exe 1636
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
AVGUI.exe /nogui
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\T450\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\T450\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\T450\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=79.0.3945.88 --initial-client-data=0x94,0x98,0x9c,0x90,0xa0,0x7ff84c64dd08,0x7ff84c64dd18,0x7ff84c64dd28
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=5556 --on-initialized-event-handle=560 --parent-handle=564 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1620,3864551186613792096,5027350125484442363,131072 --gpu-preferences=KAAAAAAAAADgAAAwAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=16092734931924269192 --mojo-platform-channel-handle=1632 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1620,3864551186613792096,5027350125484442363,131072 --lang=sk --service-sandbox-type=network --enable-audio-service-sandbox --service-request-channel-token=3925832955115738389 --mojo-platform-channel-handle=1684 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1620,3864551186613792096,5027350125484442363,131072 --lang=sk --extension-process --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1737242857856662147 --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3064 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1620,3864551186613792096,5027350125484442363,131072 --lang=sk --extension-process --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10023116916835099564 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3636 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1620,3864551186613792096,5027350125484442363,131072 --lang=sk --extension-process --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5980744509658097973 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4008 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1620,3864551186613792096,5027350125484442363,131072 --lang=sk --extension-process --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=14236558528233592015 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4180 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1620,3864551186613792096,5027350125484442363,131072 --lang=sk --extension-process --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11096792356099168461 --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4628 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1620,3864551186613792096,5027350125484442363,131072 --lang=sk --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10028159652213668932 --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2372 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\AVG\Antivirus\AVGUI.exe" --type=gpu-process --field-trial-handle=3848,2236472132712079731,17902908639119246255,131072 --no-sandbox --log-file="C:\Users\T450\AppData\Roaming\AVG\Antivirus\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (19.8.3108)" --lang=en-US --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAMAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --service-request-channel-token=10846018860965488442 --mojo-platform-channel-handle=9040 /prefetch:2
"C:\WINDOWS\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe" -ServerName:App.AppXagta193n5rpf7mheremt3yyfa1g555vc.mca
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1620,3864551186613792096,5027350125484442363,131072 --lang=sk --service-sandbox-type=audio --enable-audio-service-sandbox --service-request-channel-token=15255912179525026230 --mojo-platform-channel-handle=8084 --ignored=" --type=renderer " /prefetch:8
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1620,3864551186613792096,5027350125484442363,131072 --lang=sk --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10893595264909057256 --renderer-client-id=696 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13744 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1620,3864551186613792096,5027350125484442363,131072 --lang=sk --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11654816291845680767 --renderer-client-id=891 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11280 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1620,3864551186613792096,5027350125484442363,131072 --lang=sk --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1104651053624755335 --renderer-client-id=908 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14624 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1620,3864551186613792096,5027350125484442363,131072 --lang=sk --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1079036423237201275 --renderer-client-id=913 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10692 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1620,3864551186613792096,5027350125484442363,131072 --lang=sk --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=16503113335383797521 --renderer-client-id=915 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14500 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1620,3864551186613792096,5027350125484442363,131072 --lang=sk --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5067456621041519643 --renderer-client-id=916 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=16012 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1620,3864551186613792096,5027350125484442363,131072 --lang=sk --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10779620370035983492 --renderer-client-id=918 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8772 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe99_ Global\UsGthrCtrlFltPipeMssGthrPipe99 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 752 756 764 8192 760
"C:\Users\T450\Desktop\RSITx64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1620,3864551186613792096,5027350125484442363,131072 --lang=sk --disable-client-side-phishing-detection --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5285295402752441100 --renderer-client-id=919 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10724 /prefetch:1
C:\WINDOWS\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\T450\AppData\Roaming\Mozilla\Firefox\Profiles\qtkw9hyo.default

prefs.js - "browser.startup.homepage" - "about:home"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13 885560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2017-08-13 551736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13 760632]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-13 507192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13 885560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13 760632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-03-19 84992]
"TPFanControl"=C:\Program Files\TPFanControl\TPFanControl.exe [2013-02-02 156672]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2017-08-13 163640]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05 508240]
"AdobeGCInvoker-1.0"=C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2019-10-08 2872400]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2019-03-24 302904]
"AVGUI.exe"=C:\Program Files\AVG\Antivirus\AvLaunch.exe [2019-12-25 316336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"=C:\Windows\SysWOW64\OneDriveSetup.exe [2019-03-19 28832864]
"f.lux"=C:\Users\T450\AppData\Local\FluxSoftware\Flux\flux.exe [2019-08-30 1385480]
"ApplePhotoStreams"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2019-01-15 67896]
"iCloudDrive"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [2019-01-15 110392]
"iCloudPhotos"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [2019-01-15 356664]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2019-01-15 67384]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2012-03-26 449168]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2019-04-18 456160]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
Web Signer.lnk - C:\Program Files (x86)\Disig\Disig Web Signer 1.0.7\Updater\WebSignerTray.exe

C:\Users\T450\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Gram MultiTool 2.lnk - C:\Users\T450\AppData\Local\gmt2\GramMultiToolUI.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hvsifltr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.X264"=x264vfw64.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2020-01-02 16:41:58 ----D---- C:\rsit
2019-12-25 10:22:59 ----A---- C:\WINDOWS\system32\drivers\avgVmm.sys
2019-12-25 10:22:59 ----A---- C:\WINDOWS\system32\drivers\avgStm.sys
2019-12-25 10:22:59 ----A---- C:\WINDOWS\system32\drivers\avgSP.sys
2019-12-25 10:22:59 ----A---- C:\WINDOWS\system32\drivers\avgRvrt.sys
2019-12-25 10:22:59 ----A---- C:\WINDOWS\system32\drivers\avgRdr2.sys
2019-12-25 10:22:59 ----A---- C:\WINDOWS\system32\drivers\avgMonFlt.sys
2019-12-25 10:22:59 ----A---- C:\WINDOWS\system32\drivers\avgKbd.sys
2019-12-25 10:22:59 ----A---- C:\WINDOWS\system32\drivers\avgElam.sys
2019-12-25 10:22:59 ----A---- C:\WINDOWS\system32\drivers\avgArPot.sys
2019-12-25 10:22:59 ----A---- C:\WINDOWS\system32\avgBoot.exe
2019-12-25 10:22:58 ----D---- C:\Program Files\Common Files\AVG
2019-12-25 10:22:58 ----A---- C:\WINDOWS\system32\drivers\avgSnx.sys
2019-12-25 10:22:58 ----A---- C:\WINDOWS\system32\drivers\avgbuniv.sys
2019-12-25 10:22:58 ----A---- C:\WINDOWS\system32\drivers\avgbidsh.sys
2019-12-25 10:22:58 ----A---- C:\WINDOWS\system32\drivers\avgbidsdriver.sys
2019-12-25 10:22:58 ----A---- C:\WINDOWS\system32\drivers\avgArDisk.sys
2019-12-25 10:21:41 ----D---- C:\Program Files\AVG
2019-12-22 16:49:05 ----D---- C:\Program Files\Common Files\AV
2019-12-13 18:25:47 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2019-12-13 17:25:09 ----D---- C:\Program Files\ESET
2019-12-13 13:55:05 ----D---- C:\AdwCleaner
2019-12-13 11:00:34 ----A---- C:\WINDOWS\wininit.ini
2019-12-13 09:55:19 ----D---- C:\ProgramData\Spybot - Search & Destroy
2019-12-13 09:55:13 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2019-12-11 15:09:00 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2019-12-11 15:09:00 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-11 15:08:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.Internal.dll
2019-12-11 15:08:59 ----A---- C:\WINDOWS\SYSWOW64\Chakrathunk.dll
2019-12-11 15:08:59 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2019-12-11 15:08:59 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2019-12-11 15:08:59 ----A---- C:\WINDOWS\SYSWOW64\AppVEntSubsystems32.dll
2019-12-11 15:08:59 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-11 15:08:59 ----A---- C:\WINDOWS\system32\mfcore.dll
2019-12-11 15:08:59 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2019-12-11 15:08:59 ----A---- C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-12-11 15:08:59 ----A---- C:\WINDOWS\system32\ActivationVdev.dll
2019-12-11 15:08:58 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2019-12-11 15:08:58 ----A---- C:\WINDOWS\system32\vmchipset.dll
2019-12-11 15:08:58 ----A---- C:\WINDOWS\system32\rdpudd.dll
2019-12-11 15:08:58 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2019-12-11 15:08:58 ----A---- C:\WINDOWS\system32\Chakrathunk.dll
2019-12-11 15:08:58 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2019-12-11 15:08:58 ----A---- C:\WINDOWS\system32\fhcfg.dll
2019-12-11 15:08:58 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2019-12-11 15:08:58 ----A---- C:\WINDOWS\system32\drivers\rdpvideominiport.sys
2019-12-11 15:08:57 ----A---- C:\WINDOWS\system32\Chakra.dll
2019-12-11 15:08:57 ----A---- C:\WINDOWS\system32\drivers\cdfs.sys
2019-12-11 15:08:56 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2019-12-11 15:08:56 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2019-12-11 15:08:56 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2019-12-11 15:08:56 ----A---- C:\WINDOWS\system32\tcbloader.dll
2019-12-11 15:08:56 ----A---- C:\WINDOWS\system32\securekernel.exe
2019-12-11 15:08:56 ----A---- C:\WINDOWS\system32\hvix64.exe
2019-12-11 15:08:56 ----A---- C:\WINDOWS\system32\hvax64.exe
2019-12-11 15:08:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2019-12-11 15:08:55 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2019-12-11 15:08:55 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2019-12-11 15:08:55 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2019-12-11 15:08:55 ----A---- C:\WINDOWS\SYSWOW64\DMAlertListener.ProxyStub.dll
2019-12-11 15:08:54 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2019-12-11 15:08:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-11 15:08:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Enumeration.dll
2019-12-11 15:08:54 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2019-12-11 15:08:54 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2019-12-11 15:08:54 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2019-12-11 15:08:54 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2019-12-11 15:08:54 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2019-12-11 15:08:54 ----A---- C:\WINDOWS\SYSWOW64\lpk.dll
2019-12-11 15:08:54 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2019-12-11 15:08:54 ----A---- C:\WINDOWS\SYSWOW64\dciman32.dll
2019-12-11 15:08:54 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2019-12-11 15:08:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2019-12-11 15:08:53 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2019-12-11 15:08:53 ----A---- C:\WINDOWS\system32\wow64win.dll
2019-12-11 15:08:53 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-11 15:08:53 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-11 15:08:53 ----A---- C:\WINDOWS\system32\vbscript.dll
2019-12-11 15:08:53 ----A---- C:\WINDOWS\system32\t2embed.dll
2019-12-11 15:08:53 ----A---- C:\WINDOWS\system32\pnidui.dll
2019-12-11 15:08:53 ----A---- C:\WINDOWS\system32\lpk.dll
2019-12-11 15:08:53 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2019-12-11 15:08:53 ----A---- C:\WINDOWS\system32\gdi32full.dll
2019-12-11 15:08:53 ----A---- C:\WINDOWS\system32\fontsub.dll
2019-12-11 15:08:53 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2019-12-11 15:08:53 ----A---- C:\WINDOWS\system32\fdProxy.dll
2019-12-11 15:08:53 ----A---- C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-11 15:08:53 ----A---- C:\WINDOWS\system32\dciman32.dll
2019-12-11 15:08:52 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2019-12-11 15:08:52 ----A---- C:\WINDOWS\system32\services.exe
2019-12-11 15:08:52 ----A---- C:\WINDOWS\system32\oleaut32.dll
2019-12-11 15:08:52 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2019-12-11 15:08:52 ----A---- C:\WINDOWS\system32\msctf.dll
2019-12-11 15:08:52 ----A---- C:\WINDOWS\system32\KernelBase.dll
2019-12-11 15:08:52 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2019-12-11 15:08:51 ----A---- C:\WINDOWS\system32\winresume.exe
2019-12-11 15:08:51 ----A---- C:\WINDOWS\system32\winload.exe
2019-12-11 15:08:51 ----A---- C:\WINDOWS\system32\sppobjs.dll
2019-12-11 15:08:51 ----A---- C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-11 15:08:51 ----A---- C:\WINDOWS\system32\shell32.dll
2019-12-11 15:08:51 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2019-12-11 15:08:50 ----A---- C:\WINDOWS\system32\win32u.dll
2019-12-11 15:08:50 ----A---- C:\WINDOWS\system32\win32kfull.sys
2019-12-11 15:08:50 ----A---- C:\WINDOWS\system32\win32k.sys
2019-12-11 15:08:50 ----A---- C:\WINDOWS\system32\usosvc.dll
2019-12-11 15:08:50 ----A---- C:\WINDOWS\system32\usocoreworker.exe
2019-12-11 15:08:50 ----A---- C:\WINDOWS\system32\user32.dll
2019-12-11 15:08:50 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-11 15:08:50 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-11 15:08:50 ----A---- C:\WINDOWS\system32\MusNotification.exe
2019-12-11 15:08:50 ----A---- C:\WINDOWS\system32\drivers\refsv1.sys
2019-12-11 15:08:49 ----A---- C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-11 15:08:49 ----A---- C:\WINDOWS\system32\windows.storage.dll
2019-12-11 15:08:49 ----A---- C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-11 15:08:49 ----A---- C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-11 15:08:49 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-11 15:08:49 ----A---- C:\WINDOWS\system32\win32kbase.sys
2019-12-11 15:08:49 ----A---- C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-11 15:08:49 ----A---- C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-11 15:08:49 ----A---- C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-11 15:08:49 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-11 15:08:49 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-11 15:08:49 ----A---- C:\WINDOWS\system32\autopilotdiag.dll
2019-12-11 15:08:49 ----A---- C:\WINDOWS\system32\autopilot.dll
2019-12-11 15:08:49 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-11 15:08:49 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-11 15:08:49 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-11 15:08:49 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-11 15:08:49 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-11 15:08:48 ----A---- C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-11 15:08:48 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2019-12-11 15:08:48 ----A---- C:\WINDOWS\system32\drivers\exfat.sys
2019-12-05 20:39:36 ----D---- C:\Users\T450\AppData\Roaming\HP
2019-12-05 10:28:32 ----D---- C:\Users\T450\AppData\Roaming\HpUpdate
2019-12-05 10:27:37 ----HD---- C:\Config.Msi
2019-12-05 10:27:08 ----N---- C:\WINDOWS\hphmdl28.dat
2019-12-05 10:27:08 ----A---- C:\WINDOWS\hphins28.dat
2019-12-03 12:00:46 ----D---- C:\WINDOWS\system32\Lenovo

======List of files/folders modified in the last 1 month======

2020-01-02 16:42:03 ----D---- C:\Program Files\trend micro
2020-01-02 16:33:58 ----D---- C:\WINDOWS\Temp
2020-01-02 16:32:28 ----DC---- C:\Users\T450\AppData\Roaming\vlc
2020-01-02 16:24:55 ----D---- C:\WINDOWS\system32\SleepStudy
2020-01-02 16:20:00 ----D---- C:\WINDOWS\system32\sru
2020-01-02 14:33:42 ----RD---- C:\WINDOWS\Microsoft.NET
2020-01-02 14:13:48 ----DC---- C:\Users\T450\AppData\Roaming\gtk-2.0
2020-01-02 14:12:12 ----D---- C:\WINDOWS\Prefetch
2020-01-02 10:14:19 ----D---- C:\WINDOWS\System32
2020-01-02 10:14:19 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-01-01 23:55:46 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2020-01-01 21:57:31 ----D---- C:\WINDOWS\system32\drivers\UMDF
2020-01-01 21:57:30 ----D---- C:\WINDOWS\INF
2020-01-01 18:00:00 ----D---- C:\WINDOWS\system32\LogFiles
2020-01-01 17:33:33 ----SHD---- C:\System Volume Information
2020-01-01 13:26:51 ----HD---- C:\Program Files\WindowsApps
2019-12-29 20:20:30 ----D---- C:\WINDOWS\system32\config
2019-12-26 10:30:20 ----D---- C:\WINDOWS\AppReadiness
2019-12-26 10:30:20 ----D---- C:\ProgramData\boost_interprocess
2019-12-26 10:07:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-26 10:04:36 ----RD---- C:\Program Files (x86)
2019-12-26 10:04:36 ----HD---- C:\ProgramData
2019-12-26 10:03:25 ----D---- C:\WINDOWS\system32\Tasks
2019-12-26 10:02:38 ----SHD---- C:\WINDOWS\Installer
2019-12-26 10:02:38 ----RSD---- C:\WINDOWS\Fonts
2019-12-26 10:02:38 ----D---- C:\ProgramData\HP
2019-12-26 10:02:37 ----D---- C:\WINDOWS\SysWOW64
2019-12-25 22:42:03 ----D---- C:\ProgramData\Avg
2019-12-25 20:41:51 ----D---- C:\WINDOWS\WinSxS
2019-12-25 10:24:26 ----DC---- C:\Users\T450\AppData\Roaming\AVG
2019-12-25 10:23:09 ----D---- C:\WINDOWS\system32\drivers
2019-12-25 10:22:59 ----HD---- C:\WINDOWS\ELAMBKUP
2019-12-25 10:22:58 ----D---- C:\Program Files\Common Files
2019-12-25 10:21:41 ----RD---- C:\Program Files
2019-12-25 10:19:01 ----D---- C:\WINDOWS\system32\catroot2
2019-12-25 10:18:35 ----D---- C:\WINDOWS\system32\DriverStore
2019-12-24 10:02:02 ----D---- C:\Windows
2019-12-19 08:18:58 ----D---- C:\WINDOWS\Logs
2019-12-15 16:28:51 ----D---- C:\WINDOWS\system32\CatRoot
2019-12-15 10:08:08 ----D---- C:\Program Files (x86)\Google
2019-12-13 17:37:27 ----SD---- C:\ProgramData\Microsoft
2019-12-13 14:04:26 ----DC---- C:\Users\T450\AppData\Roaming\EAC_MW_klient
2019-12-13 13:56:40 ----D---- C:\WINDOWS\SYSWOW64\Lenovo
2019-12-13 13:56:39 ----D---- C:\Program Files\Lenovo
2019-12-13 11:00:20 ----D---- C:\Program Files (x86)\Spyware Terminator
2019-12-12 08:07:01 ----D---- C:\WINDOWS\Tasks
2019-12-12 00:33:42 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2019-12-12 00:33:42 ----D---- C:\WINDOWS\SYSWOW64\en-US
2019-12-12 00:33:42 ----D---- C:\WINDOWS\SystemResources
2019-12-12 00:33:42 ----D---- C:\WINDOWS\system32\uk-UA
2019-12-12 00:33:42 ----D---- C:\WINDOWS\system32\sk-SK
2019-12-12 00:33:42 ----D---- C:\WINDOWS\system32\pl-PL
2019-12-12 00:33:42 ----D---- C:\WINDOWS\system32\migration
2019-12-12 00:33:42 ----D---- C:\WINDOWS\system32\en-US
2019-12-12 00:33:42 ----D---- C:\WINDOWS\system32\Boot
2019-12-12 00:33:42 ----D---- C:\WINDOWS\ShellExperiences
2019-12-12 00:33:42 ----D---- C:\WINDOWS\bcastdvr
2019-12-11 15:13:39 ----D---- C:\WINDOWS\system32\MRT
2019-12-11 15:10:56 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-12-11 15:10:53 ----D---- C:\WINDOWS\CbsTemp
2019-12-11 09:38:05 ----D---- C:\WINDOWS\system32\Macromed
2019-12-11 09:38:03 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2019-12-05 10:28:32 ----D---- C:\Program Files (x86)\HP
2019-12-03 10:06:49 ----D---- C:\WINDOWS\system32\drivers\wd

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avgArDisk;avgArDisk; C:\WINDOWS\system32\drivers\avgArDisk.sys [2019-12-25 37880]
R0 avgbidsh;avgbidsh; C:\WINDOWS\system32\drivers\avgbidsh.sys [2019-12-25 210328]
R0 avgbuniv;avgbuniv; C:\WINDOWS\system32\drivers\avgbuniv.sys [2019-12-25 65376]
R0 avgElam;avgElam; C:\WINDOWS\system32\drivers\avgElam.sys [2019-12-25 16520]
R0 avgRvrt;avgRvrt; C:\WINDOWS\system32\drivers\avgRvrt.sys [2019-12-25 84560]
R0 avgVmm;avgVmm; C:\WINDOWS\system32\drivers\avgVmm.sys [2019-12-25 317304]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2016-06-16 1469944]
R0 IntelHSWPcc;IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [2015-06-09 88256]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-03-19 56632]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2019-09-12 252944]
R0 PMDRVS;PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [2018-05-23 44232]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2019-03-19 40960]
R1 avgArPot;avgArPot; C:\WINDOWS\system32\drivers\avgArPot.sys [2019-12-25 205600]
R1 avgbidsdriver;avgbidsdriver; C:\WINDOWS\system32\drivers\avgbidsdriver.sys [2019-12-25 275232]
R1 avgKbd;avgKbd; C:\WINDOWS\system32\drivers\avgKbd.sys [2019-12-25 43512]
R1 avgRdr;avgRdr; C:\WINDOWS\system32\drivers\avgRdr2.sys [2019-12-25 111096]
R1 avgSnx;avgSnx; C:\WINDOWS\system32\drivers\avgSnx.sys [2019-12-25 848688]
R1 avgSP;avgSP; C:\WINDOWS\system32\drivers\avgSP.sys [2019-12-25 461216]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-03-19 70456]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-03-19 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-03-19 8704]
R1 hvsifltr;@%SystemRoot%\System32\drivers\hvsifltr.sys,-5000; C:\WINDOWS\System32\drivers\hvsifltr.sys [2019-03-19 59192]
R2 avgMonFlt;avgMonFlt; C:\WINDOWS\system32\drivers\avgMonFlt.sys [2019-12-25 171640]
R2 avgStm;avgStm; C:\WINDOWS\system32\drivers\avgStm.sys [2019-12-25 236288]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-12-11 457216]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2019-03-19 53760]
R3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-10-08 117048]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2019-11-13 98304]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-03-19 64312]
R3 e1i65x64;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\WINDOWS\System32\drivers\e1i65x64.sys [2019-03-19 553984]
R3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-11-13 84488]
R3 hvsocketcontrol;hvsocketcontrol; C:\WINDOWS\system32\drivers\hvsocketcontrol.sys [2019-03-19 36368]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\System32\drivers\ibmpmdrv.sys [2018-05-23 87760]
R3 ibtusb;@oem24.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2018-05-16 136728]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2018-05-24 7972248]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2017-09-21 5954520]
R3 MEIx64;@oem5.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2018-05-06 228992]
R3 Netwtw04;@oem16.inf,%NIC_Service_DispName_WINT_64%;Intel(R) Wireless Adapter Driver for Windows 10 - 64 Bit; C:\WINDOWS\System32\drivers\Netwtw04.sys [2019-06-03 8731536]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-03-19 42808]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-03-19 319528]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-03-19 885048]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-03-19 148520]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-03-19 124448]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-03-19 128528]
S0 MbamElam;MbamElam; C:\WINDOWS\system32\DRIVERS\MbamElam.sys [2019-12-15 20936]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-03-19 75280]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-03-19 94736]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-03-19 58896]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-03-19 68624]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-03-19 41784]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-03-19 20992]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2019-03-19 337920]
S3 aftap0901;AnchorFree TAP-Windows Adapter V9; C:\WINDOWS\System32\drivers\aftap0901.sys [2017-11-16 48624]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-03-19 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-03-19 37888]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2019-11-13 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2019-08-30 137528]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2019-08-30 174392]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2019-08-30 153912]
S3 aswTap;@oem1.inf,%DeviceDescription%;avast! SecureLine TAP Adapter v3; C:\WINDOWS\System32\drivers\aswTap.sys [2018-09-05 53904]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-09-12 231936]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2019-11-13 114688]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-03-19 97280]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2019-11-13 36864]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2019-11-13 1428992]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-03-19 43008]
S3 GemCCID;GemCCID; C:\WINDOWS\System32\drivers\GemCCID.sys [2014-11-10 130944]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [2019-09-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-03-19 53560]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-10-04 64000]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-03-19 28672]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-03-19 1866768]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-03-19 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-03-19 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-03-19 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-03-19 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-03-19 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-03-19 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-03-19 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-03-19 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-03-19 180736]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-03-19 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-03-19 566800]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2019-03-19 46592]
S3 IntcDAud;@oem11.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\System32\drivers\IntcDAud.sys [2017-11-30 491048]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel Power Limit Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-03-19 28672]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-03-19 54584]
S3 l2bridge;@%SystemRoot%\System32\drivers\l2bridge.sys,-5000; C:\WINDOWS\System32\drivers\l2bridge.sys [2019-03-19 58384]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-03-19 535864]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-03-19 62264]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2019-11-13 359424]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-03-19 64512]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-03-19 1150480]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-03-19 153616]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-03-19 63488]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2019-03-19 187904]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-03-19 158520]
S3 passthruparser;@%systemroot%\system32\drivers\passthruparser.sys,-10010; C:\WINDOWS\system32\drivers\passthruparser.sys [2019-03-19 38712]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2019-03-19 96056]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-03-19 127800]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-03-19 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-03-19 25600]
S3 pvhdparser;@%systemroot%\system32\drivers\pvhdparser.sys,-10010; C:\WINDOWS\system32\drivers\pvhdparser.sys [2019-03-19 61240]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-11 986936]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-03-19 211456]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-03-19 113152]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-03-19 32568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2019-09-10 88136]
R2 AGMService;Adobe Genuine Monitor Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2019-10-08 3147344]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2019-10-08 2914896]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2019-03-08 96056]
R2 AVG Antivirus;AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [2019-12-25 996928]
R2 AvgWscReporter;AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [2019-12-25 110560]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CDPUserSvc_97edd2c;Connected Devices Platform User Service_97edd2c; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CmService;@%systemroot%\system32\CmService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2019-05-14 689952]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 hvsics;@%SystemRoot%\system32\HvsiContainerService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 IBMPMSVC;@oem2.inf,%ibm.svcDesc0%;Lenovo PM Service; C:\WINDOWS\System32\ibmpmsvc.exe [2018-05-23 855968]
R2 ibtsiva;@oem24.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\WINDOWS\system32\ibtsiva []
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2018-05-24 373656]
R2 LPlatSvc;@oem2.inf,%Lenovo.svcDesc1%;Lenovo Platform Service; C:\WINDOWS\System32\LPlatSvc.exe [2018-05-23 774040]
R2 OneSyncSvc_97edd2c;Sync Host_97edd2c; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2019-05-14 172832]
R3 avgbIDSAgent;avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [2019-12-25 6307248]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 cbdhsvc_97edd2c;Používateľská služba schránky_97edd2c; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-08-30 43704]
R3 hns;@%systemroot%\system32\HostNetSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 nvagent;@%systemroot%\system32\NvAgent.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 PimIndexMaintenanceSvc_97edd2c;Kontaktné údaje_97edd2c; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-12-15 156104]
S2 Lenovo Instant On;Lenovo EasyResume Service; C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\EasyResume.exe []
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc_97edd2c;Agent Activation Runtime_97edd2c; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-12-11 335416]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService_97edd2c;GameDVR and Broadcast User Service_97edd2c; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService_97edd2c;Služba podpory používateľov rozhrania Bluetooth_97edd2c; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService_97edd2c;CaptureService_97edd2c; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc_97edd2c;ConsentUX_97edd2c; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2018-05-24 502680]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 380120]
S3 CredentialEnrollmentManagerUserSvc_97edd2c;CredentialEnrollmentManagerUserSvc_97edd2c; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 380120]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DeviceAssociationBrokerSvc_97edd2c;DeviceAssociationBroker_97edd2c; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc_97edd2c;DevicePicker_97edd2c; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc_97edd2c;DevicesFlow_97edd2c; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-09-12 97792]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 gcs;@%systemroot%\system32\vmcomputeagent.exe,-100; C:\WINDOWS\system32\vmcomputeagent.exe [2019-09-12 1390904]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\elevation_service.exe [2019-12-14 1113072]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-12-15 156104]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2019-03-24 658744]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2019-12-15 6960640]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService_97edd2c;MessagingService_97edd2c; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2019-10-16 242720]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2019-03-19 103424]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc_97edd2c;PrintWorkflow_97edd2c; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2019-08-30 828216]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 02 led 2020 16:53

Zdravím!
Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 . RSIT je pro desítky nepoužitelný.

element · #3 Příspěvek od **element** » 02 led 2020 18:50

ok posielam, frst

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-12-2019
Ran by T450 (administrator) on TOMAS (LENOVO 20BUS0X10N) (02-01-2020 18:50:25)
Running from C:\Users\T450\Desktop
Loaded Profiles: T450 (Available Profiles: T450)
Platform: Windows 10 Pro Version 1903 18362.535 (X64) Language: Angličtina (USA)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Disig a.s. -> Disig a.s.) C:\Program Files (x86)\Disig\Disig Web Signer 1.0.7\Updater\WebSignerTray.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\T450\AppData\Local\FluxSoftware\Flux\flux.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_a6dc7343c725f003\driver\tphkload.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FNE799~1.INF\driver\shtctky.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FNE799~1.INF\driver\tpnumlkd.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FNE799~1.INF\driver\tposd.exe
(Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo -> Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Lenovo -> Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\hvsimgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\hvsirdpclient.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\hvsirpcd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LsaIso.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vmcompute.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\vmwp.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Safer Networking Ltd. -> Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Solid Documents, LLC) [File not signed] C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDFV6\SolidConverterPDFServicex64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(troubadix) [File not signed] C:\Program Files\TPFanControl\TPFanControl.exe
Failed to access process -> iCloudDrive.exe
Failed to access process -> iCloudDrive.exe
Failed to access process -> vmmem
Failed to access process -> vmmem

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TPFanControl] => C:\Program Files\TPFanControl\TPFanControl.exe [156672 2013-02-02] (troubadix) [File not signed]
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-03-24] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [316336 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [456160 2019-04-18] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\Run: [f.lux] => C:\Users\T450\AppData\Local\FluxSoftware\Flux\flux.exe [1385480 2019-08-30] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-01-15] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-01-15] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-01-15] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-01-15] (Apple Inc. -> Apple Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-17] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2019-12-05]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Web Signer.lnk [2018-10-06]
ShortcutTarget: Web Signer.lnk -> C:\Program Files (x86)\Disig\Disig Web Signer 1.0.7\Updater\WebSignerTray.exe (Disig a.s. -> Disig a.s.)
Startup: C:\Users\T450\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Gram MultiTool 2.lnk [2019-10-07]
ShortcutTarget: Gram MultiTool 2.lnk -> C:\Users\T450\AppData\Local\gmt2\GramMultiToolUI.exe (Anis Sakkaf -> )
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {18A91EDC-684A-4C69-A2FF-6E8B5E43BC57} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {22265DBF-9DFB-4CF4-90E3-1764DC69A632} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
Task: {25C5D5BD-BF3D-4FA9-AD2A-DD1E6E25C7C5} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493984 2017-09-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {2D758B79-CB14-49BB-9BAE-C99A28574593} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {46EA8F16-6A24-4B36-B9A9-56384E047D27} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [3981232 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {63F446C1-CFB1-4F23-8F87-1F9C82A4714D} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1905072 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {6CE5E028-AA52-4146-A3B5-D97D270370F6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_pepper.exe [1453112 2019-12-11] (Adobe Inc. -> Adobe)
Task: {764F5F57-77BC-454B-A6F5-7DEC6A7660C1} - System32\Tasks\ESET Windows 10 upgrade – Refresh settings => C:\Program Files\Common Files\AV\ESET NOD32 Antivirus 6.0\upgrade.exe [582656 2019-12-22] (ESET, spol. s r.o. -> ESET)
Task: {7EF281AC-2FC0-4D7B-B2D7-7BC1889CF198} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-15] (Google LLC -> Google LLC)
Task: {8391F2FE-C99B-4410-BC71-39350BC53003} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-12-11] (Adobe Inc. -> Adobe)
Task: {9289B4B7-620A-49C0-9A46-C1E4C48D5EAC} - System32\Tasks\Lenovo Power Management Driver PnP Task => C:\WINDOWS\System32\ibmpmsvc.exe [855968 2018-05-23] (Lenovo -> Lenovo.)
Task: {ACB553D5-E46E-49DC-8B50-33CA4F026671} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {C3AC5672-755E-4549-8A37-4D2B4A624F8C} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-4265333793-1255850415-3889696489-1001 => C:\Users\T450\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe
Task: {C99F66A7-9092-44AB-8F2C-628B23A391FD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-15] (Google LLC -> Google LLC)
Task: {D049F954-0DC7-4C0B-95E6-1CE1B31C51B7} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgrInst.exe
Task: {E5FC72C6-53AE-4680-8D96-108E23CFEC56} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493984 2017-09-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0017f890-ab82-4120-81c3-beb49c53563d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2d25847a-b084-4369-b68c-f81d00c7069c}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2eb10214-7d35-4f37-addf-88e59d1b6b99}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]

FireFox:
========
FF DefaultProfile: qtkw9hyo.default
FF ProfilePath: C:\Users\T450\AppData\Roaming\Mozilla\Firefox\Profiles\rjh06mw5.default-release [2019-12-13]
FF ProfilePath: C:\Users\T450\AppData\Roaming\Mozilla\Firefox\Profiles\qtkw9hyo.default [2019-12-13]
FF Homepage: Mozilla\Firefox\Profiles\qtkw9hyo.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\qtkw9hyo.default -> about:newtab
FF Extension: (Avast Online Security) - C:\Users\T450\AppData\Roaming\Mozilla\Firefox\Profiles\qtkw9hyo.default\Extensions\wrc@avast.com.xpi [2019-08-10]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-4265333793-1255850415-3889696489-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\T450\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-4265333793-1255850415-3889696489-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\T450\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.sk/
CHR StartupUrls: Default -> "hxxps://app.livechatoo.com/tomaskolen/operator/sk/chat","hxxps://mail.google.com/mail/u/0/#inbox","hxxps://www.letnyhit.sk/admin/script.php"
CHR Notifications: Default -> hxxps://app.livechatoo.com; hxxps://badoo.com; hxxps://calendar.google.com; hxxps://eu1.badoo.com; hxxps://sk.toolboxprodhouse.com; hxxps://tinder.com
CHR Profile: C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default [2020-01-02]
CHR DownloadDir: C:\Users\T450\Desktop
CHR Extension: (Prezentácie) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-11]
CHR Extension: (Dokumenty) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-11]
CHR Extension: (Disk Google) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-08-11]
CHR Extension: (YouTube) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-11]
CHR Extension: (Adobe Acrobat) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-10-01]
CHR Extension: (Full Page Screen Capture) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2019-11-27]
CHR Extension: (Tabuľky) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-11]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-08-11]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-12-18]
CHR Extension: (Linkclump) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfpjkncokllnfokkgpkobnkbkmelfefj [2019-11-30]
CHR Extension: (Boomerang for Gmail) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2019-08-11]
CHR Extension: (Kontrola pošty Google) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2019-08-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Disig Web Signer 1.0.7) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\odbdbcaekkgabdfaabepfjgiooilmaoe [2019-08-11]
CHR Extension: (LinkMiner) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogdhdnpiclkaeicicamopfohidjokoom [2019-08-11]
CHR Extension: (Gmail) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-11]
CHR Extension: (Chrome Media Router) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-15]
CHR HKLM\...\Chrome\Extension: [fcbhdhpamoencpdogjnmnbjddipfkpad]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fcbhdhpamoencpdogjnmnbjddipfkpad]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [odbdbcaekkgabdfaabepfjgiooilmaoe]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-03-08] (Apple Inc. -> Apple Inc.)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [996928 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [6307248 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110560 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 CmService; C:\WINDOWS\System32\CmService.dll [821776 2019-11-13] (Microsoft Windows -> Microsoft Corporation)
S3 gcs; C:\WINDOWS\system32\vmcomputeagent.exe [1390904 2019-09-12] (Microsoft Windows -> Microsoft Corporation)
R3 hns; C:\WINDOWS\System32\HostNetSvc.dll [3388928 2019-09-12] (Microsoft Windows -> Microsoft Corporation)
R2 hvsics; C:\WINDOWS\System32\hvsicontainerservice.dll [1302840 2019-08-30] (Microsoft Windows -> Microsoft Corporation)
R2 hvsics; C:\WINDOWS\SysWOW64\hvsicontainerservice.dll [24376 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [532968 2018-05-19] (Intel Corporation -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373656 2018-05-24] (Intel(R) pGFX -> Intel Corporation)
R2 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [774040 2018-05-23] (Lenovo -> Lenovo.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2019-12-15] (Malwarebytes Inc -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 nvagent; C:\WINDOWS\System32\NvAgent.dll [41992 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324576 2017-09-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd. -> Safer Networking Ltd.)
R2 SCPDFReadSpool; C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDFV6\SolidConverterPDFServicex64.exe [320512 2009-10-23] (Solid Documents, LLC) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [277144 2018-11-19] (Synaptics Incorporated -> Synaptics Incorporated)
R2 TPHKLOAD; C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_a6dc7343c725f003\driver\TPHKLOAD.exe [422544 2018-07-18] (Lenovo -> Lenovo Group Limited)
R3 vmcompute; C:\WINDOWS\system32\vmcompute.exe [3498512 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4110624 2019-05-14] (Intel Corporation -> Intel® Corporation)
S2 Lenovo Instant On; "C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\EasyResume.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2018-09-05] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37880 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [205600 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [275232 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [210328 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [65376 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [16520 2019-12-25] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [43512 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [171640 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [111096 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [84560 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [848688 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [461216 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [236288 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [317304 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 GemCCID; C:\WINDOWS\System32\drivers\GemCCID.sys [130944 2014-11-10] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
R1 hvsifltr; C:\WINDOWS\System32\drivers\hvsifltr.sys [59192 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 hvsocketcontrol; C:\WINDOWS\system32\drivers\hvsocketcontrol.sys [36368 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136728 2018-05-16] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-09] (Intel(R) Software -> Intel Corporation)
S3 l2bridge; C:\WINDOWS\System32\drivers\l2bridge.sys [58384 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-12-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [8731536 2019-06-03] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R0 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [44232 2018-05-23] (Lenovo -> Lenovo.)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [786688 2016-08-24] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [54928 2018-11-19] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [757824 2016-12-26] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R1 VfpExt; C:\WINDOWS\System32\drivers\vfpext.sys [1410560 2019-11-13] (Microsoft Windows -> Microsoft Corporation)
R0 VMSNPXY; C:\WINDOWS\System32\drivers\VmsProxyHNic.sys [39736 2019-11-13] (Microsoft Windows -> Microsoft Corporation)
R3 VMSNPXYMP; C:\WINDOWS\System32\drivers\VmsProxyHNic.sys [39736 2019-11-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-03] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: nvagent -> C:\Windows\System32\NvAgent.dll (Microsoft Corporation)
NETSVC: hns -> C:\Windows\System32\HostNetSvc.dll (Microsoft Corporation)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-02 18:50 - 2020-01-02 18:51 - 000034980 _____ C:\Users\T450\Desktop\FRST.txt
2020-01-02 18:50 - 2020-01-02 18:50 - 000000000 ____D C:\FRST
2020-01-02 18:49 - 2020-01-02 18:49 - 002272256 _____ (Farbar) C:\Users\T450\Desktop\FRST64.exe
2020-01-02 18:35 - 2020-01-02 18:35 - 000035863 _____ C:\Users\T450\.recently-used.xbel
2020-01-02 18:31 - 2020-01-02 18:37 - 000000000 ____D C:\Users\T450\Desktop\365 gold black
2020-01-02 16:41 - 2020-01-02 16:42 - 000000000 ____D C:\rsit
2020-01-02 12:12 - 2020-01-02 12:18 - 2081758104 _____ C:\Users\T450\Desktop\3.Piráti z karibiku - Na Konci Světa,CZ Dabing,dobrodružný,komedie,drama,mysteriozní.avi
2019-12-30 13:50 - 2019-12-30 13:50 - 000000000 ____D C:\Users\T450\Desktop\Kupelna
2019-12-26 06:43 - 2019-12-31 10:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2019-12-25 10:24 - 2019-12-25 10:24 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2019-12-25 10:23 - 2019-12-31 10:53 - 000003250 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2019-12-25 10:23 - 2019-12-25 10:23 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2019-12-25 10:22 - 2019-12-25 10:23 - 000848688 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2019-12-25 10:22 - 2019-12-25 10:23 - 000461216 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2019-12-25 10:22 - 2019-12-25 10:23 - 000171640 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2019-12-25 10:22 - 2019-12-25 10:22 - 000355760 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2019-12-25 10:22 - 2019-12-25 10:22 - 000317304 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2019-12-25 10:22 - 2019-12-25 10:22 - 000275232 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2019-12-25 10:22 - 2019-12-25 10:22 - 000236288 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2019-12-25 10:22 - 2019-12-25 10:22 - 000210328 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2019-12-25 10:22 - 2019-12-25 10:22 - 000205600 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2019-12-25 10:22 - 2019-12-25 10:22 - 000111096 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2019-12-25 10:22 - 2019-12-25 10:22 - 000084560 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2019-12-25 10:22 - 2019-12-25 10:22 - 000065376 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2019-12-25 10:22 - 2019-12-25 10:22 - 000043512 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2019-12-25 10:22 - 2019-12-25 10:22 - 000037880 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2019-12-25 10:22 - 2019-12-25 10:22 - 000016520 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
2019-12-25 10:22 - 2019-12-25 10:22 - 000000000 ____D C:\Program Files\Common Files\AVG
2019-12-25 10:21 - 2019-12-25 10:21 - 000000000 ____D C:\Program Files\AVG
2019-12-22 16:49 - 2019-12-31 10:53 - 000002770 _____ C:\WINDOWS\system32\Tasks\ESET Windows 10 upgrade – Refresh settings
2019-12-22 16:49 - 2019-12-22 16:49 - 000000000 ____D C:\Program Files\Common Files\AV
2019-12-15 18:13 - 2019-12-15 18:13 - 000000000 ____D C:\Users\T450\Desktop\reklamácia anglicania
2019-12-15 10:08 - 2019-12-17 19:14 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-15 10:08 - 2019-12-17 19:14 - 000002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-15 10:08 - 2019-12-17 19:14 - 000002272 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-12-15 10:07 - 2019-12-31 10:53 - 000003386 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-15 10:07 - 2019-12-31 10:53 - 000003162 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-15 10:07 - 2019-12-15 10:07 - 001397976 ____C (Google LLC) C:\Users\T450\Downloads\ChromeSetup.exe
2019-12-13 18:25 - 2019-12-13 18:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2019-12-13 18:25 - 2019-12-13 18:25 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2019-12-13 17:37 - 2019-12-13 17:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\Safer-Networking
2019-12-13 17:25 - 2019-12-25 10:18 - 000000000 ____D C:\Program Files\ESET
2019-12-13 13:55 - 2019-12-13 13:56 - 000000000 ____D C:\AdwCleaner
2019-12-13 11:00 - 2019-12-13 17:37 - 000002335 _____ C:\WINDOWS\wininit.ini
2019-12-13 09:55 - 2019-12-14 10:46 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2019-12-13 09:55 - 2019-12-13 18:44 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2019-12-11 15:09 - 2019-12-11 15:09 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-11 15:09 - 2019-12-11 15:09 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-11 15:08 - 2019-12-11 15:09 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 006519608 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmchipset.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-11 15:08 - 2019-12-11 15:08 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-11 15:08 - 2019-12-11 15:08 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-11 15:08 - 2019-12-11 15:08 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-11 15:08 - 2019-12-11 15:08 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 002188816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-11 15:08 - 2019-12-11 15:08 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 001496080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-11 15:08 - 2019-12-11 15:08 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-11 15:08 - 2019-12-11 15:08 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-11 15:08 - 2019-12-11 15:08 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-11 15:08 - 2019-12-11 15:08 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-11 15:08 - 2019-12-11 15:08 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-11 15:08 - 2019-12-11 15:08 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-11 15:08 - 2019-12-11 15:08 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-11 15:08 - 2019-12-11 15:08 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-11 15:08 - 2019-12-11 15:08 - 000292048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationVdev.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-11 15:08 - 2019-12-11 15:08 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-11 15:08 - 2019-12-11 15:08 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-12-07 18:08 - 2019-12-07 18:08 - 000000000 ____D C:\Users\T450\Desktop\744 a 535 white lux pridat
2019-12-05 20:39 - 2019-12-05 20:39 - 000000000 ____D C:\Users\T450\AppData\Roaming\HP
2019-12-05 10:28 - 2019-12-12 11:14 - 000000000 ____D C:\Users\T450\AppData\Roaming\HpUpdate
2019-12-05 10:27 - 2019-12-26 10:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2019-12-05 10:27 - 2019-12-05 10:30 - 000182537 _____ C:\WINDOWS\hphins28.dat
2019-12-05 10:27 - 2012-09-26 18:54 - 000000874 ____N C:\WINDOWS\hphmdl28.dat
2019-12-04 10:08 - 2019-12-04 10:11 - 1516984776 _____ C:\Users\T450\Desktop\Al Pacino - 1995 Nelitostny souboj.avi
2019-12-03 12:00 - 2019-12-13 13:56 - 000000000 ____D C:\WINDOWS\system32\Lenovo

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-02 18:35 - 2019-08-30 03:02 - 000000000 ____D C:\Users\T450
2020-01-02 18:35 - 2018-03-10 11:18 - 000000000 ___DC C:\Users\T450\.gimp-2.6
2020-01-02 18:34 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-02 18:25 - 2019-09-02 13:52 - 000000000 ____D C:\Users\T450\Desktop\faktury na uhradu
2020-01-02 18:06 - 2019-08-30 02:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-02 16:42 - 2019-08-10 18:26 - 000000000 ____D C:\Program Files\trend micro
2020-01-02 16:32 - 2018-07-28 11:19 - 000000000 ___DC C:\Users\T450\AppData\Roaming\vlc
2020-01-02 14:13 - 2018-03-10 20:09 - 000000000 ___DC C:\Users\T450\AppData\Roaming\gtk-2.0
2020-01-02 10:27 - 2019-10-07 16:15 - 000000000 ____D C:\Users\T450\Documents\gmt2
2020-01-02 10:15 - 2019-08-10 23:11 - 000000000 ____D C:\Users\T450\AppData\Local\CrashDumps
2020-01-02 10:14 - 2019-08-10 22:22 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-01-02 10:14 - 2018-12-30 12:35 - 000000000 __RDC C:\Users\T450\iCloudDrive
2020-01-02 10:14 - 2018-09-23 13:10 - 000000828 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2020-01-02 10:14 - 2018-03-07 12:14 - 000000000 _SHDC C:\Users\T450\IntelGraphicsProfiles
2020-01-01 23:55 - 2018-03-10 10:39 - 000000000 ___DC C:\Users\T450\AppData\Local\ClassicShell
2020-01-01 21:57 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-01 13:26 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-01 13:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-31 15:35 - 2018-03-10 16:28 - 000000956 _____ C:\Users\T450\Desktop\bankove ucty.txt
2019-12-31 10:53 - 2019-10-03 18:30 - 000002608 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2019-12-31 10:53 - 2019-08-30 03:10 - 000003764 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-12-31 10:53 - 2019-08-30 03:10 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2019-12-31 10:53 - 2019-08-30 03:10 - 000003446 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2019-12-31 10:53 - 2019-08-30 03:10 - 000002766 _____ C:\WINDOWS\system32\Tasks\Lenovo Power Management Driver PnP Task
2019-12-31 10:53 - 2019-08-30 03:10 - 000002306 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_Dolby
2019-12-31 10:53 - 2019-08-30 03:10 - 000002302 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2019-12-29 21:01 - 2018-03-07 21:58 - 000000000 ____D C:\Users\T450\Desktop\Tomas
2019-12-26 10:30 - 2018-10-05 14:11 - 000000000 ____D C:\ProgramData\boost_interprocess
2019-12-26 10:30 - 2018-03-10 11:57 - 000000000 ____D C:\Users\T450\AppData\Local\Packages
2019-12-26 10:07 - 2019-08-30 03:12 - 000840852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-26 10:03 - 2019-08-30 03:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-26 10:03 - 2019-08-30 02:58 - 005151608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-26 10:03 - 2019-08-30 02:58 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2019-12-26 10:02 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-12-26 10:02 - 2018-06-14 13:38 - 000000000 ____D C:\ProgramData\HP
2019-12-25 22:42 - 2018-03-27 14:00 - 000000000 ____D C:\ProgramData\Avg
2019-12-25 10:24 - 2018-10-10 15:31 - 000000000 ___DC C:\Users\T450\AppData\Roaming\AVG
2019-12-25 10:24 - 2018-05-19 14:03 - 000000000 ___DC C:\Users\T450\AppData\Local\AVG
2019-12-25 10:22 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-12-19 12:55 - 2018-03-10 16:47 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-15 23:08 - 2019-06-14 09:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-12-15 23:08 - 2018-07-13 00:18 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-12-15 10:08 - 2018-03-10 09:42 - 000000000 ____D C:\Program Files (x86)\Google
2019-12-13 14:04 - 2018-10-06 08:52 - 000000000 ___DC C:\Users\T450\AppData\Roaming\EAC_MW_klient
2019-12-13 13:56 - 2019-08-30 03:10 - 000000000 ____D C:\Program Files\Lenovo
2019-12-13 13:56 - 2018-12-06 12:49 - 000000000 ____D C:\WINDOWS\SysWOW64\Lenovo
2019-12-13 11:00 - 2019-06-28 17:08 - 000000000 ____D C:\Program Files (x86)\Spyware Terminator
2019-12-12 08:08 - 2018-03-10 12:02 - 000000000 __RDC C:\Users\T450\3D Objects
2019-12-12 08:08 - 2018-03-07 12:05 - 000000000 _RHDC C:\Users\Public\AccountPictures
2019-12-12 00:33 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-12 00:33 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-12 00:33 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-11 15:13 - 2018-03-07 12:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-11 15:10 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-11 15:10 - 2018-03-07 12:46 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-11 09:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-12-11 09:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-12-05 10:28 - 2018-06-14 13:38 - 000000000 ____D C:\Program Files (x86)\HP
2019-12-03 10:06 - 2018-03-10 09:46 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Files in the root of some directories ========

2018-09-23 13:42 - 2018-09-23 14:02 - 000001480 ____C () C:\Users\T450\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2019-08-11 14:28 - 2019-08-11 14:28 - 000000000 ____C () C:\Users\T450\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

element · #4 Příspěvek od **element** » 02 led 2020 18:51

addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by T450 (02-01-2020 18:52:01)
Running from C:\Users\T450\Desktop
Windows 10 Pro Version 1903 18362.535 (X64) (2019-08-30 02:10:29)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-4265333793-1255850415-3889696489-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4265333793-1255850415-3889696489-503 - Limited - Disabled)
Guest (S-1-5-21-4265333793-1255850415-3889696489-501 - Limited - Disabled)
T450 (S-1-5-21-4265333793-1255850415-3889696489-1001 - Administrator - Enabled) => C:\Users\T450
WDAGUtilityAccount (S-1-5-21-4265333793-1255850415-3889696489-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
adobe (HKLM\...\{C292D9FF-FE73-4A50-8FEB-3BE480A6DB27}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.303 - Adobe)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{BA2A6DBB-B09A-43D8-84F3-21C1537B47D9}) (Version: 12.2.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 19.8.3108 - AVG Technologies)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
Balík softvéru eID (HKLM-x32\...\{45209058-df6b-4427-863f-d0ff890b829b}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
Balík softvéru eID (HKLM-x32\...\{ea81dcd3-f9f3-4959-8bee-0349fc294ae5}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
Bigasoft Total Video Converter 6.0.4.6443 (HKLM-x32\...\{A72CE741-1F32-4D79-BFFB-A714375C6760}_is1) (Version: - Bigasoft Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - ‪Canon Inc.‬)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.02 - Canon Inc.)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
D5400 (HKLM-x32\...\{C3999E51-4999-4B2D-8556-F3AB5F82C682}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Diablo II: Lord of Destruction CZ (HKLM-x32\...\Diablo II: Lord of Destruction CZ 1.13) (Version: 1.13 - Blizzard Entertainment)
Disig Web Signer 1.0.7 (HKLM-x32\...\{21859B7E-5E38-4892-A480-FA8B180ADE72}) (Version: 1.1.8 - Disig)
EAC MW klient (HKLM-x32\...\{92879DFD-B281-447B-AC54-ED065B0BBB17}) (Version: 3.3.0 - Ministerstvo vnútra Slovenskej republiky)
f.lux (HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\Flux) (Version: - f.lux Software LLC)
GIMP 2.6.12 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.12 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Gram Multitool 2 (HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\gmt2) (Version: 1.0.8 - Fagenorn)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart D5400 Printer Driver Software 14.0 Rel. 6 (HKLM\...\{8624D225-A14F-40CC-9392-57CBFFFA7056}) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.)
IJ Network Device Setup Utility (HKLM-x32\...\IJ Network Device Setup Utility) (Version: 1.8.1 - Canon Inc.)
Intel(R) Chipset Device Software (HKLM-x32\...\{b23c55fa-5271-4d64-ba8f-6718be55b9a7}) (Version: 10.1.1.33 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4963 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{31a05164-f722-485c-90e3-db78421fa156}) (Version: 20.70.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{50cf70be-570a-46b0-8a05-ea84ad3b4a36}) (Version: 21.20.0 - Intel Corporation)
iTunes (HKLM\...\{6ECEEC92-3E86-407D-8DFD-03CE193D28AD}) (Version: 12.9.4.102 - Apple Inc.)
K-Lite Mega Codec Pack 14.2.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.2.0 - KLCP)
LibreOffice 5.4.5.1 (HKLM\...\{7E33997B-06D8-4637-8794-5A0049237308}) (Version: 5.4.5.1 - The Document Foundation)
Malwarebytes verzia 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Mozilla Firefox 66.0.3 (x64 sk) (HKLM\...\Mozilla Firefox 66.0.3 (x64 sk)) (Version: 66.0.3 - Mozilla)
Mozilla Firefox 70.0 (x64 sk) (HKLM\...\Mozilla Firefox 70.0 (x64 sk)) (Version: 70.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 70.0 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{9F7041CB-8398-4691-B8CB-0D52273BB3D9}) (Version: 7.4 - Apple Inc.)
Podpora Apple aplikácií(64-bit) (HKLM\...\{6E7DF4EE-1976-4215-9D81-755AFC95687D}) (Version: 7.4 - Apple Inc.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.4 - Power Software Ltd)
PS_SF_03_D5400_Software_Min (HKLM-x32\...\{88F3DB42-CB1F-4474-ADC0-D298A55E0C1B}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21290 - Realtek Semiconductor Corp.)
Screaming Frog SEO Spider (HKLM-x32\...\Screaming Frog SEO Spider) (Version: 9.4 - Screaming Frog Ltd)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype Meetings App (HKLM-x32\...\{BC1D9E47-8927-4AA1-A891-7763BC2475B7}) (Version: 16.2.0.511 - Microsoft Corporation)
Skype verzia 8.45 (HKLM-x32\...\Skype_is1) (Version: 8.45 - Skype Technologies S.A.)
Solid Converter PDF (HKLM-x32\...\{56BFAA6E-2BCC-4AED-9233-84731E66B205}) (Version: 6.0.669.0 - SolidDocuments)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
TPFanControl v0.63 (HKLM\...\{717F5741-5C2E-4469-BDA0-B5EC2243646F}_is1) (Version: - troubadix)
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR archivátor (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.623.0_x64__v10z8vjag6ke6 [2019-11-16] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-08-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001_Classes\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B}\InprocServer32 -> C:\Users\T450\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6722448 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers: [WDAGOfficeShellIconOverlayExtension] -> {1C7A13D2-F5E5-4807-A19B-E4CCEC814B3D} => C:\Windows\System32\hvsiofficeiconoverlayshellextension.dll [2019-03-19] (Microsoft Windows -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [WDAGOfficeShellIconOverlayExtension] -> {1C7A13D2-F5E5-4807-A19B-E4CCEC814B3D} => C:\Windows\System32\hvsiofficeiconoverlayshellextension.dll [2019-03-19] (Microsoft Windows -> )
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-01-15] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-18] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-18] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-05-24] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-18] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\T450\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2018-03-10 12:58 - 2010-03-15 10:28 - 000166400 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
2018-06-15 14:00 - 2009-10-23 19:15 - 000024576 _____ () [File not signed] C:\WINDOWS\System32\solidlocalmon.dll
2018-03-10 17:16 - 2012-03-26 17:32 - 000312320 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_SKY.DLL
2018-03-10 17:15 - 2012-06-14 17:18 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2018-03-07 12:54 - 2005-03-30 12:11 - 000053248 _____ (EnTech Taiwan) [File not signed] C:\WINDOWS\system\TVicPort.dll
2009-11-17 22:58 - 2009-11-17 22:58 - 000342656 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll
2009-11-17 22:58 - 2009-11-17 22:58 - 000559232 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll
2012-05-27 06:46 - 2012-05-27 06:46 - 000015360 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
2011-04-29 19:08 - 2011-04-29 19:08 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
2017-08-13 08:49 - 2017-08-13 08:49 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2017-08-13 08:49 - 2017-08-13 08:49 - 003664184 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\hvsifltr => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\123simsen.com -> www.123simsen.com

There are 7946 more sites.

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 22:03 - 2019-12-26 06:30 - 000453800 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com

There are 15605 more lines.

2018-09-23 13:10 - 2020-01-02 10:14 - 000000828 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.93.169 ee9efd05-7d56-4997-b2f7-2c99d6814408.mshome.net # 2020 1 4 9 9 14 33 443
172.20.215.17 Tom��om�ed-5.mshome.net # 2019 2 0 24 9 28 23 153
172.20.215.17 Tom�7980-7.mshome.net # 2018 12 5 21 0 57 1 732
172.20.215.17 Tom��7d6-5.mshome.net # 2018 12 6 8 9 57 32 467
172.20.215.17 Tom�d6-5.mshome.net # 2018 12 6 8 9 57 32 467
172.20.215.17 Tom��m�shome.net # 2018 9 0 30 12 10 39 568
172.20.215.17 Tom�

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

Network Binding:
=============
vEthernet (HvsiIcs): Hyper-V Extensible Virtual Switch -> vms_pp (disabled)
vEthernet (HvsiIcs): Bridge Driver -> ms_l2bridge (enabled)
Wi-Fi: Hyper-V Extensible Virtual Switch -> vms_pp (disabled)
Wi-Fi: Bridge Driver -> ms_l2bridge (enabled)
Ethernet: Bridge Driver -> ms_l2bridge (enabled)
Ethernet: Hyper-V Extensible Virtual Switch -> vms_pp (disabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: MyWiFiDHCPDNS => 3
MSCONFIG\Services: wuauserv => 3
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\StartupApproved\Run: => "ShowBatteryBar"
HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\StartupApproved\Run: => "AdobeBridge"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E163B44A-DDA7-48CE-B7F1-4C795DDDA522}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2948C516-D628-47F6-A74F-F172A93518BB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{159F83E9-45AD-49A0-B231-9D2EBE3F9072}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3C2F663C-8BE5-46D2-8146-CAED681481E9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FC3CD718-BA73-4A39-BDD3-3E16045FC078}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4AB0171D-E6FB-471F-91A9-E4E4D24097BB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{77BB23E1-18A0-4E33-A840-FBCAAD8AF19B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [DNS Server Forward Rule - UDP - 6b0ffb6b-283e-4eef-aaf3-e69655b18efe - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 6b0ffb6b-283e-4eef-aaf3-e69655b18efe - 0] => (Allow) LPort=53
FirewallRules: [UDP Query User{571592BE-A771-42BB-99C5-B62D4B72983B}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{467D9DE1-7709-4A8C-B79C-489B14858154}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{1E42A009-3FCD-4857-A23D-0FC5C7E49E26}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{ED5B4C74-7B73-4F7D-B085-B8024FC5E163}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{E4ACE103-79A8-4826-BA67-86A0B170024E}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{947F7D4E-D179-4997-85E3-D424C4A37B6C}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C6CF6168-66F7-42D1-B7BA-FDF5998A8771}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{F0D3B5CB-1291-4A69-9FE3-7470069A012E}C:\program files (x86)\garena\langames\langames.exe] => (Allow) C:\program files (x86)\garena\langames\langames.exe No File
FirewallRules: [UDP Query User{91B59855-E898-4309-A8AD-038A2EE71014}C:\program files (x86)\garena\langames\langames.exe] => (Allow) C:\program files (x86)\garena\langames\langames.exe No File
FirewallRules: [TCP Query User{6FBFB020-5670-4896-839B-DB5CB2493C41}C:\users\t450\desktop\warcraft-3-+-frozen-throne-cz-full-patched-1.26\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe] => (Allow) C:\users\t450\desktop\warcraft-3-+-frozen-throne-cz-full-patched-1.26\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe No File
FirewallRules: [UDP Query User{47E79E7D-9218-40FD-9305-75CEE3EE876E}C:\users\t450\desktop\warcraft-3-+-frozen-throne-cz-full-patched-1.26\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe] => (Allow) C:\users\t450\desktop\warcraft-3-+-frozen-throne-cz-full-patched-1.26\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe No File
FirewallRules: [{8DF55245-6BE2-4646-8A03-DB48925B1F7F}] => (Allow) C:\Program Files (x86)\Canon\IJ Network Device Setup Utility\cnwidadr.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{92BF282C-9E05-4956-870C-F0BE38D4F43B}] => (Allow) C:\Program Files (x86)\Canon\IJ Network Device Setup Utility\cnwiddsu\cnwiddsu.exe (Canon Inc. -> CANON INC.)
FirewallRules: [TCP Query User{FD5B4FD7-79B4-4738-B33D-62278CD2AA19}C:\users\t450\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\t450\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{ACB2D334-43DE-45DA-9B51-2BB862BD02EF}C:\users\t450\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\t450\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ADC75B8E-9E3C-46DF-9901-4B1972CAB04E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [HNS Container Networking - DNS (UDP-In) - 4C924C18-4656-400D-9E2C-DC4689CE34E4 - 0] => (Allow) LPort=53

==================== Restore Points =========================

23-12-2019 09:51:20 Scheduled Checkpoint
01-01-2020 17:33:23 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (01/02/2020 02:38:49 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9196,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/02/2020 10:44:47 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9516,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/02/2020 10:26:39 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14512,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/02/2020 10:15:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: iCloudPhotos.exe, verzia: 159.0.0.25, časová značka: 0x5b2e1ace
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.18362.387, časová značka: 0xa4208572
Kód výnimky: 0xc0000374
Odstup chyby: 0x000df94d
Identifikácia chybujúceho procesu: 0x316c
Čas spustenia chybujúcej aplikácie: 0x01d5c14d111402ab
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 295074e9-09f3-49e9-a92b-c994d706014a
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/02/2020 10:15:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: iCloudDrive.exe, verzia: 1.7.28.85, časová značka: 0x5b2e1ace
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.18362.387, časová značka: 0xa4208572
Kód výnimky: 0xc0000374
Odstup chyby: 0x000df94d
Identifikácia chybujúceho procesu: 0x54c
Čas spustenia chybujúcej aplikácie: 0x01d5c14d102781cb
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: ee9d1cf5-dc1c-488d-946b-ddb5d97e6bd1
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/01/2020 05:33:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary WinQuic.

System Error:
The resource loader failed to find MUI file.
.

Error: (01/01/2020 05:33:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary vhdparser.

System Error:
Element not found.
.

Error: (01/01/2020 05:08:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary WinQuic.

System Error:
The resource loader failed to find MUI file.
.

System errors:
=============
Error: (12/27/2019 08:23:11 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (12/26/2019 10:03:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Lenovo Instant On zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (12/26/2019 10:03:05 AM) (Source: Microsoft-Windows-Hyper-V-VmSwitch) (EventID: 15) (User: NT AUTHORITY)
Description: Failed to restore configuration for port 323D6E03-401F-4F8D-B21A-BDAB7E9D6152 (Friendly Name: ) on switch C08CB7B8-9B3C-408E-8E30-5E16A3AEB444 (Friendly Name: ), status = 3221225524.

Error: (12/26/2019 06:30:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Lenovo Instant On zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (12/26/2019 06:30:05 AM) (Source: Microsoft-Windows-Hyper-V-VmSwitch) (EventID: 15) (User: NT AUTHORITY)
Description: Failed to restore configuration for port EF702B1A-581E-4E3D-8B39-FE778E5BA143 (Friendly Name: ) on switch C08CB7B8-9B3C-408E-8E30-5E16A3AEB444 (Friendly Name: ), status = 3221225524.

Error: (12/25/2019 08:41:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Lenovo Instant On zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (12/25/2019 08:41:44 PM) (Source: Microsoft-Windows-Hyper-V-VmSwitch) (EventID: 15) (User: NT AUTHORITY)
Description: Failed to restore configuration for port E97A4B88-FD53-45A0-B468-40D48CEE40F9 (Friendly Name: ) on switch C08CB7B8-9B3C-408E-8E30-5E16A3AEB444 (Friendly Name: ), status = 3221225524.

Error: (12/25/2019 10:19:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Lenovo Instant On zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Windows Defender:
===================================
Date: 2019-12-10 12:52:07.171
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {F9A9CF7D-592A-4B4E-8E0C-68B7ED41E2E8}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-10 12:46:41.939
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {4B4C00EF-AA40-43F6-A448-CFB7DBE4A5D7}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-10 12:24:26.450
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {FAD37247-345C-426A-82F5-C064706BE13E}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-10 12:18:54.154
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {46283ABC-E724-4887-BC52-300B8908F3F4}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-10 12:13:45.420
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {3B5E7CE2-7B54-4D75-88DB-59A8EBB91517}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-13 08:30:39.723
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.307.309.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80072ee2
Error description: The operation timed out

Date: 2019-12-09 08:34:38.397
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.307.94.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80072ee2
Error description: The operation timed out

CodeIntegrity:
===================================

Date: 2020-01-02 18:51:40.557
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-02 18:51:40.549
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-02 18:51:00.895
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-02 18:51:00.882
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-02 18:49:57.388
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-02 18:49:57.384
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-02 18:49:42.871
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-02 18:49:42.865
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO JBET67WW (1.31 ) 12/14/2017
Motherboard: LENOVO 20BUS0X10N
Processor: Intel(R) Core(TM) i5-5300U CPU @ 2.30GHz
Percentage of memory in use: 73%
Total physical RAM: 7888.21 MB
Available physical RAM: 2066.65 MB
Total Virtual: 10888.21 MB
Available Virtual: 3021.9 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:231.62 GB) (Free:32.94 GB) NTFS

\\?\Volume{7df8241c-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{629458e4-0000-0000-0000-010000000000}\ (PortableBaseLayer) (Fixed) (Total:8 GB) (Free:7.6 GB) NTFS
\\?\Volume{7df8241c-0000-0000-0000-e0063a000000}\ () (Fixed) (Total:0.78 GB) (Free:0.25 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 7DF8241C)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=795 MB) - (Type=27)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 8 GB) (Disk ID: 629458E4)
Partition 1: (Not Active) - (Size=8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

#5 Příspěvek od **Rudy** » 02 led 2020 19:50

Teď spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

element · #6 Příspěvek od **element** » 02 led 2020 22:44

Nech sa páči, niečo vymazalo, ale nepotrebné. Inak toto dole je ten vírus.

# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2020-01-02.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-02-2020
# Duration: 00:00:02
# OS: Windows 10 Pro
# Cleaned: 3
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted Spirální stabilizace pátere - Na Úbocí 10, Praha 8, Czech Republic, 00420-284 810 231, spirstab@spirstab.com

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1753 octets] - [13/12/2019 13:55:39]
AdwCleaner[C00].txt - [1971 octets] - [13/12/2019 13:56:41]
AdwCleaner[S01].txt - [1770 octets] - [02/01/2020 22:37:18]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

#7 Příspěvek od **Rudy** » 03 led 2020 10:18

Dejte nové logy FRST+Addition.

element · #8 Příspěvek od **element** » 03 led 2020 11:52

FIRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-12-2019
Ran by T450 (administrator) on TOMAS (LENOVO 20BUS0X10N) (03-01-2020 11:39:33)
Running from C:\Users\T450\Desktop
Loaded Profiles: T450 (Available Profiles: T450)
Platform: Windows 10 Pro Version 1903 18362.535 (X64) Language: Angličtina (USA)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Disig a.s. -> Disig a.s.) C:\Program Files (x86)\Disig\Disig Web Signer 1.0.7\Updater\WebSignerTray.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\T450\AppData\Local\FluxSoftware\Flux\flux.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LsaIso.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vmcompute.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(troubadix) [File not signed] C:\Program Files\TPFanControl\TPFanControl.exe
(VideoLAN -> VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe
Failed to access process -> vmmem

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TPFanControl] => C:\Program Files\TPFanControl\TPFanControl.exe [156672 2013-02-02] (troubadix) [File not signed]
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-03-24] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [316336 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [456160 2019-04-18] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\Run: [f.lux] => C:\Users\T450\AppData\Local\FluxSoftware\Flux\flux.exe [1385480 2019-08-30] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-01-15] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-01-15] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-01-15] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-01-15] (Apple Inc. -> Apple Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-17] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2019-12-05]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Web Signer.lnk [2018-10-06]
ShortcutTarget: Web Signer.lnk -> C:\Program Files (x86)\Disig\Disig Web Signer 1.0.7\Updater\WebSignerTray.exe (Disig a.s. -> Disig a.s.)
Startup: C:\Users\T450\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Gram MultiTool 2.lnk [2019-10-07]
ShortcutTarget: Gram MultiTool 2.lnk -> C:\Users\T450\AppData\Local\gmt2\GramMultiToolUI.exe (Anis Sakkaf -> )
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {18A91EDC-684A-4C69-A2FF-6E8B5E43BC57} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {22265DBF-9DFB-4CF4-90E3-1764DC69A632} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
Task: {25C5D5BD-BF3D-4FA9-AD2A-DD1E6E25C7C5} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493984 2017-09-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {2D758B79-CB14-49BB-9BAE-C99A28574593} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {46EA8F16-6A24-4B36-B9A9-56384E047D27} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [3981232 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {63F446C1-CFB1-4F23-8F87-1F9C82A4714D} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1905072 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {6CE5E028-AA52-4146-A3B5-D97D270370F6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_pepper.exe [1453112 2019-12-11] (Adobe Inc. -> Adobe)
Task: {764F5F57-77BC-454B-A6F5-7DEC6A7660C1} - System32\Tasks\ESET Windows 10 upgrade – Refresh settings => C:\Program Files\Common Files\AV\ESET NOD32 Antivirus 6.0\upgrade.exe [582656 2019-12-22] (ESET, spol. s r.o. -> ESET)
Task: {7EF281AC-2FC0-4D7B-B2D7-7BC1889CF198} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-15] (Google LLC -> Google LLC)
Task: {8391F2FE-C99B-4410-BC71-39350BC53003} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-12-11] (Adobe Inc. -> Adobe)
Task: {8EE934A5-562F-4001-AE6C-702ACB224141} - System32\Tasks\Lenovo Power Management Driver PnP Task => C:\WINDOWS\System32\ibmpmsvc.exe [855968 2018-05-23] (Lenovo -> Lenovo.)
Task: {971C06CE-1BF5-49D2-87E6-8B43D8C07D69} - System32\Tasks\AdwCleaner_onReboot => C:\Users\T450\Desktop\adwcleaner_8.0.1.exe
Task: {ACB553D5-E46E-49DC-8B50-33CA4F026671} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {C3AC5672-755E-4549-8A37-4D2B4A624F8C} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-4265333793-1255850415-3889696489-1001 => C:\Users\T450\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe
Task: {C99F66A7-9092-44AB-8F2C-628B23A391FD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-15] (Google LLC -> Google LLC)
Task: {D049F954-0DC7-4C0B-95E6-1CE1B31C51B7} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgrInst.exe
Task: {E5FC72C6-53AE-4680-8D96-108E23CFEC56} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493984 2017-09-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0017f890-ab82-4120-81c3-beb49c53563d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2d25847a-b084-4369-b68c-f81d00c7069c}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2eb10214-7d35-4f37-addf-88e59d1b6b99}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]

FireFox:
========
FF DefaultProfile: qtkw9hyo.default
FF ProfilePath: C:\Users\T450\AppData\Roaming\Mozilla\Firefox\Profiles\rjh06mw5.default-release [2019-12-13]
FF ProfilePath: C:\Users\T450\AppData\Roaming\Mozilla\Firefox\Profiles\qtkw9hyo.default [2019-12-13]
FF Homepage: Mozilla\Firefox\Profiles\qtkw9hyo.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\qtkw9hyo.default -> about:newtab
FF Extension: (Avast Online Security) - C:\Users\T450\AppData\Roaming\Mozilla\Firefox\Profiles\qtkw9hyo.default\Extensions\wrc@avast.com.xpi [2019-08-10]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-4265333793-1255850415-3889696489-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\T450\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-4265333793-1255850415-3889696489-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\T450\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.sk/
CHR StartupUrls: Default -> "hxxps://app.livechatoo.com/tomaskolen/operator/sk/chat","hxxps://mail.google.com/mail/u/0/#inbox","hxxps://www.letnyhit.sk/admin/script.php"
CHR Notifications: Default -> hxxps://app.livechatoo.com; hxxps://badoo.com; hxxps://calendar.google.com; hxxps://eu1.badoo.com; hxxps://sk.toolboxprodhouse.com; hxxps://tinder.com
CHR Profile: C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default [2020-01-03]
CHR DownloadDir: C:\Users\T450\Desktop
CHR Extension: (Prezentácie) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-11]
CHR Extension: (Dokumenty) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-11]
CHR Extension: (Disk Google) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-08-11]
CHR Extension: (YouTube) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-11]
CHR Extension: (Adobe Acrobat) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-10-01]
CHR Extension: (Full Page Screen Capture) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2019-11-27]
CHR Extension: (Tabuľky) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-11]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-08-11]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-12-18]
CHR Extension: (Linkclump) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfpjkncokllnfokkgpkobnkbkmelfefj [2019-11-30]
CHR Extension: (Boomerang for Gmail) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2019-08-11]
CHR Extension: (Kontrola pošty Google) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2019-08-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Disig Web Signer 1.0.7) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\odbdbcaekkgabdfaabepfjgiooilmaoe [2019-08-11]
CHR Extension: (LinkMiner) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogdhdnpiclkaeicicamopfohidjokoom [2019-08-11]
CHR Extension: (Gmail) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-11]
CHR Extension: (Chrome Media Router) - C:\Users\T450\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-15]
CHR HKLM\...\Chrome\Extension: [fcbhdhpamoencpdogjnmnbjddipfkpad]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fcbhdhpamoencpdogjnmnbjddipfkpad]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [odbdbcaekkgabdfaabepfjgiooilmaoe]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-03-08] (Apple Inc. -> Apple Inc.)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [996928 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [6307248 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110560 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 CmService; C:\WINDOWS\System32\CmService.dll [821776 2019-11-13] (Microsoft Windows -> Microsoft Corporation)
S3 gcs; C:\WINDOWS\system32\vmcomputeagent.exe [1390904 2019-09-12] (Microsoft Windows -> Microsoft Corporation)
R3 hns; C:\WINDOWS\System32\HostNetSvc.dll [3388928 2019-09-12] (Microsoft Windows -> Microsoft Corporation)
R2 hvsics; C:\WINDOWS\System32\hvsicontainerservice.dll [1302840 2019-08-30] (Microsoft Windows -> Microsoft Corporation)
R2 hvsics; C:\WINDOWS\SysWOW64\hvsicontainerservice.dll [24376 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [532968 2018-05-19] (Intel Corporation -> Intel Corporation)
S2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373656 2018-05-24] (Intel(R) pGFX -> Intel Corporation)
S2 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [774040 2018-05-23] (Lenovo -> Lenovo.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2019-12-15] (Malwarebytes Inc -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 nvagent; C:\WINDOWS\System32\NvAgent.dll [41992 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324576 2017-09-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd. -> Safer Networking Ltd.)
S2 SCPDFReadSpool; C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDFV6\SolidConverterPDFServicex64.exe [320512 2009-10-23] (Solid Documents, LLC) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [277144 2018-11-19] (Synaptics Incorporated -> Synaptics Incorporated)
S2 TPHKLOAD; C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_a6dc7343c725f003\driver\TPHKLOAD.exe [422544 2018-07-18] (Lenovo -> Lenovo Group Limited)
R3 vmcompute; C:\WINDOWS\system32\vmcompute.exe [3498512 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4110624 2019-05-14] (Intel Corporation -> Intel® Corporation)
S2 Lenovo Instant On; "C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\EasyResume.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2018-09-05] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37880 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [205600 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [275232 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [210328 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [65376 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [16520 2019-12-25] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [43512 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [171640 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [111096 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [84560 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [848688 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [461216 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [236288 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [317304 2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 GemCCID; C:\WINDOWS\System32\drivers\GemCCID.sys [130944 2014-11-10] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
R1 hvsifltr; C:\WINDOWS\System32\drivers\hvsifltr.sys [59192 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 hvsocketcontrol; C:\WINDOWS\system32\drivers\hvsocketcontrol.sys [36368 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136728 2018-05-16] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-09] (Intel(R) Software -> Intel Corporation)
S3 l2bridge; C:\WINDOWS\System32\drivers\l2bridge.sys [58384 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-12-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [8731536 2019-06-03] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R0 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [44232 2018-05-23] (Lenovo -> Lenovo.)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [786688 2016-08-24] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [54928 2018-11-19] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [757824 2016-12-26] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R1 VfpExt; C:\WINDOWS\System32\drivers\vfpext.sys [1410560 2019-11-13] (Microsoft Windows -> Microsoft Corporation)
R0 VMSNPXY; C:\WINDOWS\System32\drivers\VmsProxyHNic.sys [39736 2019-11-13] (Microsoft Windows -> Microsoft Corporation)
R3 VMSNPXYMP; C:\WINDOWS\System32\drivers\VmsProxyHNic.sys [39736 2019-11-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-03] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: nvagent -> C:\Windows\System32\NvAgent.dll (Microsoft Corporation)
NETSVC: hns -> C:\Windows\System32\HostNetSvc.dll (Microsoft Corporation)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-03 11:39 - 2020-01-03 11:40 - 000030153 _____ C:\Users\T450\Desktop\FRST.txt
2020-01-03 11:38 - 2020-01-03 11:38 - 002272256 _____ (Farbar) C:\Users\T450\Desktop\FRST64.exe
2020-01-03 09:59 - 2020-01-03 10:04 - 1875546238 _____ C:\Users\T450\Desktop\PIRATI Z KARIBIKU 4 V NEZNAMYCH VODACH CZ DABING (2011).mkv.mkv
2020-01-02 22:47 - 2020-01-02 22:47 - 000037777 _____ C:\Users\T450\.recently-used.xbel
2020-01-02 22:44 - 2020-01-02 22:44 - 000003168 _____ C:\WINDOWS\system32\Tasks\AdwCleaner_onReboot
2020-01-02 18:50 - 2020-01-03 11:39 - 000000000 ____D C:\FRST
2020-01-02 16:41 - 2020-01-02 16:42 - 000000000 ____D C:\rsit
2019-12-30 13:50 - 2019-12-30 13:50 - 000000000 ____D C:\Users\T450\Desktop\Kupelna
2019-12-26 06:43 - 2019-12-31 10:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2019-12-25 10:24 - 2019-12-25 10:24 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2019-12-25 10:23 - 2019-12-31 10:53 - 000003250 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2019-12-25 10:23 - 2019-12-25 10:23 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2019-12-25 10:22 - 2019-12-25 10:23 - 000848688 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2019-12-25 10:22 - 2019-12-25 10:23 - 000461216 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2019-12-25 10:22 - 2019-12-25 10:23 - 000171640 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2019-12-25 10:22 - 2019-12-25 10:22 - 000355760 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2019-12-25 10:22 - 2019-12-25 10:22 - 000317304 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2019-12-25 10:22 - 2019-12-25 10:22 - 000275232 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2019-12-25 10:22 - 2019-12-25 10:22 - 000236288 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2019-12-25 10:22 - 2019-12-25 10:22 - 000210328 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2019-12-25 10:22 - 2019-12-25 10:22 - 000205600 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2019-12-25 10:22 - 2019-12-25 10:22 - 000111096 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2019-12-25 10:22 - 2019-12-25 10:22 - 000084560 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2019-12-25 10:22 - 2019-12-25 10:22 - 000065376 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2019-12-25 10:22 - 2019-12-25 10:22 - 000043512 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2019-12-25 10:22 - 2019-12-25 10:22 - 000037880 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2019-12-25 10:22 - 2019-12-25 10:22 - 000016520 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
2019-12-25 10:22 - 2019-12-25 10:22 - 000000000 ____D C:\Program Files\Common Files\AVG
2019-12-25 10:21 - 2019-12-25 10:21 - 000000000 ____D C:\Program Files\AVG
2019-12-22 16:49 - 2019-12-31 10:53 - 000002770 _____ C:\WINDOWS\system32\Tasks\ESET Windows 10 upgrade – Refresh settings
2019-12-22 16:49 - 2019-12-22 16:49 - 000000000 ____D C:\Program Files\Common Files\AV
2019-12-15 18:13 - 2019-12-15 18:13 - 000000000 ____D C:\Users\T450\Desktop\reklamácia anglicania
2019-12-15 10:08 - 2019-12-17 19:14 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-15 10:08 - 2019-12-17 19:14 - 000002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-15 10:08 - 2019-12-17 19:14 - 000002272 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-12-15 10:07 - 2019-12-31 10:53 - 000003386 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-15 10:07 - 2019-12-31 10:53 - 000003162 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-15 10:07 - 2019-12-15 10:07 - 001397976 ____C (Google LLC) C:\Users\T450\Downloads\ChromeSetup.exe
2019-12-13 18:25 - 2019-12-13 18:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2019-12-13 18:25 - 2019-12-13 18:25 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2019-12-13 17:37 - 2019-12-13 17:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\Safer-Networking
2019-12-13 17:25 - 2019-12-25 10:18 - 000000000 ____D C:\Program Files\ESET
2019-12-13 13:55 - 2019-12-13 13:56 - 000000000 ____D C:\AdwCleaner
2019-12-13 11:00 - 2019-12-13 17:37 - 000002335 _____ C:\WINDOWS\wininit.ini
2019-12-13 09:55 - 2019-12-14 10:46 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2019-12-13 09:55 - 2019-12-13 18:44 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2019-12-11 15:09 - 2019-12-11 15:09 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-11 15:09 - 2019-12-11 15:09 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-11 15:08 - 2019-12-11 15:09 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 006519608 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmchipset.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-11 15:08 - 2019-12-11 15:08 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-11 15:08 - 2019-12-11 15:08 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-11 15:08 - 2019-12-11 15:08 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-11 15:08 - 2019-12-11 15:08 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 002188816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-11 15:08 - 2019-12-11 15:08 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 001496080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-11 15:08 - 2019-12-11 15:08 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-11 15:08 - 2019-12-11 15:08 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-11 15:08 - 2019-12-11 15:08 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-11 15:08 - 2019-12-11 15:08 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-11 15:08 - 2019-12-11 15:08 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-11 15:08 - 2019-12-11 15:08 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-11 15:08 - 2019-12-11 15:08 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-11 15:08 - 2019-12-11 15:08 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-11 15:08 - 2019-12-11 15:08 - 000292048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationVdev.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-11 15:08 - 2019-12-11 15:08 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-11 15:08 - 2019-12-11 15:08 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-11 15:08 - 2019-12-11 15:08 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-11 15:08 - 2019-12-11 15:08 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-12-07 18:08 - 2019-12-07 18:08 - 000000000 ____D C:\Users\T450\Desktop\744 a 535 white lux pridat
2019-12-05 20:39 - 2019-12-05 20:39 - 000000000 ____D C:\Users\T450\AppData\Roaming\HP
2019-12-05 10:28 - 2019-12-12 11:14 - 000000000 ____D C:\Users\T450\AppData\Roaming\HpUpdate
2019-12-05 10:27 - 2019-12-26 10:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2019-12-05 10:27 - 2019-12-05 10:30 - 000182537 _____ C:\WINDOWS\hphins28.dat
2019-12-05 10:27 - 2012-09-26 18:54 - 000000874 ____N C:\WINDOWS\hphmdl28.dat
2019-12-04 10:08 - 2019-12-04 10:11 - 1516984776 _____ C:\Users\T450\Desktop\Al Pacino - 1995 Nelitostny souboj.avi

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-03 11:38 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-03 10:20 - 2018-07-28 11:19 - 000000000 ___DC C:\Users\T450\AppData\Roaming\vlc
2020-01-03 09:55 - 2019-08-30 02:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-03 08:48 - 2019-08-10 23:11 - 000000000 ____D C:\Users\T450\AppData\Local\CrashDumps
2020-01-03 08:48 - 2018-12-30 12:35 - 000000000 __RDC C:\Users\T450\iCloudDrive
2020-01-02 23:32 - 2018-03-10 10:39 - 000000000 ___DC C:\Users\T450\AppData\Local\ClassicShell
2020-01-02 22:47 - 2019-08-30 03:12 - 000840852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-02 22:47 - 2019-08-30 03:02 - 000000000 ____D C:\Users\T450
2020-01-02 22:47 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-02 22:47 - 2018-03-10 11:18 - 000000000 ___DC C:\Users\T450\.gimp-2.6
2020-01-02 22:42 - 2018-03-07 12:14 - 000000000 _SHDC C:\Users\T450\IntelGraphicsProfiles
2020-01-02 22:41 - 2019-08-30 03:10 - 000003700 _____ C:\WINDOWS\system32\Tasks\Lenovo Power Management Driver PnP Task
2020-01-02 22:41 - 2019-08-30 03:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-02 22:41 - 2019-08-30 02:58 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2020-01-02 22:41 - 2019-08-10 22:22 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-01-02 22:41 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-01-02 22:40 - 2018-03-10 20:09 - 000000000 ___DC C:\Users\T450\AppData\Roaming\gtk-2.0
2020-01-02 19:39 - 2019-09-02 13:52 - 000000000 ____D C:\Users\T450\Desktop\faktury na uhradu
2020-01-02 19:05 - 2019-04-27 23:48 - 000000096 ____C C:\Users\T450\Desktop\pridane produkty.txt
2020-01-02 16:42 - 2019-08-10 18:26 - 000000000 ____D C:\Program Files\trend micro
2020-01-02 10:27 - 2019-10-07 16:15 - 000000000 ____D C:\Users\T450\Documents\gmt2
2020-01-02 10:14 - 2018-09-23 13:10 - 000000828 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2020-01-01 13:26 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-01 13:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-31 15:35 - 2018-03-10 16:28 - 000000956 _____ C:\Users\T450\Desktop\bankove ucty.txt
2019-12-31 10:53 - 2019-10-03 18:30 - 000002608 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2019-12-31 10:53 - 2019-08-30 03:10 - 000003764 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-12-31 10:53 - 2019-08-30 03:10 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2019-12-31 10:53 - 2019-08-30 03:10 - 000003446 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2019-12-31 10:53 - 2019-08-30 03:10 - 000002306 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_Dolby
2019-12-31 10:53 - 2019-08-30 03:10 - 000002302 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2019-12-29 21:01 - 2018-03-07 21:58 - 000000000 ____D C:\Users\T450\Desktop\Tomas
2019-12-26 10:30 - 2018-10-05 14:11 - 000000000 ____D C:\ProgramData\boost_interprocess
2019-12-26 10:30 - 2018-03-10 11:57 - 000000000 ____D C:\Users\T450\AppData\Local\Packages
2019-12-26 10:03 - 2019-08-30 02:58 - 005151608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-26 10:02 - 2018-06-14 13:38 - 000000000 ____D C:\ProgramData\HP
2019-12-25 22:42 - 2018-03-27 14:00 - 000000000 ____D C:\ProgramData\Avg
2019-12-25 10:24 - 2018-10-10 15:31 - 000000000 ___DC C:\Users\T450\AppData\Roaming\AVG
2019-12-25 10:24 - 2018-05-19 14:03 - 000000000 ___DC C:\Users\T450\AppData\Local\AVG
2019-12-25 10:22 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-12-19 12:55 - 2018-03-10 16:47 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-15 23:08 - 2019-06-14 09:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-12-15 23:08 - 2018-07-13 00:18 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-12-15 10:08 - 2018-03-10 09:42 - 000000000 ____D C:\Program Files (x86)\Google
2019-12-13 14:04 - 2018-10-06 08:52 - 000000000 ___DC C:\Users\T450\AppData\Roaming\EAC_MW_klient
2019-12-13 13:56 - 2019-12-03 12:00 - 000000000 ____D C:\WINDOWS\system32\Lenovo
2019-12-13 13:56 - 2019-08-30 03:10 - 000000000 ____D C:\Program Files\Lenovo
2019-12-13 13:56 - 2018-12-06 12:49 - 000000000 ____D C:\WINDOWS\SysWOW64\Lenovo
2019-12-13 11:00 - 2019-06-28 17:08 - 000000000 ____D C:\Program Files (x86)\Spyware Terminator
2019-12-12 08:08 - 2018-03-10 12:02 - 000000000 __RDC C:\Users\T450\3D Objects
2019-12-12 08:08 - 2018-03-07 12:05 - 000000000 _RHDC C:\Users\Public\AccountPictures
2019-12-12 00:33 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-12 00:33 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-12 00:33 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-11 15:13 - 2018-03-07 12:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-11 15:10 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-11 15:10 - 2018-03-07 12:46 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-11 09:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-12-11 09:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-12-05 10:28 - 2018-06-14 13:38 - 000000000 ____D C:\Program Files (x86)\HP

==================== Files in the root of some directories ========

2018-09-23 13:42 - 2018-09-23 14:02 - 000001480 ____C () C:\Users\T450\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2019-08-11 14:28 - 2019-08-11 14:28 - 000000000 ____C () C:\Users\T450\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

element · #9 Příspěvek od **element** » 03 led 2020 11:53

addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by T450 (03-01-2020 11:40:50)
Running from C:\Users\T450\Desktop
Windows 10 Pro Version 1903 18362.535 (X64) (2019-08-30 02:10:29)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-4265333793-1255850415-3889696489-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4265333793-1255850415-3889696489-503 - Limited - Disabled)
Guest (S-1-5-21-4265333793-1255850415-3889696489-501 - Limited - Disabled)
T450 (S-1-5-21-4265333793-1255850415-3889696489-1001 - Administrator - Enabled) => C:\Users\T450
WDAGUtilityAccount (S-1-5-21-4265333793-1255850415-3889696489-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
adobe (HKLM\...\{C292D9FF-FE73-4A50-8FEB-3BE480A6DB27}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.303 - Adobe)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{BA2A6DBB-B09A-43D8-84F3-21C1537B47D9}) (Version: 12.2.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 19.8.3108 - AVG Technologies)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
Balík softvéru eID (HKLM-x32\...\{45209058-df6b-4427-863f-d0ff890b829b}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
Balík softvéru eID (HKLM-x32\...\{ea81dcd3-f9f3-4959-8bee-0349fc294ae5}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
Bigasoft Total Video Converter 6.0.4.6443 (HKLM-x32\...\{A72CE741-1F32-4D79-BFFB-A714375C6760}_is1) (Version: - Bigasoft Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - ‪Canon Inc.‬)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.02 - Canon Inc.)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
D5400 (HKLM-x32\...\{C3999E51-4999-4B2D-8556-F3AB5F82C682}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Diablo II: Lord of Destruction CZ (HKLM-x32\...\Diablo II: Lord of Destruction CZ 1.13) (Version: 1.13 - Blizzard Entertainment)
Disig Web Signer 1.0.7 (HKLM-x32\...\{21859B7E-5E38-4892-A480-FA8B180ADE72}) (Version: 1.1.8 - Disig)
EAC MW klient (HKLM-x32\...\{92879DFD-B281-447B-AC54-ED065B0BBB17}) (Version: 3.3.0 - Ministerstvo vnútra Slovenskej republiky)
f.lux (HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\Flux) (Version: - f.lux Software LLC)
GIMP 2.6.12 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.12 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Gram Multitool 2 (HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\gmt2) (Version: 1.0.8 - Fagenorn)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart D5400 Printer Driver Software 14.0 Rel. 6 (HKLM\...\{8624D225-A14F-40CC-9392-57CBFFFA7056}) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.)
IJ Network Device Setup Utility (HKLM-x32\...\IJ Network Device Setup Utility) (Version: 1.8.1 - Canon Inc.)
Intel(R) Chipset Device Software (HKLM-x32\...\{b23c55fa-5271-4d64-ba8f-6718be55b9a7}) (Version: 10.1.1.33 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4963 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{31a05164-f722-485c-90e3-db78421fa156}) (Version: 20.70.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{50cf70be-570a-46b0-8a05-ea84ad3b4a36}) (Version: 21.20.0 - Intel Corporation)
iTunes (HKLM\...\{6ECEEC92-3E86-407D-8DFD-03CE193D28AD}) (Version: 12.9.4.102 - Apple Inc.)
K-Lite Mega Codec Pack 14.2.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.2.0 - KLCP)
LibreOffice 5.4.5.1 (HKLM\...\{7E33997B-06D8-4637-8794-5A0049237308}) (Version: 5.4.5.1 - The Document Foundation)
Malwarebytes verzia 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Mozilla Firefox 66.0.3 (x64 sk) (HKLM\...\Mozilla Firefox 66.0.3 (x64 sk)) (Version: 66.0.3 - Mozilla)
Mozilla Firefox 70.0 (x64 sk) (HKLM\...\Mozilla Firefox 70.0 (x64 sk)) (Version: 70.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 70.0 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{9F7041CB-8398-4691-B8CB-0D52273BB3D9}) (Version: 7.4 - Apple Inc.)
Podpora Apple aplikácií(64-bit) (HKLM\...\{6E7DF4EE-1976-4215-9D81-755AFC95687D}) (Version: 7.4 - Apple Inc.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.4 - Power Software Ltd)
PS_SF_03_D5400_Software_Min (HKLM-x32\...\{88F3DB42-CB1F-4474-ADC0-D298A55E0C1B}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21290 - Realtek Semiconductor Corp.)
Screaming Frog SEO Spider (HKLM-x32\...\Screaming Frog SEO Spider) (Version: 9.4 - Screaming Frog Ltd)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype Meetings App (HKLM-x32\...\{BC1D9E47-8927-4AA1-A891-7763BC2475B7}) (Version: 16.2.0.511 - Microsoft Corporation)
Skype verzia 8.45 (HKLM-x32\...\Skype_is1) (Version: 8.45 - Skype Technologies S.A.)
Solid Converter PDF (HKLM-x32\...\{56BFAA6E-2BCC-4AED-9233-84731E66B205}) (Version: 6.0.669.0 - SolidDocuments)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
TPFanControl v0.63 (HKLM\...\{717F5741-5C2E-4469-BDA0-B5EC2243646F}_is1) (Version: - troubadix)
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR archivátor (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.623.0_x64__v10z8vjag6ke6 [2019-11-16] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-08-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001_Classes\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B}\InprocServer32 -> C:\Users\T450\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6722448 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers: [WDAGOfficeShellIconOverlayExtension] -> {1C7A13D2-F5E5-4807-A19B-E4CCEC814B3D} => C:\Windows\System32\hvsiofficeiconoverlayshellextension.dll [2019-03-19] (Microsoft Windows -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [WDAGOfficeShellIconOverlayExtension] -> {1C7A13D2-F5E5-4807-A19B-E4CCEC814B3D} => C:\Windows\System32\hvsiofficeiconoverlayshellextension.dll [2019-03-19] (Microsoft Windows -> )
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-01-15] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-18] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-18] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-05-24] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2019-12-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-18] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\T450\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2018-06-15 14:00 - 2009-10-23 19:15 - 000024576 _____ () [File not signed] C:\WINDOWS\System32\solidlocalmon.dll
2018-03-10 17:16 - 2012-03-26 17:32 - 000312320 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_SKY.DLL
2018-03-10 17:15 - 2012-06-14 17:18 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2018-03-07 12:54 - 2005-03-30 12:11 - 000053248 _____ (EnTech Taiwan) [File not signed] C:\WINDOWS\system\TVicPort.dll
2009-11-17 22:58 - 2009-11-17 22:58 - 000342656 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll
2009-11-17 22:58 - 2009-11-17 22:58 - 000559232 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll
2012-05-27 06:46 - 2012-05-27 06:46 - 000015360 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
2011-04-29 19:08 - 2011-04-29 19:08 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
2017-08-13 08:49 - 2017-08-13 08:49 - 003664184 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\hvsifltr => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\123simsen.com -> www.123simsen.com

There are 7944 more sites.

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 22:03 - 2019-12-26 06:30 - 000453800 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com

There are 15605 more lines.

2018-09-23 13:10 - 2020-01-02 10:14 - 000000828 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.93.169 ee9efd05-7d56-4997-b2f7-2c99d6814408.mshome.net # 2020 1 4 9 9 14 33 443
172.20.215.17 Tom��om�ed-5.mshome.net # 2019 2 0 24 9 28 23 153
172.20.215.17 Tom�7980-7.mshome.net # 2018 12 5 21 0 57 1 732
172.20.215.17 Tom��7d6-5.mshome.net # 2018 12 6 8 9 57 32 467
172.20.215.17 Tom�d6-5.mshome.net # 2018 12 6 8 9 57 32 467
172.20.215.17 Tom��m�shome.net # 2018 9 0 30 12 10 39 568
172.20.215.17 Tom�

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: Hyper-V Extensible Virtual Switch -> vms_pp (disabled)
Wi-Fi: Bridge Driver -> ms_l2bridge (enabled)
Ethernet: Hyper-V Extensible Virtual Switch -> vms_pp (disabled)
Ethernet: Bridge Driver -> ms_l2bridge (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: MyWiFiDHCPDNS => 3
MSCONFIG\Services: wuauserv => 3
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\StartupApproved\Run: => "ShowBatteryBar"
HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-4265333793-1255850415-3889696489-1001\...\StartupApproved\Run: => "AdobeBridge"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E163B44A-DDA7-48CE-B7F1-4C795DDDA522}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2948C516-D628-47F6-A74F-F172A93518BB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{159F83E9-45AD-49A0-B231-9D2EBE3F9072}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3C2F663C-8BE5-46D2-8146-CAED681481E9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FC3CD718-BA73-4A39-BDD3-3E16045FC078}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4AB0171D-E6FB-471F-91A9-E4E4D24097BB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{77BB23E1-18A0-4E33-A840-FBCAAD8AF19B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [DNS Server Forward Rule - UDP - 6b0ffb6b-283e-4eef-aaf3-e69655b18efe - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 6b0ffb6b-283e-4eef-aaf3-e69655b18efe - 0] => (Allow) LPort=53
FirewallRules: [UDP Query User{571592BE-A771-42BB-99C5-B62D4B72983B}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{467D9DE1-7709-4A8C-B79C-489B14858154}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{1E42A009-3FCD-4857-A23D-0FC5C7E49E26}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{ED5B4C74-7B73-4F7D-B085-B8024FC5E163}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{E4ACE103-79A8-4826-BA67-86A0B170024E}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{947F7D4E-D179-4997-85E3-D424C4A37B6C}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C6CF6168-66F7-42D1-B7BA-FDF5998A8771}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{F0D3B5CB-1291-4A69-9FE3-7470069A012E}C:\program files (x86)\garena\langames\langames.exe] => (Allow) C:\program files (x86)\garena\langames\langames.exe No File
FirewallRules: [UDP Query User{91B59855-E898-4309-A8AD-038A2EE71014}C:\program files (x86)\garena\langames\langames.exe] => (Allow) C:\program files (x86)\garena\langames\langames.exe No File
FirewallRules: [TCP Query User{6FBFB020-5670-4896-839B-DB5CB2493C41}C:\users\t450\desktop\warcraft-3-+-frozen-throne-cz-full-patched-1.26\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe] => (Allow) C:\users\t450\desktop\warcraft-3-+-frozen-throne-cz-full-patched-1.26\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe No File
FirewallRules: [UDP Query User{47E79E7D-9218-40FD-9305-75CEE3EE876E}C:\users\t450\desktop\warcraft-3-+-frozen-throne-cz-full-patched-1.26\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe] => (Allow) C:\users\t450\desktop\warcraft-3-+-frozen-throne-cz-full-patched-1.26\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe No File
FirewallRules: [{8DF55245-6BE2-4646-8A03-DB48925B1F7F}] => (Allow) C:\Program Files (x86)\Canon\IJ Network Device Setup Utility\cnwidadr.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{92BF282C-9E05-4956-870C-F0BE38D4F43B}] => (Allow) C:\Program Files (x86)\Canon\IJ Network Device Setup Utility\cnwiddsu\cnwiddsu.exe (Canon Inc. -> CANON INC.)
FirewallRules: [TCP Query User{FD5B4FD7-79B4-4738-B33D-62278CD2AA19}C:\users\t450\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\t450\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{ACB2D334-43DE-45DA-9B51-2BB862BD02EF}C:\users\t450\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\t450\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ADC75B8E-9E3C-46DF-9901-4B1972CAB04E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

23-12-2019 09:51:20 Scheduled Checkpoint
01-01-2020 17:33:23 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (01/03/2020 09:00:11 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7464,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/03/2020 08:48:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: iCloudPhotos.exe, verzia: 159.0.0.25, časová značka: 0x5b2e1ace
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.18362.387, časová značka: 0xa4208572
Kód výnimky: 0xc0000374
Odstup chyby: 0x000df94d
Identifikácia chybujúceho procesu: 0x1864
Čas spustenia chybujúcej aplikácie: 0x01d5c20a268dbef6
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 32eb7bde-a9f1-45f5-957c-d0b079622f57
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/03/2020 08:48:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: iCloudDrive.exe, verzia: 1.7.28.85, časová značka: 0x5b2e1ace
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.18362.387, časová značka: 0xa4208572
Kód výnimky: 0xc0000374
Odstup chyby: 0x000df94d
Identifikácia chybujúceho procesu: 0x1fe0
Čas spustenia chybujúcej aplikácie: 0x01d5c20a25e3a12c
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 14e57c29-538a-4fac-b920-825b192832cd
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/02/2020 11:03:52 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7472,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/02/2020 10:53:20 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3800,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/02/2020 10:42:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: iCloudPhotos.exe, verzia: 159.0.0.25, časová značka: 0x5b2e1ace
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.18362.387, časová značka: 0xa4208572
Kód výnimky: 0xc0000374
Odstup chyby: 0x000df94d
Identifikácia chybujúceho procesu: 0x2a0c
Čas spustenia chybujúcej aplikácie: 0x01d5c1b585eb51b5
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: cd8a6ac4-3ffd-4cf7-b05c-eb2315690751
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/02/2020 10:42:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: iCloudDrive.exe, verzia: 1.7.28.85, časová značka: 0x5b2e1ace
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.18362.387, časová značka: 0xa4208572
Kód výnimky: 0xc0000374
Odstup chyby: 0x000df94d
Identifikácia chybujúceho procesu: 0x2920
Čas spustenia chybujúcej aplikácie: 0x01d5c1b5855e3b98
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: f42766c8-d5d7-4cbd-be49-2c3e7e1a0f6d
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/02/2020 10:37:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: svchost.exe_CmService, verzia: 10.0.18362.1, časová značka: 0x32d6c210
Názov chybujúceho modulu: cmservice.dll, verzia: 10.0.18362.449, časová značka: 0xf508c810
Kód výnimky: 0xc0000420
Odstup chyby: 0x0000000000011984
Identifikácia chybujúceho procesu: 0x13e0
Čas spustenia chybujúcej aplikácie: 0x01d5bbcb56c98d47
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\svchost.exe
Cesta chybujúceho modulu: c:\windows\system32\cmservice.dll
Identifikácia hlásenia: 902869dc-e1fa-4071-9e66-91ebee0c2d7d
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

System errors:
=============
Error: (01/03/2020 08:47:54 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll

Error: (01/02/2020 11:32:57 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll

Error: (01/02/2020 11:32:57 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll

Error: (01/02/2020 11:32:57 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll

Error: (01/02/2020 11:32:56 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll

Error: (01/02/2020 11:32:56 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll

Error: (01/02/2020 10:44:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WMI Performance Adapter sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (01/02/2020 10:44:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Zero Configuration Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Windows Defender:
===================================
Date: 2019-12-10 12:52:07.171
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {F9A9CF7D-592A-4B4E-8E0C-68B7ED41E2E8}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-10 12:46:41.939
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {4B4C00EF-AA40-43F6-A448-CFB7DBE4A5D7}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-10 12:24:26.450
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {FAD37247-345C-426A-82F5-C064706BE13E}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-10 12:18:54.154
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {46283ABC-E724-4887-BC52-300B8908F3F4}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-10 12:13:45.420
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {3B5E7CE2-7B54-4D75-88DB-59A8EBB91517}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-13 08:30:39.723
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.307.309.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80072ee2
Error description: The operation timed out

Date: 2019-12-09 08:34:38.397
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.307.94.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80072ee2
Error description: The operation timed out

CodeIntegrity:
===================================

Date: 2020-01-03 11:38:57.557
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-03 11:38:57.553
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-03 11:38:57.392
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-03 11:38:57.388
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-03 11:38:20.244
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-03 11:38:20.234
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-03 11:38:20.227
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-03 11:38:20.218
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO JBET67WW (1.31 ) 12/14/2017
Motherboard: LENOVO 20BUS0X10N
Processor: Intel(R) Core(TM) i5-5300U CPU @ 2.30GHz
Percentage of memory in use: 39%
Total physical RAM: 7888.21 MB
Available physical RAM: 4739.31 MB
Total Virtual: 10888.21 MB
Available Virtual: 7690.57 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:231.62 GB) (Free:30.25 GB) NTFS

\\?\Volume{7df8241c-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{629458e4-0000-0000-0000-010000000000}\ (PortableBaseLayer) (Fixed) (Total:8 GB) (Free:7.6 GB) NTFS
\\?\Volume{7df8241c-0000-0000-0000-e0063a000000}\ () (Fixed) (Total:0.78 GB) (Free:0.25 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 7DF8241C)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=795 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 8 GB) (Disk ID: 629458E4)
Partition 1: (Not Active) - (Size=8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

#10 Příspěvek od **JaRon** » 03 led 2020 13:09

jednorazovo zaskocim:
tak podla Teba je Hascak virus

on je skor potentat

pozri nastavenie oznameni >> https://support.microsoft.com/sk-sk/hel ... n-settings

#11 Příspěvek od **Rudy** » 03 led 2020 13:45

Oznámení zkontrolujte podle kolegova návodu a pak otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [TCP Query User{F0D3B5CB-1291-4A69-9FE3-7470069A012E}C:\program files (x86)\garena\langames\langames.exe] => (Allow) C:\program files (x86)\garena\langames\langames.exe No File
FirewallRules: [UDP Query User{91B59855-E898-4309-A8AD-038A2EE71014}C:\program files (x86)\garena\langames\langames.exe] => (Allow) C:\program files (x86)\garena\langames\langames.exe No File
FirewallRules: [TCP Query User{6FBFB020-5670-4896-839B-DB5CB2493C41}C:\users\t450\desktop\warcraft-3-+-frozen-throne-cz-full-patched-1.26\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe] => (Allow) C:\users\t450\desktop\warcraft-3-+-frozen-throne-cz-full-patched-1.26\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe No File
FirewallRules: [UDP Query User{47E79E7D-9218-40FD-9305-75CEE3EE876E}C:\users\t450\desktop\warcraft-3-+-frozen-throne-cz-full-patched-1.26\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe] => (Allow) C:\users\t450\desktop\warcraft-3-+-frozen-throne-cz-full-patched-1.26\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe No File
HKLM-x32\...\Run: [] => [X]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {7EF281AC-2FC0-4D7B-B2D7-7BC1889CF198} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-15] (Google LLC -> Google LLC)
Task: {C99F66A7-9092-44AB-8F2C-628B23A391FD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-15] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

EmptyTemp:
Hosts:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

element · #12 Příspěvek od **element** » 04 led 2020 16:17

Pekne, pekne už mi to nejde

čiže bolo to toto? HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1,2,3,4 a pod.?? Ako som to chytil? Lebo toto už je druhý taký sprostý vírus za polroka.

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by T450 (03-01-2020 16:47:06) Run:1
Running from C:\Users\T450\Desktop
Loaded Profiles: T450 (Available Profiles: T450)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [TCP Query User{F0D3B5CB-1291-4A69-9FE3-7470069A012E}C:\program files (x86)\garena\langames\langames.exe] => (Allow) C:\program files (x86)\garena\langames\langames.exe No File
FirewallRules: [UDP Query User{91B59855-E898-4309-A8AD-038A2EE71014}C:\program files (x86)\garena\langames\langames.exe] => (Allow) C:\program files (x86)\garena\langames\langames.exe No File
FirewallRules: [TCP Query User{6FBFB020-5670-4896-839B-DB5CB2493C41}C:\users\t450\desktop\warcraft-3-+-frozen-throne-cz-full-patched-1.26\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe] => (Allow) C:\users\t450\desktop\warcraft-3-+-frozen-throne-cz-full-patched-1.26\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe No File
FirewallRules: [UDP Query User{47E79E7D-9218-40FD-9305-75CEE3EE876E}C:\users\t450\desktop\warcraft-3-+-frozen-throne-cz-full-patched-1.26\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe] => (Allow) C:\users\t450\desktop\warcraft-3-+-frozen-throne-cz-full-patched-1.26\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe No File
HKLM-x32\...\Run: [] => [X]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {7EF281AC-2FC0-4D7B-B2D7-7BC1889CF198} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-15] (Google LLC -> Google LLC)
Task: {C99F66A7-9092-44AB-8F2C-628B23A391FD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-15] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avg => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F0D3B5CB-1291-4A69-9FE3-7470069A012E}C:\program files (x86)\garena\langames\langames.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{91B59855-E898-4309-A8AD-038A2EE71014}C:\program files (x86)\garena\langames\langames.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6FBFB020-5670-4896-839B-DB5CB2493C41}C:\users\t450\desktop\warcraft-3-+-frozen-throne-cz-full-patched-1.26\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{47E79E7D-9218-40FD-9305-75CEE3EE876E}C:\users\t450\desktop\warcraft-3-+-frozen-throne-cz-full-patched-1.26\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7EF281AC-2FC0-4D7B-B2D7-7BC1889CF198}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EF281AC-2FC0-4D7B-B2D7-7BC1889CF198}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C99F66A7-9092-44AB-8F2C-628B23A391FD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C99F66A7-9092-44AB-8F2C-628B23A391FD}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 117984311 B
Java, Flash, Steam htmlcache => 1110 B
Windows/system/drivers => 3598216 B
Edge => 1278959 B
Chrome => 871142037 B
Firefox => 31818082 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 86284 B
NetworkService => 400350 B
T450 => 4208133 B

RecycleBin => 2090238560 B
EmptyTemp: => 2.9 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 16:48:02 ====

#13 Příspěvek od **Rudy** » 04 led 2020 17:59

Smazáno. Byly tam AdWary a zbytečnosti. Problémy vyřešeny?

element · #14 Příspěvek od **element** » 05 led 2020 00:08

Áno áno, všetko ide pekne.

Ďakujem za pomoc, nech sa darí!

#15 Příspěvek od **Rudy** » 05 led 2020 11:25

Já děkuji za přání a vy nemáte zač!

VIRY.CZ

Prosím o kontrolu logu, mám vyskakovacie reklamy na ploche

Prosím o kontrolu logu, mám vyskakovacie reklamy na ploche

Re: Prosím o kontrolu logu, mám vyskakovacie reklamy na ploc

Re: Prosím o kontrolu logu, mám vyskakovacie reklamy na ploc

Re: Prosím o kontrolu logu, mám vyskakovacie reklamy na ploc

Re: Prosím o kontrolu logu, mám vyskakovacie reklamy na ploc

Re: Prosím o kontrolu logu, mám vyskakovacie reklamy na ploc

Re: Prosím o kontrolu logu, mám vyskakovacie reklamy na ploc

Re: Prosím o kontrolu logu, mám vyskakovacie reklamy na ploc

Re: Prosím o kontrolu logu, mám vyskakovacie reklamy na ploc

Re: Prosím o kontrolu logu, mám vyskakovacie reklamy na ploc

Re: Prosím o kontrolu logu, mám vyskakovacie reklamy na ploc

Re: Prosím o kontrolu logu, mám vyskakovacie reklamy na ploc

Re: Prosím o kontrolu logu, mám vyskakovacie reklamy na ploc

Re: Prosím o kontrolu logu, mám vyskakovacie reklamy na ploc

Re: Prosím o kontrolu logu, mám vyskakovacie reklamy na ploc