Právě je 20 říj 2019 16:12

Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Všechny časy jsou v UTC + 1 hodina


Pravidla fóra


Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz



Odeslat nové téma Odpovědět na téma  [ Příspěvků: 8 ] 
Autor Zpráva
 Předmět příspěvku: Preventivní kontrola
PříspěvekNapsal: 16 zář 2019 14:16 
Offline
Návštěvník
Návštěvník

Registrován: 16 zář 2019 14:13
Příspěvky: 4
Dobrý den,

prosím o kontrolu logu. Doufám, že nestandartní chování Woken bude způsobeno poslední aktualizací.

FRST:
Kód:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-09-2019
Ran by Python.P (administrator) on WKS-7700 (Gigabyte Technology Co., Ltd. Z170-D3H) (16-09-2019 14:59:27)
Running from C:\Users\Python.P\Desktop
Loaded Profiles: Python.P (Available Profiles: Python.P & Visitor)
Platform: Windows 10 Pro Version 1809 17763.678 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Discord Inc. -> Discord Inc.) C:\Users\Python.P\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Python.P\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Python.P\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Python.P\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Python.P\AppData\Local\Discord\app-0.0.305\Discord.exe
(Eaton Corp -> ) C:\Program Files (x86)\Eaton\UPSCompanion\mc2.exe
(Eaton Corp -> ) C:\Program Files (x86)\Eaton\UPSCompanion\mc2.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\IntelCpHeciSvc.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avpui.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Python.P\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19071.901.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LsaIso.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vmcompute.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vmms.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.733_none_7e30c51b4cee0b94\TiWorker.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Spotify AB -> Spotify Ltd) [File not signed] C:\Users\Python.P\AppData\Roaming\Spotify\Spotify.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
Failed to access process -> ctfmon.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-01-18] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Eaton Systray Launcher] => C:\Program Files (x86)\Eaton\UPSCompanion\mc2.exe [2806176 2019-06-25] (Eaton Corp -> )
HKU\S-1-5-21-1762167972-3585315150-2067723066-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3210528 2019-09-10] (Valve -> Valve Corporation)
HKU\S-1-5-21-1762167972-3585315150-2067723066-1001\...\Run: [Discord] => C:\Users\Python.P\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1762167972-3585315150-2067723066-1001\...\Run: [Spotify] => C:\Users\Python.P\AppData\Roaming\Spotify\Spotify.exe [24194464 2019-09-04] (Spotify AB -> Spotify Ltd) [File not signed]
HKU\S-1-5-21-1762167972-3585315150-2067723066-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3115792 2019-08-29] (Electronic Arts, Inc. -> Electronic Arts) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.75\Installer\chrmstp.exe [2019-09-16] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02EE4742-CA71-4DF7-8C32-8B79012E5E02} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {31D987F9-3CB2-4795-9C62-2517C7A7124D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2174624 2019-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {50B04C77-1A21-48BD-A5C2-2FA19C0A95CD} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [572456 2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {51EE5D31-2FA7-4B95-BF4F-ABE3C3431A9F} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {53F2CA7C-CDB9-4D1D-9D7B-BF24B78FA1CC} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [157144 2019-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {766296E9-0A68-4D3C-8F71-78B7A683AC1E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2174624 2019-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {79169375-9F21-4D6E-BA81-B3AC0F6E2996} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2345608 2019-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {7EC2E189-D5FF-42E1-BAC4-88CF0B0C0C8F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-08] (Google Inc -> Google LLC)
Task: {A0B39222-EC3E-4C00-BB6C-FEE4F5BBAC56} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [791232 2019-09-05] (Kaspersky Lab -> AO Kaspersky Lab)
Task: {A2DE2F34-1624-4F7D-A999-E72884CA5637} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AE26286D-DED0-4479-BDCA-D72EC857915F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367016 2019-08-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3410DDD-D632-4383-94D0-F17BE6B08A54} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [840744 2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D7C76CB6-0641-445A-A6D0-4E4098C618D7} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [840744 2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DBD43C9B-3C9D-42F1-8ACF-0072E57C9C94} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367016 2019-08-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {E4320F32-5615-4A24-AC03-1C1B2A9D2581} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FACCE405-B7AE-48C6-9EAE-0D442D922C9C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-08] (Google Inc -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{8b1c8a85-b6e1-4726-b8e7-976834220e4c}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{93cf81b1-0acf-44b2-ab09-6638707e06b9}: [DhcpNameServer] 192.168.88.1 10.100.160.1 10.100.160.7

Internet Explorer:
==================
HKU\S-1-5-21-1762167972-3585315150-2067723066-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-08-31] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: sx7ep370.default
FF ProfilePath: C:\Users\Python.P\AppData\Roaming\Mozilla\Firefox\Profiles\sx7ep370.default [2019-09-16]
FF Homepage: Mozilla\Firefox\Profiles\sx7ep370.default -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\sx7ep370.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10420__190321
FF Extension: (Dark Reader) - C:\Users\Python.P\AppData\Roaming\Mozilla\Firefox\Profiles\sx7ep370.default\Extensions\addon@darkreader.org.xpi [2019-08-26]
FF Extension: (TinEye Reverse Image Search) - C:\Users\Python.P\AppData\Roaming\Mozilla\Firefox\Profiles\sx7ep370.default\Extensions\tineye@ideeinc.com.xpi [2019-07-10]
FF Extension: (Tree Tabs) - C:\Users\Python.P\AppData\Roaming\Mozilla\Firefox\Profiles\sx7ep370.default\Extensions\TreeTabs@jagiello.it.xpi [2019-03-06]
FF Extension: (Hidebar) - C:\Users\Python.P\AppData\Roaming\Mozilla\Firefox\Profiles\sx7ep370.default\Extensions\{0f3f16a9-745e-4c3b-8e3a-050038c53cec}.xpi [2019-03-06]
FF Extension: (Cryptonite - Online Identity Protection) - C:\Users\Python.P\AppData\Roaming\Mozilla\Firefox\Profiles\sx7ep370.default\Extensions\{721a41c0-5e10-45a9-8347-ede4ec3183e8}.xpi [2019-03-14]
FF Extension: (No Name) - C:\Users\Python.P\AppData\Roaming\Mozilla\Firefox\Profiles\sx7ep370.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-08-22]
FF Extension: (Think pad) - C:\Users\Python.P\AppData\Roaming\Mozilla\Firefox\Profiles\sx7ep370.default\Extensions\{dda2bd43-f278-46d6-861b-c82871c368fd}.xpi [2019-05-14]
FF Extension: (Thinkpad White) - C:\Users\Python.P\AppData\Roaming\Mozilla\Firefox\Profiles\sx7ep370.default\Extensions\{e5374265-0e5a-43cd-b731-5fd1ac8c3793}.xpi [2019-05-14]
FF HKLM\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Ochrana Kaspersky) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2019-09-05]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-07-08] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-07-08] (Google Inc -> Google LLC)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-09-06] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-09-06] <==== ATTENTION

Chrome:
=======
CHR Profile: C:\Users\Python.P\AppData\Local\Google\Chrome\User Data\Default [2019-09-06]
CHR Extension: (Prezentace) - C:\Users\Python.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-07-08]
CHR Extension: (Ochrana Kaspersky) - C:\Users\Python.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2019-09-06]
CHR Extension: (Dokumenty) - C:\Users\Python.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-07-08]
CHR Extension: (Disk Google) - C:\Users\Python.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-07-08]
CHR Extension: (YouTube) - C:\Users\Python.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-07-08]
CHR Extension: (Tabulky) - C:\Users\Python.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-07-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\Python.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-07-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Python.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-07-08]
CHR Extension: (Gmail) - C:\Users\Python.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-07-08]
CHR Extension: (Chrome Media Router) - C:\Users\Python.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-08]
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe [619640 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8577760 2019-03-25] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11568144 2019-08-30] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2018-11-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Eaton UPSCompanion; C:\Program Files (x86)\Eaton\UPSCompanion\mc2.exe [2806176 2019-06-25] (Eaton Corp -> )
S3 HgClientService; C:\Windows\system32\hgclientservice.dll [149504 2019-03-06] (Microsoft Windows -> Microsoft Corporation)
R3 hns; C:\Windows\System32\HostNetSvc.dll [2880000 2019-07-09] (Microsoft Windows -> Microsoft Corporation)
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\vssbridge64.exe [414352 2019-09-05] (Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R3 nvagent; C:\Windows\System32\NvAgent.dll [41272 2019-03-06] (Microsoft Windows -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2329904 2019-08-29] (Electronic Arts, Inc. -> Electronic Arts) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5356848 2019-08-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12001112 2019-08-07] (TeamViewer GmbH -> TeamViewer GmbH)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [694016 2019-07-12] (Oracle Corporation -> Oracle Corporation)
R3 vmcompute; C:\Windows\system32\vmcompute.exe [3340600 2019-08-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [59904 2015-02-06] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (Kaspersky Lab -> AO Kaspersky Lab)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
S3 gdrv; C:\Windows\gdrv.sys [26192 2019-03-06] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
R3 hvsocketcontrol; C:\Windows\system32\drivers\hvsocketcontrol.sys [36384 2019-03-06] (Microsoft Windows -> Microsoft Corporation)
R1 HWiNFO; C:\Windows\system32\drivers\HWiNFO64A.SYS [66128 2019-03-06] (Martin Malik - REALiX -> REALiX(tm))
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [75600 2019-08-08] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [126288 2019-08-08] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [91472 2019-08-08] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29208 2017-03-30] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [236672 2019-09-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLHK; C:\Windows\System32\drivers\klhk.sys [1093240 2019-09-05] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\klids.sys [197760 2019-09-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1168000 2019-09-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [58704 2019-08-08] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [60536 2019-08-08] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [60784 2019-08-08] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [50304 2019-08-08] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [46416 2019-08-08] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\drivers\kltap.sys [48080 2018-02-12] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [245272 2019-09-05] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klupd_klif_kimul; C:\Windows\System32\Drivers\klupd_klif_kimul.sys [99152 2019-09-05] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [302368 2019-09-05] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [116104 2019-09-05] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [198768 2019-09-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [104576 2019-08-08] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [184960 2019-08-08] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [218240 2019-08-08] (Kaspersky Lab -> AO Kaspersky Lab)
S3 l2bridge; C:\Windows\System32\drivers\l2bridge.sys [40248 2019-03-06] (Microsoft Windows -> Microsoft Corporation)
S3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [51848 2019-06-25] (Eaton Corp -> hxxp://libusb-win32.sourceforge.net)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [199768 2019-09-16] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [224408 2019-09-16] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2019-09-16] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-09-16] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [116112 2019-09-16] (Malwarebytes Corporation -> Malwarebytes)
S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [23040 2018-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7a8e74171e1b8492\nvlddmkm.sys [20736208 2019-03-02] (NVIDIA Corporation -> NVIDIA Corporation)
S3 pcip; C:\Windows\System32\drivers\pcip.sys [57856 2019-03-06] (Microsoft Windows -> Microsoft Corporation)
S3 ramparser; C:\Windows\System32\drivers\ramparser.sys [41984 2019-03-06] (Microsoft Windows -> Microsoft Corporation)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 Synth3dVsp; C:\Windows\System32\drivers\synth3dvsp.sys [107008 2019-03-06] (Microsoft Windows -> Microsoft Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2018-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [237584 2019-07-12] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [248464 2019-07-12] (Oracle Corporation -> Oracle Corporation)
R1 VfpExt; C:\Windows\System32\drivers\vfpext.sys [1409024 2019-06-24] (Microsoft Windows -> Microsoft Corporation)
R0 VMSNPXY; C:\Windows\System32\drivers\VmsProxyHNic.sys [37920 2019-03-06] (Microsoft Windows -> Microsoft Corporation)
R3 VMSNPXYMP; C:\Windows\System32\drivers\VmsProxyHNic.sys [37920 2019-03-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [47496 2019-07-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [344288 2019-07-26] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54496 2019-07-26] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: HgClientService -> C:\Windows\system32\hgclientservice.dll (Microsoft Corporation)
NETSVC: nvagent -> C:\Windows\System32\NvAgent.dll (Microsoft Corporation)
NETSVC: hns -> C:\Windows\System32\HostNetSvc.dll (Microsoft Corporation)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-09-16 14:59 - 2019-09-16 15:00 - 000031147 _____ C:\Users\Python.P\Desktop\FRST.txt
2019-09-16 14:56 - 2019-09-16 14:56 - 000224408 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-09-16 14:56 - 2019-09-16 14:56 - 000199768 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-09-16 14:56 - 2019-09-16 14:56 - 000116112 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-09-16 14:56 - 2019-09-16 14:56 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-09-16 14:52 - 2019-09-16 14:59 - 000000000 ____D C:\FRST
2019-09-16 14:51 - 2019-09-16 14:51 - 001614848 _____ (Farbar) C:\Users\Python.P\Desktop\FRST64.exe
2019-09-16 14:48 - 2019-09-16 14:48 - 000000000 ___HD C:\OneDriveTemp
2019-09-06 20:18 - 2019-09-06 20:18 - 000000000 ____D C:\Users\Python.P\Desktop\Avira-PC-Cleaner
2019-09-06 20:18 - 2019-09-06 19:52 - 000350616 _____ (Avira Operations GmbH & Co. KG) C:\Users\Python.P\Desktop\Cleaner-launcher.exe
2019-09-06 20:16 - 2019-09-16 14:56 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-09-06 20:16 - 2019-09-06 20:16 - 000000080 ___SH C:\bootTel.dat
2019-09-06 19:56 - 2019-09-06 19:59 - 000345044 _____ C:\Windows\ntbtlog.txt
2019-09-05 05:36 - 2019-09-05 05:36 - 000302368 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys
2019-09-05 05:35 - 2019-09-05 05:35 - 000245272 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys
2019-09-05 05:35 - 2019-09-05 05:35 - 000198768 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys
2019-09-05 05:35 - 2019-09-05 05:35 - 000116104 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys
2019-09-05 05:35 - 2019-09-05 05:35 - 000099152 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_kimul.sys
2019-09-05 05:35 - 2019-09-05 05:35 - 000003240 _____ C:\Windows\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2019-09-05 05:35 - 2019-09-05 05:35 - 000002243 _____ C:\Users\Public\Desktop\Ochrana financí.lnk
2019-09-05 05:35 - 2019-09-05 05:35 - 000002225 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2019-09-05 05:35 - 2019-09-05 05:35 - 000001261 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2019-09-05 05:35 - 2019-09-05 05:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2019-09-05 05:35 - 2019-09-05 05:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2019-09-05 05:35 - 2019-09-05 05:35 - 000000000 ____D C:\Program Files\Common Files\AV
2019-09-05 05:34 - 2019-09-16 14:58 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-09-05 05:34 - 2019-09-05 05:35 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2019-09-05 05:34 - 2019-09-05 05:34 - 001168000 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2019-09-05 05:34 - 2019-09-05 05:34 - 001093240 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2019-09-05 05:34 - 2019-09-05 05:34 - 000236672 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2019-09-05 05:34 - 2019-09-05 05:34 - 000151768 _____ (AO Kaspersky Lab) C:\Windows\system32\klhkum.dll
2019-09-05 05:34 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2019-09-05 05:33 - 2019-09-05 05:33 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2019-09-05 05:32 - 2019-09-05 05:32 - 002509880 _____ (Kaspersky Lab) C:\Users\Python.P\Downloads\kis19.0.0.1088cs_14101.exe
2019-09-05 05:28 - 2019-09-06 20:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-09-04 22:08 - 2019-09-04 22:08 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-09-04 22:08 - 2019-09-04 22:08 - 000000000 ____D C:\Users\Python.P\AppData\Local\mbamtray
2019-09-04 22:08 - 2019-09-04 22:08 - 000000000 ____D C:\Users\Python.P\AppData\Local\mbam
2019-09-04 22:08 - 2019-09-04 22:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-09-04 22:08 - 2019-09-04 22:08 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-09-04 22:08 - 2019-09-04 22:08 - 000000000 ____D C:\Program Files\Malwarebytes
2019-09-04 22:08 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2019-09-04 22:08 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-09-04 22:07 - 2019-09-04 22:07 - 064333800 _____ (Malwarebytes ) C:\Users\Python.P\Downloads\mb3-setup-43841.43841-3.8.3.2965-1.0.613-1.0.11270.exe
2019-09-04 20:28 - 2019-09-05 00:56 - 000000000 ____D C:\Windows\Minidump
2019-08-31 12:28 - 2019-08-31 12:28 - 239689469 _____ C:\Users\Python.P\Downloads\MAXON.Cinebench_20.0.4.0_x64.Appx
2019-08-31 12:14 - 2019-08-31 12:18 - 1007962152 _____ C:\Users\Python.P\Downloads\Mluv s ní_2002_drama_DVDRip_CZdabink-Lt.avi
2019-08-31 12:13 - 2019-08-31 12:17 - 1431636214 _____ C:\Users\Python.P\Downloads\Vsichni to vedi Everybody Knows 2018 cz.tit.avi
2019-08-31 11:34 - 2019-08-31 11:48 - 000000000 ____D C:\ESD
2019-08-31 11:32 - 2019-08-31 11:32 - 019256968 _____ (Microsoft Corporation) C:\Users\Python.P\Downloads\MediaCreationTool1903.exe
2019-08-31 11:32 - 2019-08-31 11:32 - 000000000 ___HD C:\$Windows.~WS
2019-08-31 11:32 - 2019-08-31 11:32 - 000000000 ____D C:\$WINDOWS.~BT
2019-08-31 11:12 - 2019-08-31 11:14 - 550605336 _____ C:\Users\Python.P\Downloads\Pustina - 8.díl - cz seriál (2016)--MH.avi
2019-08-31 11:12 - 2019-08-31 11:14 - 536201912 _____ C:\Users\Python.P\Downloads\Pustina - 7.díl - cz seriál (2016)--MH.avi
2019-08-31 11:07 - 2019-08-31 11:10 - 602956128 _____ C:\Users\Python.P\Downloads\Pustina - 6.díl - cz seriál (2016)--MH.avi
2019-08-31 11:07 - 2019-08-31 11:10 - 562318620 _____ C:\Users\Python.P\Downloads\Pustina - 4.díl - cz seriál  (2016)--MH.avi
2019-08-31 11:07 - 2019-08-31 11:10 - 506423172 _____ C:\Users\Python.P\Downloads\Pustina - 5.díl - cz seriál (2016)--MH.avi
2019-08-31 11:03 - 2019-08-31 11:06 - 590866246 _____ C:\Users\Python.P\Downloads\Pustina - 1.díl - cz seriál (2016)--MH.avi
2019-08-31 11:03 - 2019-08-31 11:06 - 573613742 _____ C:\Users\Python.P\Downloads\Pustina - 2.díl - cz seriál  (2016)--MH.avi
2019-08-31 11:03 - 2019-08-31 11:06 - 563229998 _____ C:\Users\Python.P\Downloads\Pustina - 3.díl - cz seriál (2016)--MH.avi
2019-08-31 08:08 - 2019-08-31 08:09 - 000000000 ____D C:\Users\Python.P\Downloads\The Lives Of Others [Das Leben Der Anderen].2006.BRRip.XviD-VLiS
2019-08-31 08:03 - 2019-08-31 08:09 - 3183607169 _____ C:\Users\Python.P\Downloads\Das.schweigende.Klassenzimmer.2018.Cz.Sub.German.DTS.1080p.BluRay.x265.mkv
2019-08-31 07:58 - 2019-08-31 07:58 - 000000000 ____D C:\Users\Python.P\.swt
2019-08-31 07:57 - 2019-08-31 08:09 - 000000000 ____D C:\Users\Python.P\AppData\Roaming\Azureus
2019-08-31 07:57 - 2019-08-31 07:57 - 000091808 _____ (Azureus Software, Inc.) C:\Users\Python.P\Downloads\VuzeBittorrentClientInstaller.exe
2019-08-28 05:45 - 2019-08-28 05:46 - 000000000 ____D C:\Users\Python.P\Downloads\Metro 2035
2019-08-26 22:28 - 2019-08-26 22:31 - 386961988 _____ C:\Users\Python.P\Downloads\Testovací projekt.rar
2019-08-26 20:54 - 2019-08-26 21:02 - 2182256169 _____ C:\Users\Python.P\Downloads\programy pro test.rar
2019-08-21 22:14 - 2019-08-21 22:14 - 000000000 ____D C:\Users\Python.P\Desktop\Saved
2019-08-21 20:48 - 2019-09-06 20:20 - 000000000 ____D C:\Users\Python.P\AppData\Local\CrystalDiskMark
2019-08-21 16:08 - 2019-08-21 16:13 - 2908140879 _____ C:\Users\Python.P\Downloads\Fotograf-(2015)-720p-CZ.mkv
2019-08-18 19:29 - 2019-08-18 19:29 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-09-16 15:01 - 2019-03-31 10:11 - 000000000 ____D C:\Users\Python.P\AppData\Local\CrashDumps
2019-09-16 14:58 - 2019-03-06 19:13 - 000000000 ____D C:\Users\Python.P\AppData\LocalLow\Mozilla
2019-09-16 14:58 - 2018-09-15 09:23 - 000000000 ____D C:\Windows\CbsTemp
2019-09-16 14:57 - 2019-03-22 09:03 - 000000000 ____D C:\ProgramData\Origin
2019-09-16 14:57 - 2019-03-06 20:11 - 000000000 ____D C:\Users\Python.P\AppData\Roaming\Discord
2019-09-16 14:57 - 2019-03-06 19:30 - 000000000 ____D C:\Program Files (x86)\Steam
2019-09-16 14:57 - 2019-03-06 18:35 - 000000000 ___RD C:\Users\Python.P\OneDrive
2019-09-16 14:56 - 2019-03-06 21:19 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-09-16 14:56 - 2019-03-06 21:17 - 000000439 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2019-09-16 14:56 - 2019-03-06 18:38 - 000000000 ____D C:\ProgramData\NVIDIA
2019-09-16 14:56 - 2019-03-06 18:36 - 000000000 __SHD C:\Users\Python.P\IntelGraphicsProfiles
2019-09-16 14:56 - 2019-03-06 18:33 - 000000000 ____D C:\Users\Python.P
2019-09-16 14:56 - 2019-03-06 18:23 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-09-16 14:56 - 2019-03-06 18:22 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-09-16 14:56 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-09-16 14:53 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-09-16 14:53 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\AppReadiness
2019-09-16 14:52 - 2019-03-08 20:11 - 000000000 ____D C:\Program Files\Microsoft Office
2019-09-16 14:51 - 2019-07-08 22:06 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-09-16 14:51 - 2019-07-08 22:06 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-09-16 14:51 - 2019-03-29 13:27 - 000004204 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{72E91DE3-CF3D-4D91-A565-A8799D4A62CB}
2019-09-16 14:51 - 2019-03-06 18:31 - 001606106 _____ C:\Windows\system32\PerfStringBackup.INI
2019-09-16 14:51 - 2018-09-15 19:39 - 000682526 _____ C:\Windows\system32\perfh005.dat
2019-09-16 14:51 - 2018-09-15 19:39 - 000137244 _____ C:\Windows\system32\perfc005.dat
2019-09-16 14:51 - 2018-09-15 09:31 - 000000000 ____D C:\Windows\INF
2019-09-16 14:48 - 2019-03-06 18:36 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2019-09-16 14:48 - 2019-03-06 18:35 - 000003372 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1762167972-3585315150-2067723066-1001
2019-09-16 14:48 - 2019-03-06 18:33 - 000002374 _____ C:\Users\Python.P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-09-06 21:05 - 2019-03-06 22:50 - 000000000 ____D C:\Users\Python.P\AppData\Local\ElevatedDiagnostics
2019-09-06 20:26 - 2019-03-06 18:33 - 000000000 ____D C:\Users\Python.P\AppData\Local\Packages
2019-09-06 19:59 - 2018-09-15 08:09 - 001048576 _____ C:\Windows\system32\config\BBI
2019-09-06 19:53 - 2019-03-06 19:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-09-05 05:36 - 2019-05-14 19:19 - 000000000 ____D C:\Users\Visitor
2019-09-05 05:35 - 2018-09-15 08:09 - 000032768 _____ C:\Windows\system32\config\ELAM
2019-09-05 05:34 - 2018-09-15 09:33 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-09-05 05:30 - 2019-03-06 19:13 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-09-04 20:51 - 2019-06-19 11:09 - 000000000 ____D C:\Users\Python.P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-09-04 20:51 - 2019-03-08 09:25 - 000000222 _____ C:\Users\Python.P\Desktop\PLAYERUNKNOWN'S BATTLEGROUNDS.url
2019-09-04 20:20 - 2019-03-06 18:46 - 000000000 ____D C:\Users\Python.P\AppData\Local\Comms
2019-09-04 20:19 - 2019-03-22 09:49 - 000000000 ____D C:\Program Files (x86)\Origin
2019-09-04 20:19 - 2019-03-07 00:08 - 000000000 ____D C:\Users\Python.P\AppData\Roaming\Spotify
2019-09-01 08:21 - 2019-03-07 00:08 - 000000000 ____D C:\Users\Python.P\AppData\Local\Spotify
2019-08-31 11:48 - 2019-03-06 18:22 - 000000000 ____D C:\Windows\Panther
2019-08-31 08:10 - 2019-03-27 17:26 - 000000000 ____D C:\Users\Python.P\AppData\Roaming\vlc
2019-08-31 07:56 - 2019-03-21 16:19 - 000000000 ____D C:\Users\Python.P\AppData\LocalLow\uTorrent
2019-08-31 07:53 - 2019-03-21 16:19 - 000000000 ____D C:\Users\Python.P\AppData\Local\BitTorrentHelper
2019-08-31 05:02 - 2018-09-15 09:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-08-28 05:46 - 2019-03-19 12:06 - 000000000 ____D C:\Users\Python.P\AppData\Roaming\Apple Computer
2019-08-25 21:43 - 2019-03-06 21:19 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-08-25 21:43 - 2019-03-06 21:19 - 000001028 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk
2019-08-21 22:01 - 2019-03-06 18:58 - 000000000 ____D C:\Users\Python.P\AppData\Local\D3DSCache
2019-08-21 21:57 - 2019-08-10 20:52 - 000212992 _____ C:\Windows\system32\ClickToRun_Pipeline16

==================== Files in the root of some directories ================

2019-06-19 11:44 - 2019-06-19 11:44 - 000007601 _____ () C:\Users\Python.P\AppData\Local\Resmon.ResmonCfg

==================== FLock ================

2019-03-06 18:29 C:\Windows\CSC

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================


RSIT:
Kód:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Python.P at 2019-09-16 15:04:14
Microsoft Windows 10 Pro
System drive C: has 54 GB (22%) free of 244 GB
Total RAM: 16270 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:04:19, on 16.09.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17763.0592)
Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avpui.exe
C:\Users\Python.P\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Python.P\AppData\Local\Discord\app-0.0.305\Discord.exe
C:\Users\Python.P\AppData\Local\Discord\app-0.0.305\Discord.exe
C:\Users\Python.P\AppData\Local\Discord\app-0.0.305\Discord.exe
C:\Users\Python.P\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Python.P\AppData\Local\Discord\app-0.0.305\Discord.exe
C:\Users\Python.P\AppData\Local\Discord\app-0.0.305\Discord.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Eaton\UPSCompanion\mc2.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe
C:\Program Files\trend micro\Python.P.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O4 - HKLM\..\Run: [Eaton Systray Launcher] "C:\Program Files (x86)\Eaton\UPSCompanion\mc2.exe" -systray
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Python.P\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Discord] C:\Users\Python.P\AppData\Local\Discord\app-0.0.305\Discord.exe
O4 - HKCU\..\Run: [Spotify] C:\Users\Python.P\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Služba Kaspersky Anti-Virus 19.0.0 (AVP19.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: Eaton UPS Companion (Eaton UPSCompanion) - Unknown owner - C:\Program Files (x86)\Eaton\UPSCompanion\mc2.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.75\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxCUIService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: klvssbridge64_19.0.0 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\vssbridge64.exe
O23 - Service: Služba Kaspersky Secure Connection 3.0.0 (KSDE3.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 14 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VirtualBox system service (VBoxSDS) - Oracle Corporation - C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vmcompute.exe,-100 (vmcompute) - Unknown owner - C:\Windows\system32\vmcompute.exe (file missing)
O23 - Service: @%systemroot%\system32\vmms.exe,-10 (vmms) - Unknown owner - C:\Windows\system32\vmms.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13096 bytes

======Listing Processes======










winlogon.exe


C:\Windows\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\Windows\system32\svchost.exe -k DcomLaunch -p
C:\Windows\system32\svchost.exe -k RPCSS -p
C:\Windows\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\Windows\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\Windows\system32\svchost.exe -k netsvcs -p -s DsmSvc
C:\Windows\System32\svchost.exe -k NetworkService -s TermService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\Windows\system32\svchost.exe -k netsvcs -p -s Schedule
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\Windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s HvHost
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\Windows\system32\svchost.exe -k LocalService -p -s EventSystem
C:\Windows\system32\svchost.exe -k LocalService -p -s nsi
C:\Windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
C:\Windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s UmRdpService
C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k appmodel -p -s StateRepository
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-0783e6f0-35f2-451a-b6bc-b4ea0d45eaa9 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-5422213a-5688-4683-afe3-b95379d4ef38 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-6205d609-0d7e-45dd-b88b-d21ccfabf176 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-1f2113bd-9cd3-47c6-addf-012e31d869c4 -LifetimeId:a544acc6-7bd4-4cad-b222-cd75f721d8e8 -DeviceGroupId:WpdFsGroup -HostArg:0
C:\Windows\System32\svchost.exe -k NetworkService -p -s NlaSvc
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\Windows\system32\svchost.exe -k netsvcs -s CertPropSvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\Windows\System32\svchost.exe -k netsvcs -p -s Themes
C:\Windows\System32\svchost.exe -k LocalService -p -s netprofm
C:\Windows\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\Windows\System32\svchost.exe -k netsvcs -p -s SessionEnv
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\Windows\system32\svchost.exe -k LocalService -p -s FontCache

C:\Windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\Windows\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\Windows\system32\svchost.exe -k netsvcs -p -s wuauserv

C:\Windows\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\Windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted -p -s PolicyAgent
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\IntelCpHeciSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\IntelCpHDCPSvc.exe
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc -p

"C:\Program Files (x86)\Eaton\UPSCompanion\mc2.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS

C:\Windows\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\Windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
"C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\Windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\Windows\system32\vmms.exe
dashost.exe {a3f7369f-c5fe-44c3-acc3a05530958722}
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\Windows\System32\svchost.exe -k netsvcs

C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\Windows\system32\vmcompute.exe
C:\Windows\system32\svchost.exe -k NetSvcs -p -s hns
C:\Windows\system32\svchost.exe -k NetSvcs -s nvagent
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000  -c
C:\Windows\System32\svchost.exe -k netsvcs -p -s SharedAccess
C:\Windows\system32\svchost.exe -k LocalService -p -s fdPHost
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s FDResPub
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
sihost.exe
C:\Windows\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\Windows\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
C:\Windows\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
"ctfmon.exe"
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks  --log C:\Program Files (x86)\TeamViewer\TeamViewer14_Logfile.log 
"C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe"
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks  --log C:\Program Files (x86)\TeamViewer\TeamViewer14_Logfile.log 
"C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe"
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
C:\Windows\Explorer.EXE
"C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxEM.exe"
C:\Windows\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avpui.exe" -hidden
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\Windows\System32\svchost.exe -k LocalService -p -s LicenseManager
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19071.901.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
C:\Windows\system32\SettingSyncHost.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\AUDIODG.EXE 0x638
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Windows\System32\SecurityHealthSystray.exe"

"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Users\Python.P\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Users\Python.P\AppData\Local\Discord\app-0.0.305\Discord.exe"
"C:\Users\Python.P\AppData\Local\Discord\app-0.0.305\Discord.exe" --type=gpu-process --enable-features=SharedArrayBuffer --no-sandbox --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=14575537962603913704 --mojo-platform-channel-handle=1532 /prefetch:2
"C:\Users\Python.P\AppData\Local\Discord\app-0.0.305\Discord.exe" --type=renderer --no-sandbox --autoplay-policy=no-user-gesture-required --force-color-profile=srgb --enable-features=SharedArrayBuffer --service-pipe-token=16628144190070631093 --lang=cs --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Python.P\AppData\Local\Discord\app-0.0.305\resources\app.asar" --node-integration=true --webview-tag=true --no-sandbox --background-color=#fff --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=16628144190070631093 --renderer-client-id=4 --mojo-platform-channel-handle=2036 /prefetch:1
"C:\Users\Python.P\AppData\Roaming\Spotify\Spotify.exe" --autostart --minimized
C:\Users\Python.P\AppData\Local\Discord\app-0.0.305\Discord.exe --reporter-url=https://sentry.io/api/146342/minidump/?sentry_key=384ce4413de74fe0be270abe03b2b35a --application-name=Discord "--crashes-directory=C:\Users\Python.P\AppData\Local\Temp\Discord Crashes" --v=1
"C:\Users\Python.P\AppData\Local\Discord\app-0.0.305\Discord.exe" --type=renderer --no-sandbox --autoplay-policy=no-user-gesture-required --force-color-profile=srgb --enable-features=SharedArrayBuffer --service-pipe-token=10439370594783811416 --lang=cs --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Python.P\AppData\Local\Discord\app-0.0.305\resources\app.asar" --node-integration=false --webview-tag=false --no-sandbox --native-window-open --preload="C:\Users\Python.P\AppData\Roaming\discord\0.0.305\modules\discord_desktop_core\core.asar\app\mainScreenPreload.js" --background-color=#2f3136 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=10439370594783811416 --renderer-client-id=6 --mojo-platform-channel-handle=2660 /prefetch:1
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=cs_CZ" "-cachedir=C:\Users\Python.P\AppData\Local\Steam\htmlcache" "-steampid=6320" "-buildid=1568150115" "-steamid=0" "-steamuniverse=Dev" "-clientui=C:\Program Files (x86)\Steam\clientui" --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --enable-media-stream --enable-smooth-scrolling --num-raster-threads=4 --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\Python.P\AppData\Local\CEF\User Data" --url=http://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1568150115 --initial-client-data=0x2e8,0x2e0,0x2a8,0x2e4,0x2a4,0x7ffd5700f760,0x7ffd5700f770,0x7ffd5700f780
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --field-trial-handle=1288,14296218020594849464,16442459043742056305,131072 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=cs-CZ --buildid=1568150115 --steamid=0 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=11576988446008903752 --mojo-platform-channel-handle=1404 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Eaton\UPSCompanion\mc2.exe" -systray
C:\Windows\System32\svchost.exe -k netsvcs -p -s BDESVC
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --field-trial-handle=1288,14296218020594849464,16442459043742056305,131072 --service-pipe-token=3348212437180067323 --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1568150115 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=3348212437180067323 --renderer-client-id=3 --mojo-platform-channel-handle=2184 /prefetch:1
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --field-trial-handle=1288,14296218020594849464,16442459043742056305,131072 --service-pipe-token=10655089912245409234 --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1568150115 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=10655089912245409234 --renderer-client-id=4 --mojo-platform-channel-handle=2484 /prefetch:1
"C:\Program Files\Mozilla Firefox\firefox.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="8752.0.887560992\1296065246" -parentBuildID 20190827005903 -prefsHandle 1908 -prefMapHandle 1932 -prefsLen 1 -prefMapSize 209313 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 8752 "\\.\pipe\gecko-crash-server-pipe.8752" 2108 gpu
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="8752.1.186441530\1455309383" -childID 1 -isForBrowser -prefsHandle 3060 -prefMapHandle 3064 -prefsLen 125 -prefMapSize 209313 -parentBuildID 20190827005903 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 8752 "\\.\pipe\gecko-crash-server-pipe.8752" 2904 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="8752.13.479214331\1640146541" -childID 2 -isForBrowser -prefsHandle 5056 -prefMapHandle 5060 -prefsLen 365 -prefMapSize 209313 -parentBuildID 20190827005903 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 8752 "\\.\pipe\gecko-crash-server-pipe.8752" 5068 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="8752.21.1826416237\1778153034" -childID 4 -isForBrowser -prefsHandle 5852 -prefMapHandle 5620 -prefsLen 7038 -prefMapSize 209313 -parentBuildID 20190827005903 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 8752 "\\.\pipe\gecko-crash-server-pipe.8752" 5920 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="8752.28.95451738\173750507" -childID 5 -isForBrowser -prefsHandle 5920 -prefMapHandle 5944 -prefsLen 7038 -prefMapSize 209313 -parentBuildID 20190827005903 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 8752 "\\.\pipe\gecko-crash-server-pipe.8752" 5932 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="8752.35.1165244887\1042505677" -childID 6 -isForBrowser -prefsHandle 5612 -prefMapHandle 5060 -prefsLen 7038 -prefMapSize 209313 -parentBuildID 20190827005903 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 8752 "\\.\pipe\gecko-crash-server-pipe.8752" 5460 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="8752.42.1784209877\659094343" -childID 7 -isForBrowser -prefsHandle 6208 -prefMapHandle 6204 -prefsLen 7038 -prefMapSize 209313 -parentBuildID 20190827005903 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 8752 "\\.\pipe\gecko-crash-server-pipe.8752" 6348 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="8752.49.1771823085\1363527100" -childID 8 -isForBrowser -prefsHandle 6512 -prefMapHandle 6508 -prefsLen 7038 -prefMapSize 209313 -parentBuildID 20190827005903 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 8752 "\\.\pipe\gecko-crash-server-pipe.8752" 6204 tab
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe" -r

C:\Windows\system32\svchost.exe -k netsvcs -p -s UsoSvc

C:\Windows\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe" -hidden
C:\Windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\vssvc.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 772 776 784 8192 780
notepad "C:\Users\Python.P\Desktop\FRST.txt"
notepad "C:\Users\Python.P\Desktop\Addition.txt"
"C:\Users\Python.P\Desktop\RSITx64.exe"
"C:\Windows\System32\Taskmgr.exe" /2
C:\Windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Python.P\AppData\Roaming\Mozilla\Firefox\Profiles\sx7ep370.default

prefs.js - "browser.startup.homepage" -  "https://www.google.com/"

"light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


C:\Users\Python.P\AppData\Roaming\Mozilla\Firefox\Profiles\sx7ep370.default\extensions\
staged

C:\Users\Python.P\AppData\Roaming\Mozilla\Firefox\Profiles\sx7ep370.default\searchplugins\
yahoo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-04-05 166360]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Windows\system32\SecurityHealthSystray.exe [2018-09-15 83968]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2019-01-18 302904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Python.P\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-09-16 1592440]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2019-09-10 3210528]
"Discord"=C:\Users\Python.P\AppData\Local\Discord\app-0.0.305\Discord.exe [2019-03-07 81780056]
"Spotify"=C:\Users\Python.P\AppData\Roaming\Spotify\Spotify.exe [2019-09-04 24194464]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2019-08-29 3115792]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Eaton Systray Launcher"=C:\Program Files (x86)\Eaton\UPSCompanion\mc2.exe [2019-06-25 2806176]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 month======

2019-09-16 15:04:14 ----D---- C:\rsit
2019-09-16 15:04:14 ----D---- C:\Program Files\trend micro
2019-09-16 14:56:29 ----A---- C:\Windows\system32\drivers\mbam.sys
2019-09-16 14:56:27 ----A---- C:\Windows\system32\drivers\mwac.sys
2019-09-16 14:56:27 ----A---- C:\Windows\system32\drivers\MbamChameleon.sys
2019-09-16 14:56:27 ----A---- C:\Windows\system32\drivers\farflt.sys
2019-09-16 14:52:09 ----D---- C:\FRST
2019-09-16 14:48:48 ----HD---- C:\OneDriveTemp
2019-09-06 20:16:48 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2019-09-06 20:16:26 ----SH---- C:\bootTel.dat
2019-09-06 19:56:05 ----A---- C:\Windows\ntbtlog.txt
2019-09-05 05:36:28 ----A---- C:\Windows\system32\drivers\klupd_klif_klark.sys
2019-09-05 05:35:21 ----D---- C:\Program Files\Common Files\AV
2019-09-05 05:35:20 ----A---- C:\Windows\system32\drivers\klupd_klif_klbg.sys
2019-09-05 05:35:20 ----A---- C:\Windows\system32\drivers\klupd_klif_arkmon.sys
2019-09-05 05:35:19 ----A---- C:\Windows\system32\drivers\klupd_klif_mark.sys
2019-09-05 05:35:19 ----A---- C:\Windows\system32\drivers\klupd_klif_kimul.sys
2019-09-05 05:34:53 ----A---- C:\Windows\system32\klfphc.dll
2019-09-05 05:34:41 ----D---- C:\ProgramData\Kaspersky Lab
2019-09-05 05:34:41 ----D---- C:\Program Files (x86)\Kaspersky Lab
2019-09-05 05:34:29 ----A---- C:\Windows\system32\klhkum.dll
2019-09-05 05:34:29 ----A---- C:\Windows\system32\drivers\klif.sys
2019-09-05 05:34:29 ----A---- C:\Windows\system32\drivers\klhk.sys
2019-09-05 05:34:29 ----A---- C:\Windows\system32\drivers\klflt.sys
2019-09-05 05:33:11 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2019-09-05 05:28:23 ----D---- C:\Program Files\Mozilla Firefox
2019-09-04 22:08:10 ----A---- C:\Windows\system32\drivers\MbamElam.sys
2019-09-04 22:08:08 ----A---- C:\Windows\system32\drivers\mbae64.sys
2019-09-04 22:08:05 ----D---- C:\ProgramData\Malwarebytes
2019-09-04 22:08:05 ----D---- C:\Program Files\Malwarebytes
2019-09-04 20:28:21 ----D---- C:\Windows\Minidump
2019-08-31 11:34:57 ----D---- C:\ESD
2019-08-31 11:32:59 ----D---- C:\$WINDOWS.~BT
2019-08-31 11:32:57 ----HD---- C:\$Windows.~WS
2019-08-31 07:57:51 ----D---- C:\Users\Python.P\AppData\Roaming\Azureus
2019-08-18 19:29:57 ----D---- C:\Program Files (x86)\Reference Assemblies

======List of files/folders modified in the last 1 month======

2019-09-16 15:04:20 ----D---- C:\Windows\Prefetch
2019-09-16 15:04:14 ----RD---- C:\Program Files
2019-09-16 15:02:27 ----D---- C:\Windows\System32
2019-09-16 15:02:27 ----D---- C:\Windows\INF
2019-09-16 15:02:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2019-09-16 15:01:56 ----D---- C:\Windows\Temp
2019-09-16 15:00:47 ----D---- C:\Windows\system32\config
2019-09-16 14:58:47 ----D---- C:\Windows\CbsTemp
2019-09-16 14:57:20 ----D---- C:\Program Files (x86)\Steam
2019-09-16 14:57:17 ----D---- C:\ProgramData\Origin
2019-09-16 14:57:09 ----D---- C:\Users\Python.P\AppData\Roaming\Discord
2019-09-16 14:56:29 ----D---- C:\Windows\system32\drivers
2019-09-16 14:56:25 ----D---- C:\ProgramData\NVIDIA
2019-09-16 14:56:24 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-09-16 14:56:23 ----SHD---- C:\System Volume Information
2019-09-16 14:56:23 ----D---- C:\Program Files (x86)\TeamViewer
2019-09-16 14:56:22 ----D---- C:\Windows\system32\SleepStudy
2019-09-16 14:54:36 ----SHD---- C:\Windows\Installer
2019-09-16 14:54:25 ----RD---- C:\Windows\Microsoft.NET
2019-09-16 14:53:57 ----HD---- C:\Program Files\WindowsApps
2019-09-16 14:53:57 ----D---- C:\Windows\AppReadiness
2019-09-16 14:52:44 ----D---- C:\Program Files\Microsoft Office
2019-09-16 14:51:26 ----D---- C:\Windows
2019-09-16 14:51:20 ----D---- C:\Windows\system32\catroot2
2019-09-16 14:51:19 ----D---- C:\Windows\WinSxS
2019-09-16 14:49:25 ----D---- C:\Windows\Logs
2019-09-16 14:48:44 ----D---- C:\Windows\system32\Tasks
2019-09-16 14:48:26 ----D---- C:\Program Files (x86)\VulkanRT
2019-09-16 14:48:21 ----D---- C:\Windows\SysWOW64
2019-09-06 20:59:17 ----D---- C:\Windows\system32\sru
2019-09-06 19:53:50 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2019-09-05 06:00:01 ----D---- C:\Windows\system32\LogFiles
2019-09-05 05:37:22 ----D---- C:\Windows\debug
2019-09-05 05:35:21 ----D---- C:\Program Files\Common Files
2019-09-05 05:35:16 ----D---- C:\Windows\system32\DriverStore
2019-09-05 05:34:41 ----RD---- C:\Program Files (x86)
2019-09-05 05:34:41 ----HD---- C:\Windows\ELAMBKUP
2019-09-05 05:34:41 ----HD---- C:\ProgramData
2019-09-04 21:30:17 ----SHD---- C:\Recovery
2019-09-04 20:32:25 ----SD---- C:\ProgramData\Microsoft
2019-09-04 20:19:35 ----D---- C:\Program Files (x86)\Origin
2019-09-04 20:19:27 ----D---- C:\Users\Python.P\AppData\Roaming\Spotify
2019-08-31 11:48:40 ----D---- C:\Windows\Panther
2019-08-31 08:10:06 ----D---- C:\Users\Python.P\AppData\Roaming\vlc
2019-08-31 05:02:27 ----D---- C:\Program Files\Common Files\microsoft shared
2019-08-28 05:46:57 ----D---- C:\Users\Python.P\AppData\Roaming\Apple Computer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 cm_km;AO Kaspersky Lab Cryptographic Module x64 (56 bit); C:\Windows\system32\DRIVERS\cm_km.sys [2018-01-27 243400]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\Windows\system32\drivers\iorate.sys [2019-03-08 55608]
R0 klbackupdisk;Kaspersky Lab klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [2019-08-08 75600]
R0 klupd_klif_arkmon;klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [2019-09-05 245272]
R0 klupd_klif_klbg;klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [2019-09-05 116104]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\Windows\system32\drivers\mssecflt.sys [2019-08-13 317240]
R1 afunix;afunix; C:\Windows\system32\drivers\afunix.sys [2018-09-15 40960]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\Windows\system32\drivers\bam.sys [2018-09-15 63288]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae64.sys [2019-01-08 153328]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2018-09-15 60416]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2018-09-15 8704]
R1 HWiNFO;HWiNFO Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO64A.SYS [2019-03-06 66128]
R1 klbackupflt;Kaspersky Lab klbackupflt; C:\Windows\system32\DRIVERS\klbackupflt.sys [2019-08-08 126288]
R1 kldisk;kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [2019-08-08 91472]
R1 KLHK;@oem30.inf,%klhkDisplayName%;Kaspersky Lab service driver; C:\Windows\System32\drivers\klhk.sys [2019-09-05 1093240]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2019-09-05 1168000]
R1 klim6;@oem31.inf,%KLIM6_Desc%;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2019-08-08 58704]
R1 klpd;Kaspersky Lab format recognizer driver; C:\Windows\system32\DRIVERS\klpd.sys [2019-08-08 50304]
R1 klwfp;klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [2019-08-08 104576]
R1 klwtp;KLwtp - WFP callout traffic inspector; C:\Windows\system32\DRIVERS\klwtp.sys [2019-08-08 184960]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2019-08-08 218240]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\Windows\system32\drivers\cldflt.sys [2019-03-13 452096]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [2019-09-16 199768]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2019-03-08 51712]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\Windows\System32\drivers\CAD.sys [2018-09-15 63288]
R3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\Windows\System32\drivers\e1i63x64.sys [2018-09-15 524800]
R3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\Windows\system32\drivers\hvservice.sys [2019-06-24 80400]
R3 hvsocketcontrol;hvsocketcontrol; C:\Windows\system32\drivers\hvsocketcontrol.sys [2019-03-06 36384]
R3 igfx;igfx; C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igdkmd64.sys [2018-11-21 15439520]
R3 IntcDAud;@oem5.inf,%IntcAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\System32\DriverStore\FileRepository\intcdaud.inf_amd64_ad5691824a5386fe\IntcDAud.sys [2018-11-19 622648]
R3 klflt;Kaspersky Lab Kernel DLL; C:\Windows\system32\DRIVERS\klflt.sys [2019-09-05 236672]
R3 klids;klids; \??\C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\klids.sys [2019-09-05 197760]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2019-08-08 60536]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2019-08-08 60784]
R3 kltap;@oem32.inf,%DeviceDescription%;Kaspersky Security Data Escort Adapter; C:\Windows\System32\drivers\kltap.sys [2018-02-12 48080]
R3 klupd_klif_mark;klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [2019-09-05 198768]
R3 MBAMFarflt;MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [2019-09-16 224408]
R3 MBAMProtection;MBAMProtection; \??\C:\Windows\system32\DRIVERS\mbam.sys [2019-09-16 73584]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2019-09-16 275232]
R3 MBAMWebProtection;MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [2019-09-16 116112]
R3 MEIx64;@oem29.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\TeeDriverW8x64.sys [2018-05-06 228992]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\Windows\System32\drivers\bttflt.sys [2018-09-15 42504]
S0 cht4iscsi;cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [2018-09-15 319488]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\Windows\System32\drivers\iaStorAVC.sys [2018-09-15 885048]
S0 ItSas35i;ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [2018-09-15 148480]
S0 klelam;klelam; C:\Windows\system32\DRIVERS\klelam.sys [2017-03-30 29208]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2018-09-15 124416]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2018-09-15 128512]
S0 MbamElam;MbamElam; C:\Windows\system32\DRIVERS\MbamElam.sys [2019-06-26 20936]
S0 megasas2i;megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [2018-09-15 75264]
S0 megasas35i;megasas35i; C:\Windows\System32\drivers\megasas35i.sys [2018-09-15 79872]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2018-09-15 58880]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2018-09-15 68608]
S0 Ramdisk;Windows RAM Disk Driver; C:\Windows\system32\DRIVERS\ramdisk.sys [2018-09-15 41784]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\Windows\System32\drivers\scmbus.sys [2019-08-13 134968]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\Windows\System32\drivers\AcpiDev.sys [2018-09-15 19968]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\Windows\system32\drivers\applockerfltr.sys [2018-09-15 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\Windows\system32\drivers\AppvStrm.sys [2018-09-15 137016]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\Windows\system32\drivers\AppvVemgr.sys [2019-03-13 174392]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\Windows\system32\drivers\AppvVfs.sys [2018-09-15 153400]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\Windows\system32\drivers\bindflt.sys [2019-08-13 104248]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2019-03-08 111104]
S3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-07-09 91136]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\Windows\System32\drivers\BTHMINI.sys [2018-09-15 34816]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\drivers\BTHport.sys [2019-08-13 1232384]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\drivers\BTHUSB.sys [2019-08-13 92672]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2018-09-15 40960]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2018-09-15 125952]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2019-03-06 26192]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2018-09-15 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2018-09-15 51512]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\Windows\System32\drivers\hidspi.sys [2018-09-15 60928]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\Windows\System32\Drivers\mshwnclx.sys [2018-09-15 27648]
S3 CH341SER_A64;CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [2015-02-06 59904]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\Windows\System32\drivers\cht4vx64.sys [2018-09-15 1866768]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\Windows\System32\drivers\iagpio.sys [2018-09-15 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\Windows\System32\drivers\iai2c.sys [2018-09-15 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [2018-09-15 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-09-15 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2018-09-15 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2018-09-15 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2018-09-15 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-09-15 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_CNL.sys [2018-09-15 180736]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_GLK.sys [2018-09-15 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\Windows\System32\drivers\ibbus.sys [2018-09-15 566800]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\Windows\System32\drivers\IndirectKmd.sys [2018-09-15 45568]
S3 IPT;IPT; C:\Windows\System32\drivers\ipt.sys [2018-09-15 42496]
S3 irda;IrDA; C:\Windows\system32\drivers\irda.sys [2018-09-15 124928]
S3 klpnpflt;Kaspersky Lab klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [2019-08-08 46416]
S3 klupd_klif_kimul;klupd_klif_kimul; C:\Windows\System32\Drivers\klupd_klif_kimul.sys [2019-09-05 99152]
S3 klupd_klif_klark;klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [2019-09-05 302368]
S3 l2bridge;@%SystemRoot%\System32\drivers\l2bridge.sys,-5000; C:\Windows\System32\drivers\l2bridge.sys [2019-03-06 40248]
S3 libusb0;USB Kernel Driver; C:\Windows\system32\DRIVERS\libusb0.sys [2019-06-25 51848]
S3 lunparser;@%systemroot%\system32\drivers\lunparser.sys,-10010; C:\Windows\system32\drivers\lunparser.sys [2019-03-06 32256]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\Windows\System32\drivers\mausbhost.sys [2018-09-15 515384]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\Windows\System32\drivers\mausbip.sys [2018-09-15 58680]
S3 MbbCx;MBB Network Adapter Class Extension; C:\Windows\system32\drivers\MbbCx.sys [2019-07-09 290304]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\Windows\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2018-09-15 53760]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\Windows\System32\drivers\mlx4_bus.sys [2018-09-15 1150496]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\Windows\System32\drivers\ndfltr.sys [2018-09-15 153616]
S3 Netaapl;@oem13.inf,%Netaapl.Service.DispName%;Apple Mobile Device Ethernet Service; C:\Windows\System32\drivers\netaapl64.sys [2018-08-16 23040]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\Windows\system32\drivers\NetAdapterCx.sys [2018-09-15 184320]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\Windows\System32\drivers\nvdimm.sys [2018-09-15 148480]
S3 NVHDA;@oem11.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2019-03-01 228768]
S3 nvlddmkm;nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7a8e74171e1b8492\nvlddmkm.sys [2019-03-02 20736208]
S3 passthruparser;@%systemroot%\system32\drivers\passthruparser.sys,-10010; C:\Windows\system32\drivers\passthruparser.sys [2019-03-06 38712]
S3 pcip;@wpcip.inf,%pcip.SVCDESC%;PCI Proxy driver; C:\Windows\System32\drivers\pcip.sys [2019-03-06 57856]
S3 PktMon;Packet Monitor Driver; C:\Windows\system32\drivers\PktMon.sys [2018-09-15 85504]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\Windows\System32\drivers\pmem.sys [2019-08-13 117248]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\Windows\System32\drivers\pnpmem.sys [2018-09-15 17408]
S3 pvhdparser;@%systemroot%\system32\drivers\pvhdparser.sys,-10010; C:\Windows\system32\drivers\pvhdparser.sys [2019-03-06 61448]
S3 ramparser;@%systemroot%\system32\drivers\ramparser.sys,-10010; C:\Windows\system32\drivers\ramparser.sys [2019-03-06 41984]
S3 ReFSv1;ReFSv1; C:\Windows\system32\drivers\ReFSv1.sys [2019-04-10 981816]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2018-09-15 202240]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\Windows\System32\drivers\rhproxy.sys [2018-09-15 108032]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\Windows\System32\drivers\SDFRd.sys [2018-09-15 33080]
S4 hvcrash;hvcrash; C:\Windows\System32\drivers\hvcrash.sys [2018-09-15 33280]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-10-16 85304]
R2 AVP19.0.0;Služba Kaspersky Anti-Virus 19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe [2018-02-28 619640]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R2 CDPUserSvc_ad96f;Uživatelská služba platformy připojených zařízení_ad96f; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2019-08-30 11568144]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R2 cplspcon;Intel(R) Content Protection HDCP Service; C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\IntelCpHDCPSvc.exe [2018-11-21 497312]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2018-09-15 51696]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\System32\svchost.exe [2018-09-15 51696]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\Windows\System32\svchost.exe [2018-09-15 51696]
R2 Eaton UPSCompanion;Eaton UPS Companion; C:\Program Files (x86)\Eaton\UPSCompanion\mc2.exe [2019-06-25 2806176]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxCUIService.exe [2018-11-21 405664]
R2 KSDE3.0.0;Služba Kaspersky Secure Connection 3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [2018-02-28 617016]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2019-06-26 6744288]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2019-03-01 767288]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2019-03-02 791136]
R2 OneSyncSvc_ad96f;Hostitel synchronizace_ad96f; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R3 cbdhsvc_ad96f;Uživatelská služba schránky_ad96f; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2018-09-15 51696]
R3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\IntelCpHeciSvc.exe [2018-11-21 500408]
R3 hns;@%systemroot%\system32\HostNetSvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2019-01-18 658232]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2018-09-15 51696]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R3 nvagent;@%systemroot%\system32\NvAgent.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-07-08 154920]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 BcastDVRUserService_ad96f;Uživatelská služba pro GameDVR a vysílání her_ad96f; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2019-03-25 8577760]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 BluetoothUserService_ad96f;Služba pro podporu uživatelů Bluetooth_ad96f; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 CaptureService_ad96f;CaptureService_ad96f; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 ConsentUxUserSvc_ad96f;ConsentUX_ad96f; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DevicePickerUserSvc_ad96f;DevicePicker_ad96f; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DevicesFlowUserSvc_ad96f;Tok zařízení_ad96f; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-05-16 92672]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2018-11-02 777856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.75\elevation_service.exe [2019-09-08 1106416]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-07-08 154920]
S3 HgClientService;@%SystemRoot%\System32\hgclientservice.dll,-100; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2014-02-18 171480]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 klvssbridge64_19.0.0;klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\vssbridge64.exe [2019-09-05 414352]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 MessagingService_ad96f;Služba zasílání zpráv_ad96f; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2019-09-05 242720]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2019-08-29 2329904]
S3 ose64;Office 64 Source Engine; c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2002-02-01 271368]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe [2018-09-15 78848]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 PimIndexMaintenanceSvc_ad96f;Data kontaktů_ad96f; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 PrintWorkflowUserSvc_ad96f;PrintWorkflow_ad96f; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\Windows\system32\AppVClient.exe [2019-08-13 831288]

-----------------EOF-----------------


Děkuji


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Preventivní kontrola
PříspěvekNapsal: 17 zář 2019 14:52 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 109666
Bydliště: Plzeň
Zdravím!
Spusťte tuto utilitu:

Citace:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Preventivní kontrola
PříspěvekNapsal: 17 zář 2019 15:08 
Offline
Návštěvník
Návštěvník

Registrován: 16 zář 2019 14:13
Příspěvky: 4
Tady :)

Kód:
# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build:    09-04-2019
# Database: 2019-09-13.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    09-17-2019
# Duration: 00:00:01
# OS:       Windows 10 Pro
# Cleaned:  1
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\ProgramData\Application Data\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1889 octets] - [21/03/2019 22:53:02]
AdwCleaner[C00].txt - [1945 octets] - [21/03/2019 22:53:18]
AdwCleaner_Debug.log - [9206 octets] - [17/09/2019 16:00:42]
AdwCleaner[S01].txt - [1568 octets] - [17/09/2019 16:01:35]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Preventivní kontrola
PříspěvekNapsal: 17 zář 2019 15:56 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 109666
Bydliště: Plzeň
Toto je OK. Přidejte ještě log Addition (je na ploše v souboru addition.txt) a dočistíme ručně. RSIT je v desítkách k ničemu.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Preventivní kontrola
PříspěvekNapsal: 18 zář 2019 20:21 
Offline
Návštěvník
Návštěvník

Registrován: 16 zář 2019 14:13
Příspěvky: 4
Kód:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-09-2019
Ran by Python.P (16-09-2019 15:01:43)
Running from C:\Users\Python.P\Desktop
Windows 10 Pro Version 1809 17763.678 (X64) (2019-03-06 16:27:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1762167972-3585315150-2067723066-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1762167972-3585315150-2067723066-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1762167972-3585315150-2067723066-1000 - Limited - Disabled)
Guest (S-1-5-21-1762167972-3585315150-2067723066-501 - Limited - Enabled)
Python.P (S-1-5-21-1762167972-3585315150-2067723066-1001 - Administrator - Enabled) => C:\Users\Python.P
Visitor (S-1-5-21-1762167972-3585315150-2067723066-1003 - Limited - Enabled) => C:\Users\Visitor
WDAGUtilityAccount (S-1-5-21-1762167972-3585315150-2067723066-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Kaspersky Internet Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Internet Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Arduino (HKLM-x32\...\Arduino) (Version: 1.8.9 - Arduino LLC)
Battlefield™ V (HKLM-x32\...\{e26b382f-e945-4f70-9318-121b683f1d61}) (Version: 1.0.60.32453 - Electronic Arts)
BenchStudioGpu2015 (HKU\S-1-5-21-1762167972-3585315150-2067723066-1001\...\BenchStudioGpu2015) (Version:  - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.)
CrystalDiskInfo 8.1.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.1.0 - Crystal Dew World)
CrystalDiskMark 6.0.2 (HKLM\...\CrystalDiskMark6_is1) (Version: 6.0.2 - Crystal Dew World)
Discord (HKU\S-1-5-21-1762167972-3585315150-2067723066-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.35 - NVIDIA Corporation) Hidden
Eaton UPS Companion v1.04 (HKLM-x32\...\Eaton UPSCompanion) (Version: v1.04.017 build - Eaton)
Geeks3D FurMark 1.20.4.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.75 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HP USB Disk Storage Format Tool (HKLM-x32\...\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}) (Version:  - )
HWiNFO64 Version 6.02 (HKLM\...\HWiNFO64_is1) (Version: 6.02 - Martin Malík - REALiX)
IrfanView 4.52 (64-bit) (HKLM\...\IrfanView64) (Version: 4.52 - Irfan Skiljan)
iTunes (HKLM\...\{8C125166-94A1-4721-84CC-C9739E6EA8A7}) (Version: 12.9.3.3 - Apple Inc.)
Kaspersky Internet Security (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab)
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
MediaHuman Audio Converter verze 1.9.6.8 (HKLM-x32\...\MHAudioConverter_is1) (Version: 1.9.6.8 - MediaHuman)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.11929.20300 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1762167972-3585315150-2067723066-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0008 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{E75776B2-EAE5-42F9-A800-0A10763DEDF0}) (Version: 11.0.2318.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Mozilla Firefox 69.0 (x64 cs) (HKLM\...\Mozilla Firefox 69.0 (x64 cs)) (Version: 69.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.2 - Mozilla)
NVIDIA Ovladač 3D Vision 419.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 419.35 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.13 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 419.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 419.35 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20300 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20300 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11929.20300 - Microsoft Corporation) Hidden
OpenShot Video Editor verze 2.4.4 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.4.4 - OpenShot Studios, LLC)
Oracle VM VirtualBox 6.0.10 (HKLM\...\{6A145EBB-FA61-4F90-BDE1-2308B1C26C0F}) (Version: 6.0.10 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.46.29856 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 419.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.35 - NVIDIA Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.1.312 - Jan Fiala)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-1762167972-3585315150-2067723066-1001\...\Spotify) (Version: 1.1.14.475.g566c8beb - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.5.1691 - TeamViewer)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WinDirStat 1.1.2 (HKU\S-1-5-21-1762167972-3585315150-2067723066-1001\...\WinDirStat) (Version:  - )
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.20.8.0_x86__kgqvnymyfvs32 [2019-09-16] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1590.2.0_x86__kgqvnymyfvs32 [2019-09-04] (king.com)
Cinebench -> C:\Program Files\WindowsApps\MAXONComputerGmbH.Cinebench_20.0.6.0_x64__rsne5bsk8s7tj [2019-06-11] (MAXON Computer GmbH)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_5.0.0.3_x86__m9bz608c1b9ra [2019-06-11] (Nordcurrent)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.2058.0_x64__rz1tebttyb220 [2019-09-06] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-03-06] (Fitbit)
Hash Checker -> C:\Program Files\WindowsApps\53530MattCooley.HashChecker_1.1606.2.0_x64__12cn7nfkkdrsw [2019-05-01] (Matt Cooley)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-06] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-06] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-16] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-08-29] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-16] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.9.0_x64__nfy108tqq3p12 [2019-03-06] (Thumbmunkeys Ltd) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1762167972-3585315150-2067723066-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2019-09-05] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2019-09-05] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2019-09-05] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxDTCM.dll [2018-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2019-09-05] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1762167972-3585315150-2067723066-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-06-25 13:50 - 2019-06-25 13:50 - 000142336 _____ () [File not signed] C:\Program Files (x86)\Eaton\UPSCompanion\bin\mserial.dll
2019-06-25 13:50 - 2019-06-25 13:50 - 001066496 _____ () [File not signed] C:\Program Files (x86)\Eaton\UPSCompanion\bin\msocket.dll
2019-06-25 13:50 - 2019-06-25 13:50 - 000146944 _____ () [File not signed] C:\Program Files (x86)\Eaton\UPSCompanion\bin\musb.dll
2019-06-25 13:50 - 2019-06-25 13:50 - 000456704 _____ () [File not signed] C:\Program Files (x86)\Eaton\UPSCompanion\bin\mwidget.dll
2019-05-08 16:08 - 2014-11-02 18:45 - 000029184 _____ () [File not signed] C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2019-03-06 18:51 - 2019-03-06 18:51 - 000948736 _____ () [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.2058.0_x64__rz1tebttyb220\e_sqlite3.dll
2019-09-06 01:30 - 2019-09-06 01:30 - 032505344 _____ (Dolby) [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.2058.0_x64__rz1tebttyb220\DolbyUWP.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Python.P\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Python.P\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1762167972-3585315150-2067723066-1001\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 09:31 - 2018-09-15 09:31 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


2019-03-06 21:17 - 2019-09-16 14:56 - 000000439 _____ C:\Windows\system32\drivers\etc\hosts.ics

192.168.63.1 WKS-7700.mshome.net # 2024 9 6 14 12 56 35 827

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1762167972-3585315150-2067723066-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.88.1 - 10.100.160.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9797648C-E3C5-4A84-A215-6ED3A16F7C39}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{64B5057B-AC68-4BA5-9D70-1632A0648DFA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{11F2E467-6E56-4049-9B55-C1FD4562B24F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FDDB678E-31CB-4354-9F44-D9EEAB068C79}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A45681A8-2126-4387-909A-A282C6967BB7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{ED0D6335-5F82-4BA5-8D66-12813F8ECF7B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{D959035E-5ED4-49B8-8E10-D967E5879281}] => (Allow) D:\Hry\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [{8CA38AD7-AB71-4993-85B8-E9CEB67B8AEB}] => (Allow) D:\Hry\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [TCP Query User{73956349-7C56-401A-9A06-3420F4796A81}D:\hry\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\hry\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{E600CD2B-DF2D-4350-A436-245D567F4DE4}D:\hry\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\hry\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [VIRT-MIGL-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [VIRT-REMOTEDESKTOP-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [DNS Server Forward Rule - TCP - 244DA535-C8ED-4943-80C3-187F7718C695 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 244DA535-C8ED-4943-80C3-187F7718C695 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 087DDEB8-6D15-4D6F-B3DD-94C756971C9F - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 087DDEB8-6D15-4D6F-B3DD-94C756971C9F - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - D4764FA7-0E13-4CC9-8F9F-CD1E6A313CE0 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - D4764FA7-0E13-4CC9-8F9F-CD1E6A313CE0 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 73078397-4A45-4C31-A2D8-D3053266991B - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 73078397-4A45-4C31-A2D8-D3053266991B - 0] => (Allow) LPort=53
FirewallRules: [TCP Query User{8F72B137-9271-423A-8E83-47C256AB2071}C:\users\python.p\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\python.p\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) [File not signed]
FirewallRules: [UDP Query User{1062BB01-DD43-45A6-8901-555D6F6F12CE}C:\users\python.p\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\python.p\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) [File not signed]
FirewallRules: [{0F72FD64-18A8-4514-9582-485CF40A75B0}] => (Block) C:\users\python.p\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) [File not signed]
FirewallRules: [{635F8884-8537-4063-A428-062C7DF91E6A}] => (Block) C:\users\python.p\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) [File not signed]
FirewallRules: [DNS Server Forward Rule - TCP - 304C6626-136C-4051-8CB8-7A6A0C71D2F6 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 304C6626-136C-4051-8CB8-7A6A0C71D2F6 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - A5A5CD9D-16C4-448C-8922-1FE423917A86 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - A5A5CD9D-16C4-448C-8922-1FE423917A86 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - D4AA628A-D949-4717-9250-C68874A093D2 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - D4AA628A-D949-4717-9250-C68874A093D2 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 8A1C82E8-93F0-4071-87B4-2C5F3DC6AFD0 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 8A1C82E8-93F0-4071-87B4-2C5F3DC6AFD0 - 0] => (Allow) LPort=53
FirewallRules: [{B13FB2DD-AB35-4633-8EDB-719C7ABA0F6C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1CD503D6-AF35-4C93-AA62-6D343F9101F9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E530B5A8-1D37-49BC-B872-BA7E6EB1A587}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{570A37E1-6EE8-443A-BD74-C7C053B5D4B7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DA18DDD9-B041-42B0-84B6-66A6BE42FC40}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4D110E17-FA67-44C1-8EEB-8D544E603330}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [DNS Server Forward Rule - TCP - F7F131D3-4873-45DB-9EEC-467A74B6F0D4 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - F7F131D3-4873-45DB-9EEC-467A74B6F0D4 - 0] => (Allow) LPort=53
FirewallRules: [{16686D22-EFF6-4C2D-9089-C17C16F9D69B}] => (Allow) C:\Users\Python.P\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{296B9A99-9512-44EA-8FC5-E9F35EF1BBB2}] => (Allow) C:\Users\Python.P\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [DNS Server Forward Rule - TCP - 754F9C66-ECB7-4DDD-A064-477CCA8CF6C3 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 754F9C66-ECB7-4DDD-A064-477CCA8CF6C3 - 0] => (Allow) LPort=53
FirewallRules: [TCP Query User{B1943C8E-B0EB-48D5-8646-C2A39813C1C5}C:\program files\openshot video editor\launch.exe] => (Allow) C:\program files\openshot video editor\launch.exe () [File not signed]
FirewallRules: [UDP Query User{E262F3E0-6506-4BF9-AF88-D68C485D2169}C:\program files\openshot video editor\launch.exe] => (Allow) C:\program files\openshot video editor\launch.exe () [File not signed]
FirewallRules: [{360C0511-7EED-45BE-BEAC-E5AD9108F6A7}] => (Allow) D:\Hry\Origin Games\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{549EE1C0-1141-4491-9E32-F7F1DC99504A}] => (Allow) D:\Hry\Origin Games\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{DE6C4702-F272-449C-9978-F0C7F6B20D9B}] => (Allow) D:\Hry\Origin Games\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{AF6BB5B7-7FF7-4042-A7A9-3DE36D6592EC}] => (Allow) D:\Hry\Origin Games\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [DNS Server Forward Rule - TCP - 02D93AE8-3D4B-4406-A12E-99E4A2D2A888 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 02D93AE8-3D4B-4406-A12E-99E4A2D2A888 - 0] => (Allow) LPort=53
FirewallRules: [{DD1D9D52-6E8F-41D8-8A88-CDBC6C7EBF9E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{14E63D39-45EF-47EA-9102-A4BF4E58554F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [DNS Server Forward Rule - TCP - 6DE54F95-1A31-404A-8023-A086E41DF8D6 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 6DE54F95-1A31-404A-8023-A086E41DF8D6 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - A184D0CD-955A-4566-BFA9-7ACF73A08193 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - A184D0CD-955A-4566-BFA9-7ACF73A08193 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - DC4E4A41-EDB9-48A4-9157-418BE652DF0B - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - DC4E4A41-EDB9-48A4-9157-418BE652DF0B - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 7B518EE5-2B9D-44D6-9C16-EF4848486F51 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 7B518EE5-2B9D-44D6-9C16-EF4848486F51 - 0] => (Allow) LPort=53
FirewallRules: [{3D2DAABA-AE74-45F4-842D-0D4C6449693B}] => (Allow) D:\Hry\SteamLibrary\steamapps\common\Mordhau\Mordhau.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{966A8D47-D636-4D6A-9559-0B8A3AF06EFE}] => (Allow) D:\Hry\SteamLibrary\steamapps\common\Mordhau\Mordhau.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{96200635-C6AB-4C6B-B319-FA720264CEC4}] => (Allow) D:\Hry\SteamLibrary\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe (id Software) [File not signed]
FirewallRules: [{E009853F-9006-4266-9B2D-3EF75EDCC233}] => (Allow) D:\Hry\SteamLibrary\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe (id Software) [File not signed]
FirewallRules: [DNS Server Forward Rule - TCP - 99B676A2-8EF2-47C1-81F7-05C103FFB75D - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 99B676A2-8EF2-47C1-81F7-05C103FFB75D - 0] => (Allow) LPort=53
FirewallRules: [TCP Query User{5E7CA258-35F2-4BA9-ADB5-CEF5EA23ADF4}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{1D4EFF32-4B7D-43D3-B0DF-ED374F251D47}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [DNS Server Forward Rule - TCP - 280A07EE-3B9C-4B63-A776-710046D84DCA - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 280A07EE-3B9C-4B63-A776-710046D84DCA - 0] => (Allow) LPort=53
FirewallRules: [TCP Query User{BC008626-1C82-4523-8623-FECA10C22735}C:\users\python.p\onedrive\_recenze\alza\pidginportable\app\pidgin\pidgin-portable.exe] => (Allow) C:\users\python.p\onedrive\_recenze\alza\pidginportable\app\pidgin\pidgin-portable.exe (Daniel Atallah -> The Pidgin developer community) [File not signed]
FirewallRules: [UDP Query User{0C81F182-C23B-4C7F-B4A0-35E0148EF4B1}C:\users\python.p\onedrive\_recenze\alza\pidginportable\app\pidgin\pidgin-portable.exe] => (Allow) C:\users\python.p\onedrive\_recenze\alza\pidginportable\app\pidgin\pidgin-portable.exe (Daniel Atallah -> The Pidgin developer community) [File not signed]
FirewallRules: [{B2E8E332-DF1B-4D8F-8E2F-128BB3492147}] => (Block) C:\users\python.p\onedrive\_recenze\alza\pidginportable\app\pidgin\pidgin-portable.exe (Daniel Atallah -> The Pidgin developer community) [File not signed]
FirewallRules: [{DC0749DC-D1C2-4696-9871-51A18342D0EE}] => (Block) C:\users\python.p\onedrive\_recenze\alza\pidginportable\app\pidgin\pidgin-portable.exe (Daniel Atallah -> The Pidgin developer community) [File not signed]
FirewallRules: [DNS Server Forward Rule - TCP - AEDF75E5-3B04-4A35-8CF2-05DA5E637C72 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - AEDF75E5-3B04-4A35-8CF2-05DA5E637C72 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - DF0E611C-95A9-41F8-B6AC-2A5C37127021 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - DF0E611C-95A9-41F8-B6AC-2A5C37127021 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 5CE30522-32A6-4360-8F7D-0E5F887946AC - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 5CE30522-32A6-4360-8F7D-0E5F887946AC - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 30546FDD-3AC2-40DC-BC90-333405403D33 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 30546FDD-3AC2-40DC-BC90-333405403D33 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 73D59843-6392-4E22-BDFA-3740ACA0B680 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 73D59843-6392-4E22-BDFA-3740ACA0B680 - 0] => (Allow) LPort=53
FirewallRules: [{24B1F767-EBFF-49BE-92D8-CA8AB97EF786}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{E797FBA0-98F3-4F8E-9709-E2017C1A9F1A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{370AD9BA-2141-4332-8DB4-4FCF92B7F5D2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{B4DEADC5-B9FD-48C6-9ECB-CF2CB8C325C2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{7E178761-EBAE-44CE-94C4-8F232F5CD317}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A64C6931-0450-4F06-A5CA-9E25FB61527A}] => (Allow) C:\Program Files\Vuze\Azureus.exe No File
FirewallRules: [{3C82989E-21A9-4D1B-971F-5450FADAE6CE}] => (Allow) C:\Program Files\Vuze\Azureus.exe No File
FirewallRules: [DNS Server Forward Rule - TCP - 97754635-FDA6-40B8-BBE5-7F216900B386 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 97754635-FDA6-40B8-BBE5-7F216900B386 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 9F67B992-D4DE-42BF-B5CA-A684E26A0531 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 9F67B992-D4DE-42BF-B5CA-A684E26A0531 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - FC2C1ED9-5F13-4AFC-8A74-E84789781383 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - FC2C1ED9-5F13-4AFC-8A74-E84789781383 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 7163C44D-00BD-4F82-B43A-393631C5158E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 7163C44D-00BD-4F82-B43A-393631C5158E - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - BD679D63-7C69-4C97-9FBD-AF609C3D22A1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - BD679D63-7C69-4C97-9FBD-AF609C3D22A1 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 5C702108-36DF-489E-B47E-B11A0349309D - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 5C702108-36DF-489E-B47E-B11A0349309D - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 914DC47E-397D-4694-AAD6-32B0C304F1D7 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 914DC47E-397D-4694-AAD6-32B0C304F1D7 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 3F2D6654-B7C1-4D94-8F07-60C619D54F1D - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 3F2D6654-B7C1-4D94-8F07-60C619D54F1D - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 659754F7-A1E1-4965-ACBE-0D5F4FC9A025 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 659754F7-A1E1-4965-ACBE-0D5F4FC9A025 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - TCP - 3952A232-7AE5-4424-858B-7FC49F12643C - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 3952A232-7AE5-4424-858B-7FC49F12643C - 0] => (Allow) LPort=53
FirewallRules: [{8E17EEA9-5355-4069-B542-25DD5F24FC8C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [DNS Server Forward Rule - TCP - 7A7E85F0-E2B8-4E31-90D8-246DDF7CF823 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 7A7E85F0-E2B8-4E31-90D8-246DDF7CF823 - 0] => (Allow) LPort=53

==================== Restore Points =========================

05-09-2019 01:27:11 Naplánovaný kontrolní bod
16-09-2019 14:50:41 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/16/2019 03:02:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ctfmon.exe, verze: 10.0.17763.1, časové razítko: 0x4923c22a
Název chybujícího modulu: InputLocaleManager.dll, verze: 10.0.17763.652, časové razítko: 0x935e49a7
Kód výjimky: 0x00000675
Posun chyby: 0x0000000000007ddf
ID chybujícího procesu: 0x2734
Čas spuštění chybující aplikace: 0x01d56c8effe82a5b
Cesta k chybující aplikaci: C:\Windows\system32\ctfmon.exe
Cesta k chybujícímu modulu: C:\Windows\system32\InputLocaleManager.dll
ID zprávy: 95edbb5f-3198-4c74-82fc-6a8caa503aff
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/16/2019 03:02:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ctfmon.exe, verze: 10.0.17763.1, časové razítko: 0x4923c22a
Název chybujícího modulu: InputLocaleManager.dll, verze: 10.0.17763.652, časové razítko: 0x935e49a7
Kód výjimky: 0x00000675
Posun chyby: 0x0000000000007ddf
ID chybujícího procesu: 0x2454
Čas spuštění chybující aplikace: 0x01d56c8efceb17a6
Cesta k chybující aplikaci: C:\Windows\system32\ctfmon.exe
Cesta k chybujícímu modulu: C:\Windows\system32\InputLocaleManager.dll
ID zprávy: cf639d46-7645-465b-997f-adb1c37ffdbb
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/16/2019 03:02:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ctfmon.exe, verze: 10.0.17763.1, časové razítko: 0x4923c22a
Název chybujícího modulu: InputLocaleManager.dll, verze: 10.0.17763.652, časové razítko: 0x935e49a7
Kód výjimky: 0x00000675
Posun chyby: 0x0000000000007ddf
ID chybujícího procesu: 0x3520
Čas spuštění chybující aplikace: 0x01d56c8ef9ed44c1
Cesta k chybující aplikaci: C:\Windows\system32\ctfmon.exe
Cesta k chybujícímu modulu: C:\Windows\system32\InputLocaleManager.dll
ID zprávy: 6fd12872-bfc5-48db-a7ae-5fc07d15b466
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/16/2019 03:02:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ctfmon.exe, verze: 10.0.17763.1, časové razítko: 0x4923c22a
Název chybujícího modulu: InputLocaleManager.dll, verze: 10.0.17763.652, časové razítko: 0x935e49a7
Kód výjimky: 0x00000675
Posun chyby: 0x0000000000007ddf
ID chybujícího procesu: 0x3654
Čas spuštění chybující aplikace: 0x01d56c8ef6efda1d
Cesta k chybující aplikaci: C:\Windows\system32\ctfmon.exe
Cesta k chybujícímu modulu: C:\Windows\system32\InputLocaleManager.dll
ID zprávy: 7cfae12c-982a-4809-a467-011e12725d34
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/16/2019 03:02:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ctfmon.exe, verze: 10.0.17763.1, časové razítko: 0x4923c22a
Název chybujícího modulu: InputLocaleManager.dll, verze: 10.0.17763.652, časové razítko: 0x935e49a7
Kód výjimky: 0x00000675
Posun chyby: 0x0000000000007ddf
ID chybujícího procesu: 0x19dc
Čas spuštění chybující aplikace: 0x01d56c8ef3f27207
Cesta k chybující aplikaci: C:\Windows\system32\ctfmon.exe
Cesta k chybujícímu modulu: C:\Windows\system32\InputLocaleManager.dll
ID zprávy: cdb0b40e-d0de-4272-8a66-f051c323aa2d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/16/2019 03:02:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ctfmon.exe, verze: 10.0.17763.1, časové razítko: 0x4923c22a
Název chybujícího modulu: InputLocaleManager.dll, verze: 10.0.17763.652, časové razítko: 0x935e49a7
Kód výjimky: 0x00000675
Posun chyby: 0x0000000000007ddf
ID chybujícího procesu: 0x2a84
Čas spuštění chybující aplikace: 0x01d56c8ef0f4f548
Cesta k chybující aplikaci: C:\Windows\system32\ctfmon.exe
Cesta k chybujícímu modulu: C:\Windows\system32\InputLocaleManager.dll
ID zprávy: 64401d23-5353-4d89-a4c7-1cbeddf14969
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/16/2019 03:02:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ctfmon.exe, verze: 10.0.17763.1, časové razítko: 0x4923c22a
Název chybujícího modulu: InputLocaleManager.dll, verze: 10.0.17763.652, časové razítko: 0x935e49a7
Kód výjimky: 0x00000675
Posun chyby: 0x0000000000007ddf
ID chybujícího procesu: 0x333c
Čas spuštění chybující aplikace: 0x01d56c8eedf74965
Cesta k chybující aplikaci: C:\Windows\system32\ctfmon.exe
Cesta k chybujícímu modulu: C:\Windows\system32\InputLocaleManager.dll
ID zprávy: e15deb71-b9e2-4646-9b59-7d5f9a02f39d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/16/2019 03:01:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ctfmon.exe, verze: 10.0.17763.1, časové razítko: 0x4923c22a
Název chybujícího modulu: InputLocaleManager.dll, verze: 10.0.17763.652, časové razítko: 0x935e49a7
Kód výjimky: 0x00000675
Posun chyby: 0x0000000000007ddf
ID chybujícího procesu: 0xf1c
Čas spuštění chybující aplikace: 0x01d56c8eeaf9ba58
Cesta k chybující aplikaci: C:\Windows\system32\ctfmon.exe
Cesta k chybujícímu modulu: C:\Windows\system32\InputLocaleManager.dll
ID zprávy: cdf8983e-92c7-4761-8235-7cd91b3d5a37
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (09/16/2019 02:58:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): 2019-09 Kumulativní aktualizace pro Windows 10 Version 1809 pro systémy typu x64 (KB4512578).

Error: (09/16/2019 02:58:51 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073712): 2019-09, kumulativní aktualizace pro .NET Framework 3.5, 4.7.2 a 4.8 pro Windows 10 Version 1809 pro x64 (KB4514601).

Error: (09/16/2019 02:58:43 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240017): 2019-09 Aktualizace zabezpečení pro Adobe Flash Player pro Windows 10 Version 1809 pro systémy typu x64 (KB4516115).

Error: (09/16/2019 02:58:26 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
 a APPID
Není k dispozici
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/16/2019 02:58:26 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
 a APPID
Není k dispozici
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/16/2019 02:57:12 PM) (Source: DCOM) (EventID: 10016) (User: WKS-7700)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 uživateli WKS-7700\Python.P (SID: S-1-5-21-1762167972-3585315150-2067723066-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/16/2019 02:57:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (09/16/2019 02:57:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).


Windows Defender:
===================================
Date: 2019-08-18 22:24:32.668
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {EDCAAE1B-0977-4281-A7F7-673492646C9E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-09-04 20:19:05.859
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Zálohování
Kód chyby: 0x80070241
Popis chyby: V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.
Verze podpisu: 1.301.203.0;1.301.203.0
Verze modulu: 1.1.16300.1

Date: 2019-09-04 20:19:05.682
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x8050a004
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Verze podpisu: 1.301.209.0;1.301.209.0
Verze modulu: 1.1.16300.1

CodeIntegrity:
===================================

Date: 2019-09-16 15:01:43.002
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-09-16 15:01:43.001
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-09-16 15:01:42.403
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-09-16 15:01:42.401
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-09-16 15:01:24.919
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-09-16 15:01:24.916
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-09-16 14:59:13.509
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-09-16 14:59:13.508
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. F22d 01/11/2018
Motherboard: Gigabyte Technology Co., Ltd. Z170-D3H-CF
Processor: Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz
Percentage of memory in use: 35%
Total physical RAM: 16270.44 MB
Available physical RAM: 10416.13 MB
Total Virtual: 18702.44 MB
Available Virtual: 12874.47 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.87 GB) (Free:52.86 GB) NTFS
Drive d: (MX500) (Fixed) (Total:465.74 GB) (Free:121.84 GB) NTFS

\\?\Volume{ca54f71a-7dde-4a57-bc7c-4092f86cc1df}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{24eda34a-b9ad-47b7-ae01-4abf0b63bb40}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 04AB5956)

Partition: GPT.

==================== End of Addition.txt ============================



Ale pokud je to převážně čisté, jdu hledat která aktualizace tohle způsobila... nefunguje mi hledání a občas zvuk.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Preventivní kontrola
PříspěvekNapsal: 18 zář 2019 21:11 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 109666
Bydliště: Plzeň
Zbytečnosti můžeme odstranit. Otevřte poznámkový blok a zkopírujte do něj:

Citace:
Start

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\Python.P\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Python.P\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
FirewallRules: [{A45681A8-2126-4387-909A-A282C6967BB7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{ED0D6335-5F82-4BA5-8D66-12813F8ECF7B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{16686D22-EFF6-4C2D-9089-C17C16F9D69B}] => (Allow) C:\Users\Python.P\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{296B9A99-9512-44EA-8FC5-E9F35EF1BBB2}] => (Allow) C:\Users\Python.P\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{A64C6931-0450-4F06-A5CA-9E25FB61527A}] => (Allow) C:\Program Files\Vuze\Azureus.exe No File
FirewallRules: [{3C82989E-21A9-4D1B-971F-5450FADAE6CE}] => (Allow) C:\Program Files\Vuze\Azureus.exe No File
C:\Program Files\Bonjour\mDNSResponder.exe
GroupPolicy: Restriction ? <==== ATTENTION
Task: {7EC2E189-D5FF-42E1-BAC4-88CF0B0C0C8F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-08] (Google Inc -> Google LLC)
Task: {FACCE405-B7AE-48C6-9EAE-0D442D922C9C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-08] (Google Inc -> Google LLC)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-09-06] <==== ATTENTION

EmptyTemp:
End


Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Preventivní kontrola
PříspěvekNapsal: 14 říj 2019 11:31 
Offline
Návštěvník
Návštěvník

Registrován: 16 zář 2019 14:13
Příspěvky: 4
Tak jsem se k tomu konečně dostal.

Kód:
Fix result of Farbar Recovery Scan Tool (x64) Version: 12-10-2019 02
Ran by Python.P (14-10-2019 10:30:51) Run:1
Running from C:\Users\Python.P\Desktop
Loaded Profiles: Python.P (Available Profiles: Python.P & Visitor)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\Python.P\Data aplikac�:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Python.P\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
FirewallRules: [{A45681A8-2126-4387-909A-A282C6967BB7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{ED0D6335-5F82-4BA5-8D66-12813F8ECF7B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{16686D22-EFF6-4C2D-9089-C17C16F9D69B}] => (Allow) C:\Users\Python.P\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{296B9A99-9512-44EA-8FC5-E9F35EF1BBB2}] => (Allow) C:\Users\Python.P\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{A64C6931-0450-4F06-A5CA-9E25FB61527A}] => (Allow) C:\Program Files\Vuze\Azureus.exe No File
FirewallRules: [{3C82989E-21A9-4D1B-971F-5450FADAE6CE}] => (Allow) C:\Program Files\Vuze\Azureus.exe No File
C:\Program Files\Bonjour\mDNSResponder.exe
GroupPolicy: Restriction ? <==== ATTENTION
Task: {7EC2E189-D5FF-42E1-BAC4-88CF0B0C0C8F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-08] (Google Inc -> Google LLC)
Task: {FACCE405-B7AE-48C6-9EAE-0D442D922C9C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-08] (Google Inc -> Google LLC)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-09-06] <==== ATTENTION

EmptyTemp:
*****************

Processes closed successfully.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"C:\Users\Python.P\Data aplikac�" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
C:\Users\Python.P\AppData\Roaming => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A45681A8-2126-4387-909A-A282C6967BB7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ED0D6335-5F82-4BA5-8D66-12813F8ECF7B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{16686D22-EFF6-4C2D-9089-C17C16F9D69B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{296B9A99-9512-44EA-8FC5-E9F35EF1BBB2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A64C6931-0450-4F06-A5CA-9E25FB61527A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3C82989E-21A9-4D1B-971F-5450FADAE6CE}" => removed successfully
C:\Program Files\Bonjour\mDNSResponder.exe => moved successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7EC2E189-D5FF-42E1-BAC4-88CF0B0C0C8F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EC2E189-D5FF-42E1-BAC4-88CF0B0C0C8F}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FACCE405-B7AE-48C6-9EAE-0D442D922C9C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FACCE405-B7AE-48C6-9EAE-0D442D922C9C}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 7626752 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 203486330 B
Java, Flash, Steam htmlcache => 34927845 B
Windows/system/drivers => 3183256 B
Edge => 57282 B
Chrome => 373796878 B
Firefox => 1102970414 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 16214 B
NetworkService => 450190 B
Python.P => 153891556 B
Visitor => 190432615 B

RecycleBin => 4721090408 B
EmptyTemp: => 6.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:31:59 ====


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: Preventivní kontrola
PříspěvekNapsal: 14 říj 2019 12:36 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 109666
Bydliště: Plzeň
Smazáno, log by již měl být OK.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
Zobrazit příspěvky za předchozí:  Seřadit podle  
Odeslat nové téma Odpovědět na téma  [ Příspěvků: 8 ] 

Všechny časy jsou v UTC + 1 hodina


Kdo je online

Uživatelé procházející toto fórum: Žádní registrovaní uživatelé


Nemůžete zakládat nová témata v tomto fóru
Nemůžete odpovídat v tomto fóru
Nemůžete upravovat své příspěvky v tomto fóru
Nemůžete mazat své příspěvky v tomto fóru
Nemůžete přikládat soubory v tomto fóru

Hledat:
Přejít na:  
Založeno na phpBB® Forum Software © phpBB Group
Český překlad – phpBB.cz
Přispějete na provoz fóra?