Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zavireny Ntb
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zavireny Ntb
Zdravim,
chcel by som vas poprosit, ci by ste sa mi vedeli pozriet na log. Problem je, ze par dni dozadu mama na nieco poklikala a dole v pravo jej zacali vyskakovat take ... windows okna s kolesom stastia a podobne somariny. Sice to sa mi podarilo fixnut asi, ale od vtedy nejde nastartovat KS.
Dakujem
Logfile of random's system information tool 1.10 (written by random/random)
Run by juraj at 2019-01-28 13:14:30
Microsoft Windows 10 Home
System drive C: has 705 GB (74%) free of 953 GB
Total RAM: 8115 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:14:35, on 28.01.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal
Running processes:
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\juraj\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
C:\Program Files\trend micro\juraj.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer15.msn.com/?pc=ACTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {0E2877D3-2641-4970-B794-A553E295428D} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {2E38825B-8815-42CF-9126-C58BC28D4591} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll
O3 - Toolbar: Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll
O4 - HKLM\..\Run: [abDocsDllLoader] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [OneDrive] "C:\Users\juraj\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{9c7d2a94-df7b-4a84-89f9-c8e8fd842c65}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Amazon 1Button App Service - Amazon Inc. - c:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe
O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\system32\AdminService.exe (file missing)
O23 - Service: Služba Kaspersky Anti-Virus 17.0.0 (AVP17.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HP Touchpoint Analytics (HPTouchpointAnalyticsService) - HP Inc. - C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Internet Manager. OUC (Internet Manager. RunOuc) - Unknown owner - C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: klvssbridge64_18.0.0 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\vssbridge64.exe
O23 - Service: klvssbrigde64 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe
O23 - Service: Služba Kaspersky Secure Connection 2.0.0 (KSDE2.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: Quick Access Local Service (QALSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
O23 - Service: Quick Access Service (QASvc) - Acer Incorporated - C:\Program Files\Acer\Acer Quick Access\QASvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: User Experience Improvement Program (UEIPSvc) - acer - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
--
End of file - 12488 bytes
======Listing Processes======
C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
winlogon.exe
"fontdrvhost.exe"
"dwm.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s gpsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\AUDIODG.EXE 0x414
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
C:\WINDOWS\system32\AdminService.exe
"c:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe"
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe"
"C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
dashost.exe {4e8a62de-1ca2-4e9b-93d193e3eba881cb}
c:\windows\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe" "C:/Program Files (x86)/T-Mobile/InternetManager_H/UpdateDog/"
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s NgcCtnrSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s wlidsvc
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
"C:\ProgramData\DatacardService\DCSHelper.exe"
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Dolby Digital Plus\ddp.exe" -autostart
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe" -ServerName:Microsoft.MicrosoftOfficeHub.AppX6an27ssxm1kq22j0wm54a996rsgjh8an.mca
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\WINDOWS\system32\browser_broker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Acer\Acer Quick Access\QASvc.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Acer\Acer Quick Access\QALSvc.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" XGpuTrayIcon"
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Program Files\Acer\Acer Quick Access\QAAgent.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
"C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe"
"C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Users\juraj\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\juraj\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\juraj\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=71.0.3578.98 --initial-client-data=0x1d4,0x1d8,0x1dc,0x1d0,0x1e0,0x7ff8611764d0,0x7ff8611764e0,0x7ff8611764f0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=10144 --on-initialized-event-handle=672 --parent-handle=676 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1572,16486166071117395939,12168676385109153056,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=14688844412647142887 --mojo-platform-channel-handle=1660 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1572,16486166071117395939,12168676385109153056,131072 --service-pipe-token=16130455431836428328 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=16130455431836428328 --renderer-client-id=3 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3080 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1572,16486166071117395939,12168676385109153056,131072 --service-pipe-token=7897663152629124718 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7897663152629124718 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3176 /prefetch:1
"C:\Windows\System32\Taskmgr.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\WINDOWS\system32\igfxext.exe" -Embedding
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1572,16486166071117395939,12168676385109153056,131072 --service-pipe-token=16249230927026925045 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=16249230927026925045 --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1
c:\windows\system32\svchost.exe -k netsvcs -p
C:\OEM\Preload\FubTracking\FubTracking.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s XblAuthManager
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe" -r
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\rempl\sedsvc.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe" -hidden
"C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe" task
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1572,16486166071117395939,12168676385109153056,131072 --service-pipe-token=7463822719137137691 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7463822719137137691 --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7144 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1572,16486166071117395939,12168676385109153056,131072 --service-pipe-token=2357621730849071470 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2357621730849071470 --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8040 /prefetch:1
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe"
"C:\Program Files (x86)\Acer\Care Center\ACCStd.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1572,16486166071117395939,12168676385109153056,131072 --service-pipe-token=15770134306941170663 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=15770134306941170663 --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2956 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1572,16486166071117395939,12168676385109153056,131072 --service-pipe-token=11532377081446790191 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11532377081446790191 --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6540 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1572,16486166071117395939,12168676385109153056,131072 --service-pipe-token=1705457788774485006 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1705457788774485006 --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6076 /prefetch:1
wmiadap.exe /F /T /R
C:\WINDOWS\system32\wbem\WmiApSrv.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1572,16486166071117395939,12168676385109153056,131072 --service-pipe-token=15254554855310130765 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=15254554855310130765 --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5876 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 744 748 756 8192 752
"C:\Users\juraj\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\HPCeeScheduleForjuraj.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForjuraj (null)
=========Mozilla firefox=========
ProfilePath - C:\Users\juraj\AppData\Roaming\Mozilla\Firefox\Profiles\f3di2xn9.default
"light_plugin_F363A72DD7B6435783A76E5F612C9006@kaspersky.com"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
"light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E2877D3-2641-4970-B794-A553E295428D}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-05-16 1429352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E38825B-8815-42CF-9126-C58BC28D4591}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-29 1253736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E2877D3-2641-4970-B794-A553E295428D}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll [2018-05-16 1150312]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E38825B-8815-42CF-9126-C58BC28D4591}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-03-29 1028968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{093F479D-712E-46CD-9E06-62E734A05F68} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-29 1253736]
{4853DF44-7D6B-48E9-9258-D800EEE54AF6} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-05-16 1429352]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{093F479D-712E-46CD-9E06-62E734A05F68} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-03-29 1028968]
{4853DF44-7D6B-48E9-9258-D800EEE54AF6} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll [2018-05-16 1150312]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-07 14040792]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-30 1393880]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-07-14 2631824]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2016-10-13 3942864]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\juraj\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-01-20 1500976]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"abDocsDllLoader"=C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [2017-09-28 91488]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2019-01-09 17:05:47 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-09 17:05:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-09 17:05:46 ----A---- C:\WINDOWS\system32\edgehtml.dll
2019-01-09 17:05:44 ----A---- C:\WINDOWS\system32\mshtml.dll
2019-01-09 17:05:39 ----A---- C:\WINDOWS\system32\wininet.dll
2019-01-09 17:05:38 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2019-01-09 17:05:38 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2019-01-09 17:05:37 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2019-01-09 17:05:35 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2019-01-09 17:05:35 ----A---- C:\WINDOWS\system32\Chakra.dll
2019-01-09 17:05:33 ----A---- C:\WINDOWS\system32\ieframe.dll
2019-01-09 17:05:33 ----A---- C:\WINDOWS\system32\combase.dll
2019-01-09 17:05:32 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2019-01-09 17:05:32 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2019-01-09 17:05:31 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2019-01-09 17:05:29 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2019-01-09 17:05:28 ----A---- C:\WINDOWS\system32\msxml6.dll
2019-01-09 17:05:28 ----A---- C:\WINDOWS\system32\hvix64.exe
2019-01-09 17:05:27 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2019-01-09 17:05:27 ----A---- C:\WINDOWS\system32\iertutil.dll
2019-01-09 17:05:26 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-09 17:05:25 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2019-01-09 17:05:25 ----A---- C:\WINDOWS\system32\hvax64.exe
2019-01-09 17:05:25 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2019-01-09 17:05:24 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2019-01-09 17:05:24 ----A---- C:\WINDOWS\system32\urlmon.dll
2019-01-09 17:05:24 ----A---- C:\WINDOWS\system32\rpcss.dll
2019-01-09 17:05:23 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2019-01-09 17:05:23 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2019-01-09 17:05:22 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2019-01-09 17:05:22 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-09 17:05:22 ----A---- C:\WINDOWS\system32\lsasrv.dll
2019-01-09 17:05:22 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2019-01-09 17:05:22 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-09 17:05:22 ----A---- C:\WINDOWS\system32\aadtb.dll
2019-01-09 17:05:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-09 17:05:21 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2019-01-09 17:05:21 ----A---- C:\WINDOWS\system32\wlidprov.dll
2019-01-09 17:05:21 ----A---- C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 17:05:21 ----A---- C:\WINDOWS\system32\MusNotification.exe
2019-01-09 17:05:21 ----A---- C:\WINDOWS\system32\edgeIso.dll
2019-01-09 17:05:20 ----A---- C:\WINDOWS\system32\WinTypes.dll
2019-01-09 17:05:20 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2019-01-09 17:05:20 ----A---- C:\WINDOWS\system32\browserbroker.dll
2019-01-09 17:05:19 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2019-01-09 17:05:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.dll
2019-01-09 17:05:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 17:05:19 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2019-01-09 17:05:19 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2019-01-09 17:05:19 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 17:05:19 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 17:05:19 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-09 17:05:19 ----A---- C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 17:05:19 ----A---- C:\WINDOWS\system32\kerberos.dll
2019-01-09 17:05:19 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2019-01-09 17:05:18 ----A---- C:\WINDOWS\SYSWOW64\wlidcredprov.dll
2019-01-09 17:05:18 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2019-01-09 17:05:18 ----A---- C:\WINDOWS\SYSWOW64\MicrosoftAccountTokenProvider.dll
2019-01-09 17:05:18 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2019-01-09 17:05:18 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2019-01-09 17:05:18 ----A---- C:\WINDOWS\system32\msv1_0.dll
2019-01-09 17:05:18 ----A---- C:\WINDOWS\system32\MSPhotography.dll
2019-01-09 17:05:18 ----A---- C:\WINDOWS\system32\hvloader.dll
2019-01-09 17:05:18 ----A---- C:\WINDOWS\system32\dssvc.dll
2019-01-09 17:05:18 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2019-01-09 17:05:18 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2019-01-09 17:05:18 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2019-01-09 17:05:18 ----A---- C:\WINDOWS\system32\browser_broker.exe
2019-01-09 17:05:17 ----A---- C:\WINDOWS\SYSWOW64\wlidprov.dll
2019-01-09 17:05:17 ----A---- C:\WINDOWS\SYSWOW64\wlidcli.dll
2019-01-09 17:05:17 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2019-01-09 17:05:17 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2019-01-09 17:05:17 ----A---- C:\WINDOWS\SYSWOW64\MSPhotography.dll
2019-01-09 17:05:17 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2019-01-09 17:05:17 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore.dll
2019-01-09 17:05:17 ----A---- C:\WINDOWS\system32\wlidcli.dll
2019-01-09 17:05:17 ----A---- C:\WINDOWS\system32\windowslivelogin.dll
2019-01-09 17:05:17 ----A---- C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-09 17:05:17 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2019-01-09 17:05:17 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2019-01-09 17:05:17 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2019-01-09 17:05:17 ----A---- C:\WINDOWS\system32\dhcpcore.dll
2019-01-09 17:05:17 ----A---- C:\WINDOWS\system32\browserexport.exe
2019-01-09 17:05:16 ----A---- C:\WINDOWS\SYSWOW64\windowslivelogin.dll
2019-01-09 17:05:16 ----A---- C:\WINDOWS\system32\wlidcredprov.dll
======List of files/folders modified in the last 1 month======
2019-01-28 13:14:35 ----D---- C:\ProgramData\Kaspersky Lab
2019-01-28 13:14:34 ----D---- C:\WINDOWS\Prefetch
2019-01-28 13:14:33 ----D---- C:\WINDOWS\Temp
2019-01-28 13:14:33 ----D---- C:\Program Files\trend micro
2019-01-28 13:09:01 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-01-28 13:08:55 ----D---- C:\WINDOWS\System32
2019-01-28 13:08:55 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-01-28 13:08:19 ----D---- C:\WINDOWS\Logs
2019-01-28 13:08:18 ----D---- C:\ProgramData\NVIDIA
2019-01-28 13:07:35 ----D---- C:\WINDOWS\system32\sru
2019-01-28 06:48:06 ----D---- C:\Windows
2019-01-28 02:23:16 ----SHDC---- C:\WINDOWS\Installer
2019-01-28 00:00:01 ----D---- C:\WINDOWS\system32\LogFiles
2019-01-27 21:59:08 ----D---- C:\WINDOWS\system32\SleepStudy
2019-01-27 20:41:36 ----RD---- C:\WINDOWS\Microsoft.NET
2019-01-27 20:27:22 ----D---- C:\WINDOWS\INF
2019-01-27 20:27:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-27 20:23:21 ----D---- C:\WINDOWS\AppReadiness
2019-01-27 20:20:32 ----HD---- C:\Program Files\WindowsApps
2019-01-25 20:11:11 ----SHD---- C:\System Volume Information
2019-01-25 17:50:23 ----D---- C:\WINDOWS\system32\drivers\wd
2019-01-24 19:28:26 ----D---- C:\WINDOWS\Tasks
2019-01-24 19:28:26 ----D---- C:\WINDOWS\system32\Tasks
2019-01-24 00:40:42 ----D---- C:\WINDOWS\CbsTemp
2019-01-23 19:33:13 ----D---- C:\ProgramData\Microsoft Help
2019-01-23 19:32:16 ----D---- C:\WINDOWS\system32\catroot2
2019-01-19 12:13:57 ----D---- C:\WINDOWS\Minidump
2019-01-19 12:12:27 ----D---- C:\WINDOWS\system32\config
2019-01-18 23:56:30 ----AD---- C:\Program Files\Microsoft Silverlight
2019-01-18 23:56:30 ----AD---- C:\Program Files (x86)\Microsoft Silverlight
2019-01-18 22:14:07 ----D---- C:\Program Files\rempl
2019-01-17 11:04:48 ----D---- C:\WINDOWS\WinSxS
2019-01-10 21:12:44 ----RD---- C:\WINDOWS\assembly
2019-01-09 23:06:36 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2019-01-09 23:06:36 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2019-01-09 23:05:14 ----D---- C:\WINDOWS\TextInput
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SysWOW64
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\zu-ZA
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\yo-NG
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\xh-ZA
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\wo-SN
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\tn-ZA
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\ti-ET
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\rw-RW
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\nso-ZA
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\ig-NG
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\chr-CHER-US
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\drivers
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2019-01-09 23:05:13 ----D---- C:\WINDOWS\bcastdvr
2019-01-09 23:05:12 ----D---- C:\WINDOWS\system32\DriverStore
2019-01-09 17:23:03 ----D---- C:\WINDOWS\system32\MRT
2019-01-09 17:20:09 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-01-04 22:33:53 ----D---- C:\WINDOWS\system32\NDF
2019-01-02 20:41:40 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 cm_km;AO Kaspersky Lab Cryptographic Module x64 (56 bit); C:\WINDOWS\system32\DRIVERS\cm_km.sys [2016-12-26 247008]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-08 58168]
R0 kl1;kl1; C:\WINDOWS\system32\DRIVERS\kl1.sys [2016-10-01 554408]
R0 klbackupdisk;Kaspersky Lab klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [2017-12-24 70880]
R0 klupd_klif_arkmon;klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [2018-05-16 236488]
R0 klupd_klif_klbg;klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [2018-05-16 109248]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R1 klbackupflt;Kaspersky Lab klbackupflt; C:\WINDOWS\system32\DRIVERS\klbackupflt.sys [2017-12-24 117984]
R1 klhk;@oem62.inf,%klhkDisplayName%;Kaspersky Lab service driver; C:\WINDOWS\System32\drivers\klhk.sys [2017-12-24 594144]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2017-12-24 1055424]
R1 KLIM6;@oem43.inf,%KLIM6_Desc%;Kaspersky Anti-Virus NDIS 6 Filter; C:\WINDOWS\system32\DRIVERS\klim6.sys [2016-10-12 57424]
R1 klpd;Kaspersky Lab format recognizer driver; C:\WINDOWS\system32\DRIVERS\klpd.sys [2017-12-24 50672]
R1 klwfp;klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [2016-12-20 93920]
R1 Klwtp;KLwtp - WFP callout traffic inspector; C:\WINDOWS\system32\DRIVERS\klwtp.sys [2017-12-24 135904]
R1 kneps;kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [2017-12-24 199392]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-07-14 414720]
R2 kldisk;kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [2016-05-31 78216]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-08 43008]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2016-06-25 610656]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2018-04-12 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [2013-11-30 91648]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2016-12-19 7969760]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-07-07 4514008]
R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\WINDOWS\System32\drivers\k57nd60a.sys [2018-04-12 446464]
R3 klflt;Kaspersky Lab Kernel DLL; C:\WINDOWS\system32\DRIVERS\klflt.sys [2017-12-24 207576]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [2016-12-23 57056]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2016-12-07 58592]
R3 kltap;@oem63.inf,%DeviceDescription%;Kaspersky Security Data Escort Adapter; C:\WINDOWS\System32\drivers\kltap.sys [2016-06-07 52152]
R3 LMDriver;@oem91.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\WINDOWS\System32\drivers\LMDriver.sys [2018-05-15 31000]
R3 MEIx64;@oem53.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2015-06-30 184096]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_9d2734742a07f3cf\nvlddmkm.sys [2017-05-18 14456920]
R3 Qcamain10x64;@netathr10x.inf,%ATHR.Service.DispName%;Qualcomm Extensible Wireless LAN 11AC device driver; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2018-04-12 2344448]
R3 RadioShim;@oem91.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\WINDOWS\System32\drivers\RadioShim.sys [2018-05-15 25368]
R3 RTSUER;@oem27.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2015-05-19 411712]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 klelam;klelam; C:\WINDOWS\system32\DRIVERS\klelam.sys [2016-10-14 29816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-08-03 128920]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2018-12-08 92688]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2018-12-08 1097728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 dg_ssudbus;@oem116.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2013-01-25 109568]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [2012-12-22 14976]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-01-01 76088]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2013-11-30 226176]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 hwusb_cdcacm;hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [2014-07-25 125952]
S3 hwusb_wwanecm;hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [2014-09-30 380672]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IntcDAud;@oem104.inf,%IntcDAud.SvcDesc%;Intel(R) Zvuk pre obrazovky; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-05-12 481768]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 klids;klids; \??\C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [2018-05-09 180984]
S3 klupd_klif_kimul;klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [2018-04-11 87584]
S3 klupd_klif_klark;klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [2018-03-04 252600]
S3 klupd_klif_mark;klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [2018-03-12 174664]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\4C322406.sys [2016-07-06 192216]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2018-06-15 945568]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Amazon 1Button App Service;Amazon 1Button App Service; c:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe [2015-09-17 456000]
R2 AtherosSvc;AtherosSvc; C:\WINDOWS\system32\AdminService.exe [2016-06-25 355760]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 CDPUserSvc_453f7;Connected Devices Platform User Service_453f7; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2018-12-06 347512]
R2 HPTouchpointAnalyticsService;HP Touchpoint Analytics; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [2017-11-22 332216]
R2 HWDeviceService64.exe;HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [2014-01-15 351824]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-12-19 373720]
R2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-05-19 7680]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-07-07 223008]
R2 KSDE2.0.0;Služba Kaspersky Secure Connection 2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [2017-01-24 354672]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-07-07 415520]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-05-01 462968]
R2 OneSyncSvc_453f7;Sync Host_453f7; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-07-14 760888]
R2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2019-01-11 325432]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-04-12 163336]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2015-05-14 2573568]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-05-16 43648]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 PimIndexMaintenanceSvc_453f7;Kontaktné údaje_453f7; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 QALSvc;Quick Access Local Service; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [2015-07-09 398176]
R3 QASvc;Quick Access Service; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [2015-07-09 450400]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 AVP17.0.0;Služba Kaspersky Anti-Virus 17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [2016-06-28 241544]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-26 144200]
S2 Internet Manager. RunOuc;Internet Manager. OUC; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [2014-04-26 682064]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BcastDVRUserService_453f7;GameDVR and Broadcast User Service_453f7; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BluetoothUserService_453f7;Služba podpory používateľov rozhrania Bluetooth_453f7; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-12-19 301528]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicePickerUserSvc_453f7;DevicePicker_453f7; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc_453f7;DevicesFlow_453f7; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-08-03 90624]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [2018-12-12 443872]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-26 144200]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-05-22 881152]
S3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-05-19 335872]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 klvssbridge64_18.0.0;klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\vssbridge64.exe [2018-05-16 426416]
S3 klvssbrigde64;klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [2016-06-28 77328]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 MessagingService_453f7;MessagingService_453f7; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2019-01-03 227792]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-06-14 161472]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc_453f7;PrintWorkflow_453f7; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-12 1273344]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
-----------------EOF-----------------
chcel by som vas poprosit, ci by ste sa mi vedeli pozriet na log. Problem je, ze par dni dozadu mama na nieco poklikala a dole v pravo jej zacali vyskakovat take ... windows okna s kolesom stastia a podobne somariny. Sice to sa mi podarilo fixnut asi, ale od vtedy nejde nastartovat KS.
Dakujem
Logfile of random's system information tool 1.10 (written by random/random)
Run by juraj at 2019-01-28 13:14:30
Microsoft Windows 10 Home
System drive C: has 705 GB (74%) free of 953 GB
Total RAM: 8115 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:14:35, on 28.01.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal
Running processes:
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\juraj\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
C:\Program Files\trend micro\juraj.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer15.msn.com/?pc=ACTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {0E2877D3-2641-4970-B794-A553E295428D} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {2E38825B-8815-42CF-9126-C58BC28D4591} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll
O3 - Toolbar: Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll
O4 - HKLM\..\Run: [abDocsDllLoader] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [OneDrive] "C:\Users\juraj\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{9c7d2a94-df7b-4a84-89f9-c8e8fd842c65}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Amazon 1Button App Service - Amazon Inc. - c:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe
O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\system32\AdminService.exe (file missing)
O23 - Service: Služba Kaspersky Anti-Virus 17.0.0 (AVP17.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HP Touchpoint Analytics (HPTouchpointAnalyticsService) - HP Inc. - C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Internet Manager. OUC (Internet Manager. RunOuc) - Unknown owner - C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: klvssbridge64_18.0.0 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\vssbridge64.exe
O23 - Service: klvssbrigde64 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe
O23 - Service: Služba Kaspersky Secure Connection 2.0.0 (KSDE2.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: Quick Access Local Service (QALSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
O23 - Service: Quick Access Service (QASvc) - Acer Incorporated - C:\Program Files\Acer\Acer Quick Access\QASvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: User Experience Improvement Program (UEIPSvc) - acer - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
--
End of file - 12488 bytes
======Listing Processes======
C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
winlogon.exe
"fontdrvhost.exe"
"dwm.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s gpsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\AUDIODG.EXE 0x414
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
C:\WINDOWS\system32\AdminService.exe
"c:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe"
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe"
"C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
dashost.exe {4e8a62de-1ca2-4e9b-93d193e3eba881cb}
c:\windows\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe" "C:/Program Files (x86)/T-Mobile/InternetManager_H/UpdateDog/"
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s NgcCtnrSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s wlidsvc
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
"C:\ProgramData\DatacardService\DCSHelper.exe"
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Dolby Digital Plus\ddp.exe" -autostart
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe" -ServerName:Microsoft.MicrosoftOfficeHub.AppX6an27ssxm1kq22j0wm54a996rsgjh8an.mca
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\WINDOWS\system32\browser_broker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Acer\Acer Quick Access\QASvc.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Acer\Acer Quick Access\QALSvc.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" XGpuTrayIcon"
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Program Files\Acer\Acer Quick Access\QAAgent.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
"C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe"
"C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Users\juraj\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\juraj\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\juraj\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=71.0.3578.98 --initial-client-data=0x1d4,0x1d8,0x1dc,0x1d0,0x1e0,0x7ff8611764d0,0x7ff8611764e0,0x7ff8611764f0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=10144 --on-initialized-event-handle=672 --parent-handle=676 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1572,16486166071117395939,12168676385109153056,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=14688844412647142887 --mojo-platform-channel-handle=1660 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1572,16486166071117395939,12168676385109153056,131072 --service-pipe-token=16130455431836428328 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=16130455431836428328 --renderer-client-id=3 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3080 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1572,16486166071117395939,12168676385109153056,131072 --service-pipe-token=7897663152629124718 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7897663152629124718 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3176 /prefetch:1
"C:\Windows\System32\Taskmgr.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\WINDOWS\system32\igfxext.exe" -Embedding
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1572,16486166071117395939,12168676385109153056,131072 --service-pipe-token=16249230927026925045 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=16249230927026925045 --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1
c:\windows\system32\svchost.exe -k netsvcs -p
C:\OEM\Preload\FubTracking\FubTracking.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s XblAuthManager
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe" -r
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\rempl\sedsvc.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe" -hidden
"C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe" task
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1572,16486166071117395939,12168676385109153056,131072 --service-pipe-token=7463822719137137691 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7463822719137137691 --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7144 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1572,16486166071117395939,12168676385109153056,131072 --service-pipe-token=2357621730849071470 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2357621730849071470 --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8040 /prefetch:1
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe"
"C:\Program Files (x86)\Acer\Care Center\ACCStd.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1572,16486166071117395939,12168676385109153056,131072 --service-pipe-token=15770134306941170663 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=15770134306941170663 --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2956 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1572,16486166071117395939,12168676385109153056,131072 --service-pipe-token=11532377081446790191 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11532377081446790191 --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6540 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1572,16486166071117395939,12168676385109153056,131072 --service-pipe-token=1705457788774485006 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1705457788774485006 --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6076 /prefetch:1
wmiadap.exe /F /T /R
C:\WINDOWS\system32\wbem\WmiApSrv.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1572,16486166071117395939,12168676385109153056,131072 --service-pipe-token=15254554855310130765 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=15254554855310130765 --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5876 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 744 748 756 8192 752
"C:\Users\juraj\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\HPCeeScheduleForjuraj.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForjuraj (null)
=========Mozilla firefox=========
ProfilePath - C:\Users\juraj\AppData\Roaming\Mozilla\Firefox\Profiles\f3di2xn9.default
"light_plugin_F363A72DD7B6435783A76E5F612C9006@kaspersky.com"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
"light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E2877D3-2641-4970-B794-A553E295428D}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-05-16 1429352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E38825B-8815-42CF-9126-C58BC28D4591}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-29 1253736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E2877D3-2641-4970-B794-A553E295428D}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll [2018-05-16 1150312]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E38825B-8815-42CF-9126-C58BC28D4591}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-03-29 1028968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{093F479D-712E-46CD-9E06-62E734A05F68} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-29 1253736]
{4853DF44-7D6B-48E9-9258-D800EEE54AF6} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-05-16 1429352]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{093F479D-712E-46CD-9E06-62E734A05F68} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-03-29 1028968]
{4853DF44-7D6B-48E9-9258-D800EEE54AF6} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll [2018-05-16 1150312]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-07 14040792]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-30 1393880]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-07-14 2631824]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2016-10-13 3942864]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\juraj\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-01-20 1500976]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"abDocsDllLoader"=C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [2017-09-28 91488]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2019-01-09 17:05:47 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-09 17:05:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-09 17:05:46 ----A---- C:\WINDOWS\system32\edgehtml.dll
2019-01-09 17:05:44 ----A---- C:\WINDOWS\system32\mshtml.dll
2019-01-09 17:05:39 ----A---- C:\WINDOWS\system32\wininet.dll
2019-01-09 17:05:38 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2019-01-09 17:05:38 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2019-01-09 17:05:37 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2019-01-09 17:05:35 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2019-01-09 17:05:35 ----A---- C:\WINDOWS\system32\Chakra.dll
2019-01-09 17:05:33 ----A---- C:\WINDOWS\system32\ieframe.dll
2019-01-09 17:05:33 ----A---- C:\WINDOWS\system32\combase.dll
2019-01-09 17:05:32 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2019-01-09 17:05:32 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2019-01-09 17:05:31 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2019-01-09 17:05:29 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2019-01-09 17:05:28 ----A---- C:\WINDOWS\system32\msxml6.dll
2019-01-09 17:05:28 ----A---- C:\WINDOWS\system32\hvix64.exe
2019-01-09 17:05:27 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2019-01-09 17:05:27 ----A---- C:\WINDOWS\system32\iertutil.dll
2019-01-09 17:05:26 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-09 17:05:25 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2019-01-09 17:05:25 ----A---- C:\WINDOWS\system32\hvax64.exe
2019-01-09 17:05:25 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2019-01-09 17:05:24 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2019-01-09 17:05:24 ----A---- C:\WINDOWS\system32\urlmon.dll
2019-01-09 17:05:24 ----A---- C:\WINDOWS\system32\rpcss.dll
2019-01-09 17:05:23 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2019-01-09 17:05:23 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2019-01-09 17:05:22 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2019-01-09 17:05:22 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-09 17:05:22 ----A---- C:\WINDOWS\system32\lsasrv.dll
2019-01-09 17:05:22 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2019-01-09 17:05:22 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-09 17:05:22 ----A---- C:\WINDOWS\system32\aadtb.dll
2019-01-09 17:05:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-09 17:05:21 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2019-01-09 17:05:21 ----A---- C:\WINDOWS\system32\wlidprov.dll
2019-01-09 17:05:21 ----A---- C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 17:05:21 ----A---- C:\WINDOWS\system32\MusNotification.exe
2019-01-09 17:05:21 ----A---- C:\WINDOWS\system32\edgeIso.dll
2019-01-09 17:05:20 ----A---- C:\WINDOWS\system32\WinTypes.dll
2019-01-09 17:05:20 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2019-01-09 17:05:20 ----A---- C:\WINDOWS\system32\browserbroker.dll
2019-01-09 17:05:19 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2019-01-09 17:05:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.dll
2019-01-09 17:05:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 17:05:19 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2019-01-09 17:05:19 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2019-01-09 17:05:19 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 17:05:19 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 17:05:19 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-09 17:05:19 ----A---- C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 17:05:19 ----A---- C:\WINDOWS\system32\kerberos.dll
2019-01-09 17:05:19 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2019-01-09 17:05:18 ----A---- C:\WINDOWS\SYSWOW64\wlidcredprov.dll
2019-01-09 17:05:18 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2019-01-09 17:05:18 ----A---- C:\WINDOWS\SYSWOW64\MicrosoftAccountTokenProvider.dll
2019-01-09 17:05:18 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2019-01-09 17:05:18 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2019-01-09 17:05:18 ----A---- C:\WINDOWS\system32\msv1_0.dll
2019-01-09 17:05:18 ----A---- C:\WINDOWS\system32\MSPhotography.dll
2019-01-09 17:05:18 ----A---- C:\WINDOWS\system32\hvloader.dll
2019-01-09 17:05:18 ----A---- C:\WINDOWS\system32\dssvc.dll
2019-01-09 17:05:18 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2019-01-09 17:05:18 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2019-01-09 17:05:18 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2019-01-09 17:05:18 ----A---- C:\WINDOWS\system32\browser_broker.exe
2019-01-09 17:05:17 ----A---- C:\WINDOWS\SYSWOW64\wlidprov.dll
2019-01-09 17:05:17 ----A---- C:\WINDOWS\SYSWOW64\wlidcli.dll
2019-01-09 17:05:17 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2019-01-09 17:05:17 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2019-01-09 17:05:17 ----A---- C:\WINDOWS\SYSWOW64\MSPhotography.dll
2019-01-09 17:05:17 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2019-01-09 17:05:17 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore.dll
2019-01-09 17:05:17 ----A---- C:\WINDOWS\system32\wlidcli.dll
2019-01-09 17:05:17 ----A---- C:\WINDOWS\system32\windowslivelogin.dll
2019-01-09 17:05:17 ----A---- C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-09 17:05:17 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2019-01-09 17:05:17 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2019-01-09 17:05:17 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2019-01-09 17:05:17 ----A---- C:\WINDOWS\system32\dhcpcore.dll
2019-01-09 17:05:17 ----A---- C:\WINDOWS\system32\browserexport.exe
2019-01-09 17:05:16 ----A---- C:\WINDOWS\SYSWOW64\windowslivelogin.dll
2019-01-09 17:05:16 ----A---- C:\WINDOWS\system32\wlidcredprov.dll
======List of files/folders modified in the last 1 month======
2019-01-28 13:14:35 ----D---- C:\ProgramData\Kaspersky Lab
2019-01-28 13:14:34 ----D---- C:\WINDOWS\Prefetch
2019-01-28 13:14:33 ----D---- C:\WINDOWS\Temp
2019-01-28 13:14:33 ----D---- C:\Program Files\trend micro
2019-01-28 13:09:01 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-01-28 13:08:55 ----D---- C:\WINDOWS\System32
2019-01-28 13:08:55 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-01-28 13:08:19 ----D---- C:\WINDOWS\Logs
2019-01-28 13:08:18 ----D---- C:\ProgramData\NVIDIA
2019-01-28 13:07:35 ----D---- C:\WINDOWS\system32\sru
2019-01-28 06:48:06 ----D---- C:\Windows
2019-01-28 02:23:16 ----SHDC---- C:\WINDOWS\Installer
2019-01-28 00:00:01 ----D---- C:\WINDOWS\system32\LogFiles
2019-01-27 21:59:08 ----D---- C:\WINDOWS\system32\SleepStudy
2019-01-27 20:41:36 ----RD---- C:\WINDOWS\Microsoft.NET
2019-01-27 20:27:22 ----D---- C:\WINDOWS\INF
2019-01-27 20:27:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-27 20:23:21 ----D---- C:\WINDOWS\AppReadiness
2019-01-27 20:20:32 ----HD---- C:\Program Files\WindowsApps
2019-01-25 20:11:11 ----SHD---- C:\System Volume Information
2019-01-25 17:50:23 ----D---- C:\WINDOWS\system32\drivers\wd
2019-01-24 19:28:26 ----D---- C:\WINDOWS\Tasks
2019-01-24 19:28:26 ----D---- C:\WINDOWS\system32\Tasks
2019-01-24 00:40:42 ----D---- C:\WINDOWS\CbsTemp
2019-01-23 19:33:13 ----D---- C:\ProgramData\Microsoft Help
2019-01-23 19:32:16 ----D---- C:\WINDOWS\system32\catroot2
2019-01-19 12:13:57 ----D---- C:\WINDOWS\Minidump
2019-01-19 12:12:27 ----D---- C:\WINDOWS\system32\config
2019-01-18 23:56:30 ----AD---- C:\Program Files\Microsoft Silverlight
2019-01-18 23:56:30 ----AD---- C:\Program Files (x86)\Microsoft Silverlight
2019-01-18 22:14:07 ----D---- C:\Program Files\rempl
2019-01-17 11:04:48 ----D---- C:\WINDOWS\WinSxS
2019-01-10 21:12:44 ----RD---- C:\WINDOWS\assembly
2019-01-09 23:06:36 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2019-01-09 23:06:36 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2019-01-09 23:05:14 ----D---- C:\WINDOWS\TextInput
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2019-01-09 23:05:14 ----D---- C:\WINDOWS\SysWOW64
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\zu-ZA
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\yo-NG
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\xh-ZA
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\wo-SN
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\tn-ZA
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\ti-ET
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\rw-RW
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\nso-ZA
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\ig-NG
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\chr-CHER-US
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\drivers
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2019-01-09 23:05:13 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2019-01-09 23:05:13 ----D---- C:\WINDOWS\bcastdvr
2019-01-09 23:05:12 ----D---- C:\WINDOWS\system32\DriverStore
2019-01-09 17:23:03 ----D---- C:\WINDOWS\system32\MRT
2019-01-09 17:20:09 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-01-04 22:33:53 ----D---- C:\WINDOWS\system32\NDF
2019-01-02 20:41:40 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 cm_km;AO Kaspersky Lab Cryptographic Module x64 (56 bit); C:\WINDOWS\system32\DRIVERS\cm_km.sys [2016-12-26 247008]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-08 58168]
R0 kl1;kl1; C:\WINDOWS\system32\DRIVERS\kl1.sys [2016-10-01 554408]
R0 klbackupdisk;Kaspersky Lab klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [2017-12-24 70880]
R0 klupd_klif_arkmon;klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [2018-05-16 236488]
R0 klupd_klif_klbg;klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [2018-05-16 109248]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R1 klbackupflt;Kaspersky Lab klbackupflt; C:\WINDOWS\system32\DRIVERS\klbackupflt.sys [2017-12-24 117984]
R1 klhk;@oem62.inf,%klhkDisplayName%;Kaspersky Lab service driver; C:\WINDOWS\System32\drivers\klhk.sys [2017-12-24 594144]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2017-12-24 1055424]
R1 KLIM6;@oem43.inf,%KLIM6_Desc%;Kaspersky Anti-Virus NDIS 6 Filter; C:\WINDOWS\system32\DRIVERS\klim6.sys [2016-10-12 57424]
R1 klpd;Kaspersky Lab format recognizer driver; C:\WINDOWS\system32\DRIVERS\klpd.sys [2017-12-24 50672]
R1 klwfp;klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [2016-12-20 93920]
R1 Klwtp;KLwtp - WFP callout traffic inspector; C:\WINDOWS\system32\DRIVERS\klwtp.sys [2017-12-24 135904]
R1 kneps;kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [2017-12-24 199392]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-07-14 414720]
R2 kldisk;kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [2016-05-31 78216]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-08 43008]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2016-06-25 610656]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2018-04-12 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [2013-11-30 91648]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2016-12-19 7969760]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-07-07 4514008]
R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\WINDOWS\System32\drivers\k57nd60a.sys [2018-04-12 446464]
R3 klflt;Kaspersky Lab Kernel DLL; C:\WINDOWS\system32\DRIVERS\klflt.sys [2017-12-24 207576]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [2016-12-23 57056]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2016-12-07 58592]
R3 kltap;@oem63.inf,%DeviceDescription%;Kaspersky Security Data Escort Adapter; C:\WINDOWS\System32\drivers\kltap.sys [2016-06-07 52152]
R3 LMDriver;@oem91.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\WINDOWS\System32\drivers\LMDriver.sys [2018-05-15 31000]
R3 MEIx64;@oem53.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2015-06-30 184096]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_9d2734742a07f3cf\nvlddmkm.sys [2017-05-18 14456920]
R3 Qcamain10x64;@netathr10x.inf,%ATHR.Service.DispName%;Qualcomm Extensible Wireless LAN 11AC device driver; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2018-04-12 2344448]
R3 RadioShim;@oem91.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\WINDOWS\System32\drivers\RadioShim.sys [2018-05-15 25368]
R3 RTSUER;@oem27.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2015-05-19 411712]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 klelam;klelam; C:\WINDOWS\system32\DRIVERS\klelam.sys [2016-10-14 29816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-08-03 128920]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2018-12-08 92688]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2018-12-08 1097728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 dg_ssudbus;@oem116.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2013-01-25 109568]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [2012-12-22 14976]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-01-01 76088]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2013-11-30 226176]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 hwusb_cdcacm;hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [2014-07-25 125952]
S3 hwusb_wwanecm;hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [2014-09-30 380672]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IntcDAud;@oem104.inf,%IntcDAud.SvcDesc%;Intel(R) Zvuk pre obrazovky; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-05-12 481768]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 klids;klids; \??\C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [2018-05-09 180984]
S3 klupd_klif_kimul;klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [2018-04-11 87584]
S3 klupd_klif_klark;klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [2018-03-04 252600]
S3 klupd_klif_mark;klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [2018-03-12 174664]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\4C322406.sys [2016-07-06 192216]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2018-06-15 945568]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Amazon 1Button App Service;Amazon 1Button App Service; c:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe [2015-09-17 456000]
R2 AtherosSvc;AtherosSvc; C:\WINDOWS\system32\AdminService.exe [2016-06-25 355760]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 CDPUserSvc_453f7;Connected Devices Platform User Service_453f7; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2018-12-06 347512]
R2 HPTouchpointAnalyticsService;HP Touchpoint Analytics; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [2017-11-22 332216]
R2 HWDeviceService64.exe;HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [2014-01-15 351824]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-12-19 373720]
R2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-05-19 7680]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-07-07 223008]
R2 KSDE2.0.0;Služba Kaspersky Secure Connection 2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [2017-01-24 354672]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-07-07 415520]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-05-01 462968]
R2 OneSyncSvc_453f7;Sync Host_453f7; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-07-14 760888]
R2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2019-01-11 325432]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-04-12 163336]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2015-05-14 2573568]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-05-16 43648]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 PimIndexMaintenanceSvc_453f7;Kontaktné údaje_453f7; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 QALSvc;Quick Access Local Service; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [2015-07-09 398176]
R3 QASvc;Quick Access Service; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [2015-07-09 450400]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 AVP17.0.0;Služba Kaspersky Anti-Virus 17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [2016-06-28 241544]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-26 144200]
S2 Internet Manager. RunOuc;Internet Manager. OUC; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [2014-04-26 682064]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BcastDVRUserService_453f7;GameDVR and Broadcast User Service_453f7; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BluetoothUserService_453f7;Služba podpory používateľov rozhrania Bluetooth_453f7; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-12-19 301528]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicePickerUserSvc_453f7;DevicePicker_453f7; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc_453f7;DevicesFlow_453f7; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-08-03 90624]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [2018-12-12 443872]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-26 144200]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-05-22 881152]
S3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-05-19 335872]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 klvssbridge64_18.0.0;klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\vssbridge64.exe [2018-05-16 426416]
S3 klvssbrigde64;klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [2016-06-28 77328]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 MessagingService_453f7;MessagingService_453f7; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2019-01-03 227792]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-06-14 161472]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc_453f7;PrintWorkflow_453f7; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-12 1273344]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
-----------------EOF-----------------
Re: Zavireny Ntb
Ahoj,
Poprosim o vlozeni logu FRST.txt a Addition.txt z aplikace FRST (Farbar Recovery Scan Tool). Navod naleznes zde: https://forum.viry.cz/viewtopic.php?f=13&t=154679
Obsah Additional.txt muzes vlozit rovnou sem do vlakna.
Poprosim o vlozeni logu FRST.txt a Addition.txt z aplikace FRST (Farbar Recovery Scan Tool). Navod naleznes zde: https://forum.viry.cz/viewtopic.php?f=13&t=154679
Obsah Additional.txt muzes vlozit rovnou sem do vlakna.
Re: Zavireny Ntb
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2019
Ran by juraj (administrator) on LAPTOP-H3BTBJQ6 (29-01-2019 12:33:03)
Running from C:\Users\juraj\Desktop
Loaded Profiles: juraj (Available Profiles: juraj)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Language: Slovenčina (Slovensko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(Amazon Inc.) C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1901.7-0\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1901.7-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-06-30] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2631824 2015-07-14] (NVIDIA Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2017-09-28] ()
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-3094667262-3946119299-137694158-1001\...\MountPoints2: {72570ade-a76d-11e8-9c86-3065ec8ca6de} - "E:\Setup.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-18] (Google Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{78863fb6-9d0c-4fd3-a418-5a568860c155}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{9c7d2a94-df7b-4a84-89f9-c8e8fd842c65}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{9c7d2a94-df7b-4a84-89f9-c8e8fd842c65}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-3094667262-3946119299-137694158-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-3094667262-3946119299-137694158-1001 -> DefaultScope {F584603C-2E74-41A5-8CED-7FC3B0E5F085} URL =
SearchScopes: HKU\S-1-5-21-3094667262-3946119299-137694158-1001 -> {F584603C-2E74-41A5-8CED-7FC3B0E5F085} URL =
BHO: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-05-16] (AO Kaspersky Lab)
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll [2018-05-16] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-05-16] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll [2018-05-16] (AO Kaspersky Lab)
FireFox:
========
FF DefaultProfile: f3di2xn9.default
FF ProfilePath: C:\Users\juraj\AppData\Roaming\Mozilla\Firefox\Profiles\f3di2xn9.default [2019-01-14]
FF Extension: (Avira Browser Safety) - C:\Users\juraj\AppData\Roaming\Mozilla\Firefox\Profiles\f3di2xn9.default\Extensions\abs@avira.com.xpi [2019-01-08]
FF Extension: (Slovak (SK) Language Pack) - C:\Users\juraj\AppData\Roaming\Mozilla\Firefox\Profiles\f3di2xn9.default\Extensions\langpack-sk@firefox.mozilla.org.xpi [2019-01-08]
FF HKLM\...\Firefox\Extensions: [light_plugin_F363A72DD7B6435783A76E5F612C9006@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-04-18]
FF HKLM\...\Firefox\Extensions: [light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-05-16]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F363A72DD7B6435783A76E5F612C9006@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.zoznam.sk/"
CHR Profile: C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Default [2019-01-29]
CHR Extension: (Prezentácie) - C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-26]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-01-24]
CHR Extension: (Google Search) - C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-26]
CHR Extension: (Tabuľky) - C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Kaspersky Protection) - C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-04-23]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
CHR Extension: (Kaspersky Protection) - C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk [2018-05-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-26]
CHR Extension: (Chrome Media Router) - C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-21]
CHR Profile: C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-10-12]
CHR Profile: C:\Users\juraj\AppData\Local\Google\Chrome\User Data\System Profile [2018-10-12]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
CHR HKU\S-1-5-21-3094667262-3946119299-137694158-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Amazon 1Button App Service; c:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe [456000 2015-09-17] (Amazon Inc.)
S2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] ()
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373720 2016-12-19] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [682064 2014-04-26] ()
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-07] (Intel Corporation)
S3 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\vssbridge64.exe [426416 2018-05-16] (AO Kaspersky Lab)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\NisSrv.exe [4096976 2019-01-25] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MsMpEng.exe [113992 2019-01-25] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [125952 2014-07-25] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [380672 2014-09-30] (Huawei Technologies Co., Ltd.)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554408 2016-10-01] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [70880 2017-12-24] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [117984 2017-12-24] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29816 2016-10-14] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [207576 2017-12-24] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [594144 2017-12-24] (AO Kaspersky Lab)
S3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [180984 2018-05-09] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1055424 2017-12-24] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-10-12] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [57056 2016-12-23] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [58592 2016-12-07] (AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50672 2017-12-24] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [236488 2018-05-16] (AO Kaspersky Lab)
S3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2018-04-11] (AO Kaspersky Lab)
S3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [252600 2018-03-04] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [109248 2018-05-16] (AO Kaspersky Lab)
S3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [174664 2018-03-12] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [93920 2016-12-20] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [135904 2017-12-24] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2017-12-24] (AO Kaspersky Lab)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\4C322406.sys [192216 2016-07-06] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_9d2734742a07f3cf\nvlddmkm.sys [14456920 2017-05-18] (NVIDIA Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [411712 2015-05-19] (Realsil Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [56520 2015-12-24] (Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46488 2019-01-25] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [343032 2019-01-25] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [63480 2019-01-25] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-29 12:33 - 2019-01-29 12:33 - 000025722 _____ C:\Users\juraj\Desktop\FRST.txt
2019-01-29 12:31 - 2019-01-29 12:31 - 002428416 _____ (Farbar) C:\Users\juraj\Desktop\FRST64.exe
2019-01-28 13:14 - 2019-01-28 13:14 - 001222144 _____ C:\Users\juraj\Downloads\RSITx64.exe
2019-01-28 13:01 - 2019-01-28 13:09 - 000000000 ____D C:\Users\juraj\AppData\Local\D3DSCache
2019-01-27 23:02 - 2019-01-27 23:02 - 000000000 ____D C:\Users\juraj\Desktop\ZMLUVY
2019-01-17 23:20 - 2019-01-17 23:20 - 001446007 _____ C:\Users\juraj\Downloads\Docs_SSLP_zaklad_6634.zip
2019-01-17 23:19 - 2019-01-17 23:19 - 000136025 _____ C:\Users\juraj\Downloads\Docs_SSLP_3_citanie_6634.zip
2019-01-17 11:10 - 2019-01-17 11:10 - 025365087 _____ C:\Users\juraj\Downloads\Letak 03 nahlad.pdf
2019-01-14 12:07 - 2019-01-14 12:07 - 002329466 _____ C:\Users\juraj\Downloads\dibuk_mrcha-na-koni_176879.mobi
2019-01-14 12:06 - 2019-01-14 12:06 - 002786656 _____ C:\Users\juraj\Downloads\dibuk_vsechno-nebo-nic-4_168968.mobi
2019-01-14 12:06 - 2019-01-14 12:06 - 002114743 _____ C:\Users\juraj\Downloads\dibuk_sex-a-jine-city-1_169534.mobi
2019-01-09 17:05 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-09 17:05 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-09 17:05 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-09 17:05 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-09 17:05 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-09 17:05 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-09 17:05 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-09 17:05 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-09 17:05 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-09 17:05 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-09 17:05 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-09 17:05 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-09 17:05 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-09 17:05 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-09 17:05 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-09 17:05 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-09 17:05 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-09 17:05 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-09 17:05 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-09 17:05 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-09 17:05 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-09 17:05 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-09 17:05 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-09 17:05 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-09 17:05 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-09 17:05 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-09 17:05 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-09 17:05 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-09 17:05 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-09 17:05 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-09 17:05 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-09 17:05 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-09 17:05 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-09 17:05 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-09 17:05 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-09 17:05 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-09 17:05 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-09 17:05 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-09 17:05 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 17:05 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-09 17:05 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-09 17:05 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-09 17:05 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-09 17:05 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-09 17:05 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-09 17:05 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-09 17:05 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-09 17:05 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-09 17:05 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 17:05 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-09 17:05 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-09 17:05 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-09 17:05 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-09 17:05 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 17:05 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-09 17:05 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-09 17:05 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 17:05 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-09 17:05 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-09 17:05 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-09 17:05 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-09 17:05 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-09 17:05 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-09 17:05 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-09 17:05 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-09 17:05 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-09 17:05 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-09 17:05 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-09 17:05 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-09 17:05 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-09 17:05 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-09 17:05 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-09 17:05 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-09 17:05 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-09 17:05 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-09 17:05 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-09 17:05 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-09 17:05 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 17:05 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-09 17:05 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-09 17:05 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-09 17:05 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-09 17:05 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-09 17:05 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-09 17:05 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-09 17:05 - 2019-01-01 06:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-09 17:05 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-04 04:15 - 2019-01-04 04:15 - 000011584 _____ C:\Users\juraj\Downloads\Stanovenie cieľov2019.xlsx
2019-01-04 03:53 - 2019-01-04 04:04 - 000011584 _____ C:\Users\juraj\Desktop\Stanovenie cieľov2019.xlsx
2019-01-04 03:35 - 2019-01-04 03:35 - 003515947 _____ C:\Users\juraj\Downloads\Rozpočet_BSK_na_roky_2014-2016.pdf
2019-01-04 02:56 - 2019-01-04 02:56 - 005512816 _____ C:\Users\juraj\Downloads\Rozpočet_BSK_na_roky_2015_-2017.xps
2019-01-04 02:14 - 2019-01-04 02:14 - 000246661 _____ C:\Users\juraj\Downloads\Sociálny_program_2019_final.pdf
2019-01-04 00:51 - 2019-01-04 00:51 - 025947352 _____ C:\Users\juraj\Downloads\Materiály_na_rokovanie_Zastupiteľstva_BSK_14.12.2018.zip
2019-01-03 11:30 - 2019-01-03 11:30 - 000118345 _____ C:\Users\juraj\Downloads\Osobný dotazník 1.pdf
2019-01-03 10:42 - 2019-01-03 10:42 - 000015423 _____ C:\Users\juraj\Downloads\Stanovenie cieľov odbor.xlsx
2019-01-03 10:39 - 2019-01-03 10:39 - 000029512 _____ C:\Users\juraj\Downloads\FW_ Stanovenie cieľov pre rok 2019.zip
2019-01-03 10:38 - 2019-01-04 03:53 - 000000000 ____D C:\Users\juraj\Desktop\Ciele
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-29 12:33 - 2016-06-22 14:32 - 000000000 ____D C:\FRST
2019-01-29 12:32 - 2018-05-16 22:49 - 000004210 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3CA4A392-FDC5-4769-9978-546E3B33D9B7}
2019-01-29 12:31 - 2018-07-16 19:19 - 000000000 ____D C:\ProgramData\Packages
2019-01-29 12:31 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-29 12:31 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-28 13:18 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-28 13:16 - 2016-04-21 18:44 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-01-28 13:14 - 2018-05-16 22:39 - 002038224 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-28 13:14 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-01-28 13:14 - 2016-10-05 20:37 - 000921844 _____ C:\WINDOWS\system32\perfh01B.dat
2019-01-28 13:14 - 2016-10-05 20:37 - 000274796 _____ C:\WINDOWS\system32\perfc01B.dat
2019-01-28 13:14 - 2016-06-11 17:51 - 000000000 ____D C:\Program Files\trend micro
2019-01-28 13:08 - 2018-05-16 22:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-28 13:08 - 2017-06-18 20:44 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-01-28 13:08 - 2017-06-18 20:44 - 000000000 ____D C:\ProgramData\NVIDIA
2019-01-28 13:08 - 2015-12-24 19:30 - 000000000 __SHD C:\Users\juraj\IntelGraphicsProfiles
2019-01-28 13:07 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-01-27 21:59 - 2018-05-16 22:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-27 20:22 - 2017-11-19 19:52 - 000000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForjuraj.job
2019-01-25 22:36 - 2018-05-16 22:30 - 000000000 ____D C:\Users\juraj
2019-01-25 17:50 - 2018-04-25 16:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-01-24 19:28 - 2018-05-16 22:49 - 000003256 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForjuraj
2019-01-24 00:40 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-23 19:43 - 2017-07-20 19:04 - 000000000 ___RD C:\Users\juraj\Desktop\Nový výber do auta
2019-01-20 12:53 - 2018-05-16 22:49 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3094667262-3946119299-137694158-1001
2019-01-20 12:53 - 2018-05-16 22:30 - 000002371 _____ C:\Users\juraj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-20 12:53 - 2015-12-24 19:35 - 000000000 ___RD C:\Users\juraj\OneDrive
2019-01-19 12:13 - 2018-10-31 20:27 - 000000000 ____D C:\WINDOWS\Minidump
2019-01-18 23:56 - 2016-12-25 16:39 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2019-01-18 23:56 - 2016-12-25 16:39 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2019-01-18 22:14 - 2018-11-16 22:49 - 000000000 ____D C:\Program Files\rempl
2019-01-15 20:08 - 2016-12-25 16:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-01-14 20:39 - 2017-07-03 22:18 - 000000000 ____D C:\Users\juraj\AppData\LocalLow\Mozilla
2019-01-09 23:06 - 2015-12-25 15:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-01-09 23:06 - 2015-07-16 04:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-01-09 23:05 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-09 23:05 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-09 17:23 - 2015-12-25 20:55 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-09 17:20 - 2015-12-25 20:55 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-04 22:33 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-01-04 00:52 - 2018-12-04 13:47 - 002079545 _____ C:\Users\juraj\Desktop\9. Koncepcia rozvoja sociálnych služieb v kompetencii BSK_materiál.pdf
2019-01-03 22:11 - 2015-07-16 04:33 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-01-02 20:41 - 2018-11-14 18:32 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-02 20:41 - 2018-11-14 18:32 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-05-16 22:23
==================== End of FRST.txt ============================
Ran by juraj (administrator) on LAPTOP-H3BTBJQ6 (29-01-2019 12:33:03)
Running from C:\Users\juraj\Desktop
Loaded Profiles: juraj (Available Profiles: juraj)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Language: Slovenčina (Slovensko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(Amazon Inc.) C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1901.7-0\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1901.7-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-06-30] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2631824 2015-07-14] (NVIDIA Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2017-09-28] ()
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-3094667262-3946119299-137694158-1001\...\MountPoints2: {72570ade-a76d-11e8-9c86-3065ec8ca6de} - "E:\Setup.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-18] (Google Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{78863fb6-9d0c-4fd3-a418-5a568860c155}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{9c7d2a94-df7b-4a84-89f9-c8e8fd842c65}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{9c7d2a94-df7b-4a84-89f9-c8e8fd842c65}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-3094667262-3946119299-137694158-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-3094667262-3946119299-137694158-1001 -> DefaultScope {F584603C-2E74-41A5-8CED-7FC3B0E5F085} URL =
SearchScopes: HKU\S-1-5-21-3094667262-3946119299-137694158-1001 -> {F584603C-2E74-41A5-8CED-7FC3B0E5F085} URL =
BHO: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-05-16] (AO Kaspersky Lab)
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll [2018-05-16] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-05-16] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll [2018-05-16] (AO Kaspersky Lab)
FireFox:
========
FF DefaultProfile: f3di2xn9.default
FF ProfilePath: C:\Users\juraj\AppData\Roaming\Mozilla\Firefox\Profiles\f3di2xn9.default [2019-01-14]
FF Extension: (Avira Browser Safety) - C:\Users\juraj\AppData\Roaming\Mozilla\Firefox\Profiles\f3di2xn9.default\Extensions\abs@avira.com.xpi [2019-01-08]
FF Extension: (Slovak (SK) Language Pack) - C:\Users\juraj\AppData\Roaming\Mozilla\Firefox\Profiles\f3di2xn9.default\Extensions\langpack-sk@firefox.mozilla.org.xpi [2019-01-08]
FF HKLM\...\Firefox\Extensions: [light_plugin_F363A72DD7B6435783A76E5F612C9006@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-04-18]
FF HKLM\...\Firefox\Extensions: [light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-05-16]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F363A72DD7B6435783A76E5F612C9006@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.zoznam.sk/"
CHR Profile: C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Default [2019-01-29]
CHR Extension: (Prezentácie) - C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-26]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-01-24]
CHR Extension: (Google Search) - C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-26]
CHR Extension: (Tabuľky) - C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Kaspersky Protection) - C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-04-23]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
CHR Extension: (Kaspersky Protection) - C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk [2018-05-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-26]
CHR Extension: (Chrome Media Router) - C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-21]
CHR Profile: C:\Users\juraj\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-10-12]
CHR Profile: C:\Users\juraj\AppData\Local\Google\Chrome\User Data\System Profile [2018-10-12]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
CHR HKU\S-1-5-21-3094667262-3946119299-137694158-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Amazon 1Button App Service; c:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe [456000 2015-09-17] (Amazon Inc.)
S2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] ()
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373720 2016-12-19] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [682064 2014-04-26] ()
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-07] (Intel Corporation)
S3 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\vssbridge64.exe [426416 2018-05-16] (AO Kaspersky Lab)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\NisSrv.exe [4096976 2019-01-25] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MsMpEng.exe [113992 2019-01-25] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [125952 2014-07-25] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [380672 2014-09-30] (Huawei Technologies Co., Ltd.)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554408 2016-10-01] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [70880 2017-12-24] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [117984 2017-12-24] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29816 2016-10-14] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [207576 2017-12-24] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [594144 2017-12-24] (AO Kaspersky Lab)
S3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [180984 2018-05-09] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1055424 2017-12-24] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-10-12] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [57056 2016-12-23] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [58592 2016-12-07] (AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50672 2017-12-24] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [236488 2018-05-16] (AO Kaspersky Lab)
S3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2018-04-11] (AO Kaspersky Lab)
S3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [252600 2018-03-04] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [109248 2018-05-16] (AO Kaspersky Lab)
S3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [174664 2018-03-12] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [93920 2016-12-20] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [135904 2017-12-24] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2017-12-24] (AO Kaspersky Lab)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\4C322406.sys [192216 2016-07-06] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_9d2734742a07f3cf\nvlddmkm.sys [14456920 2017-05-18] (NVIDIA Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [411712 2015-05-19] (Realsil Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [56520 2015-12-24] (Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46488 2019-01-25] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [343032 2019-01-25] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [63480 2019-01-25] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-29 12:33 - 2019-01-29 12:33 - 000025722 _____ C:\Users\juraj\Desktop\FRST.txt
2019-01-29 12:31 - 2019-01-29 12:31 - 002428416 _____ (Farbar) C:\Users\juraj\Desktop\FRST64.exe
2019-01-28 13:14 - 2019-01-28 13:14 - 001222144 _____ C:\Users\juraj\Downloads\RSITx64.exe
2019-01-28 13:01 - 2019-01-28 13:09 - 000000000 ____D C:\Users\juraj\AppData\Local\D3DSCache
2019-01-27 23:02 - 2019-01-27 23:02 - 000000000 ____D C:\Users\juraj\Desktop\ZMLUVY
2019-01-17 23:20 - 2019-01-17 23:20 - 001446007 _____ C:\Users\juraj\Downloads\Docs_SSLP_zaklad_6634.zip
2019-01-17 23:19 - 2019-01-17 23:19 - 000136025 _____ C:\Users\juraj\Downloads\Docs_SSLP_3_citanie_6634.zip
2019-01-17 11:10 - 2019-01-17 11:10 - 025365087 _____ C:\Users\juraj\Downloads\Letak 03 nahlad.pdf
2019-01-14 12:07 - 2019-01-14 12:07 - 002329466 _____ C:\Users\juraj\Downloads\dibuk_mrcha-na-koni_176879.mobi
2019-01-14 12:06 - 2019-01-14 12:06 - 002786656 _____ C:\Users\juraj\Downloads\dibuk_vsechno-nebo-nic-4_168968.mobi
2019-01-14 12:06 - 2019-01-14 12:06 - 002114743 _____ C:\Users\juraj\Downloads\dibuk_sex-a-jine-city-1_169534.mobi
2019-01-09 17:05 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-09 17:05 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-09 17:05 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-09 17:05 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-09 17:05 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-09 17:05 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-09 17:05 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-09 17:05 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-09 17:05 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-09 17:05 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-09 17:05 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-09 17:05 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-09 17:05 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-09 17:05 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-09 17:05 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-09 17:05 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-09 17:05 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-09 17:05 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-09 17:05 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-09 17:05 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-09 17:05 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-09 17:05 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-09 17:05 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-09 17:05 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-09 17:05 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-09 17:05 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-09 17:05 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-09 17:05 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-09 17:05 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-09 17:05 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-09 17:05 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-09 17:05 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-09 17:05 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-09 17:05 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-09 17:05 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-09 17:05 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-09 17:05 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-09 17:05 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-09 17:05 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 17:05 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-09 17:05 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-09 17:05 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-09 17:05 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-09 17:05 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-09 17:05 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-09 17:05 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-09 17:05 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-09 17:05 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-09 17:05 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 17:05 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-09 17:05 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-09 17:05 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-09 17:05 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-09 17:05 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 17:05 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-09 17:05 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-09 17:05 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 17:05 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-09 17:05 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-09 17:05 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-09 17:05 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-09 17:05 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-09 17:05 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-09 17:05 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-09 17:05 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-09 17:05 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-09 17:05 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-09 17:05 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-09 17:05 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-09 17:05 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-09 17:05 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-09 17:05 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-09 17:05 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-09 17:05 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-09 17:05 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-09 17:05 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-09 17:05 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-09 17:05 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 17:05 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-09 17:05 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-09 17:05 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-09 17:05 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-09 17:05 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-09 17:05 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-09 17:05 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-09 17:05 - 2019-01-01 06:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-09 17:05 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-04 04:15 - 2019-01-04 04:15 - 000011584 _____ C:\Users\juraj\Downloads\Stanovenie cieľov2019.xlsx
2019-01-04 03:53 - 2019-01-04 04:04 - 000011584 _____ C:\Users\juraj\Desktop\Stanovenie cieľov2019.xlsx
2019-01-04 03:35 - 2019-01-04 03:35 - 003515947 _____ C:\Users\juraj\Downloads\Rozpočet_BSK_na_roky_2014-2016.pdf
2019-01-04 02:56 - 2019-01-04 02:56 - 005512816 _____ C:\Users\juraj\Downloads\Rozpočet_BSK_na_roky_2015_-2017.xps
2019-01-04 02:14 - 2019-01-04 02:14 - 000246661 _____ C:\Users\juraj\Downloads\Sociálny_program_2019_final.pdf
2019-01-04 00:51 - 2019-01-04 00:51 - 025947352 _____ C:\Users\juraj\Downloads\Materiály_na_rokovanie_Zastupiteľstva_BSK_14.12.2018.zip
2019-01-03 11:30 - 2019-01-03 11:30 - 000118345 _____ C:\Users\juraj\Downloads\Osobný dotazník 1.pdf
2019-01-03 10:42 - 2019-01-03 10:42 - 000015423 _____ C:\Users\juraj\Downloads\Stanovenie cieľov odbor.xlsx
2019-01-03 10:39 - 2019-01-03 10:39 - 000029512 _____ C:\Users\juraj\Downloads\FW_ Stanovenie cieľov pre rok 2019.zip
2019-01-03 10:38 - 2019-01-04 03:53 - 000000000 ____D C:\Users\juraj\Desktop\Ciele
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-29 12:33 - 2016-06-22 14:32 - 000000000 ____D C:\FRST
2019-01-29 12:32 - 2018-05-16 22:49 - 000004210 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3CA4A392-FDC5-4769-9978-546E3B33D9B7}
2019-01-29 12:31 - 2018-07-16 19:19 - 000000000 ____D C:\ProgramData\Packages
2019-01-29 12:31 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-29 12:31 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-28 13:18 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-28 13:16 - 2016-04-21 18:44 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-01-28 13:14 - 2018-05-16 22:39 - 002038224 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-28 13:14 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-01-28 13:14 - 2016-10-05 20:37 - 000921844 _____ C:\WINDOWS\system32\perfh01B.dat
2019-01-28 13:14 - 2016-10-05 20:37 - 000274796 _____ C:\WINDOWS\system32\perfc01B.dat
2019-01-28 13:14 - 2016-06-11 17:51 - 000000000 ____D C:\Program Files\trend micro
2019-01-28 13:08 - 2018-05-16 22:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-28 13:08 - 2017-06-18 20:44 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-01-28 13:08 - 2017-06-18 20:44 - 000000000 ____D C:\ProgramData\NVIDIA
2019-01-28 13:08 - 2015-12-24 19:30 - 000000000 __SHD C:\Users\juraj\IntelGraphicsProfiles
2019-01-28 13:07 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-01-27 21:59 - 2018-05-16 22:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-27 20:22 - 2017-11-19 19:52 - 000000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForjuraj.job
2019-01-25 22:36 - 2018-05-16 22:30 - 000000000 ____D C:\Users\juraj
2019-01-25 17:50 - 2018-04-25 16:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-01-24 19:28 - 2018-05-16 22:49 - 000003256 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForjuraj
2019-01-24 00:40 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-23 19:43 - 2017-07-20 19:04 - 000000000 ___RD C:\Users\juraj\Desktop\Nový výber do auta
2019-01-20 12:53 - 2018-05-16 22:49 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3094667262-3946119299-137694158-1001
2019-01-20 12:53 - 2018-05-16 22:30 - 000002371 _____ C:\Users\juraj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-20 12:53 - 2015-12-24 19:35 - 000000000 ___RD C:\Users\juraj\OneDrive
2019-01-19 12:13 - 2018-10-31 20:27 - 000000000 ____D C:\WINDOWS\Minidump
2019-01-18 23:56 - 2016-12-25 16:39 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2019-01-18 23:56 - 2016-12-25 16:39 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2019-01-18 22:14 - 2018-11-16 22:49 - 000000000 ____D C:\Program Files\rempl
2019-01-15 20:08 - 2016-12-25 16:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-01-14 20:39 - 2017-07-03 22:18 - 000000000 ____D C:\Users\juraj\AppData\LocalLow\Mozilla
2019-01-09 23:06 - 2015-12-25 15:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-01-09 23:06 - 2015-07-16 04:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-01-09 23:05 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-09 23:05 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-09 17:23 - 2015-12-25 20:55 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-09 17:20 - 2015-12-25 20:55 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-04 22:33 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-01-04 00:52 - 2018-12-04 13:47 - 002079545 _____ C:\Users\juraj\Desktop\9. Koncepcia rozvoja sociálnych služieb v kompetencii BSK_materiál.pdf
2019-01-03 22:11 - 2015-07-16 04:33 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-01-02 20:41 - 2018-11-14 18:32 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-02 20:41 - 2018-11-14 18:32 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-05-16 22:23
==================== End of FRST.txt ============================
Re: Zavireny Ntb
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2019
Ran by juraj (29-01-2019 12:34:21)
Running from C:\Users\juraj\Desktop
Windows 10 Home Version 1803 17134.523 (X64) (2018-05-16 21:50:53)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3094667262-3946119299-137694158-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3094667262-3946119299-137694158-503 - Limited - Disabled)
Guest (S-1-5-21-3094667262-3946119299-137694158-501 - Limited - Disabled)
juraj (S-1-5-21-3094667262-3946119299-137694158-1001 - Administrator - Enabled) => C:\Users\juraj
maric (S-1-5-21-3094667262-3946119299-137694158-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-3094667262-3946119299-137694158-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.10.2002 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3029 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3005 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.01.3002 - Acer Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Broadcom NetLink Controller (HKLM\...\{7FBA83D7-D58E-4B70-9B9B-12E95B183B22}) (Version: 16.6.1.3 - Broadcom Corporation)
Canon MF3010 (HKLM\...\{A97F4E18-3053-4652-B763-9A40AE2B1EE5}) (Version: 3.9.0.1 - CANON INC.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5427.02 - CyberLink Corp.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3011 - Acer Incorporated)
Foxit PhantomPDF (HKLM-x32\...\{A4023BDF-82D5-412D-9D58-8C2819EBFE2E}) (Version: 7.0.410.326 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.7.50.3 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{6135AEC9-9379-4014-8CB6-B0BC69B4BA78}) (Version: 12.10.49.21 - HP)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
Intel(R) Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.19.09.55 - Huawei Technologies Co.,Ltd)
Kaspersky Internet Security (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
K-Lite Codec Pack 11.8.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.8.0 - )
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3094667262-3946119299-137694158-1001\...\OneDriveSetup.exe) (Version: 18.240.1202.0004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 16.001.06.02.85 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 64.0 (x64 en-US) (HKLM\...\Mozilla Firefox 64.0 (x64 en-US)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0 - Mozilla)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Ovládací panel NVIDIA 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 382.05 - NVIDIA Corporation) Hidden
Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.041 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-01-28] (Foxit Software Inc.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-29] (AO Kaspersky Lab)
ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\ShellEx.dll [2018-05-16] (AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-29] (AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\ShellEx.dll [2018-05-16] (AO Kaspersky Lab)
ContextMenuHandlers4: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-29] (AO Kaspersky Lab)
ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\ShellEx.dll [2018-05-16] (AO Kaspersky Lab)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-12-19] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-29] (AO Kaspersky Lab)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2B1D0EB3-05BE-48A5-8B8F-F891B9A5EBC8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-25] (Microsoft Corporation)
Task: {2B7879DF-C873-4F4A-ABAC-933E99C555D7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-26] (Google Inc.)
Task: {2EFB2622-705F-4C61-9D86-F9EED8CA5991} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2017-05-24] ()
Task: {33BC8652-16BE-4744-9198-D4C148D413E9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2019-01-02] (HP Inc.)
Task: {43E23E23-B1C2-44FF-8546-FC63A74F6EFF} - System32\Tasks\HPCeeScheduleForjuraj => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {4890E31E-F360-42AD-B60B-32AFBD206C03} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-25] (Microsoft Corporation)
Task: {4C00FF9E-CDF8-4543-8291-50A80E57B512} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2019-01-09] (Microsoft Corporation)
Task: {4DFD0A1B-96B1-4320-A6D5-8E10C6BD2674} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2017-09-28] ()
Task: {5778D5EF-89BA-4BCC-BEF3-F34D5F7100EE} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2015-07-09] (Acer Incorporated)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {748C56D9-D949-423A-BAD8-FA08023868C5} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-07-10] (Acer Incorporated)
Task: {78910CD6-B2CC-47E4-8E37-C3CA262A46A5} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2015-05-14] (Acer Incorporated)
Task: {7CBC05B9-8AD1-432C-A690-C71D427E80BE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-12-10] (HP Inc.)
Task: {87845C2A-DF83-462D-8894-60D27E410EFD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-26] (Google Inc.)
Task: {888D3229-A02B-4843-8D34-19A776184E6D} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2017-09-26] (Acer Incorporated)
Task: {90E936CE-2F26-4C5C-9D4A-47E05D4BD767} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-12-24] (HP Inc.)
Task: {91F9D2B6-9405-4B55-8297-BF24C7AD5C78} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-10] ()
Task: {BC971C5C-AA29-4569-9196-564939E5321A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-12-10] (HP Inc.)
Task: {BF3F0206-C0B7-44DE-9461-2026F857D387} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {CD6F702C-470B-4241-8589-E1071B89BA8F} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2017-05-24] ()
Task: {CEAFC6E4-7526-4B99-87EF-578CB7EE64D0} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {D282F826-65CB-4154-A239-4AE760701C42} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-25] (Microsoft Corporation)
Task: {E7C6DBDF-09C0-4F2A-8C79-32FF274277C7} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {EE9B6AED-B75A-4F3B-8B3D-227A1F4EC9D7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-25] (Microsoft Corporation)
Task: {F1A75256-ED2C-48F1-843C-8DEEFD8CD979} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {F3EFE69F-9EF8-47ED-840A-15C609383970} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-11-19] ()
Task: {F9C4884E-3C7A-4286-81BE-DDD5847D9B15} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\HPCeeScheduleForjuraj.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-03-08 22:49 - 2012-09-18 15:27 - 000192512 _____ () C:\WINDOWS\System32\zlhp1020.dll
2016-03-09 13:46 - 2012-09-18 15:27 - 000065024 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\pphp1020.dll
2015-05-19 17:11 - 2015-05-19 17:11 - 000007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
2014-01-15 04:42 - 2014-01-15 04:42 - 000351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2016-04-04 11:57 - 2014-04-26 07:15 - 000682064 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-11-20 04:46 - 2018-11-20 04:46 - 004310296 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-12 20:59 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2016-12-19 07:16 - 2016-12-19 07:16 - 000401880 _____ () C:\WINDOWS\system32\igfxTray.exe
2019-01-09 17:05 - 2019-01-01 07:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-16 19:18 - 2018-07-16 19:19 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2019-01-23 19:29 - 2019-01-23 19:29 - 028012544 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-01-23 19:29 - 2019-01-23 19:29 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-01 16:09 - 2017-12-01 16:09 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-28 20:28 - 2018-11-28 20:28 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-23 19:29 - 2019-01-23 19:29 - 006187520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-01-23 19:29 - 2019-01-23 19:29 - 009388544 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\EntPlat.dll
2017-05-24 20:11 - 2017-05-24 20:11 - 004645168 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2019-01-17 11:04 - 2019-01-17 11:05 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-01-17 11:04 - 2019-01-17 11:05 - 065903104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-05 18:04 - 2017-10-05 18:05 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-01-17 11:04 - 2019-01-17 11:05 - 000012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-11-18 21:37 - 2018-11-18 21:38 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-11-18 21:37 - 2018-11-18 21:38 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-08-16 21:09 - 2018-08-16 21:13 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-08-16 21:09 - 2018-08-16 21:13 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-04-03 17:01 - 2018-04-03 17:02 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2019-01-17 11:04 - 2019-01-17 11:05 - 014186496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-11-18 21:37 - 2018-11-18 21:38 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2019-01-17 11:04 - 2019-01-17 11:04 - 002871296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-29 10:55 - 2018-08-29 10:56 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-27 18:17 - 2018-07-27 18:18 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-12-18 10:49 - 2018-12-12 06:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2018-12-18 10:49 - 2018-12-12 06:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2015-07-16 04:41 - 2015-05-08 18:41 - 000111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2016-04-04 11:57 - 2013-08-16 07:53 - 000011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2016-04-04 11:57 - 2013-08-16 07:53 - 000043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2016-04-04 11:57 - 2014-02-15 08:31 - 002416640 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2016-04-04 11:57 - 2014-02-15 08:33 - 001148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2015-10-22 16:52 - 2015-07-14 20:07 - 000011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-07-07 04:36 - 2015-07-07 04:36 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-05-17 18:45 - 2018-10-23 19:08 - 001104528 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\KasperskyLab.Ksde.NativeInterop.dll
2017-09-22 15:14 - 2017-09-22 15:14 - 000202528 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2017-09-22 15:17 - 2017-09-22 15:17 - 000654072 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2017-09-22 15:17 - 2017-09-22 15:17 - 000641312 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2017-09-22 15:16 - 2017-09-22 15:16 - 000119072 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2018-05-16 22:32 - 2018-05-16 22:32 - 000015136 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2017-09-26 12:35 - 2017-09-26 12:35 - 000013088 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2017-09-26 12:34 - 2017-09-26 12:34 - 000277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 12:04 - 2015-07-10 12:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3094667262-3946119299-137694158-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\juraj\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\2019_toyota_corolla_xse_hatchback_4k-3840x2160.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B5719168-0461-4647-BB4F-416374F26FC0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp.)
FirewallRules: [{A8FEF75F-6515-434C-9B3F-F1D20873A85A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp.)
FirewallRules: [{B0DECDB0-735B-48B6-A515-F1186E0294B6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe No File
FirewallRules: [{EB32CFF8-C10E-43F9-BDA2-C3EFF6A9AB70}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe No File
FirewallRules: [{030BAD54-F2D1-432C-AEE6-C9522CBC9A5C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe No File
FirewallRules: [{A56AEDD7-5B34-4E55-88C7-1207B2F85F4C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp.)
FirewallRules: [{7456B177-F3A4-4680-BA3F-C029A641E7C8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (acer)
FirewallRules: [{EC3208F3-2858-4033-948B-9FC0C05D4036}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (acer)
FirewallRules: [{030AD213-B01A-4478-8883-98ACC90362D1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (acer)
FirewallRules: [{AC4F09D0-A1A1-491B-A6C8-7B850DA5B4AB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (acer)
FirewallRules: [{8A51B2ED-B3C9-491A-9BE7-0BF196CCC4FB}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Cloud Technology)
FirewallRules: [{90DCACF2-AD29-4E57-BC3B-9517855EA057}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Cloud Technology)
FirewallRules: [{77047FE5-5BE3-46C4-9880-2EDCA9AD130E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{79335C2F-97B2-40AA-8478-EC22FE191C2F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{EC0C28D5-6AFE-49AD-BAFE-D38483BEDF96}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{60F61B44-DE90-4818-B051-0D2300C193F8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{E5FF3B50-A614-4D4B-82CE-58BB41430187}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
==================== Restore Points =========================
09-01-2019 17:04:38 Windows Update
15-01-2019 20:06:53 Windows Update
18-01-2019 22:12:20 Windows Update
23-01-2019 19:32:02 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/25/2019 08:01:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname LAPTOP-H3BTBJQ6.local already in use; will try LAPTOP-H3BTBJQ6-2.local instead
Error: (01/25/2019 08:01:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will rename 16 LAPTOP-H3BTBJQ6.local. AAAA 2A02:AB04:03BEA0DE:A2AF:4DD7:5553
Error: (01/25/2019 08:01:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 2A02:AB04:03BEA0DE:A2AF:4DD7:5553:5353 4 LAPTOP-H3BTBJQ6.local. Addr 192.168.0.115
Error: (01/25/2019 08:00:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4025110
Error: (01/25/2019 08:00:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4025110
Error: (01/25/2019 08:00:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/22/2019 05:19:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1656
Error: (01/22/2019 05:19:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1656
System errors:
=============
Error: (01/29/2019 12:31:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/29/2019 12:29:42 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-H3BTBJQ6)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user LAPTOP-H3BTBJQ6\juraj SID (S-1-5-21-3094667262-3946119299-137694158-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/28/2019 01:12:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/28/2019 01:10:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscDataProtection
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/28/2019 01:10:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/28/2019 01:09:25 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-H3BTBJQ6)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user LAPTOP-H3BTBJQ6\juraj SID (S-1-5-21-3094667262-3946119299-137694158-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/28/2019 01:08:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/28/2019 01:08:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Internet Manager. RunOuc zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.
Windows Defender:
===================================
Date: 2019-01-18 22:09:10.129
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {77A6B977-936F-40F7-A48B-74C29EFFA63E}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-12-12 22:51:24.800
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {123EF98A-31BE-44B3-9DD2-5CEF7E526038}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-12-09 19:51:25.183
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {5B33D27B-CE2D-40D9-A350-5E9ECB31CB67}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-11-24 08:08:07.968
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {24F9E892-B572-47C8-99D9-21408D8FE6F1}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-11-15 21:34:53.163
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {7E008B32-1939-4062-8AFB-50D45D5817D4}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-11-30 18:55:20.640
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
Date: 2018-10-28 19:01:07.704
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4210H CPU @ 2.90GHz
Percentage of memory in use: 42%
Total physical RAM: 8115.27 MB
Available physical RAM: 4633.95 MB
Total Virtual: 16307.27 MB
Available Virtual: 12949.04 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:930.91 GB) (Free:688.7 GB) NTFS
\\?\Volume{92d3a0d6-404f-46cd-ae46-e562d45364fd}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.1 GB) NTFS
\\?\Volume{df47ca95-92ca-47ce-a001-03e6028d8b54}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 626E1008)
Partition: GPT.
==================== End of Addition.txt ============================
Ran by juraj (29-01-2019 12:34:21)
Running from C:\Users\juraj\Desktop
Windows 10 Home Version 1803 17134.523 (X64) (2018-05-16 21:50:53)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3094667262-3946119299-137694158-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3094667262-3946119299-137694158-503 - Limited - Disabled)
Guest (S-1-5-21-3094667262-3946119299-137694158-501 - Limited - Disabled)
juraj (S-1-5-21-3094667262-3946119299-137694158-1001 - Administrator - Enabled) => C:\Users\juraj
maric (S-1-5-21-3094667262-3946119299-137694158-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-3094667262-3946119299-137694158-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.10.2002 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3029 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3005 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.01.3002 - Acer Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Broadcom NetLink Controller (HKLM\...\{7FBA83D7-D58E-4B70-9B9B-12E95B183B22}) (Version: 16.6.1.3 - Broadcom Corporation)
Canon MF3010 (HKLM\...\{A97F4E18-3053-4652-B763-9A40AE2B1EE5}) (Version: 3.9.0.1 - CANON INC.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5427.02 - CyberLink Corp.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3011 - Acer Incorporated)
Foxit PhantomPDF (HKLM-x32\...\{A4023BDF-82D5-412D-9D58-8C2819EBFE2E}) (Version: 7.0.410.326 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.7.50.3 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{6135AEC9-9379-4014-8CB6-B0BC69B4BA78}) (Version: 12.10.49.21 - HP)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
Intel(R) Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.19.09.55 - Huawei Technologies Co.,Ltd)
Kaspersky Internet Security (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
K-Lite Codec Pack 11.8.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.8.0 - )
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3094667262-3946119299-137694158-1001\...\OneDriveSetup.exe) (Version: 18.240.1202.0004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 16.001.06.02.85 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 64.0 (x64 en-US) (HKLM\...\Mozilla Firefox 64.0 (x64 en-US)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0 - Mozilla)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Ovládací panel NVIDIA 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 382.05 - NVIDIA Corporation) Hidden
Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.041 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-01-28] (Foxit Software Inc.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-29] (AO Kaspersky Lab)
ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\ShellEx.dll [2018-05-16] (AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-29] (AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\ShellEx.dll [2018-05-16] (AO Kaspersky Lab)
ContextMenuHandlers4: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-29] (AO Kaspersky Lab)
ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\ShellEx.dll [2018-05-16] (AO Kaspersky Lab)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-12-19] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-29] (AO Kaspersky Lab)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2B1D0EB3-05BE-48A5-8B8F-F891B9A5EBC8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-25] (Microsoft Corporation)
Task: {2B7879DF-C873-4F4A-ABAC-933E99C555D7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-26] (Google Inc.)
Task: {2EFB2622-705F-4C61-9D86-F9EED8CA5991} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2017-05-24] ()
Task: {33BC8652-16BE-4744-9198-D4C148D413E9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2019-01-02] (HP Inc.)
Task: {43E23E23-B1C2-44FF-8546-FC63A74F6EFF} - System32\Tasks\HPCeeScheduleForjuraj => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {4890E31E-F360-42AD-B60B-32AFBD206C03} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-25] (Microsoft Corporation)
Task: {4C00FF9E-CDF8-4543-8291-50A80E57B512} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2019-01-09] (Microsoft Corporation)
Task: {4DFD0A1B-96B1-4320-A6D5-8E10C6BD2674} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2017-09-28] ()
Task: {5778D5EF-89BA-4BCC-BEF3-F34D5F7100EE} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2015-07-09] (Acer Incorporated)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {748C56D9-D949-423A-BAD8-FA08023868C5} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-07-10] (Acer Incorporated)
Task: {78910CD6-B2CC-47E4-8E37-C3CA262A46A5} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2015-05-14] (Acer Incorporated)
Task: {7CBC05B9-8AD1-432C-A690-C71D427E80BE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-12-10] (HP Inc.)
Task: {87845C2A-DF83-462D-8894-60D27E410EFD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-26] (Google Inc.)
Task: {888D3229-A02B-4843-8D34-19A776184E6D} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2017-09-26] (Acer Incorporated)
Task: {90E936CE-2F26-4C5C-9D4A-47E05D4BD767} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-12-24] (HP Inc.)
Task: {91F9D2B6-9405-4B55-8297-BF24C7AD5C78} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-10] ()
Task: {BC971C5C-AA29-4569-9196-564939E5321A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-12-10] (HP Inc.)
Task: {BF3F0206-C0B7-44DE-9461-2026F857D387} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {CD6F702C-470B-4241-8589-E1071B89BA8F} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2017-05-24] ()
Task: {CEAFC6E4-7526-4B99-87EF-578CB7EE64D0} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {D282F826-65CB-4154-A239-4AE760701C42} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-25] (Microsoft Corporation)
Task: {E7C6DBDF-09C0-4F2A-8C79-32FF274277C7} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {EE9B6AED-B75A-4F3B-8B3D-227A1F4EC9D7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-25] (Microsoft Corporation)
Task: {F1A75256-ED2C-48F1-843C-8DEEFD8CD979} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {F3EFE69F-9EF8-47ED-840A-15C609383970} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-11-19] ()
Task: {F9C4884E-3C7A-4286-81BE-DDD5847D9B15} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\HPCeeScheduleForjuraj.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-03-08 22:49 - 2012-09-18 15:27 - 000192512 _____ () C:\WINDOWS\System32\zlhp1020.dll
2016-03-09 13:46 - 2012-09-18 15:27 - 000065024 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\pphp1020.dll
2015-05-19 17:11 - 2015-05-19 17:11 - 000007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
2014-01-15 04:42 - 2014-01-15 04:42 - 000351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2016-04-04 11:57 - 2014-04-26 07:15 - 000682064 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-11-20 04:46 - 2018-11-20 04:46 - 004310296 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-12 20:59 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2016-12-19 07:16 - 2016-12-19 07:16 - 000401880 _____ () C:\WINDOWS\system32\igfxTray.exe
2019-01-09 17:05 - 2019-01-01 07:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-16 19:18 - 2018-07-16 19:19 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2019-01-23 19:29 - 2019-01-23 19:29 - 028012544 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-01-23 19:29 - 2019-01-23 19:29 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-01 16:09 - 2017-12-01 16:09 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-28 20:28 - 2018-11-28 20:28 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-23 19:29 - 2019-01-23 19:29 - 006187520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-01-23 19:29 - 2019-01-23 19:29 - 009388544 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\EntPlat.dll
2017-05-24 20:11 - 2017-05-24 20:11 - 004645168 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2019-01-17 11:04 - 2019-01-17 11:05 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-01-17 11:04 - 2019-01-17 11:05 - 065903104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-05 18:04 - 2017-10-05 18:05 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-01-17 11:04 - 2019-01-17 11:05 - 000012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-11-18 21:37 - 2018-11-18 21:38 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-11-18 21:37 - 2018-11-18 21:38 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-08-16 21:09 - 2018-08-16 21:13 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-08-16 21:09 - 2018-08-16 21:13 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-04-03 17:01 - 2018-04-03 17:02 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2019-01-17 11:04 - 2019-01-17 11:05 - 014186496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-11-18 21:37 - 2018-11-18 21:38 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2019-01-17 11:04 - 2019-01-17 11:04 - 002871296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-29 10:55 - 2018-08-29 10:56 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-27 18:17 - 2018-07-27 18:18 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-12-18 10:49 - 2018-12-12 06:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2018-12-18 10:49 - 2018-12-12 06:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2015-07-16 04:41 - 2015-05-08 18:41 - 000111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2016-04-04 11:57 - 2013-08-16 07:53 - 000011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2016-04-04 11:57 - 2013-08-16 07:53 - 000043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2016-04-04 11:57 - 2014-02-15 08:31 - 002416640 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2016-04-04 11:57 - 2014-02-15 08:33 - 001148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2015-10-22 16:52 - 2015-07-14 20:07 - 000011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-07-07 04:36 - 2015-07-07 04:36 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-05-17 18:45 - 2018-10-23 19:08 - 001104528 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\KasperskyLab.Ksde.NativeInterop.dll
2017-09-22 15:14 - 2017-09-22 15:14 - 000202528 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2017-09-22 15:17 - 2017-09-22 15:17 - 000654072 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2017-09-22 15:17 - 2017-09-22 15:17 - 000641312 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2017-09-22 15:16 - 2017-09-22 15:16 - 000119072 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2018-05-16 22:32 - 2018-05-16 22:32 - 000015136 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2017-09-26 12:35 - 2017-09-26 12:35 - 000013088 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2017-09-26 12:34 - 2017-09-26 12:34 - 000277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 12:04 - 2015-07-10 12:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3094667262-3946119299-137694158-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\juraj\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\2019_toyota_corolla_xse_hatchback_4k-3840x2160.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B5719168-0461-4647-BB4F-416374F26FC0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp.)
FirewallRules: [{A8FEF75F-6515-434C-9B3F-F1D20873A85A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp.)
FirewallRules: [{B0DECDB0-735B-48B6-A515-F1186E0294B6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe No File
FirewallRules: [{EB32CFF8-C10E-43F9-BDA2-C3EFF6A9AB70}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe No File
FirewallRules: [{030BAD54-F2D1-432C-AEE6-C9522CBC9A5C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe No File
FirewallRules: [{A56AEDD7-5B34-4E55-88C7-1207B2F85F4C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp.)
FirewallRules: [{7456B177-F3A4-4680-BA3F-C029A641E7C8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (acer)
FirewallRules: [{EC3208F3-2858-4033-948B-9FC0C05D4036}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (acer)
FirewallRules: [{030AD213-B01A-4478-8883-98ACC90362D1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (acer)
FirewallRules: [{AC4F09D0-A1A1-491B-A6C8-7B850DA5B4AB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (acer)
FirewallRules: [{8A51B2ED-B3C9-491A-9BE7-0BF196CCC4FB}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Cloud Technology)
FirewallRules: [{90DCACF2-AD29-4E57-BC3B-9517855EA057}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Cloud Technology)
FirewallRules: [{77047FE5-5BE3-46C4-9880-2EDCA9AD130E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{79335C2F-97B2-40AA-8478-EC22FE191C2F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{EC0C28D5-6AFE-49AD-BAFE-D38483BEDF96}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{60F61B44-DE90-4818-B051-0D2300C193F8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{E5FF3B50-A614-4D4B-82CE-58BB41430187}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
==================== Restore Points =========================
09-01-2019 17:04:38 Windows Update
15-01-2019 20:06:53 Windows Update
18-01-2019 22:12:20 Windows Update
23-01-2019 19:32:02 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/25/2019 08:01:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname LAPTOP-H3BTBJQ6.local already in use; will try LAPTOP-H3BTBJQ6-2.local instead
Error: (01/25/2019 08:01:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will rename 16 LAPTOP-H3BTBJQ6.local. AAAA 2A02:AB04:03BEA0DE:A2AF:4DD7:5553
Error: (01/25/2019 08:01:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 2A02:AB04:03BEA0DE:A2AF:4DD7:5553:5353 4 LAPTOP-H3BTBJQ6.local. Addr 192.168.0.115
Error: (01/25/2019 08:00:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4025110
Error: (01/25/2019 08:00:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4025110
Error: (01/25/2019 08:00:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/22/2019 05:19:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1656
Error: (01/22/2019 05:19:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1656
System errors:
=============
Error: (01/29/2019 12:31:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/29/2019 12:29:42 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-H3BTBJQ6)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user LAPTOP-H3BTBJQ6\juraj SID (S-1-5-21-3094667262-3946119299-137694158-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/28/2019 01:12:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/28/2019 01:10:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscDataProtection
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/28/2019 01:10:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/28/2019 01:09:25 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-H3BTBJQ6)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user LAPTOP-H3BTBJQ6\juraj SID (S-1-5-21-3094667262-3946119299-137694158-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/28/2019 01:08:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/28/2019 01:08:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Internet Manager. RunOuc zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.
Windows Defender:
===================================
Date: 2019-01-18 22:09:10.129
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {77A6B977-936F-40F7-A48B-74C29EFFA63E}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-12-12 22:51:24.800
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {123EF98A-31BE-44B3-9DD2-5CEF7E526038}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-12-09 19:51:25.183
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {5B33D27B-CE2D-40D9-A350-5E9ECB31CB67}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-11-24 08:08:07.968
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {24F9E892-B572-47C8-99D9-21408D8FE6F1}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-11-15 21:34:53.163
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {7E008B32-1939-4062-8AFB-50D45D5817D4}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-11-30 18:55:20.640
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
Date: 2018-10-28 19:01:07.704
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4210H CPU @ 2.90GHz
Percentage of memory in use: 42%
Total physical RAM: 8115.27 MB
Available physical RAM: 4633.95 MB
Total Virtual: 16307.27 MB
Available Virtual: 12949.04 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:930.91 GB) (Free:688.7 GB) NTFS
\\?\Volume{92d3a0d6-404f-46cd-ae46-e562d45364fd}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.1 GB) NTFS
\\?\Volume{df47ca95-92ca-47ce-a001-03e6028d8b54}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 626E1008)
Partition: GPT.
==================== End of Addition.txt ============================
Re: Zavireny Ntb
Stáhni AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Ulož na plochu
Ukonči všechny programy
Klikni nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vlož.
Ulož na plochu
Ukonči všechny programy
Klikni nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vlož.
Re: Zavireny Ntb
# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-01-25.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-31-2019
# Duration: 00:00:06
# OS: Windows 10 Home
# Cleaned: 47
# Failed: 0
***** [ Services ] *****
Deleted Amazon 1Button App Service
***** [ Folders ] *****
Deleted C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service
Deleted C:\Users\Public\App Explorer
Deleted C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service
Deleted C:\Users\Public\Pokki
Deleted C:\Users\juraj\AppData\Local\Host App Service
***** [ Files ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
Deleted C:\Users\juraj\Desktop\App Explorer.lnk
Deleted C:\Windows\ServiceProfiles\LocalService\Desktop\App Explorer.lnk
Deleted C:\Windows\ServiceProfiles\NetworkService\Desktop\App Explorer.lnk
Deleted C:\Windows\ServiceProfiles\NetworkService\Favorites\Booking.com.url
Deleted C:\Windows\ServiceProfiles\LocalService\Favorites\Booking.com.url
Deleted C:\Users\juraj\Favorites\Booking.com.url
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\Software\Wow6432Node\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F5415905096AA504A9FB967C7A138943
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|Amazon1ButtonTaskbarApp.exe
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|Amazon1ButtonTaskbarApp.exe
Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\Amazon 1Button App Service
Deleted HKLM\Software\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime
Deleted HKLM\Software\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer
Deleted HKLM\Software\Wow6432Node\Classes\AppID\AmazonAppIE.dll
Deleted HKLM\SOFTWARE\Classes\AppID\AmazonAppIE.dll
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
Deleted HKLM\Software\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
Deleted HKLM\Software\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Wow6432Node\Classes\AppID\OverlayIcon.DLL
Deleted HKLM\SOFTWARE\Classes\AppID\OverlayIcon.DLL
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Deleted HKLM\Software\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
Deleted HKLM\Software\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
Deleted HKLM\Software\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
Deleted HKLM\Software\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
Deleted HKLM\Software\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}
Deleted HKLM\Software\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}
***** [ Chromium (and derivatives) ] *****
Deleted Video AdBlock for Chrome
Deleted Video AdBlock for Chrome
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [5883 octets] - [31/01/2019 11:48:10]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-01-25.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-31-2019
# Duration: 00:00:06
# OS: Windows 10 Home
# Cleaned: 47
# Failed: 0
***** [ Services ] *****
Deleted Amazon 1Button App Service
***** [ Folders ] *****
Deleted C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service
Deleted C:\Users\Public\App Explorer
Deleted C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service
Deleted C:\Users\Public\Pokki
Deleted C:\Users\juraj\AppData\Local\Host App Service
***** [ Files ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
Deleted C:\Users\juraj\Desktop\App Explorer.lnk
Deleted C:\Windows\ServiceProfiles\LocalService\Desktop\App Explorer.lnk
Deleted C:\Windows\ServiceProfiles\NetworkService\Desktop\App Explorer.lnk
Deleted C:\Windows\ServiceProfiles\NetworkService\Favorites\Booking.com.url
Deleted C:\Windows\ServiceProfiles\LocalService\Favorites\Booking.com.url
Deleted C:\Users\juraj\Favorites\Booking.com.url
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\Software\Wow6432Node\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F5415905096AA504A9FB967C7A138943
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|Amazon1ButtonTaskbarApp.exe
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|Amazon1ButtonTaskbarApp.exe
Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\Amazon 1Button App Service
Deleted HKLM\Software\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime
Deleted HKLM\Software\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer
Deleted HKLM\Software\Wow6432Node\Classes\AppID\AmazonAppIE.dll
Deleted HKLM\SOFTWARE\Classes\AppID\AmazonAppIE.dll
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
Deleted HKLM\Software\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
Deleted HKLM\Software\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Wow6432Node\Classes\AppID\OverlayIcon.DLL
Deleted HKLM\SOFTWARE\Classes\AppID\OverlayIcon.DLL
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Deleted HKLM\Software\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
Deleted HKLM\Software\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
Deleted HKLM\Software\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
Deleted HKLM\Software\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
Deleted HKLM\Software\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}
Deleted HKLM\Software\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}
***** [ Chromium (and derivatives) ] *****
Deleted Video AdBlock for Chrome
Deleted Video AdBlock for Chrome
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [5883 octets] - [31/01/2019 11:48:10]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Re: Zavireny Ntb
Na plose, tam kde mas umisteny FRST vytvor TXT soubor, ktery pojmenujes fixlist.txt a do nej vloz nasledujici text:
( Spusť znovu FRST a klikni na >Fix<. Po skončení akce se objeví log, který sem zkopíruj).
( Spusť znovu FRST a klikni na >Fix<. Po skončení akce se objeví log, který sem zkopíruj).
start
CreateRestorePoint:
CloseProcesses:
Hosts:
EmptyTemp:
HKU\S-1-5-21-3094667262-3946119299-137694158-1001\...\MountPoints2: {72570ade-a76d-11e8-9c86-3065ec8ca6de} - "E:\Setup.exe"
HKU\S-1-5-21-3094667262-3946119299-137694158-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-3094667262-3946119299-137694158-1001 -> DefaultScope {F584603C-2E74-41A5-8CED-7FC3B0E5F085} URL =
SearchScopes: HKU\S-1-5-21-3094667262-3946119299-137694158-1001 -> {F584603C-2E74-41A5-8CED-7FC3B0E5F085} URL =
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {BF3F0206-C0B7-44DE-9461-2026F857D387} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {2B7879DF-C873-4F4A-ABAC-933E99C555D7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-26] (Google Inc.)
Task: {87845C2A-DF83-462D-8894-60D27E410EFD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-26] (Google Inc.)
Task: {F9C4884E-3C7A-4286-81BE-DDD5847D9B15} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
end
Re: Zavireny Ntb
Fix result of Farbar Recovery Scan Tool (x64) Version: 30.01.2019
Ran by juraj (31-01-2019 23:39:18) Run:1
Running from C:\Users\juraj\Desktop
Loaded Profiles: juraj (Available Profiles: juraj)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
Hosts:
EmptyTemp:
HKU\S-1-5-21-3094667262-3946119299-137694158-1001\...\MountPoints2: {72570ade-a76d-11e8-9c86-3065ec8ca6de} - "E:\Setup.exe"
HKU\S-1-5-21-3094667262-3946119299-137694158-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-3094667262-3946119299-137694158-1001 -> DefaultScope {F584603C-2E74-41A5-8CED-7FC3B0E5F085} URL =
SearchScopes: HKU\S-1-5-21-3094667262-3946119299-137694158-1001 -> {F584603C-2E74-41A5-8CED-7FC3B0E5F085} URL =
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {BF3F0206-C0B7-44DE-9461-2026F857D387} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {2B7879DF-C873-4F4A-ABAC-933E99C555D7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-26] (Google Inc.)
Task: {87845C2A-DF83-462D-8894-60D27E410EFD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-26] (Google Inc.)
Task: {F9C4884E-3C7A-4286-81BE-DDD5847D9B15} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
end
*****************
Restore point was successfully created.
Processes closed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
HKU\S-1-5-21-3094667262-3946119299-137694158-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{72570ade-a76d-11e8-9c86-3065ec8ca6de} => removed successfully
HKLM\Software\Classes\CLSID\{72570ade-a76d-11e8-9c86-3065ec8ca6de} => not found
HKU\S-1-5-21-3094667262-3946119299-137694158-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"HKU\S-1-5-21-3094667262-3946119299-137694158-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-3094667262-3946119299-137694158-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F584603C-2E74-41A5-8CED-7FC3B0E5F085} => removed successfully
HKLM\Software\Classes\CLSID\{F584603C-2E74-41A5-8CED-7FC3B0E5F085} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BF3F0206-C0B7-44DE-9461-2026F857D387}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF3F0206-C0B7-44DE-9461-2026F857D387}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2B7879DF-C873-4F4A-ABAC-933E99C555D7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B7879DF-C873-4F4A-ABAC-933E99C555D7}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{87845C2A-DF83-462D-8894-60D27E410EFD}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87845C2A-DF83-462D-8894-60D27E410EFD}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F9C4884E-3C7A-4286-81BE-DDD5847D9B15}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9C4884E-3C7A-4286-81BE-DDD5847D9B15}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 403239907 B
Java, Flash, Steam htmlcache => 918 B
Windows/system/drivers => 20313085 B
Edge => 7346632 B
Chrome => 842750081 B
Firefox => 1077845203 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 398745600 B
systemprofile32 => 0 B
LocalService => 874 B
LocalService => 0 B
NetworkService => 337090 B
NetworkService => 0 B
juraj => 69207748 B
RecycleBin => 35055188916 B
EmptyTemp: => 35.3 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 23:43:52 ====
Ran by juraj (31-01-2019 23:39:18) Run:1
Running from C:\Users\juraj\Desktop
Loaded Profiles: juraj (Available Profiles: juraj)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
Hosts:
EmptyTemp:
HKU\S-1-5-21-3094667262-3946119299-137694158-1001\...\MountPoints2: {72570ade-a76d-11e8-9c86-3065ec8ca6de} - "E:\Setup.exe"
HKU\S-1-5-21-3094667262-3946119299-137694158-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-3094667262-3946119299-137694158-1001 -> DefaultScope {F584603C-2E74-41A5-8CED-7FC3B0E5F085} URL =
SearchScopes: HKU\S-1-5-21-3094667262-3946119299-137694158-1001 -> {F584603C-2E74-41A5-8CED-7FC3B0E5F085} URL =
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {BF3F0206-C0B7-44DE-9461-2026F857D387} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {2B7879DF-C873-4F4A-ABAC-933E99C555D7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-26] (Google Inc.)
Task: {87845C2A-DF83-462D-8894-60D27E410EFD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-26] (Google Inc.)
Task: {F9C4884E-3C7A-4286-81BE-DDD5847D9B15} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
end
*****************
Restore point was successfully created.
Processes closed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
HKU\S-1-5-21-3094667262-3946119299-137694158-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{72570ade-a76d-11e8-9c86-3065ec8ca6de} => removed successfully
HKLM\Software\Classes\CLSID\{72570ade-a76d-11e8-9c86-3065ec8ca6de} => not found
HKU\S-1-5-21-3094667262-3946119299-137694158-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"HKU\S-1-5-21-3094667262-3946119299-137694158-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-3094667262-3946119299-137694158-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F584603C-2E74-41A5-8CED-7FC3B0E5F085} => removed successfully
HKLM\Software\Classes\CLSID\{F584603C-2E74-41A5-8CED-7FC3B0E5F085} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BF3F0206-C0B7-44DE-9461-2026F857D387}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF3F0206-C0B7-44DE-9461-2026F857D387}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2B7879DF-C873-4F4A-ABAC-933E99C555D7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B7879DF-C873-4F4A-ABAC-933E99C555D7}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{87845C2A-DF83-462D-8894-60D27E410EFD}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87845C2A-DF83-462D-8894-60D27E410EFD}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F9C4884E-3C7A-4286-81BE-DDD5847D9B15}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9C4884E-3C7A-4286-81BE-DDD5847D9B15}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 403239907 B
Java, Flash, Steam htmlcache => 918 B
Windows/system/drivers => 20313085 B
Edge => 7346632 B
Chrome => 842750081 B
Firefox => 1077845203 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 398745600 B
systemprofile32 => 0 B
LocalService => 874 B
LocalService => 0 B
NetworkService => 337090 B
NetworkService => 0 B
juraj => 69207748 B
RecycleBin => 35055188916 B
EmptyTemp: => 35.3 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 23:43:52 ====
Re: Zavireny Ntb
nasledne tento tool MBAM: http://forum.viry.cz/viewtopic.php?f=29&t=144868
-Nainstaluj,Vyber "Vlastní sken" a klikni na "Konfigurovat sken"
V okně "Konfigurace vlastního skenu" vyber všechny pevné disky a zatrhni možnost u "Hledat rootkity"
Kliknutím na Skenovat nyní začne MBAM pracovat.
-Log zkopíruj sem.
-Nainstaluj,Vyber "Vlastní sken" a klikni na "Konfigurovat sken"
V okně "Konfigurace vlastního skenu" vyber všechny pevné disky a zatrhni možnost u "Hledat rootkity"
Kliknutím na Skenovat nyní začne MBAM pracovat.
-Log zkopíruj sem.
Re: Zavireny Ntb
Malwarebytes
www.malwarebytes.com
-Podrobnosti denníka-
Dátum skenovania: 1. 2. 2019
Čas skenovania: 16:17
Súbor denníka: 7169c0e2-2634-11e9-a9d2-3065ec8ca6de.json
-Údaje o softvéri-
Verzia: 3.6.1.2711
Verzia súčastí: 1.0.527
Aktualizovať verziu balíka: 1.0.9070
Licencia: Skúšobná verzia
-Systémové informácie-
OS: Windows 10 (Build 17134.523)
Procesor: x64
Systém súborov: NTFS
Používateľ: LAPTOP-H3BTBJQ6\juraj
-Zhrnutie skenovania-
Typ skenovania: Vlastné skenovanie
Skenovanie bolo spustené: Manuálne
Výsledok: Dokončené
Preskenované objekty: 473023
Zistené hrozby: 12
Hrozby umiestnené do karantény: 0
Uplynulý čas: 3 h, 24 min, 27 s
-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Povolené
Heuristika: Povolené
PUP: Zistiť
PUM: Zistiť
-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)
Modul: 0
(Nezistili sa nijaké škodlivé položky)
Kľúč databázy Registry: 8
PUP.Optional.Amazon1Button, HKLM\SOFTWARE\CLASSES\APPID\Amazon1ButtonBrowserHelper.dll, Bez zásahu používateľa, [3136], [468987],1.0.9070
PUP.Optional.Amazon1Button, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\Amazon1ButtonBrowserHelper.dll, Bez zásahu používateľa, [3136], [468987],1.0.9070
PUP.Optional.Amazon1Button, HKLM\SOFTWARE\CLASSES\APPID\Amazon1ButtonRuntime.dll, Bez zásahu používateľa, [3136], [468987],1.0.9070
PUP.Optional.Amazon1Button, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\Amazon1ButtonRuntime.dll, Bez zásahu používateľa, [3136], [468987],1.0.9070
PUP.Optional.VideoAdBlocker.ChrPRST, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\BKNBNAPADDJDNBILPMLACDKJDKJMBJHD, Bez zásahu používateľa, [2137], [307228],1.0.9070
PUP.Optional.VideoAdBlocker.ChrPRST, HKU\S-1-5-21-3094667262-3946119299-137694158-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\bknbnapaddjdnbilpmlacdkjdkjmbjhd, Bez zásahu používateľa, [2137], [307228],1.0.9070
PUP.Optional.Amazon1Button, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\Amazon1ButtonBrowserHelper.dll, Bez zásahu používateľa, [3136], [468987],1.0.9070
PUP.Optional.Amazon1Button, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\Amazon1ButtonRuntime.dll, Bez zásahu používateľa, [3136], [468987],1.0.9070
Hodnota databázy Registry: 2
PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Bez zásahu používateľa, [2768], [-1],0.0.0
PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Bez zásahu používateľa, [2768], [-1],0.0.0
Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)
Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)
Priečinok: 1
PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp, Bez zásahu používateľa, [2768], [464595],1.0.9070
Súbor: 1
PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe, Bez zásahu používateľa, [2768], [464595],1.0.9070
Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)
WMI: 0
(Nezistili sa nijaké škodlivé položky)
(end)
www.malwarebytes.com
-Podrobnosti denníka-
Dátum skenovania: 1. 2. 2019
Čas skenovania: 16:17
Súbor denníka: 7169c0e2-2634-11e9-a9d2-3065ec8ca6de.json
-Údaje o softvéri-
Verzia: 3.6.1.2711
Verzia súčastí: 1.0.527
Aktualizovať verziu balíka: 1.0.9070
Licencia: Skúšobná verzia
-Systémové informácie-
OS: Windows 10 (Build 17134.523)
Procesor: x64
Systém súborov: NTFS
Používateľ: LAPTOP-H3BTBJQ6\juraj
-Zhrnutie skenovania-
Typ skenovania: Vlastné skenovanie
Skenovanie bolo spustené: Manuálne
Výsledok: Dokončené
Preskenované objekty: 473023
Zistené hrozby: 12
Hrozby umiestnené do karantény: 0
Uplynulý čas: 3 h, 24 min, 27 s
-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Povolené
Heuristika: Povolené
PUP: Zistiť
PUM: Zistiť
-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)
Modul: 0
(Nezistili sa nijaké škodlivé položky)
Kľúč databázy Registry: 8
PUP.Optional.Amazon1Button, HKLM\SOFTWARE\CLASSES\APPID\Amazon1ButtonBrowserHelper.dll, Bez zásahu používateľa, [3136], [468987],1.0.9070
PUP.Optional.Amazon1Button, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\Amazon1ButtonBrowserHelper.dll, Bez zásahu používateľa, [3136], [468987],1.0.9070
PUP.Optional.Amazon1Button, HKLM\SOFTWARE\CLASSES\APPID\Amazon1ButtonRuntime.dll, Bez zásahu používateľa, [3136], [468987],1.0.9070
PUP.Optional.Amazon1Button, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\Amazon1ButtonRuntime.dll, Bez zásahu používateľa, [3136], [468987],1.0.9070
PUP.Optional.VideoAdBlocker.ChrPRST, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\BKNBNAPADDJDNBILPMLACDKJDKJMBJHD, Bez zásahu používateľa, [2137], [307228],1.0.9070
PUP.Optional.VideoAdBlocker.ChrPRST, HKU\S-1-5-21-3094667262-3946119299-137694158-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\bknbnapaddjdnbilpmlacdkjdkjmbjhd, Bez zásahu používateľa, [2137], [307228],1.0.9070
PUP.Optional.Amazon1Button, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\Amazon1ButtonBrowserHelper.dll, Bez zásahu používateľa, [3136], [468987],1.0.9070
PUP.Optional.Amazon1Button, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\Amazon1ButtonRuntime.dll, Bez zásahu používateľa, [3136], [468987],1.0.9070
Hodnota databázy Registry: 2
PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Bez zásahu používateľa, [2768], [-1],0.0.0
PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Bez zásahu používateľa, [2768], [-1],0.0.0
Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)
Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)
Priečinok: 1
PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp, Bez zásahu používateľa, [2768], [464595],1.0.9070
Súbor: 1
PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe, Bez zásahu používateľa, [2768], [464595],1.0.9070
Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)
WMI: 0
(Nezistili sa nijaké škodlivé položky)
(end)
Re: Zavireny Ntb
dobre...muzes pustit jeste jednou a dat odstranit to co najde
Re: Zavireny Ntb
Druhy krat mi uz nic nenaslo. Akurat mam stale problem, ze nedokazem spustit KIS a ani v nudzovom rezime sa mi to nepodarilo. Ked ho dam odinstalovat, stale mi vypisuje, ze sa neda, lebo sa upgraduje co je blbost.
Re: Zavireny Ntb
hmmm, zajimave ze nic uz nenaslo.
zkus odinstalovat KIS v nouzovem rezimu,
pouzit i Ccleaner aby si smazal vsechny zbytky po aplikaci a pak to znovu nainstalovat.
zkus odinstalovat KIS v nouzovem rezimu,
pouzit i Ccleaner aby si smazal vsechny zbytky po aplikaci a pak to znovu nainstalovat.
Re: Zavireny Ntb
V nudzovom rezime to nejde vymazat. Vypisuje tam nieco, ze modul na odinstalovanie programov tam chyba alebo nieco podobne.
Re: Zavireny Ntb
ani re-instal nefunguje?
napis mi prosim presne hlasku, kterou to vypisuje.
napis mi prosim presne hlasku, kterou to vypisuje.