VIRY.CZ

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-06-2019
Ran by j_raj (administrator) on LAPTOP-O4MKONJ4 (Acer Swift SF314-54G) (30-06-2019 09:18:21)
Running from C:\Users\j_raj\Desktop
Loaded Profiles: j_raj (Available Profiles: j_raj)
Platform: Windows 10 Home Version 1803 17134.81 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ecc5716c205e60ea\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ecc5716c205e60ea\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ecc5716c205e60ea\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ecc5716c205e60ea\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\j_raj\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.15.0.88\nortonsecurity.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.15.0.88\nortonsecurity.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.15.0.88\nswscsvc.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2018-04-26] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18570424 2018-11-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_ASC] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1537312 2018-11-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-29] (Google LLC -> Google LLC)
InternetURL: C:\Users\j_raj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BznMMQqmAG.url -> 

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {13E4CBEE-84ED-4E55-A88D-1C57891ECB2E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23966488 2018-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {17C7E105-8788-4C90-BACA-0A1BBEF760AC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1190424 2018-08-14] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {1993A166-6C5B-4039-B3C2-7A2D8F754B41} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [745920 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1D14B2B8-077C-4BB4-AEBE-22F4C9295000} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent => {61f77d5e-afe9-400b-a5e6-e9e80fc8e601} C:\Windows\System32\RDXTaskFactory.dll [393728 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
Task: {21F0256A-4E92-4CD8-A187-6D393557CE09} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1864640 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {23132A80-F4A7-4678-A28A-CDFAEF92BEA6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2417448 2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {233C1E93-F1E4-444A-AB62-4069F9182E10} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3149E6C0-2473-417E-8C31-6BD934A2D385} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [87120 2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F7E40FF-CCC1-40D1-B6CC-5E63C67A3318} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-29] (Google Inc -> Google LLC)
Task: {6428BADA-B0B3-445A-B0CA-B9DBD875739D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23966488 2018-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {69E43318-5222-47D0-B6BC-5CF407746810} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [521152 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7455C2FB-E24F-4EC2-845F-10498AC1A94A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2417448 2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {759D4F22-2F7F-4FD3-AA0A-22545305F78D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [657856 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9786CC1D-C5ED-414C-9C30-A2FC4FA526BA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1527064 2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {A6C63C53-DF2F-4295-AEC2-E11E019BE82D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1527064 2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {BAE85FC7-0327-45FF-A416-D264D7AC66C6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [964544 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C900542C-A535-4518-B9D7-4E4ADA1F82CA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [745920 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CD7A4A6F-0698-4D13-9D8A-FF205E00602F} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.15.0.88\SymErr.exe [101904 2018-08-05] (Symantec Corporation -> Symantec Corporation)
Task: {D0236D38-48E2-4598-8A92-484B93286379} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.15.0.88\WSCStub.exe [2269144 2018-08-05] (Symantec Corporation -> Symantec Corporation)
Task: {D80C7135-C95F-4A97-BB09-F77A175994BB} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.15.0.88\SymErr.exe [101904 2018-08-05] (Symantec Corporation -> Symantec Corporation)
Task: {E7CC7CBC-3B0D-4A1C-815C-6ED0808C2AB3} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2018-04-12] (Acer Incorporated -> Acer Incorporated)
Task: {E8D31AC0-59AF-4620-AC10-7943AFEC6994} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.15.0.88\SymErr.exe [101904 2018-08-05] (Symantec Corporation -> Symantec Corporation)
Task: {F0AB76E8-E79C-47B1-ABDD-1665B4D031EC} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [657856 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F552E67C-9E6B-4184-BDF9-637BD8235FCE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-29] (Google Inc -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{35fdeadb-438c-46d1-acbb-adbd7fa72440}: [DhcpNameServer] 172.10.128.12
Tcpip\..\Interfaces\{dc0c5038-4372-49f4-b4f6-4e529e1c9abe}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NGC&pvid=22.14.1.6
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NGC&pvid=22.14.1.6
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NGC&pvid=22.14.1.6
HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NGC&pvid=22.14.1.6
HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: sij380ty.default
FF ProfilePath: C:\Users\j_raj\AppData\Roaming\Mozilla\Firefox\Profiles\sij380ty.default [2019-06-30]
FF Extension: (Amazon Assistant for Firefox) - C:\Users\j_raj\AppData\Roaming\Mozilla\Firefox\Profiles\sij380ty.default\Extensions\abb-acer@amazon.com [2019-06-29] [hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json]
FF Extension: (English (US) Language Pack) - C:\Users\j_raj\AppData\Roaming\Mozilla\Firefox\Profiles\sij380ty.default\Extensions\langpack-en-US@firefox.mozilla.org [2019-06-29]
FF Extension: (Mozilla Partner Defaults) - C:\Users\j_raj\AppData\Roaming\Mozilla\Firefox\Profiles\sij380ty.default\Extensions\partnerdefaults@mozilla.com [2019-06-29] [Legacy]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-06-29] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-06-29] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default [2019-06-30]
CHR Extension: (Prezentace) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-29]
CHR Extension: (Dokumenty) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-29]
CHR Extension: (Disk Google) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-06-29]
CHR Extension: (YouTube) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-29]
CHR Extension: (Tabulky) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-06-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-06-29]
CHR Extension: (Gmail) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-29]
CHR Extension: (Chrome Media Router) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-29]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.15.0.88\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.15.0.88\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9658664 2018-09-08] (Microsoft Corporation -> Microsoft Corporation)
R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1705040 2017-11-08] (Intel Corporation -> Intel Corporation)
S3 iaStorAfsService; C:\Windows\IAStorAfsService\iaStorAfsService.exe [2413024 2018-04-25] (Intel Corporation -> Intel Corporation)
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [542320 2018-01-11] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [743728 2017-11-17] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [720184 2017-11-17] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 IntelAudioService; C:\Windows\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe [230528 2018-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [205968 2017-12-04] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265864 2018-03-20] (Intel Corporation -> )
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.15.0.88\NortonSecurity.exe [328648 2018-08-05] (Symantec Corporation -> Symantec Corporation)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.15.0.88\nsWscSvc.exe [913128 2018-08-05] (Symantec Corporation -> Symantec Corporation)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105344 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848328 2018-03-20] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AcerAirplaneModeController; C:\Windows\System32\drivers\AcerAirplaneModeController.sys [29912 2019-05-17] (Acer Incorporated -> Acer Incorporated)
S3 AX88772; C:\Windows\System32\drivers\ax88772.sys [111616 2018-04-12] (Microsoft Windows -> ASIX Electronics Corp.)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.14.1.6\Definitions\BASHDefs\20190625.002\BHDrvx64.sys [1935880 2019-06-25] (Symantec Corporation -> Symantec Corporation)
R1 ccSet_NGC; C:\Windows\system32\drivers\NGCx64\160F000.058\ccSetx64.sys [187464 2018-08-05] (Symantec Corporation -> Symantec Corporation)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [74144 2017-11-08] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [69536 2017-11-08] (Intel Corporation -> Intel Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515592 2019-06-29] (Symantec Corporation -> Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153096 2019-06-29] (Symantec Corporation -> Symantec Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [382880 2017-11-08] (Intel Corporation -> Intel Corporation)
R3 ETDI2C; C:\Windows\System32\drivers\ETDI2C.sys [218184 2017-11-16] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [98968 2017-10-15] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 iaStorAC; C:\Windows\System32\drivers\iaStorAC.sys [906216 2018-04-25] (Intel Corporation -> Intel Corporation)
S3 iaStorAfs; C:\Windows\System32\drivers\iaStorAfs.sys [69096 2018-04-25] (Intel Corporation -> Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [136128 2018-01-11] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.14.1.6\Definitions\IPSDefs\20190628.061\IDSvia64.sys [1441800 2019-06-28] (Symantec Corporation -> Symantec Corporation)
R3 IntcDMic; C:\Windows\system32\DRIVERS\IntcDMic.sys [678008 2018-11-09] (Intel(R) Smart Sound Technology -> Intel(R) Corporation)
R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [8709656 2018-06-30] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvac.inf_amd64_2fc0d3600c3c3d39\nvlddmkm.sys [17036560 2018-01-09] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50624 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
U5 RTSUER; C:\Windows\System32\Drivers\RTSUER.sys [421312 2017-10-18] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NGCx64\160F000.058\SRTSP64.SYS [846928 2018-08-05] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NGCx64\160F000.058\SRTSPX64.SYS [49744 2018-08-05] (Symantec Corporation -> Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NGCx64\160F000.058\SYMEFASI64.SYS [1968720 2018-08-05] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NGCx64\160F000.058\SymELAM.sys [25608 2018-08-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [99920 2018-08-16] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NGCx64\160F000.058\Ironx64.SYS [307792 2018-08-05] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NGCx64\160F000.058\SYMNETS.SYS [566912 2018-08-05] (Symantec Corporation -> Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\Windows\System32\Drivers\NGCx64\160F000.058\wpCtrlDrv.sys [1002840 2018-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-30 09:18 - 2019-06-30 09:19 - 000028548 _____ C:\Users\j_raj\Desktop\FRST.txt
2019-06-30 09:17 - 2019-06-30 09:18 - 000000000 ____D C:\FRST
2019-06-30 09:02 - 2019-06-30 09:03 - 000000000 ____D C:\AdwCleaner
2019-06-30 09:02 - 2019-06-30 09:02 - 007025360 _____ (Malwarebytes) C:\Users\j_raj\Downloads\adwcleaner_7.3.exe
2019-06-30 09:01 - 2019-06-30 09:11 - 000000000 ____D C:\Windows\System32\Tasks\Norton Security
2019-06-30 08:58 - 2019-06-30 08:58 - 002418688 _____ (Farbar) C:\Users\j_raj\Desktop\FRST64.exe
2019-06-30 08:56 - 2019-06-30 08:56 - 000003376 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2019-06-30 08:56 - 2019-06-30 08:56 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2019-06-30 08:56 - 2019-06-30 08:56 - 000000000 ___HD C:\OneDriveTemp
2019-06-30 08:24 - 2019-06-30 08:24 - 000000000 ____D C:\Users\j_raj\AppData\Local\OneDrive
2019-06-30 08:24 - 2019-06-30 08:24 - 000000000 ____D C:\Program Files\UNP
2019-06-29 22:40 - 2019-06-29 22:40 - 000000000 ____D C:\Users\j_raj\AppData\Local\CrashDumps
2019-06-29 22:37 - 2019-06-29 22:37 - 000001222 _____ C:\Windows\system32\Drivers\etc\hosts.bak
2019-06-29 22:33 - 2019-06-30 08:25 - 000000000 ____D C:\Users\j_raj\AppData\Local\NPE
2019-06-29 22:33 - 2019-06-29 22:33 - 000000000 ____D C:\Users\j_raj\AppData\Local\DBG
2019-06-29 22:29 - 2019-06-29 22:29 - 000000000 ____D C:\Users\j_raj\AppData\Local\D3DSCache
2019-06-29 22:23 - 2019-06-29 22:40 - 000000000 ____D C:\Program Files\3UECHMM28T
2019-06-29 22:23 - 2019-06-29 22:40 - 000000000 ____D C:\Program Files (x86)\ZAfx
2019-06-29 22:23 - 2019-06-29 22:23 - 000825856 _____ C:\Default.xml
2019-06-29 22:23 - 2019-06-29 22:23 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Mozilla
2019-06-29 22:23 - 2019-06-29 22:23 - 000000000 ____D C:\Users\j_raj\AppData\LocalLow\Mozilla
2019-06-29 22:23 - 2019-06-29 22:23 - 000000000 ____D C:\Users\j_raj\AppData\Local\Mozilla
2019-06-29 22:22 - 2019-06-29 22:22 - 007942656 _____ C:\Users\j_raj\AppData\Local\agent.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 002039541 _____ C:\Users\j_raj\AppData\Local\Latfax.tst
2019-06-29 22:22 - 2019-06-29 22:22 - 000722944 _____ C:\Users\j_raj\AppData\Local\sha.db
2019-06-29 22:22 - 2019-06-29 22:22 - 000140800 _____ C:\Users\j_raj\AppData\Local\installer.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 000126464 _____ C:\Users\j_raj\AppData\Local\noah.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 000126464 _____ C:\Users\j_raj\AppData\Local\lobby.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 000072787 _____ C:\Users\j_raj\AppData\Local\SingleRon.tst
2019-06-29 22:22 - 2019-06-29 22:22 - 000070992 _____ C:\Users\j_raj\AppData\Local\Config.xml
2019-06-29 22:22 - 2019-06-29 22:22 - 000054272 _____ C:\Users\j_raj\AppData\Local\ApplicationHosting.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 000005568 _____ C:\Users\j_raj\AppData\Local\md.xml
2019-06-29 22:22 - 2019-06-29 22:22 - 000000000 ____D C:\Users\j_raj\AppData\Local\AdvinstAnalytics
2019-06-29 22:21 - 2019-06-29 22:21 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\WinRAR
2019-06-29 22:21 - 2019-06-29 22:21 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-06-29 22:21 - 2019-06-29 22:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-06-29 22:20 - 2019-06-29 22:21 - 000000000 ____D C:\Program Files\WinRAR
2019-06-29 22:20 - 2019-06-29 22:20 - 003145336 _____ (Alexander Roshal) C:\Users\j_raj\Downloads\winrar-x64-571.exe
2019-06-29 21:55 - 2019-06-29 21:55 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Skype
2019-06-29 21:54 - 2019-06-29 22:10 - 2050560300 _____ C:\Users\j_raj\Downloads\Microsoft Office Professional Plus 2019 v1812 Build 11126.20188 January 2019 (x86+x64).rar
2019-06-29 21:54 - 2019-06-29 21:54 - 000002502 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-06-29 21:54 - 2019-06-29 21:54 - 000002497 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-06-29 21:54 - 2019-06-29 21:54 - 000002496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-06-29 21:54 - 2019-06-29 21:54 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-06-29 21:54 - 2019-06-29 21:54 - 000002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-06-29 21:54 - 2019-06-29 21:54 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-06-29 21:54 - 2019-06-29 21:54 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-06-29 21:54 - 2019-06-29 21:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-06-29 21:50 - 2019-06-29 21:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-06-29 21:50 - 2019-06-29 21:50 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-06-29 21:25 - 2019-06-29 21:25 - 000000000 ____D C:\Users\j_raj\AppData\LocalLow\Adobe
2019-06-29 21:24 - 2019-06-29 21:24 - 000004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-06-29 21:23 - 2019-06-29 21:23 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-06-29 21:23 - 2019-06-29 21:23 - 000002128 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2019-06-29 21:22 - 2019-06-29 21:22 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-06-29 21:20 - 2019-06-29 21:20 - 000000000 ____D C:\ProgramData\Adobe
2019-06-29 21:19 - 2019-06-29 21:25 - 000000000 ____D C:\Users\j_raj\AppData\Local\Adobe
2019-06-29 21:18 - 2019-06-29 21:38 - 3549376512 _____ C:\Users\j_raj\Downloads\Microsoft Office 2019 ProPlus EN.iso
2019-06-29 20:55 - 2019-06-29 21:02 - 000000000 ____D C:\Users\j_raj\AppData\Local\Comms
2019-06-29 20:49 - 2019-06-30 09:04 - 000002393 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-29 20:49 - 2019-06-30 09:04 - 000002352 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-29 20:48 - 2019-06-29 21:16 - 000000000 ____D C:\Users\j_raj\AppData\Local\Google
2019-06-29 20:48 - 2019-06-29 20:48 - 000003472 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-06-29 20:48 - 2019-06-29 20:48 - 000003348 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-06-29 20:48 - 2019-06-29 20:48 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Intel Corporation
2019-06-29 20:48 - 2019-06-29 20:48 - 000000000 ____D C:\Program Files (x86)\Google
2019-06-29 20:47 - 2019-06-30 09:05 - 000000000 ___RD C:\Users\j_raj\OneDrive
2019-06-29 20:47 - 2019-06-29 20:47 - 000003380 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1459309241-3523518997-2302554534-1001
2019-06-29 20:47 - 2019-06-29 20:47 - 000000000 ____D C:\Users\j_raj\AppData\Local\PlaceholderTileLogoFolder
2019-06-29 20:46 - 2019-06-29 20:47 - 000000000 ____D C:\Users\j_raj\AppData\Local\NVIDIA Corporation
2019-06-29 20:46 - 2019-06-29 20:46 - 000000000 ____D C:\Windows\oem
2019-06-29 20:45 - 2019-06-30 09:05 - 000000000 __SHD C:\Users\j_raj\IntelGraphicsProfiles
2019-06-29 20:45 - 2019-06-30 08:49 - 000000000 ____D C:\Users\j_raj\AppData\Local\Packages
2019-06-29 20:45 - 2019-06-30 08:39 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\WildTangent
2019-06-29 20:45 - 2019-06-29 21:25 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Adobe
2019-06-29 20:45 - 2019-06-29 21:25 - 000000000 ____D C:\Users\j_raj\AppData\Local\ConnectedDevicesPlatform
2019-06-29 20:45 - 2019-06-29 20:46 - 000000000 ____D C:\Users\j_raj\AppData\Local\Intel
2019-06-29 20:45 - 2019-06-29 20:45 - 000000000 ___RD C:\Users\j_raj\3D Objects
2019-06-29 20:45 - 2019-06-29 20:45 - 000000000 ___HD C:\Users\j_raj\MicrosoftEdgeBackups
2019-06-29 20:45 - 2019-06-29 20:45 - 000000000 ___HD C:\ProgramData\O949
2019-06-29 20:45 - 2019-06-29 20:45 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Intel
2019-06-29 20:45 - 2019-06-29 20:45 - 000000000 ____D C:\Users\j_raj\AppData\Local\VirtualStore
2019-06-29 20:45 - 2019-06-29 20:45 - 000000000 ____D C:\Users\j_raj\AppData\Local\Publishers
2019-06-29 20:45 - 2019-06-29 20:45 - 000000000 ____D C:\Users\j_raj\AppData\Local\MicrosoftEdge
2019-06-29 20:38 - 2019-06-29 20:47 - 000002371 _____ C:\Users\j_raj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-06-29 20:38 - 2019-06-29 20:47 - 000000000 ____D C:\Users\j_raj
2019-06-29 20:38 - 2019-06-29 20:38 - 000000020 ___SH C:\Users\j_raj\ntuser.ini
2019-06-29 20:26 - 2019-06-29 20:26 - 000000000 ____D C:\Windows\system32\DAX3
2019-06-29 20:25 - 2019-06-29 20:26 - 000000000 ____D C:\Windows\LastGood.Tmp
2019-06-28 23:25 - 2019-06-28 23:25 - 000000000 _SHDL C:\Documents and Settings

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-30 11:18 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2019-06-30 09:14 - 2018-08-16 22:17 - 001692472 _____ C:\Windows\system32\PerfStringBackup.INI
2019-06-30 09:14 - 2018-04-28 19:50 - 000718734 _____ C:\Windows\system32\perfh005.dat
2019-06-30 09:14 - 2018-04-28 19:50 - 000145494 _____ C:\Windows\system32\perfc005.dat
2019-06-30 09:14 - 2018-04-12 00:36 - 000000000 ____D C:\Windows\INF
2019-06-30 09:09 - 2018-04-11 22:04 - 000032768 _____ C:\Windows\system32\config\ELAM
2019-06-30 09:05 - 2018-08-16 22:29 - 000000000 ____D C:\ProgramData\NVIDIA
2019-06-30 09:05 - 2018-08-16 22:05 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-30 09:05 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-30 09:04 - 2018-04-11 22:04 - 000524288 _____ C:\Windows\system32\config\BBI
2019-06-30 09:03 - 2018-04-12 00:38 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-06-30 08:56 - 2018-08-16 23:00 - 000000000 ____D C:\Windows\system32\Drivers\NGCx64
2019-06-30 08:49 - 2018-08-16 22:48 - 000000000 ____D C:\ProgramData\OEM
2019-06-30 08:49 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-30 08:49 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\AppReadiness
2019-06-30 08:47 - 2018-08-16 22:48 - 000000000 ____D C:\ProgramData\Acer
2019-06-30 08:47 - 2018-04-28 05:48 - 000000000 ___HD C:\OEM
2019-06-30 08:40 - 2018-08-16 22:57 - 000000000 ____D C:\ProgramData\WildTangent
2019-06-30 08:40 - 2018-08-16 22:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games
2019-06-30 08:23 - 2018-08-16 22:05 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-06-29 22:40 - 2018-08-16 22:05 - 000404904 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-29 22:33 - 2018-08-16 23:00 - 000000000 ____D C:\ProgramData\Norton
2019-06-29 21:50 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-06-29 20:47 - 2018-08-16 22:27 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-06-29 20:45 - 2018-08-16 22:13 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-29 20:27 - 2018-08-16 22:25 - 000000000 ____D C:\Windows\system32\Intel
2019-06-29 20:26 - 2018-08-16 22:40 - 000003325 _____ C:\Windows\system32\Drivers\rtkhdasetting.zip
2019-06-29 20:26 - 2018-08-16 22:40 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2019-06-29 20:26 - 2018-08-16 22:40 - 000000000 ____D C:\Windows\system32\DAX2
2019-06-29 20:23 - 2018-04-12 00:30 - 000000000 ____D C:\Windows\CbsTemp
2019-06-28 23:25 - 2018-08-16 22:48 - 000004302 _____ C:\Windows\System32\Tasks\Software Update Application
2019-06-28 23:25 - 2018-08-16 22:30 - 000003176 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-28 23:25 - 2018-08-16 22:30 - 000002914 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-28 23:25 - 2018-08-16 22:29 - 000003398 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-28 23:25 - 2018-08-16 22:29 - 000002984 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-28 23:25 - 2018-08-16 22:29 - 000002956 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-28 23:25 - 2018-08-16 22:29 - 000002838 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-28 23:25 - 2018-08-16 22:29 - 000002786 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-28 23:25 - 2018-08-16 22:29 - 000002744 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-28 23:25 - 2018-08-16 22:14 - 000002770 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2

==================== Files in the root of some directories ================

2019-06-29 22:22 - 2019-06-29 22:22 - 007942656 _____ () C:\Users\j_raj\AppData\Local\agent.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 000054272 _____ () C:\Users\j_raj\AppData\Local\ApplicationHosting.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 000070992 _____ () C:\Users\j_raj\AppData\Local\Config.xml
2019-06-29 22:22 - 2019-06-29 22:22 - 000140800 _____ () C:\Users\j_raj\AppData\Local\installer.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 002039541 _____ () C:\Users\j_raj\AppData\Local\Latfax.tst
2019-06-29 22:22 - 2019-06-29 22:22 - 000126464 _____ () C:\Users\j_raj\AppData\Local\lobby.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 000005568 _____ () C:\Users\j_raj\AppData\Local\md.xml
2019-06-29 22:22 - 2019-06-29 22:22 - 000126464 _____ () C:\Users\j_raj\AppData\Local\noah.dat
2019-06-29 22:22 - 2019-06-29 22:22 - 000722944 _____ () C:\Users\j_raj\AppData\Local\sha.db
2019-06-29 22:22 - 2019-06-29 22:22 - 000072787 _____ () C:\Users\j_raj\AppData\Local\SingleRon.tst
2019-06-29 22:22 - 2019-06-29 22:22 - 000032038 _____ () C:\Users\j_raj\AppData\Local\uninstall_temp.ico

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Kód: Vybrat vše

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-06-2019
Ran by j_raj (30-06-2019 09:20:01)
Running from C:\Users\j_raj\Desktop
Windows 10 Home Version 1803 17134.81 (X64) (2019-06-28 22:26:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1459309241-3523518997-2302554534-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1459309241-3523518997-2302554534-503 - Limited - Disabled)
Guest (S-1-5-21-1459309241-3523518997-2302554534-501 - Limited - Disabled)
j_raj (S-1-5-21-1459309241-3523518997-2302554534-1001 - Administrator - Enabled) => C:\Users\j_raj
WDAGUtilityAccount (S-1-5-21-1459309241-3523518997-2302554534-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Enabled - Up to date) {E3FDBD9F-8140-1400-F32B-8B58923F7C4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Enabled) {DBC63CBA-CB2F-1558-D874-226D6CEC3B36}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.008.20071 - Adobe Systems Incorporated)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{44ded3eb-1686-46a6-9770-fd79096c29f7}) (Version: 10.1.1.45 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10207.5567 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1061 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.9.4.1041 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000030-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.30.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{ce28f51d-8881-481e-a776-0052065f05f0}) (Version: 20.50.2 - Intel Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.10730.20102 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Norton Security (HKLM-x32\...\NGC) (Version: 22.15.0.88 - Symantec Corporation)
NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.73 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.16299.31239 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8555 - Realtek Semiconductor Corp.)
SafeFinder (HKLM-x32\...\{A9233103-267B-4DD6-B644-C3C94B1C227C}) (Version: 1.0.0.0 - Linkury) <==== ATTENTION
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

Packages:
=========
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation) [MS Ad]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.1.1098.1000_x86__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-29] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation) [MS Ad]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.5.2.0_x64__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.15.0.88\NavShExt.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.15.0.88\NavShExt.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ecc5716c205e60ea\igfxDTCM.dll [2018-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-12-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.15.0.88\NavShExt.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%

==================== Loaded Modules (Whitelisted) ==============

2019-06-29 22:21 - 2019-06-29 22:21 - 000698368 _____ () [File not signed] C:\Program Files (x86)\Google\Chrome\Application\WINMM.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 00:38 - 2019-06-29 22:37 - 000000054 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Acer01.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DFA93940-8EB8-4A57-8A3B-D2EE46327B12}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1C5ACB09-66F7-4B0B-9467-BBAF0ECCAEA3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{202EBFAD-5114-4CEB-869A-B6EA6C6001BD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{07FA4CAB-2A9E-4568-BD65-EB58BE40F80E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{42A3FC01-12AB-4170-B594-DC42B021C41D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FC3223C8-2F67-4EB7-BA7D-10AC05AA373F}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{41C3F41E-B198-4535-8683-6BD7AA2FDC80}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe No File
FirewallRules: [{60F0B725-8128-49E7-92B0-051817F98238}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F4C98EA4-F3AF-405E-AFC1-889DDCC7863E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11727.20230.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{85365AE4-E307-4C06-903C-0DDC029CCC83}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B8F0688C-3525-453B-99E7-B56FC84E5B5A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B6B53094-2CEB-442A-A612-844C00C0A852}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F3E69E79-C453-4B67-B766-C0FA6BB67683}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{79520803-3080-4DFD-B1C4-4CF9E919612B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{44F3A0EC-115B-480F-A568-2DB778821267}] => (Allow) C:\Windows\rss\csrss.exe No File
FirewallRules: [{72716457-24DC-43C7-AE2A-7A0056B69E99}] => (Allow) C:\Users\j_raj\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe No File

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/30/2019 08:46:53 AM) (Source: MsiInstaller) (EventID: 11500) (User: LAPTOP-O4MKONJ4)
Description: Product: Care Center -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.

Error: (06/30/2019 08:46:43 AM) (Source: MsiInstaller) (EventID: 11500) (User: LAPTOP-O4MKONJ4)
Description: Product: Care Center -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.

Error: (06/30/2019 08:46:42 AM) (Source: MsiInstaller) (EventID: 11500) (User: LAPTOP-O4MKONJ4)
Description: Product: Care Center -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.

Error: (06/29/2019 10:40:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ACCStd.exe, version: 3.1.8002.0, time stamp: 0x5aff9afe
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00007ffd9e947598
Faulting process id: 0x263c
Faulting application start time: 0x01d52eb39b5de97a
Faulting application path: C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
Faulting module path: unknown
Report Id: 01af517b-5967-4747-900d-d1a82e19f84b
Faulting package full name: 
Faulting package-relative application ID:

Error: (06/29/2019 10:40:29 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: ACCStd.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
   at Acer.CareCenter.ACCStd.MainWindow.Window_Closing(System.Object, System.ComponentModel.CancelEventArgs)
   at System.Windows.Window.OnClosing(System.ComponentModel.CancelEventArgs)
   at System.Windows.Window.InternalClose(Boolean, Boolean)
   at System.Windows.Application.DoShutdown()
   at System.Windows.Application.ShutdownImpl()
   at System.Windows.Application.ShutdownCallback(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunDispatcher(System.Object)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at ACCStd.App.Main()

Error: (06/29/2019 10:23:19 PM) (Source: ESENT) (EventID: 333) (User: )
Description: wmydybde (12948,D,100) d: The database [C:\Program Files (x86)\ZAfx\d] version 1568.60.140 is higher than the maximum version configured by the application 1568.20.0. Current engine format version parameter setting: 0x40000001 (JET_efvUseEngineDefault)

Error: (06/29/2019 10:23:19 PM) (Source: ESENT) (EventID: 333) (User: )
Description: wmydybde (12948,D,100) d: The database [C:\Program Files (x86)\ZAfx\d] version 1568.60.140 is higher than the maximum version configured by the application 1568.20.0. Current engine format version parameter setting: 0x40000001 (JET_efvUseEngineDefault)

Error: (06/29/2019 09:54:34 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (06/30/2019 09:15:14 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/30/2019 09:07:11 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.WscBrokerManager
 and APPID 
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/30/2019 09:06:28 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-O4MKONJ4)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user LAPTOP-O4MKONJ4\j_raj SID (S-1-5-21-1459309241-3523518997-2302554534-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/30/2019 09:05:41 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-O4MKONJ4)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.WscCloudBackupProvider
 and APPID 
Unavailable
 to the user LAPTOP-O4MKONJ4\j_raj SID (S-1-5-21-1459309241-3523518997-2302554534-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/30/2019 09:05:18 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/30/2019 09:05:18 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/30/2019 09:04:49 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\system32\IntelWifiIhv04.dll

Error: (06/30/2019 09:04:49 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\system32\IntelWifiIhv04.dll


Windows Defender:
===================================
Date: 2019-06-30 09:10:17.453
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80508023
Error description: The program could not find the malware and other potentially unwanted software on this device. 
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

==================== Memory info =========================== 

BIOS: Insyde Corp. V1.07 05/25/2018
Motherboard: KBL Strongbow_KL
Processor: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz
Percentage of memory in use: 42%
Total physical RAM: 8076.47 MB
Available physical RAM: 4608.02 MB
Total Virtual: 9996.47 MB
Available Virtual: 6149.58 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:475.82 GB) (Free:424.32 GB) NTFS

\\?\Volume{6d13d745-41ce-400b-8e87-a56a6428b06f}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.62 GB) NTFS
\\?\Volume{d93cd461-1702-44de-8de8-506f86aa1d6f}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: C21053F6)

Partition: GPT.

==================== End of Addition.txt ============================

Kód: Vybrat vše

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-06-28.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    06-30-2019
# Duration: 00:00:00
# OS:       Windows 10 Home
# Cleaned:  2
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
Deleted       C:\Users\Public\Desktop\Google Chrome.lnk

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [9822 octets] - [30/06/2019 10:03:11]
AdwCleaner[C00].txt - [8504 octets] - [30/06/2019 10:03:30]
AdwCleaner[S01].txt - [1520 octets] - [30/06/2019 10:04:33]
AdwCleaner[C01].txt - [1668 octets] - [30/06/2019 10:04:42]
AdwCleaner[S02].txt - [1642 octets] - [30/06/2019 13:08:20]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-06-2019
Ran by j_raj (administrator) on LAPTOP-O4MKONJ4 (Acer Swift SF314-54G) (01-07-2019 21:21:04)
Running from C:\Users\j_raj\Desktop
Loaded Profiles: j_raj (Available Profiles: j_raj)
Platform: Windows 10 Home Version 1803 17134.81 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ecc5716c205e60ea\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ecc5716c205e60ea\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ecc5716c205e60ea\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ecc5716c205e60ea\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11905.1001.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.15.0.88\nortonsecurity.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.15.0.88\nortonsecurity.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.15.0.88\nswscsvc.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2018-04-26] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18570424 2018-11-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_ASC] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1537312 2018-11-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22695280 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46993192 2019-06-11] (Google LLC -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-29] (Google LLC -> Google LLC)
InternetURL: C:\Users\j_raj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BznMMQqmAG.url -> 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{35fdeadb-438c-46d1-acbb-adbd7fa72440}: [DhcpNameServer] 172.10.128.12
Tcpip\..\Interfaces\{dc0c5038-4372-49f4-b4f6-4e529e1c9abe}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NGC&pvid=22.14.1.6
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NGC&pvid=22.14.1.6
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NGC&pvid=22.14.1.6
HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:NewsFeed
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-1459309241-3523518997-2302554534-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-1459309241-3523518997-2302554534-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: sij380ty.default
FF ProfilePath: C:\Users\j_raj\AppData\Roaming\Mozilla\Firefox\Profiles\sij380ty.default [2019-07-01]
FF Extension: (Amazon Assistant for Firefox) - C:\Users\j_raj\AppData\Roaming\Mozilla\Firefox\Profiles\sij380ty.default\Extensions\abb-acer@amazon.com [2019-06-29] [hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json]
FF Extension: (English (US) Language Pack) - C:\Users\j_raj\AppData\Roaming\Mozilla\Firefox\Profiles\sij380ty.default\Extensions\langpack-en-US@firefox.mozilla.org [2019-06-29]
FF Extension: (Mozilla Partner Defaults) - C:\Users\j_raj\AppData\Roaming\Mozilla\Firefox\Profiles\sij380ty.default\Extensions\partnerdefaults@mozilla.com [2019-06-29] [Legacy]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-06-29] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-06-29] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default [2019-07-01]
CHR Extension: (Prezentace) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-29]
CHR Extension: (Dokumenty) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-29]
CHR Extension: (Disk Google) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-06-29]
CHR Extension: (YouTube) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-29]
CHR Extension: (Tabulky) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-06-29]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-06-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-06-29]
CHR Extension: (Gmail) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-29]
CHR Extension: (Chrome Media Router) - C:\Users\j_raj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-29]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.15.0.88\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.15.0.88\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11413600 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1705040 2017-11-08] (Intel Corporation -> Intel Corporation)
S3 iaStorAfsService; C:\Windows\IAStorAfsService\iaStorAfsService.exe [2413024 2018-04-25] (Intel Corporation -> Intel Corporation)
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [542320 2018-01-11] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [743728 2017-11-17] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [720184 2017-11-17] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 IntelAudioService; C:\Windows\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe [230528 2018-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [205968 2017-12-04] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265864 2018-03-20] (Intel Corporation -> )
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.16.2.22\NortonSecurity.exe [328648 2018-11-03] (Symantec Corporation -> Symantec Corporation)
R3 nsWscSvc; C:\Program Files\Norton Security\Engine\22.15.0.88\nsWscSvc.exe [913128 2018-08-05] (Symantec Corporation -> Symantec Corporation)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105344 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848328 2018-03-20] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AcerAirplaneModeController; C:\Windows\System32\drivers\AcerAirplaneModeController.sys [29912 2019-05-17] (Acer Incorporated -> Acer Incorporated)
S3 AX88772; C:\Windows\System32\drivers\ax88772.sys [111616 2018-04-12] (Microsoft Windows -> ASIX Electronics Corp.)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.14.1.6\Definitions\BASHDefs\20190625.002\BHDrvx64.sys [1935880 2019-06-25] (Symantec Corporation -> Symantec Corporation)
R1 ccSet_NGC; C:\Windows\system32\drivers\NGCx64\1610020.016\ccSetx64.sys [189120 2018-11-03] (Symantec Corporation -> Symantec Corporation)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [74144 2017-11-08] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [69536 2017-11-08] (Intel Corporation -> Intel Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515592 2019-06-29] (Symantec Corporation -> Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153096 2019-06-29] (Symantec Corporation -> Symantec Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [382880 2017-11-08] (Intel Corporation -> Intel Corporation)
R3 ETDI2C; C:\Windows\System32\drivers\ETDI2C.sys [218184 2017-11-16] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [98968 2017-10-15] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 iaStorAC; C:\Windows\System32\drivers\iaStorAC.sys [906216 2018-04-25] (Intel Corporation -> Intel Corporation)
S3 iaStorAfs; C:\Windows\System32\drivers\iaStorAfs.sys [69096 2018-04-25] (Intel Corporation -> Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [136128 2018-01-11] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.14.1.6\Definitions\IPSDefs\20190628.061\IDSvia64.sys [1441800 2019-06-28] (Symantec Corporation -> Symantec Corporation)
R3 IntcDMic; C:\Windows\system32\DRIVERS\IntcDMic.sys [678008 2018-11-09] (Intel(R) Smart Sound Technology -> Intel(R) Corporation)
R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [8709656 2018-06-30] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvac.inf_amd64_2fc0d3600c3c3d39\nvlddmkm.sys [17036560 2018-01-09] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50624 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
U5 RTSUER; C:\Windows\System32\Drivers\RTSUER.sys [421312 2017-10-18] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NGCx64\160F000.058\SRTSP64.SYS [846928 2018-08-05] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NGCx64\1610020.016\SRTSPX64.SYS [49648 2018-11-03] (Symantec Corporation -> Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NGCx64\1610020.016\SYMEFASI64.SYS [1969328 2018-11-03] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NGCx64\1610020.016\SymELAM.sys [25744 2018-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [99920 2018-08-17] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NGCx64\1610020.016\Ironx64.SYS [308416 2018-11-03] (Symantec Corporation -> Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NGCx64\160F000.058\SYMNETS.SYS [566912 2018-08-05] (Symantec Corporation -> Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\Windows\System32\Drivers\NGCx64\160F000.058\wpCtrlDrv.sys [1002840 2018-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-01 21:19 - 2019-07-01 21:19 - 000000000 ____D C:\Users\j_raj\Desktop\FRST-OlderVersion
2019-07-01 18:42 - 2019-07-01 18:42 - 000002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-07-01 18:42 - 2019-07-01 18:42 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-07-01 18:42 - 2019-07-01 18:42 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-07-01 18:42 - 2019-07-01 18:42 - 000002420 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-07-01 18:42 - 2019-07-01 18:42 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-07-01 18:42 - 2019-07-01 18:42 - 000002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-07-01 18:42 - 2019-07-01 18:42 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-07-01 18:42 - 2019-07-01 18:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-06-30 14:13 - 2019-06-30 14:13 - 000000000 ____D C:\Users\j_raj\Documents\Custom Office Templates
2019-06-30 13:37 - 2019-07-01 18:30 - 000000000 ___RD C:\Users\j_raj\Google Drive
2019-06-30 13:37 - 2019-06-30 13:37 - 000001768 _____ C:\Users\j_raj\Desktop\Google Drive.lnk
2019-06-30 13:35 - 2019-06-30 13:35 - 000002077 _____ C:\Users\Public\Desktop\Google Slides.lnk
2019-06-30 13:35 - 2019-06-30 13:35 - 000002075 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2019-06-30 13:35 - 2019-06-30 13:35 - 000002065 _____ C:\Users\Public\Desktop\Google Docs.lnk
2019-06-30 13:35 - 2019-06-30 13:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-06-30 13:35 - 2019-06-30 13:35 - 000000000 ____D C:\Program Files\Google
2019-06-30 13:33 - 2019-06-30 13:33 - 001151544 _____ (Google LLC) C:\Users\j_raj\Downloads\installbackupandsync.exe
2019-06-30 10:54 - 2019-06-30 10:54 - 000055190 _____ C:\Users\j_raj\Documents\cc_20190630_095409.reg
2019-06-30 10:51 - 2019-06-30 10:51 - 000003936 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-06-30 10:51 - 2019-06-30 10:51 - 000002888 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-06-30 10:51 - 2019-06-30 10:51 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-06-30 10:51 - 2019-06-30 10:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-06-30 10:51 - 2019-06-30 10:51 - 000000000 ____D C:\Program Files\CCleaner
2019-06-30 10:50 - 2019-06-30 10:50 - 020650160 _____ (Piriform Software Ltd) C:\Users\j_raj\Downloads\ccsetup559.exe
2019-06-30 10:47 - 2019-07-01 18:33 - 000004168 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{814DDB56-74B0-40C5-98BD-DA078CBCE763}
2019-06-30 10:47 - 2019-06-30 10:47 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Macromedia
2019-06-30 10:18 - 2019-07-01 21:21 - 000023795 _____ C:\Users\j_raj\Desktop\FRST.txt
2019-06-30 10:17 - 2019-07-01 21:20 - 000000000 ____D C:\FRST
2019-06-30 10:02 - 2019-06-30 10:03 - 000000000 ____D C:\AdwCleaner
2019-06-30 10:02 - 2019-06-30 10:02 - 007025360 _____ (Malwarebytes) C:\Users\j_raj\Downloads\adwcleaner_7.3.exe
2019-06-30 10:01 - 2019-06-30 17:16 - 000000000 ____D C:\Windows\System32\Tasks\Norton Security
2019-06-30 09:58 - 2019-07-01 21:19 - 002419200 _____ (Farbar) C:\Users\j_raj\Desktop\FRST64.exe
2019-06-30 09:56 - 2019-06-30 09:56 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2019-06-30 09:24 - 2019-06-30 09:24 - 000000000 ____D C:\Users\j_raj\AppData\Local\OneDrive
2019-06-30 09:24 - 2019-06-30 09:24 - 000000000 ____D C:\Program Files\UNP
2019-06-29 23:40 - 2019-06-30 10:53 - 000000000 ____D C:\Users\j_raj\AppData\Local\CrashDumps
2019-06-29 23:37 - 2019-06-29 23:37 - 000001222 _____ C:\Windows\system32\Drivers\etc\hosts.bak
2019-06-29 23:33 - 2019-06-30 09:25 - 000000000 ____D C:\Users\j_raj\AppData\Local\NPE
2019-06-29 23:33 - 2019-06-29 23:33 - 000000000 ____D C:\Users\j_raj\AppData\Local\DBG
2019-06-29 23:29 - 2019-06-29 23:29 - 000000000 ____D C:\Users\j_raj\AppData\Local\D3DSCache
2019-06-29 23:23 - 2019-07-01 07:54 - 000000000 ____D C:\Program Files\3UECHMM28T
2019-06-29 23:23 - 2019-06-29 23:40 - 000000000 ____D C:\Program Files (x86)\ZAfx
2019-06-29 23:23 - 2019-06-29 23:23 - 000825856 _____ C:\Default.xml
2019-06-29 23:23 - 2019-06-29 23:23 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Mozilla
2019-06-29 23:23 - 2019-06-29 23:23 - 000000000 ____D C:\Users\j_raj\AppData\LocalLow\Mozilla
2019-06-29 23:23 - 2019-06-29 23:23 - 000000000 ____D C:\Users\j_raj\AppData\Local\Mozilla
2019-06-29 23:22 - 2019-06-29 23:22 - 007942656 _____ C:\Users\j_raj\AppData\Local\agent.dat
2019-06-29 23:22 - 2019-06-29 23:22 - 002039541 _____ C:\Users\j_raj\AppData\Local\Latfax.tst
2019-06-29 23:22 - 2019-06-29 23:22 - 000722944 _____ C:\Users\j_raj\AppData\Local\sha.db
2019-06-29 23:22 - 2019-06-29 23:22 - 000140800 _____ C:\Users\j_raj\AppData\Local\installer.dat
2019-06-29 23:22 - 2019-06-29 23:22 - 000126464 _____ C:\Users\j_raj\AppData\Local\noah.dat
2019-06-29 23:22 - 2019-06-29 23:22 - 000126464 _____ C:\Users\j_raj\AppData\Local\lobby.dat
2019-06-29 23:22 - 2019-06-29 23:22 - 000072787 _____ C:\Users\j_raj\AppData\Local\SingleRon.tst
2019-06-29 23:22 - 2019-06-29 23:22 - 000070992 _____ C:\Users\j_raj\AppData\Local\Config.xml
2019-06-29 23:22 - 2019-06-29 23:22 - 000054272 _____ C:\Users\j_raj\AppData\Local\ApplicationHosting.dat
2019-06-29 23:22 - 2019-06-29 23:22 - 000005568 _____ C:\Users\j_raj\AppData\Local\md.xml
2019-06-29 23:22 - 2019-06-29 23:22 - 000000000 ____D C:\Users\j_raj\AppData\Local\AdvinstAnalytics
2019-06-29 23:21 - 2019-06-29 23:21 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\WinRAR
2019-06-29 23:21 - 2019-06-29 23:21 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-06-29 23:21 - 2019-06-29 23:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-06-29 23:20 - 2019-06-29 23:21 - 000000000 ____D C:\Program Files\WinRAR
2019-06-29 23:20 - 2019-06-29 23:20 - 003145336 _____ (Alexander Roshal) C:\Users\j_raj\Downloads\winrar-x64-571.exe
2019-06-29 22:55 - 2019-06-29 22:55 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Skype
2019-06-29 22:54 - 2019-06-29 23:10 - 2050560300 _____ C:\Users\j_raj\Downloads\Microsoft Office Professional Plus 2019 v1812 Build 11126.20188 January 2019 (x86+x64).rar
2019-06-29 22:50 - 2019-07-01 18:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-06-29 22:50 - 2019-06-29 22:50 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-06-29 22:25 - 2019-06-29 22:25 - 000000000 ____D C:\Users\j_raj\AppData\LocalLow\Adobe
2019-06-29 22:24 - 2019-07-01 21:20 - 000004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-06-29 22:23 - 2019-07-01 21:22 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-06-29 22:23 - 2019-06-29 22:23 - 000002128 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2019-06-29 22:22 - 2019-06-29 22:22 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-06-29 22:20 - 2019-07-01 05:12 - 000000000 ____D C:\ProgramData\Adobe
2019-06-29 22:19 - 2019-06-29 22:25 - 000000000 ____D C:\Users\j_raj\AppData\Local\Adobe
2019-06-29 22:18 - 2019-06-29 22:38 - 3549376512 _____ C:\Users\j_raj\Downloads\Microsoft Office 2019 ProPlus EN.iso
2019-06-29 21:55 - 2019-06-29 22:02 - 000000000 ____D C:\Users\j_raj\AppData\Local\Comms
2019-06-29 21:49 - 2019-06-30 13:09 - 000002393 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-29 21:49 - 2019-06-30 13:09 - 000002352 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-29 21:48 - 2019-06-30 13:35 - 000000000 ____D C:\Users\j_raj\AppData\Local\Google
2019-06-29 21:48 - 2019-06-29 21:48 - 000003472 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-06-29 21:48 - 2019-06-29 21:48 - 000003348 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-06-29 21:48 - 2019-06-29 21:48 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Intel Corporation
2019-06-29 21:48 - 2019-06-29 21:48 - 000000000 ____D C:\Program Files (x86)\Google
2019-06-29 21:47 - 2019-06-30 10:38 - 000000000 ___RD C:\Users\j_raj\OneDrive
2019-06-29 21:47 - 2019-06-29 21:47 - 000003380 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1459309241-3523518997-2302554534-1001
2019-06-29 21:47 - 2019-06-29 21:47 - 000000000 ____D C:\Users\j_raj\AppData\Local\PlaceholderTileLogoFolder
2019-06-29 21:46 - 2019-07-01 18:33 - 000000000 ____D C:\Users\j_raj\AppData\Local\NVIDIA Corporation
2019-06-29 21:46 - 2019-06-29 21:46 - 000000000 ____D C:\Windows\oem
2019-06-29 21:45 - 2019-07-01 19:36 - 000000000 ____D C:\Users\j_raj\AppData\Local\Packages
2019-06-29 21:45 - 2019-07-01 18:30 - 000000000 __SHD C:\Users\j_raj\IntelGraphicsProfiles
2019-06-29 21:45 - 2019-06-30 09:39 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\WildTangent
2019-06-29 21:45 - 2019-06-29 22:25 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Adobe
2019-06-29 21:45 - 2019-06-29 22:25 - 000000000 ____D C:\Users\j_raj\AppData\Local\ConnectedDevicesPlatform
2019-06-29 21:45 - 2019-06-29 21:46 - 000000000 ____D C:\Users\j_raj\AppData\Local\Intel
2019-06-29 21:45 - 2019-06-29 21:45 - 000000000 ___RD C:\Users\j_raj\3D Objects
2019-06-29 21:45 - 2019-06-29 21:45 - 000000000 ___HD C:\Users\j_raj\MicrosoftEdgeBackups
2019-06-29 21:45 - 2019-06-29 21:45 - 000000000 ___HD C:\ProgramData\O949
2019-06-29 21:45 - 2019-06-29 21:45 - 000000000 ____D C:\Users\j_raj\AppData\Roaming\Intel
2019-06-29 21:45 - 2019-06-29 21:45 - 000000000 ____D C:\Users\j_raj\AppData\Local\VirtualStore
2019-06-29 21:45 - 2019-06-29 21:45 - 000000000 ____D C:\Users\j_raj\AppData\Local\Publishers
2019-06-29 21:45 - 2019-06-29 21:45 - 000000000 ____D C:\Users\j_raj\AppData\Local\MicrosoftEdge
2019-06-29 21:38 - 2019-06-30 13:37 - 000000000 ____D C:\Users\j_raj
2019-06-29 21:38 - 2019-06-29 21:47 - 000002371 _____ C:\Users\j_raj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-06-29 21:38 - 2019-06-29 21:38 - 000000020 ___SH C:\Users\j_raj\ntuser.ini
2019-06-29 21:26 - 2019-06-29 21:26 - 000000000 ____D C:\Windows\system32\DAX3
2019-06-29 21:25 - 2019-06-29 21:26 - 000000000 ____D C:\Windows\LastGood.Tmp
2019-06-29 00:25 - 2019-06-29 00:25 - 000000000 _SHDL C:\Documents and Settings

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-01 21:19 - 2018-08-16 23:05 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-07-01 21:19 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-01 19:14 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\AppReadiness
2019-07-01 18:43 - 2018-04-12 01:36 - 000000000 ____D C:\Windows\INF
2019-07-01 18:33 - 2018-08-16 23:29 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-01 07:52 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\appcompat
2019-06-30 16:45 - 2018-08-17 00:00 - 000000000 ____D C:\Windows\system32\Drivers\NGCx64
2019-06-30 13:14 - 2018-08-16 23:17 - 001692472 _____ C:\Windows\system32\PerfStringBackup.INI
2019-06-30 13:14 - 2018-04-28 20:50 - 000718734 _____ C:\Windows\system32\perfh005.dat
2019-06-30 13:14 - 2018-04-28 20:50 - 000145494 _____ C:\Windows\system32\perfc005.dat
2019-06-30 13:10 - 2018-08-16 23:05 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-30 13:09 - 2018-04-11 23:04 - 000524288 _____ C:\Windows\system32\config\BBI
2019-06-30 12:18 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2019-06-30 10:53 - 2018-08-17 00:04 - 000000000 ____D C:\Windows\Panther
2019-06-30 10:40 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-30 10:09 - 2018-04-11 23:04 - 000032768 _____ C:\Windows\system32\config\ELAM
2019-06-30 10:03 - 2018-04-12 01:38 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-06-30 09:49 - 2018-08-16 23:48 - 000000000 ____D C:\ProgramData\OEM
2019-06-30 09:47 - 2018-08-16 23:48 - 000000000 ____D C:\ProgramData\Acer
2019-06-30 09:47 - 2018-04-28 06:48 - 000000000 ___HD C:\OEM
2019-06-30 09:40 - 2018-08-16 23:57 - 000000000 ____D C:\ProgramData\WildTangent
2019-06-30 09:40 - 2018-08-16 23:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games
2019-06-29 23:40 - 2018-08-16 23:05 - 000404904 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-29 23:33 - 2018-08-17 00:00 - 000000000 ____D C:\ProgramData\Norton
2019-06-29 22:50 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-06-29 21:47 - 2018-08-16 23:27 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-06-29 21:45 - 2018-08-16 23:13 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-29 21:27 - 2018-08-16 23:25 - 000000000 ____D C:\Windows\system32\Intel
2019-06-29 21:26 - 2018-08-16 23:40 - 000003325 _____ C:\Windows\system32\Drivers\rtkhdasetting.zip
2019-06-29 21:26 - 2018-08-16 23:40 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2019-06-29 21:26 - 2018-08-16 23:40 - 000000000 ____D C:\Windows\system32\DAX2
2019-06-29 21:23 - 2018-04-12 01:30 - 000000000 ____D C:\Windows\CbsTemp
2019-06-29 00:25 - 2018-08-16 23:48 - 000004302 _____ C:\Windows\System32\Tasks\Software Update Application
2019-06-29 00:25 - 2018-08-16 23:30 - 000003176 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-29 00:25 - 2018-08-16 23:30 - 000002914 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-29 00:25 - 2018-08-16 23:29 - 000003398 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-29 00:25 - 2018-08-16 23:29 - 000002984 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-29 00:25 - 2018-08-16 23:29 - 000002956 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-29 00:25 - 2018-08-16 23:29 - 000002838 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-29 00:25 - 2018-08-16 23:29 - 000002786 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-29 00:25 - 2018-08-16 23:29 - 000002744 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-29 00:25 - 2018-08-16 23:14 - 000002770 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2

==================== Files in the root of some directories ================

2019-06-29 23:22 - 2019-06-29 23:22 - 007942656 _____ () C:\Users\j_raj\AppData\Local\agent.dat
2019-06-29 23:22 - 2019-06-29 23:22 - 000054272 _____ () C:\Users\j_raj\AppData\Local\ApplicationHosting.dat
2019-06-29 23:22 - 2019-06-29 23:22 - 000070992 _____ () C:\Users\j_raj\AppData\Local\Config.xml
2019-06-29 23:22 - 2019-06-29 23:22 - 000140800 _____ () C:\Users\j_raj\AppData\Local\installer.dat
2019-06-29 23:22 - 2019-06-29 23:22 - 002039541 _____ () C:\Users\j_raj\AppData\Local\Latfax.tst
2019-06-29 23:22 - 2019-06-29 23:22 - 000126464 _____ () C:\Users\j_raj\AppData\Local\lobby.dat
2019-06-29 23:22 - 2019-06-29 23:22 - 000005568 _____ () C:\Users\j_raj\AppData\Local\md.xml
2019-06-29 23:22 - 2019-06-29 23:22 - 000126464 _____ () C:\Users\j_raj\AppData\Local\noah.dat
2019-06-29 23:22 - 2019-06-29 23:22 - 000722944 _____ () C:\Users\j_raj\AppData\Local\sha.db
2019-06-29 23:22 - 2019-06-29 23:22 - 000072787 _____ () C:\Users\j_raj\AppData\Local\SingleRon.tst
2019-06-29 23:22 - 2019-06-29 23:22 - 000032038 _____ () C:\Users\j_raj\AppData\Local\uninstall_temp.ico

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Kód: Vybrat vše

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-06-2019
Ran by j_raj (01-07-2019 21:22:09)
Running from C:\Users\j_raj\Desktop
Windows 10 Home Version 1803 17134.81 (X64) (2019-06-28 22:26:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1459309241-3523518997-2302554534-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1459309241-3523518997-2302554534-503 - Limited - Disabled)
Guest (S-1-5-21-1459309241-3523518997-2302554534-501 - Limited - Disabled)
j_raj (S-1-5-21-1459309241-3523518997-2302554534-1001 - Administrator - Enabled) => C:\Users\j_raj
WDAGUtilityAccount (S-1-5-21-1459309241-3523518997-2302554534-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Enabled - Up to date) {E3FDBD9F-8140-1400-F32B-8B58923F7C4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Enabled) {DBC63CBA-CB2F-1558-D874-226D6CEC3B36}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Backup and Sync from Google (HKLM\...\{A8306899-468A-4C8D-B7A7-0787C3956186}) (Version: 3.45.5264.1408 - Google, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.59 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{44ded3eb-1686-46a6-9770-fd79096c29f7}) (Version: 10.1.1.45 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10207.5567 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1061 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.9.4.1041 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000030-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.30.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{ce28f51d-8881-481e-a776-0052065f05f0}) (Version: 20.50.2 - Intel Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.11727.20230 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Norton Security (HKLM-x32\...\NGC) (Version: 22.15.0.88 - Symantec Corporation)
NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.73 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.16299.31239 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8555 - Realtek Semiconductor Corp.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

Packages:
=========
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation) [MS Ad]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.1.1098.1000_x86__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation) [MS Ad]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.5.2.0_x64__8wekyb3d8bbwe [2019-06-29] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-11] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-11] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-11] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-11] (Google LLC -> Google)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.15.0.88\NavShExt.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.15.0.88\NavShExt.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-11] (Google LLC -> Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ecc5716c205e60ea\igfxDTCM.dll [2018-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-12-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.15.0.88\buShell.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.15.0.88\NavShExt.dll [2018-08-05] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%

==================== Loaded Modules (Whitelisted) ==============

2019-07-01 18:30 - 2019-07-01 18:30 - 000113664 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\_ctypes.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000173568 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\_elementtree.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 001800192 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\_hashlib.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000032256 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\_multiprocessing.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000046080 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\_psutil_windows.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000047616 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\_socket.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 002230784 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\_ssl.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000026112 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\_yappi.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000080896 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\bz2.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 006277632 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\cello.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000014848 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\common.time34.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000007680 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\hashobjs_ext.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000301568 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\PIL._imaging.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000169472 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\pyexpat.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 001084416 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\pysqlite2._sqlite.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000548864 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\pythoncom27.dll
2019-07-01 18:30 - 2019-07-01 18:30 - 000137728 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\pywintypes27.dll
2019-07-01 18:30 - 2019-07-01 18:30 - 000010752 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\select.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000020992 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\thumbnails_ext.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000689664 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\unicodedata.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000118784 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\usb_ext.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000128512 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\win32api.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000438784 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\win32com.shell.shell.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000011776 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\win32crypt.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000023040 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\win32event.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000149504 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\win32file.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000223232 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\win32gui.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000048128 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\win32inet.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000029696 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\win32pdh.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000027648 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\win32pipe.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000044032 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\win32process.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000020480 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\win32profile.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000136192 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\win32security.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000026624 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\win32ts.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000034304 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\windows.conditional.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000038400 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\windows.connectivity.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000073216 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\windows.device_monitor.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000110592 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\windows.volumes.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000020480 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\windows.winwrap.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 001325056 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\wx._controls_.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 001489408 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\wx._core_.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 001007104 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\wx._gdi_.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000103424 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\wx._html2.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 000916992 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\wx._misc_.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 001039872 _____ () [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\wx._windows_.pyd
2019-07-01 18:30 - 2019-07-01 18:30 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\python27.dll
2019-07-01 18:30 - 2019-07-01 18:30 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\wxbase30u_net_vc90_x64.dll
2019-07-01 18:30 - 2019-07-01 18:30 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\wxbase30u_vc90_x64.dll
2019-07-01 18:30 - 2019-07-01 18:30 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\wxmsw30u_adv_vc90_x64.dll
2019-07-01 18:30 - 2019-07-01 18:30 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\wxmsw30u_core_vc90_x64.dll
2019-07-01 18:30 - 2019-07-01 18:30 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\wxmsw30u_html_vc90_x64.dll
2019-07-01 18:30 - 2019-07-01 18:30 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\j_raj\AppData\Local\Temp\_MEI162722\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2019-06-29 23:37 - 000000054 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Acer01.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Block)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DFA93940-8EB8-4A57-8A3B-D2EE46327B12}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1C5ACB09-66F7-4B0B-9467-BBAF0ECCAEA3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{202EBFAD-5114-4CEB-869A-B6EA6C6001BD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{07FA4CAB-2A9E-4568-BD65-EB58BE40F80E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{42A3FC01-12AB-4170-B594-DC42B021C41D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FC3223C8-2F67-4EB7-BA7D-10AC05AA373F}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{60F0B725-8128-49E7-92B0-051817F98238}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F4C98EA4-F3AF-405E-AFC1-889DDCC7863E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11727.20230.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B8F0688C-3525-453B-99E7-B56FC84E5B5A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F3E69E79-C453-4B67-B766-C0FA6BB67683}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{07718990-B78D-4E78-BC24-5B920D6617B4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6999FEDA-7D55-41A4-ADDE-3047E6B88215}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D35E526D-E9B4-4E97-846F-D3E67F2CB4AF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/01/2019 07:21:51 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: LAPTOP-O4MKONJ4)
Description: httphttp-2147467263

Error: (07/01/2019 07:18:47 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: LAPTOP-O4MKONJ4)
Description: httphttp-2147467263

Error: (06/30/2019 04:45:36 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: LAPTOP-O4MKONJ4)
Description: httphttp-2147467263

Error: (06/30/2019 09:46:53 AM) (Source: MsiInstaller) (EventID: 11500) (User: LAPTOP-O4MKONJ4)
Description: Product: Care Center -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.

Error: (06/30/2019 09:46:43 AM) (Source: MsiInstaller) (EventID: 11500) (User: LAPTOP-O4MKONJ4)
Description: Product: Care Center -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.

Error: (06/30/2019 09:46:42 AM) (Source: MsiInstaller) (EventID: 11500) (User: LAPTOP-O4MKONJ4)
Description: Product: Care Center -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.

Error: (06/29/2019 11:40:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ACCStd.exe, version: 3.1.8002.0, time stamp: 0x5aff9afe
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00007ffd9e947598
Faulting process id: 0x263c
Faulting application start time: 0x01d52eb39b5de97a
Faulting application path: C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
Faulting module path: unknown
Report Id: 01af517b-5967-4747-900d-d1a82e19f84b
Faulting package full name: 
Faulting package-relative application ID:

Error: (06/29/2019 11:40:29 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: ACCStd.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
   at Acer.CareCenter.ACCStd.MainWindow.Window_Closing(System.Object, System.ComponentModel.CancelEventArgs)
   at System.Windows.Window.OnClosing(System.ComponentModel.CancelEventArgs)
   at System.Windows.Window.InternalClose(Boolean, Boolean)
   at System.Windows.Application.DoShutdown()
   at System.Windows.Application.ShutdownImpl()
   at System.Windows.Application.ShutdownCallback(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunDispatcher(System.Object)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at ACCStd.App.Main()


System errors:
=============
Error: (07/01/2019 08:45:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Computer Browser service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.

Error: (07/01/2019 08:45:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Auto Time Zone Updater service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.

Error: (07/01/2019 08:45:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Computer Browser service to connect.

Error: (07/01/2019 08:45:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Auto Time Zone Updater service to connect.

Error: (07/01/2019 07:35:39 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-O4MKONJ4)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user LAPTOP-O4MKONJ4\j_raj SID (S-1-5-21-1459309241-3523518997-2302554534-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (S-1-15-2-22437607-2858213274-1821620892-3814493774-3337350692-3136916095-4195425740). This security permission can be modified using the Component Services administrative tool.

Error: (07/01/2019 07:31:46 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-O4MKONJ4)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user LAPTOP-O4MKONJ4\j_raj SID (S-1-5-21-1459309241-3523518997-2302554534-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (S-1-15-2-2869185864-805672686-958563347-1125664951-3623643158-81981776-3601075226). This security permission can be modified using the Component Services administrative tool.

Error: (07/01/2019 06:30:46 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-O4MKONJ4)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user LAPTOP-O4MKONJ4\j_raj SID (S-1-5-21-1459309241-3523518997-2302554534-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/01/2019 06:30:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


Windows Defender:
===================================
Date: 2019-06-30 10:10:17.453
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80508023
Error description: The program could not find the malware and other potentially unwanted software on this device. 
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

==================== Memory info =========================== 

BIOS: Insyde Corp. V1.07 05/25/2018
Motherboard: KBL Strongbow_KL
Processor: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz
Percentage of memory in use: 40%
Total physical RAM: 8076.47 MB
Available physical RAM: 4819.18 MB
Total Virtual: 9996.47 MB
Available Virtual: 5843.63 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:475.82 GB) (Free:422.28 GB) NTFS

\\?\Volume{6d13d745-41ce-400b-8e87-a56a6428b06f}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.62 GB) NTFS
\\?\Volume{d93cd461-1702-44de-8de8-506f86aa1d6f}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: C21053F6)

Partition: GPT.

==================== End of Addition.txt ============================

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x64) Version: 30-06-2019
Ran by j_raj (02-07-2019 06:25:49) Run:1
Running from C:\Users\j_raj\Desktop
Loaded Profiles: j_raj (Available Profiles: j_raj)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-1459309241-3523518997-2302554534-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-1459309241-3523518997-2302554534-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\LastGood.Tmp
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-1459309241-3523518997-2302554534-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Windows\LastGood.Tmp => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found

=========== EmptyTemp: ==========

BITS transfer queue => 6578176 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 29633631 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 10483483 B
Edge => 3597 B
Chrome => 372650890 B
Firefox => 8248894 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1814 B
LocalService => 0 B
NetworkService => 134944456 B
NetworkService => 0 B
j_raj => 205057137 B

RecycleBin => 50458 B
EmptyTemp: => 732.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 06:26:08 ====