Z-Analyse V1.0.0.6 Updated 03-May-2018 Tool run by filip on Sun 10/10/2021 at 23:05:08.91. Microsoft Windows 10 Home 10.0.19043 x86 Running in: Normal Mode No Internet Access Detected Launched: C:\Users\filip\Desktop\Z-Analyse.exe [Deep Scan] ==== System Restore Info ====================== 10/10/2021 11:05:58 PM Zoek.exe System Restore Point Created Successfully. ==== Running Processes ====================== C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\ASUS\ASUS Hook\ASUSHookService.exe C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe C:\Program Files (x86)\LightingService\LightingService.exe C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe C:\Program Files (x86)\ASUS\ROG GamePlus\ROGOSDService.exe C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe C:\Program Files (x86)\ASUS\ROG GamePlus\ROG.HookLib.exe C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSOptimization\AsusOSD.exe C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_tray.exe C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Drivers(whitelist) ====================== Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url] ==== System Specs ====================== Operating System: Microsoft Windows 10 Home 10.0.19043 64-bit Manufacturer: ASUSTeK COMPUTER INC. - Model: ASUS TUF Gaming A15 FA506IV_FX506IV Install Date: 16/08/2020 9:02:54 AM Last Boot: 2/10/2021 8:54:37 PM Processor: AMD Ryzen 9 4900H with Radeon Graphics Number of Processors: 16 Work Station Bootmode: Normal boot Total RAM: 15789 MB (free 7878 MB - 49) Computername: LAPTOP-NA14KL7P Domain: WORKGROUP User: filip (Administrator account) Local Disk: C:\ - NTFS - 262 GB (free 120 GB) Local Disk: D:\ - NTFS - 195 GB (free 104 GB) Bootdevice: \Device\HarddiskVolume1 Windows update: Country: Australia Language: ENA ==== System Specs (Software) ====================== Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Virus: McAfee VirusScan On-access scanning disabled (Outdated) Anti-Virus: COMODO Antivirus On-access scanning disabled (Outdated) Anti-Virus: Kaspersky Total Security On-access scanning disabled (Outdated) Firewall: Kaspersky Total Security disabled Firewall: McAfee Firewall disabled Internet Explorer Version: 11.789.19041.0 Google Chrome version: 94.0.4606.71 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2021-09-18 09:44:04 6BE0C03FDF70476959B6BF38A5924A34 4850432 ----a-w- C:\WINDOWS\explorer.exe 2021-09-18 09:44:03 E313EE48E2FB2098C3F87525B37322BD 136192 ----a-w- C:\WINDOWS\splwow64.exe 2021-09-18 09:44:03 820B97429E4153A743708B376807EE69 81408 ----a-w- C:\WINDOWS\bfsvc.exe ====== C:\Users\filip\AppData\Local\Temp ==== 2021-10-10 12:05:05 75375C22C72F1BEB76BEA39C22A1ED68 167936 ----a-w- C:\Users\filip\AppData\Local\Temp\unzip.exe 2021-10-10 12:05:05 3304FDFB4F7424B385C308B812FB019C 71680 ----a-w- C:\Users\filip\AppData\Local\Temp\ZAScan.exe 2021-10-10 12:05:05 1A3F82F420340222F13C5633AEB716D6 533851 ----a-w- C:\Users\filip\AppData\Local\Temp\sr.exe 2021-10-05 10:06:13 F7BD21C4170B1397EB098FA18EF45D4B 234320 ----a-w- C:\Users\filip\AppData\Local\Temp\6195F7FC-513C-4443-984B-8D56C416C701\UnattendProvider.dll 2021-10-05 10:06:13 DB4C3A07A1D3A45AF53A4CF44ED550AD 153424 ----a-w- C:\Users\filip\AppData\Local\Temp\6195F7FC-513C-4443-984B-8D56C416C701\OSProvider.dll 2021-10-05 10:06:13 C6488A9B3569230669C72F3239CBC108 573752 ----a-w- C:\Users\filip\AppData\Local\Temp\6195F7FC-513C-4443-984B-8D56C416C701\VhdProvider.dll 2021-10-05 10:06:13 AD7BBB62335F6DC36214D8C9FE1AACA0 252752 ----a-w- C:\Users\filip\AppData\Local\Temp\6195F7FC-513C-4443-984B-8D56C416C701\SmiProvider.dll 2021-10-05 10:06:13 9CD7292CCA75D278387D2BDFB940003C 186704 ----a-w- C:\Users\filip\AppData\Local\Temp\6195F7FC-513C-4443-984B-8D56C416C701\OfflineSetupProvider.dll 2021-10-05 10:06:13 9A760DDC9FDCA758501FAF7E6D9EC368 212792 ----a-w- C:\Users\filip\AppData\Local\Temp\6195F7FC-513C-4443-984B-8D56C416C701\MsiProvider.dll 2021-10-05 10:06:13 8BD67D87DBDCF881FB9C1F4F6BF83F46 797512 ----a-w- C:\Users\filip\AppData\Local\Temp\6195F7FC-513C-4443-984B-8D56C416C701\SysprepProvider.dll 2021-10-05 10:06:13 84AE9659E8D28C2BD19D45DBE32B6736 1337680 ----a-w- C:\Users\filip\AppData\Local\Temp\6195F7FC-513C-4443-984B-8D56C416C701\TransmogProvider.dll 2021-10-05 10:06:13 815A4E7A7342224A239232F2C788D7C0 79184 ----a-w- C:\Users\filip\AppData\Local\Temp\6195F7FC-513C-4443-984B-8D56C416C701\LogProvider.dll 2021-10-05 10:06:13 70C34975E700A9D7E120AAECF9D8F14B 771920 ----a-w- C:\Users\filip\AppData\Local\Temp\6195F7FC-513C-4443-984B-8D56C416C701\ProvProvider.dll 2021-10-05 10:06:13 229DF404D67E69E57F9E284A66F2ADEB 603472 ----a-w- C:\Users\filip\AppData\Local\Temp\6195F7FC-513C-4443-984B-8D56C416C701\WimProvider.dll 2021-10-05 10:06:13 1AE66F4524911B2728201FFF6776903C 163656 ----a-w- C:\Users\filip\AppData\Local\Temp\6195F7FC-513C-4443-984B-8D56C416C701\SetupPlatformProvider.dll 2021-10-05 10:06:12 EF7E2760C0A24453FC78359AEA3D7869 153416 ----a-w- C:\Users\filip\AppData\Local\Temp\6195F7FC-513C-4443-984B-8D56C416C701\GenericProvider.dll 2021-10-05 10:06:12 EA8488990B95CE4EF6B4E210E0D963B2 425800 ----a-w- C:\Users\filip\AppData\Local\Temp\6195F7FC-513C-4443-984B-8D56C416C701\DmiProvider.dll 2021-10-05 10:06:12 E5D5E9C1F65B8EC7AA5B7F1B1ACDD731 146256 ----a-w- C:\Users\filip\AppData\Local\Temp\6195F7FC-513C-4443-984B-8D56C416C701\DismHost.exe 2021-10-05 10:06:12 DF785C5E4AACAEE3BD16642D91492815 633856 ----a-w- C:\Users\filip\AppData\Local\Temp\6195F7FC-513C-4443-984B-8D56C416C701\FfuProvider.dll 2021-10-05 10:06:12 B1F793773DC727B4AF1648D6D61F5602 411984 ----a-w- C:\Users\filip\AppData\Local\Temp\6195F7FC-513C-4443-984B-8D56C416C701\DismCore.dll 2021-10-05 10:06:12 A7927846F2BD5E6AB6159FBE762990B1 567624 ----a-w- C:\Users\filip\AppData\Local\Temp\6195F7FC-513C-4443-984B-8D56C416C701\AppxProvider.dll 2021-10-05 10:06:12 A033F16836D6F8ACBE3B27B614B51453 187920 ----a-w- C:\Users\filip\AppData\Local\Temp\6195F7FC-513C-4443-984B-8D56C416C701\DismCorePS.dll 2021-10-05 10:06:12 94DC379AA020D365EA5A32C4FAB7F6A3 115528 ----a-w- C:\Users\filip\AppData\Local\Temp\6195F7FC-513C-4443-984B-8D56C416C701\AssocProvider.dll 2021-10-05 10:06:12 6AD0376A375E747E66F29FB7877DA7D0 896848 ----a-w- C:\Users\filip\AppData\Local\Temp\6195F7FC-513C-4443-984B-8D56C416C701\CbsProvider.dll 2021-10-05 10:06:12 510E132215CEF8D09BE40402F355879B 303952 ----a-w- C:\Users\filip\AppData\Local\Temp\6195F7FC-513C-4443-984B-8D56C416C701\IntlProvider.dll 2021-10-05 10:06:12 4F3250ECB7A170A5EB18295AA768702D 61264 ----a-w- C:\Users\filip\AppData\Local\Temp\6195F7FC-513C-4443-984B-8D56C416C701\FolderProvider.dll 2021-10-05 10:06:12 490BE3119EA17FA29329E77B7E416E80 261456 ----a-w- C:\Users\filip\AppData\Local\Temp\6195F7FC-513C-4443-984B-8D56C416C701\DismProv.dll 2021-10-05 10:06:12 35E989A1DF828378BAA340F4E0B2DFCB 224080 ----a-w- C:\Users\filip\AppData\Local\Temp\6195F7FC-513C-4443-984B-8D56C416C701\ImagingProvider.dll 2021-10-05 10:06:12 120F0A2022F423FC9AADB630250F52C4 60744 ----a-w- C:\Users\filip\AppData\Local\Temp\6195F7FC-513C-4443-984B-8D56C416C701\IBSProvider.dll 2021-10-05 08:33:54 D6CEE311A93CF2C070D74E1B357A2ED7 9728 ----a-w- C:\Users\filip\AppData\Local\Temp\SDIAG_16b717b2-8521-46af-af0d-9efa492632b7\NetworkDiagnosticSnapIn.dll ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2021-10-01 10:45:56 48BA9C6110A5EBA910E7FB2E7D23CFC1 110176 ----a-w- C:\WINDOWS\Sysnative\klfphc.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2021-10-02 08:38:43 4B7375F07C9B7E520AB042CE9EC0F9ED 159864 ----a-w- C:\WINDOWS\Sysnative\drivers\ssudbus2.sys 2021-10-02 08:38:42 DB1FA4DDD8641E5631969744695DA856 167280 ----a-w- C:\WINDOWS\Sysnative\drivers\ssudmdm.sys 2021-10-01 10:56:08 3B39DDC8923390F580DFA6A90FD4E7BB 315032 ----a-w- C:\WINDOWS\Sysnative\drivers\klupd_klif_klark.sys 2021-10-01 10:46:08 ED9136568D6463C1C570CF0E3AA95879 113952 ----a-w- C:\WINDOWS\Sysnative\drivers\klupd_klif_klbg.sys 2021-10-01 10:46:07 7C26E231D8467114CDDF023653AFB7CB 265176 ----a-w- C:\WINDOWS\Sysnative\drivers\klupd_klif_arkmon.sys 2021-10-01 10:46:07 63D22BD8CE65CE9D83E1803201C3F026 225648 ----a-w- C:\WINDOWS\Sysnative\drivers\klupd_klif_mark.sys 2021-10-01 10:45:47 9510130F04E3147BC284D5F5E2898B5D 514840 ----a-w- C:\WINDOWS\Sysnative\drivers\klflt.sys 2021-10-01 10:45:47 0E0B98C867F6D5F273F65F2F7FA194E3 1042712 ----a-w- C:\WINDOWS\Sysnative\drivers\klif.sys 2021-09-18 09:45:07 3FF3CB8A40AD39E7CD9E7224C448CEB1 93128 ----a-w- C:\WINDOWS\Sysnative\drivers\dumpfve.sys 2021-09-18 09:44:41 9E21E784F824365AAA77582917BCFBF1 95056 ----a-w- C:\WINDOWS\Sysnative\drivers\hvservice.sys 2021-09-18 09:44:40 2A8B28579A4964AA7EA8CEB1AC121243 117584 ----a-w- C:\WINDOWS\Sysnative\drivers\tdx.sys 2021-09-18 09:44:20 E3B4E7C2BF8327952C33E43C018C8157 265016 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb20.sys 2021-09-18 09:44:20 D69ACB8D64F8AF665A623D91342FFC16 142136 ----a-w- C:\WINDOWS\Sysnative\drivers\tm.sys 2021-09-18 09:44:20 C82F6B54C60A02D861E584EF38B48D1D 577872 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys 2021-09-18 09:44:20 C068EE092DC1016095AA9FA42AD4DC11 407368 ----a-w- C:\WINDOWS\Sysnative\drivers\clfs.sys 2021-09-18 09:44:20 774A4AA0581A6189D15BEFD871FF6561 456008 ----a-w- C:\WINDOWS\Sysnative\drivers\rdbss.sys 2021-09-18 09:44:20 089C111730B5B8E89889755CE5868D2D 787968 ----a-w- C:\WINDOWS\Sysnative\drivers\srv2.sys 2021-09-18 09:44:19 EDDD649EEB49C71280FC3D26962B2B28 2851656 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys 2021-09-18 09:44:19 9D6EB4482D7D0522C707CBA1972F1D9D 2991944 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys 2021-09-18 09:44:19 56508C1A5793E24A700EC69C52A69348 655176 ----a-w- C:\WINDOWS\Sysnative\drivers\afd.sys 2021-09-18 09:44:19 51736840042C0399F9CDAFB437EC2A88 502600 ----a-w- C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS 2021-09-18 09:44:19 4DAC4DB000D687ACE61867FAC3F75D35 208384 ----a-w- C:\WINDOWS\Sysnative\drivers\NetAdapterCx.sys 2021-09-18 09:44:19 2F6801C0221C238542BF421ED052CDC3 423760 ----a-w- C:\WINDOWS\Sysnative\drivers\Classpnp.sys 2021-09-18 09:44:18 7248B9EC3611EEDCE60E589CEBF54301 746912 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2021-09-18 09:44:18 0B9F69EC21F804F2A57FA4526728920F 180024 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecpkg.sys 2021-09-18 09:44:17 416B0938189ED0D4A8B5BBBE3F045269 39760 ----a-w- C:\WINDOWS\Sysnative\drivers\wimmount.sys 2021-09-18 09:44:16 A65AEA3C4C86DE79DDBF9CDCB9FA0276 18432 ----a-w- C:\WINDOWS\Sysnative\drivers\applockerfltr.sys 2021-09-18 09:44:16 5646BAFD03F9780676ECD0AD69D4B090 2004808 ----a-w- C:\WINDOWS\Sysnative\drivers\refs.sys 2021-09-18 09:44:16 4931A58BA0CF34686D89D97C2B114D05 214840 ----a-w- C:\WINDOWS\Sysnative\drivers\appid.sys 2021-09-18 09:44:11 750C2A0C888CEAD380A807C66D2858FF 98816 ----a-w- C:\WINDOWS\Sysnative\drivers\cimfs.sys 2021-09-18 09:44:08 C9628EA80CDD45D661554FC238037220 902984 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms2.sys 2021-09-18 09:44:08 9AD94F7955EE9F63B251B1B6744EF3C2 1092424 ----a-w- C:\WINDOWS\Sysnative\drivers\ClipSp.sys 2021-09-18 09:44:08 8DC5C4FC42CE1C8931EA1394F617DBDC 454992 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys 2021-09-18 09:44:08 77B81FD13616A2C5C3874D2DF4E1F169 3814216 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2021-09-18 09:44:04 C111EE25F5130811A398B1F1496AD1C1 77824 ----a-w- C:\WINDOWS\Sysnative\drivers\vwififlt.sys 2021-09-18 09:44:04 935D1CBC538CEB5E5ACC13E91E4E1D84 758272 ----a-w- C:\WINDOWS\Sysnative\drivers\nwifi.sys 2021-09-18 09:44:04 52790EC135BADFBCC4D39DEA9CDF1570 967168 ----a-w- C:\WINDOWS\Sysnative\drivers\WdiWiFi.sys 2021-09-18 09:44:03 3C8DE16659AFB2BBEB166EFF23FC309C 715088 ----a-w- C:\WINDOWS\Sysnative\drivers\storport.sys 2021-09-18 09:44:03 1A81CD3BBFD58DD960C9F28AE351AD1C 823296 ----a-w- C:\WINDOWS\Sysnative\drivers\PEAuth.sys 2021-09-18 09:44:02 E62AFA2B16CC60C9116A4BAC253F10D7 209920 ----a-w- C:\WINDOWS\Sysnative\drivers\USBAUDIO.sys 2021-09-18 09:44:02 E1377C1DFC1517175746FDBD5CC92084 156488 ----a-w- C:\WINDOWS\Sysnative\drivers\stornvme.sys 2021-09-18 09:44:02 C21F9951C7B603A27FB2C76917024337 81408 ----a-w- C:\WINDOWS\Sysnative\drivers\usbser.sys 2021-09-18 09:44:02 A3049ECE4640E5AFFE995D5110FC4D44 319800 ----a-w- C:\WINDOWS\Sysnative\drivers\usbvideo.sys 2021-09-18 09:44:02 9857AFD79519EFBDD17BD57BE72F5CED 475976 ----a-w- C:\WINDOWS\Sysnative\drivers\pci.sys 2021-09-18 09:44:02 96914D0A808F138D19696C9C47BA1769 110592 ----a-w- C:\WINDOWS\Sysnative\drivers\BTHUSB.SYS 2021-09-18 09:44:02 7CD67E281BAAA6FB6509B1383BE5C8A9 22864 ----a-w- C:\WINDOWS\Sysnative\drivers\isapnp.sys 2021-09-18 09:44:02 2FCA9E51CFD11C0734D76013B6493C22 648016 ----a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS 2021-09-18 09:44:02 22A5C6E660E9FCEE656FDA39A78A6C45 1563136 ----a-w- C:\WINDOWS\Sysnative\drivers\bthport.sys 2021-09-18 09:44:02 21E956BBFE1CCD78C0CC16A9818402D0 45568 ----a-w- C:\WINDOWS\Sysnative\drivers\BthMini.SYS 2021-09-18 09:44:02 1AF4833EA66C7A508630B60E60739EA2 113664 ----a-w- C:\WINDOWS\Sysnative\drivers\bthenum.sys 2021-09-18 09:44:02 0DCA7449E3BB928B18FF42DBF4F49826 279040 ----a-w- C:\WINDOWS\Sysnative\drivers\BthA2dp.sys 2021-09-18 09:44:02 0C95F1C9D1ABF88CB82E5831E8CCE9AF 20280 ----a-w- C:\WINDOWS\Sysnative\drivers\msisadrv.sys ====== C:\WINDOWS\Tasks ====== 2021-10-01 10:53:12 7480FE292283924C24D886CA0F490917 3192 ----a-w- C:\WINDOWS\Sysnative\Tasks\kpm_tray.exe 2021-10-01 10:46:09 A7EA2DECBC686478698CE2D82BA1DFAB 3240 ----a-w- C:\WINDOWS\Sysnative\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} 2021-10-01 10:33:49 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\WINDOWS\Sysnative\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82} ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2021-10-01 10:46:08 -------- d-----w- C:\Program Files\Common Files\AV ======= C:\PROGRA~2 ===== 2021-10-01 10:45:49 -------- d-----w- C:\PROGRA~2\Kaspersky Lab 2021-10-01 10:45:49 -------- d-----w- C:\PROGRA~2\COMMON~1\Kaspersky Lab ======= C: ===== ====== C:\Users\filip\AppData\Roaming ====== 2021-10-02 11:25:41 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2928-23e4-1c7177.tmp 2021-10-02 11:25:41 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2928-23e4-1c7165.tmp 2021-10-02 11:25:41 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2928-23e4-1c7163.tmp 2021-10-02 11:25:41 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2928-23e4-1c7161.tmp 2021-10-02 11:25:41 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2928-23e4-1c715f.tmp 2021-10-02 11:25:41 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2928-23e4-1c715d.tmp 2021-10-02 11:25:41 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2928-23e4-1c714c.tmp 2021-10-02 11:25:41 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2928-23e4-1c714a.tmp 2021-10-02 11:25:41 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2928-23e4-1c7148.tmp 2021-10-02 11:25:41 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2928-23e4-1c7146.tmp 2021-10-02 11:25:41 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2928-23e4-1c7144.tmp 2021-10-02 11:25:41 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2928-23e4-1c7132.tmp 2021-10-02 11:25:41 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2928-23e4-1c7130.tmp 2021-10-02 11:25:41 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2928-23e4-1c711f.tmp 2021-10-02 11:25:41 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2928-23e4-1c711d.tmp 2021-10-02 11:25:41 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2928-23e4-1c711b.tmp 2021-10-02 11:25:41 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2928-23e4-1c7109.tmp 2021-10-02 11:25:41 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2928-23e4-1c7107.tmp 2021-10-02 11:25:41 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2928-23e4-1c7105.tmp 2021-10-02 11:25:41 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2928-23e4-1c7103.tmp 2021-10-01 12:06:04 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f9c-f34-2b8852.tmp 2021-10-01 12:06:04 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f9c-f34-2b8850.tmp 2021-10-01 12:06:04 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f9c-f34-2b883e.tmp 2021-10-01 12:06:04 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f9c-f34-2b883c.tmp 2021-10-01 12:06:04 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f9c-f34-2b883a.tmp 2021-10-01 12:06:04 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f9c-f34-2b8838.tmp 2021-10-01 12:06:04 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f9c-f34-2b8826.tmp 2021-10-01 12:06:04 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f9c-f34-2b8824.tmp 2021-10-01 12:06:04 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f9c-f34-2b8822.tmp 2021-10-01 12:06:04 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f9c-f34-2b8820.tmp 2021-10-01 12:06:04 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f9c-f34-2b881e.tmp 2021-10-01 12:06:04 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f9c-f34-2b880d.tmp 2021-10-01 12:06:04 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f9c-f34-2b880b.tmp 2021-10-01 12:06:04 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f9c-f34-2b8809.tmp 2021-10-01 12:06:04 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f9c-f34-2b8807.tmp 2021-10-01 12:06:04 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f9c-f34-2b8805.tmp 2021-10-01 12:06:04 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f9c-f34-2b87f3.tmp 2021-10-01 12:06:04 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f9c-f34-2b87f1.tmp 2021-10-01 12:06:04 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f9c-f34-2b8782.tmp 2021-10-01 12:06:04 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f9c-f34-2b8780.tmp 2021-10-01 11:02:53 -------- d-----w- C:\Users\filip\AppData\Local\Kaspersky Lab 2021-10-01 10:53:07 -------- d-----w- C:\Users\Default\AppData\Local\Kaspersky Lab 2021-10-01 10:53:07 -------- d-----w- C:\Users\Default User\AppData\Local\Kaspersky Lab 2021-09-26 10:23:15 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-4124-1a72e62.tmp 2021-09-26 10:23:15 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-4124-1a72e50.tmp 2021-09-26 10:23:15 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-4124-1a72e4e.tmp 2021-09-26 10:23:15 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-4124-1a72e2d.tmp 2021-09-26 10:23:15 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-4124-1a72e1b.tmp 2021-09-26 10:23:15 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-4124-1a72e0a.tmp 2021-09-26 10:23:15 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-4124-1a72e08.tmp 2021-09-26 10:23:15 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-4124-1a72df6.tmp 2021-09-26 10:23:15 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-4124-1a72de5.tmp 2021-09-26 10:23:15 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-4124-1a72dd3.tmp 2021-09-26 10:23:15 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-4124-1a72dd1.tmp 2021-09-26 10:23:15 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-4124-1a72dbf.tmp 2021-09-26 10:23:15 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-4124-1a72dae.tmp 2021-09-26 10:23:15 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-4124-1a72d9c.tmp 2021-09-26 10:23:15 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-4124-1a72d9a.tmp 2021-09-26 10:23:15 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-4124-1a72d88.tmp 2021-09-26 10:23:15 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-4124-1a72d77.tmp 2021-09-26 10:23:15 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-4124-1a72d65.tmp 2021-09-26 10:23:15 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-4124-1a72d54.tmp 2021-09-26 10:23:15 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ce0-4124-1a72d42.tmp 2021-09-22 11:12:43 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c70-116c-4ea6301.tmp 2021-09-22 11:12:43 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c70-116c-4ea62f0.tmp 2021-09-22 11:12:43 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c70-116c-4ea62de.tmp 2021-09-22 11:12:43 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c70-116c-4ea62bd.tmp 2021-09-22 11:12:43 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c70-116c-4ea62bb.tmp 2021-09-22 11:12:43 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c70-116c-4ea62a9.tmp 2021-09-22 11:12:43 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c70-116c-4ea6297.tmp 2021-09-22 11:12:43 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c70-116c-4ea6286.tmp 2021-09-22 11:12:43 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c70-116c-4ea6284.tmp 2021-09-22 11:12:43 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c70-116c-4ea6272.tmp 2021-09-22 11:12:43 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c70-116c-4ea6261.tmp 2021-09-22 11:12:43 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c70-116c-4ea624f.tmp 2021-09-22 11:12:43 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c70-116c-4ea624d.tmp 2021-09-22 11:12:43 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c70-116c-4ea623b.tmp 2021-09-22 11:12:43 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c70-116c-4ea622a.tmp 2021-09-22 11:12:43 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c70-116c-4ea61da.tmp 2021-09-22 11:12:43 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c70-116c-4ea61b8.tmp 2021-09-22 11:12:43 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c70-116c-4ea61a7.tmp 2021-09-22 11:12:43 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c70-116c-4ea6185.tmp 2021-09-22 11:12:43 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4c70-116c-4ea6174.tmp 2021-09-19 09:59:12 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b38-5234-472c3f5.tmp 2021-09-19 09:59:12 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b38-5234-472c3e4.tmp 2021-09-19 09:59:12 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b38-5234-472c3c2.tmp 2021-09-19 09:59:12 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b38-5234-472c3a1.tmp 2021-09-19 09:59:12 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b38-5234-472c38f.tmp 2021-09-19 09:59:12 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b38-5234-472c36e.tmp 2021-09-19 09:59:12 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b38-5234-472c34d.tmp 2021-09-19 09:59:12 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b38-5234-472c33b.tmp 2021-09-19 09:59:12 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b38-5234-472c31a.tmp 2021-09-19 09:59:12 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b38-5234-472c308.tmp 2021-09-19 09:59:12 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b38-5234-472c2f7.tmp 2021-09-19 09:59:12 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b38-5234-472c2e5.tmp 2021-09-19 09:59:12 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b38-5234-472c2c4.tmp 2021-09-19 09:59:12 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b38-5234-472c2b2.tmp 2021-09-19 09:59:12 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b38-5234-472c2a1.tmp 2021-09-19 09:59:12 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b38-5234-472c27f.tmp 2021-09-19 09:59:12 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b38-5234-472c26e.tmp 2021-09-19 09:59:11 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b38-5234-472c24d.tmp 2021-09-19 09:59:11 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b38-5234-472c23b.tmp 2021-09-19 09:59:11 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b38-5234-472c21a.tmp 2021-09-16 10:27:40 -------- d-----w- C:\Users\filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom ====== C:\Users\filip ====== 2021-10-10 12:04:50 C53B9428817F43D9DCBB85EFD5B5AA9D 2041445 ----a-w- C:\Users\filip\Desktop\Z-Analyse.exe 2021-10-10 12:04:50 294DBD73A55AF616B18771026B499B53 2038755 ----a-w- C:\Users\filip\Desktop\ZA-Scan.exe 2021-10-01 11:38:24 -------- d-----w- C:\ProgramData\Kaspersky Lab Setup Files 2021-10-01 10:53:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager 2021-10-01 10:45:49 -------- d-----w- C:\ProgramData\Kaspersky Lab ====== C: exe-files == 2021-10-10 12:05:05 75375C22C72F1BEB76BEA39C22A1ED68 167936 ----a-w- C:\Users\filip\AppData\Local\Temp\unzip.exe 2021-10-10 12:05:05 3304FDFB4F7424B385C308B812FB019C 71680 ----a-w- C:\Users\filip\AppData\Local\Temp\ZAScan.exe 2021-10-10 12:05:05 1A3F82F420340222F13C5633AEB716D6 533851 ----a-w- C:\Users\filip\AppData\Local\Temp\sr.exe 2021-10-10 12:04:50 C53B9428817F43D9DCBB85EFD5B5AA9D 2041445 ----a-w- C:\Users\filip\Desktop\Z-Analyse.exe 2021-10-10 12:04:50 294DBD73A55AF616B18771026B499B53 2038755 ----a-w- C:\Users\filip\Desktop\ZA-Scan.exe 2021-10-10 10:36:04 F40373187E4494F2764CA145A7F9387D 247184 ----a-w- C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.47\MicrosoftEdgeUpdateCore.exe 2021-10-10 10:36:04 F29AB94BAC11CC4650BEFDB29BFF7372 164240 ----a-w- C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.47\MicrosoftEdgeComRegisterShellARM64.exe 2021-10-10 10:36:04 EEF652991949DB1FC0D738F520E67551 101264 ----a-w- C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.47\MicrosoftEdgeUpdateBroker.exe 2021-10-10 10:36:04 51E7979AE4FA5381E5020B423CDA7947 1777056 ----a-w- C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.47\MicrosoftEdgeUpdateSetup.exe 2021-10-10 10:36:04 3DACF7CC11DE65C60616DC29C41397BE 208784 ----a-w- C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.47\MicrosoftEdgeUpdateComRegisterShell64.exe 2021-10-10 10:36:04 26EFCA27BD20C6E20B545AEE72277947 101264 ----a-w- C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.47\MicrosoftEdgeUpdateOnDemand.exe 2021-10-10 10:36:04 0F11E6717C1FE6DD20AE2D12F63AF3F7 214928 ----a-w- C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.47\MicrosoftEdgeUpdate.exe 2021-10-10 10:36:03 51E7979AE4FA5381E5020B423CDA7947 1777056 ----a-w- C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.153.47\MicrosoftEdgeUpdateSetup_X86_1.3.153.47.exe 2021-10-10 10:34:28 F81C6127246BC03EBF27602D4DD9E5D0 4103280 ----a-w- C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.14430.20270\officesvcmgr.exe 2021-10-10 10:34:28 3CF4213C2DE5B3C50218DCCF68E23AF6 9250696 ----a-w- C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.14430.20270\OfficeClickToRun.exe 2021-10-10 10:34:27 B8C2662506EDBCE24EA549C8B7B006CF 266720 ----a-w- C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.14430.20270\AppVShNotify.exe 2021-10-10 10:34:27 B689C9D029217426FD5B9B51AC3EF2F8 3222984 ----a-w- C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.14430.20270\IntegratedOffice.exe 2021-10-10 10:34:27 A2B4A7CE1E127D97273D21C9BA0D6D69 46912 ----a-w- C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.14430.20270\InspectorOfficeGadget.exe 2021-10-10 10:34:27 91F58CC9DB0169D917E8F5BE3EE6BC8A 193992 ----a-w- C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.14430.20270\MavInject32.exe 2021-10-10 10:34:27 89822E5CE987313EC93968AC28099A8D 21976976 ----a-w- C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.14430.20270\OfficeC2RClient.exe 2021-10-10 10:34:27 22BE39F8EC061CBE83A703AA520B0304 1618368 ----a-w- C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.14430.20270\appvcleaner.exe 2021-10-08 08:50:55 A09A665E0F61D4B18364DB7271D8765D 47976296 ----a-w- C:\Users\filip\AppData\Local\Microsoft\OneDrive\21.180.0905.0007\OneDriveSetup.exe 2021-10-08 08:50:53 DDD11D2C2D770C2F2B66CC0D923B8C58 57208 ----a-w- C:\Users\filip\AppData\Local\Microsoft\OneDrive\21.180.0905.0007\OneDriveFileLauncher.exe 2021-10-08 08:50:53 D4FB95AAB2A3C83A265C224D16977F1D 725368 ----a-w- C:\Users\filip\AppData\Local\Microsoft\OneDrive\21.180.0905.0007\Microsoft.SharePoint.exe 2021-10-08 08:50:53 D359EDEBF94B0F3F8C415538CF7073AF 3249520 ----a-w- C:\Users\filip\AppData\Local\Microsoft\OneDrive\21.180.0905.0007\FileSyncHelper.exe 2021-10-08 08:50:53 C66B70BB1A2C836563F87C4F4F7BEAF9 753528 ----a-w- C:\Users\filip\AppData\Local\Microsoft\OneDrive\21.180.0905.0007\FileCoAuth.exe 2021-10-08 08:50:53 63583E7C5BC53D13C0901BA679C81449 3718016 ----a-w- C:\Users\filip\AppData\Local\Microsoft\OneDrive\21.180.0905.0007\OneDriveUpdaterService.exe 2021-10-08 08:50:53 50164E92F92162571A4C185091E55B9B 34168 ----a-w- C:\Users\filip\AppData\Local\Microsoft\OneDrive\21.180.0905.0007\Microsoft.SharePoint.NativeMessagingClient.exe 2021-10-08 08:50:53 07A714E0B1C538F1A45BC643CC0E07B4 633200 ----a-w- C:\Users\filip\AppData\Local\Microsoft\OneDrive\21.180.0905.0007\FileSyncConfig.exe 2021-10-08 08:50:44 00540C354B68739469B417FC29C9646A 309616 ----a-w- C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\Cache\vapm_686828760\vapmhst.exe 2021-10-07 10:07:28 5499385E5D952A9EBB99F30B7E7FC58F 439496 ----a-w- C:\Users\filip\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe 2021-10-07 10:07:28 3A56B417F928345BA7ECE5C4A259B086 517840 ----a-w- C:\Users\filip\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe 2021-10-05 10:06:12 E5D5E9C1F65B8EC7AA5B7F1B1ACDD731 146256 ----a-w- C:\Users\filip\AppData\Local\Temp\6195F7FC-513C-4443-984B-8D56C416C701\DismHost.exe 2021-10-05 08:17:01 FCD2EE4380B880572DFF3E6313808811 404496 ----atw- C:\Program Files (x86)\ASUS\Update\1.3.107.59\AsusCrashHandler64.exe 2021-10-05 08:17:01 E40213258ABF5A2A175408DAE86CC22F 240144 ----atw- C:\Program Files (x86)\ASUS\Update\1.3.107.59\AsusUpdateCore.exe 2021-10-05 08:17:01 DDA4F288C3CD1A0BE256F5746C5E1228 100880 ----atw- C:\Program Files (x86)\ASUS\Update\1.3.107.59\AsusUpdateBroker.exe 2021-10-05 08:17:01 C46CE8B97C9BDD0BF9AAECFE022974BB 100880 ----atw- C:\Program Files (x86)\ASUS\Update\1.3.107.59\AsusUpdateOnDemand.exe 2021-10-05 08:17:01 BE661E7E9D0EED88020D2089B6E759A2 30312 ----atw- C:\Program Files (x86)\ASUS\Update\1.3.107.59\Get-AppxVersion.exe 2021-10-05 08:17:01 98345590AAD1F22F8A5E76881A82BE21 185872 ----atw- C:\Program Files (x86)\ASUS\Update\1.3.107.59\AsusUpdateComRegisterShell64.exe 2021-10-05 08:17:01 853CB48E49E8BC9815EE006DA3FA71B8 1640976 ----a-w- C:\Program Files (x86)\ASUS\Update\1.3.107.59\AsusUpdateSetup.exe 2021-10-05 08:17:01 7668854556981F6621DAE5E23A865D38 314384 ----atw- C:\Program Files (x86)\ASUS\Update\1.3.107.59\AsusCrashHandler.exe 2021-10-05 08:17:01 73776F48747426E18E0C95B0A27D4578 903552 ----atw- C:\Program Files (x86)\ASUS\Update\1.3.107.59\AsusUpdater.exe 2021-10-05 08:17:01 59FD53156755B1D06A6FC6DD18853C87 158224 ----atw- C:\Program Files (x86)\ASUS\Update\1.3.107.59\AsusUpdate.exe 2021-10-05 08:14:08 AB01F856C10A040B823BD9EDD0E10482 3231336 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\94.0.4606.71\94.0.4606.71_94.0.4606.61_chrome_updater.exe 2021-10-04 00:04:56 C0E95BE6C8F53B74D2401D09835DBD22 2812816 ----a-w- C:\Program Files (x86)\Microsoft\EdgeCore\94.0.992.38\Installer\setup.exe 2021-10-04 00:04:56 C0E95BE6C8F53B74D2401D09835DBD22 2812816 ----a-w- C:\Program Files (x86)\Microsoft\Edge\Application\94.0.992.38\Installer\setup.exe 2021-10-04 00:04:56 54DD3714B959BD76354237CA4B18488E 1086856 ----a-w- C:\Program Files (x86)\Microsoft\EdgeCore\94.0.992.38\pwahelper.exe 2021-10-04 00:04:56 54DD3714B959BD76354237CA4B18488E 1086856 ----a-w- C:\Program Files (x86)\Microsoft\Edge\Application\94.0.992.38\pwahelper.exe 2021-10-04 00:04:56 519E117BAEB8D197851543DAE4D33DE3 1127312 ----a-w- C:\Program Files (x86)\Microsoft\EdgeCore\94.0.992.38\msedge_proxy.exe 2021-10-04 00:04:56 519E117BAEB8D197851543DAE4D33DE3 1127312 ----a-w- C:\Program Files (x86)\Microsoft\Edge\Application\94.0.992.38\msedge_proxy.exe 2021-10-04 00:04:56 4E1FA112027430003B958B55DAEE2E17 1615248 ----a-w- C:\Program Files (x86)\Microsoft\EdgeCore\94.0.992.38\msedge_pwa_launcher.exe 2021-10-04 00:04:56 4E1FA112027430003B958B55DAEE2E17 1615248 ----a-w- C:\Program Files (x86)\Microsoft\Edge\Application\94.0.992.38\msedge_pwa_launcher.exe 2021-10-04 00:04:56 498FD380D1197EB9C65C8C30DE6CD165 1329040 ----a-w- C:\Program Files (x86)\Microsoft\EdgeCore\94.0.992.38\notification_helper.exe 2021-10-04 00:04:56 498FD380D1197EB9C65C8C30DE6CD165 1329040 ----a-w- C:\Program Files (x86)\Microsoft\Edge\Application\94.0.992.38\notification_helper.exe 2021-10-04 00:04:56 088423FC372B4D65093D5A5E58E9D829 2919312 ----a-w- C:\Program Files (x86)\Microsoft\EdgeCore\94.0.992.38\msedgewebview2.exe 2021-10-04 00:04:56 088423FC372B4D65093D5A5E58E9D829 2919312 ----a-w- C:\Program Files (x86)\Microsoft\Edge\Application\94.0.992.38\msedgewebview2.exe 2021-10-04 00:04:55 16C4C388F84EADD55634C2147E36CE64 3379088 ----a-w- C:\Program Files (x86)\Microsoft\EdgeCore\94.0.992.38\msedge.exe 2021-10-04 00:04:55 16C4C388F84EADD55634C2147E36CE64 3379088 ----a-w- C:\Program Files (x86)\Microsoft\Edge\Application\94.0.992.38\msedge.exe 2021-10-04 00:04:54 E77B6CB54DAEC3D24C95C5369AF45997 1114000 ----a-w- C:\Program Files (x86)\Microsoft\EdgeCore\94.0.992.38\identity_helper.exe 2021-10-04 00:04:54 E77B6CB54DAEC3D24C95C5369AF45997 1114000 ----a-w- C:\Program Files (x86)\Microsoft\Edge\Application\94.0.992.38\identity_helper.exe 2021-10-04 00:04:54 96E82FF84C64F08C00A8D1C4716B3D31 1656720 ----a-w- C:\Program Files (x86)\Microsoft\EdgeCore\94.0.992.38\elevation_service.exe 2021-10-04 00:04:54 96E82FF84C64F08C00A8D1C4716B3D31 1656720 ----a-w- C:\Program Files (x86)\Microsoft\Edge\Application\94.0.992.38\elevation_service.exe 2021-10-04 00:04:54 19B82107D6F88FECFCE9BDA4A3041D33 483216 ----a-w- C:\Program Files (x86)\Microsoft\EdgeCore\94.0.992.38\BHO\ie_to_edge_stub.exe 2021-10-04 00:04:54 19B82107D6F88FECFCE9BDA4A3041D33 483216 ----a-w- C:\Program Files (x86)\Microsoft\Edge\Application\94.0.992.38\BHO\ie_to_edge_stub.exe 2021-10-04 00:04:54 0A54149FBB942C2D5B8B742A972E09B8 100752 ----a-w- C:\Program Files (x86)\Microsoft\EdgeCore\94.0.992.38\cookie_exporter.exe 2021-10-04 00:04:54 0A54149FBB942C2D5B8B742A972E09B8 100752 ----a-w- C:\Program Files (x86)\Microsoft\Edge\Application\94.0.992.38\cookie_exporter.exe 2021-10-04 00:04:48 57A9E3617E3E4BA3BD980A3DBD93875D 8094632 ----a-w- C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}\94.0.992.38\MicrosoftEdge_X64_94.0.992.38_94.0.992.31.exe === C: other files == 2021-10-08 09:00:00 CD6937B7D9BEC7D4A61EB5E98CC7B9AE 15666 ----a-w- C:\Users\filip\AppData\Roaming\Mozilla\Firefox\Profiles\jyjkh5or.default-release-1627651901596\features\{80272374-ec0c-4684-a117-9d74f4398fa1}\reset-search-defaults@mozilla.com.xpi 2021-10-08 09:00:00 52CC80617272C98CF24BA460B3EFFBBC 13605 ----a-w- C:\Users\filip\AppData\Roaming\Mozilla\Firefox\Profiles\jyjkh5or.default-release-1627651901596\features\{80272374-ec0c-4684-a117-9d74f4398fa1}\addons-search-detection@mozilla.com.xpi 2021-10-08 09:00:00 1454F854FA16305330609E30FB57565F 13788 ----a-w- C:\Users\filip\AppData\Roaming\Mozilla\Firefox\Profiles\jyjkh5or.default-release-1627651901596\features\{80272374-ec0c-4684-a117-9d74f4398fa1}\proxy-failover@mozilla.com.xpi 2021-10-08 08:51:25 B6C6FFC05B52D2F8A433DD12C3A11D30 434424 ----a-w- C:\Windows\System32\drivers\wd\WdFilter.sys 2021-10-08 08:51:25 9C4361259D5F0D7A36A10BD28D000F90 86264 ----a-w- C:\Windows\System32\drivers\wd\WdNisDrv.sys 2021-10-08 08:51:25 26B890C2237E48DAF8B9B901EBE7A0C1 164072 ----a-w- C:\Windows\System32\drivers\wd\WdDevFlt.sys 2021-10-08 08:51:25 1BF7CF2DBA97C71FF1876F0DE67421C3 48520 ----a-w- C:\Windows\System32\drivers\wd\WdBoot.sys 2021-10-08 08:50:53 10FD9EB8FF40E61BD7F114F34DC9ADB5 35286 ----a-w- C:\Users\filip\AppData\Local\Microsoft\OneDrive\21.180.0905.0007\CollectSyncLogs.bat 2021-10-05 08:16:59 4CD5BDC5658493E547C334C0294C90F1 1555405 ----a-w- C:\Program Files (x86)\ASUS\Update\Download\{079B2A6C-DC82-42E3-94B6-9B36E683D464}\1.3.107.59\9075-2TVNTL-4cd5bdc5658493e547c334c0294c90f1.zip 2021-10-04 00:04:56 FB20A4564050CD49CB839474EB5AC815 270 ----a-w- C:\Program Files (x86)\Microsoft\EdgeCore\94.0.992.38\show_third_party_software_licenses.bat 2021-10-04 00:04:56 FB20A4564050CD49CB839474EB5AC815 270 ----a-w- C:\Program Files (x86)\Microsoft\Edge\Application\94.0.992.38\show_third_party_software_licenses.bat ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Autodesk Sync"="C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe" [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-3401686264-2777813322-2188102425-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\filip\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Autodesk Sync"="C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "Autodesk Sync"="C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe" [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "WAB Migrate"="%ProgramFiles%\Windows Mail\wab.exe /Upgrade" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "WAB Migrate"="%ProgramFiles%\Windows Mail\wab.exe /Upgrade" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Autodesk Desktop App"="C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe -tray" "IseUI"="C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe" "Autodesk Genuine Service "="%PROGRAMDATA%\Autodesk\Genuine Service\x64\GenuineService.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\filip\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Autodesk Sync"="C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "pac"="C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe" "SecurityHealth"="%windir%\system32\SecurityHealthSystray.exe " ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RasAuto] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RasMan] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\ASUS Optimization 36D18D69AFC3" ["C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSOptimization\AsusHotkeyExec.exe"] "C:\WINDOWS\SysNative\tasks\ASUS Update Checker 2.0" ["C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSoftwareManager\AsusUpdateChecker.exe"] "C:\WINDOWS\SysNative\tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474" ["C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSystemAnalysis\AsusSystemAnalysis.exe"] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3401686264-2777813322-2188102425-1001Core" [C:\Users\filip\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3401686264-2777813322-2188102425-1001UA" [C:\Users\filip\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}" [C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe] "C:\WINDOWS\SysNative\tasks\kpm_tray.exe" [C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_tray.exe] "C:\WINDOWS\SysNative\tasks\Live Boost Process Governor" [C:\Program Files (x86)\Phoenix360\System Mechanic\x64\LBgovernor.exe] "C:\WINDOWS\SysNative\tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe] "C:\WINDOWS\SysNative\tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe] "C:\WINDOWS\SysNative\tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" ["C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"] "C:\WINDOWS\SysNative\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe] "C:\WINDOWS\SysNative\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe] "C:\WINDOWS\SysNative\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe] "C:\WINDOWS\SysNative\tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe] "C:\WINDOWS\SysNative\tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe] "C:\WINDOWS\SysNative\tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe] "C:\WINDOWS\SysNative\tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe] "C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task-S-1-5-21-3394297406-1171429114-703356068-500" [%localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe] "C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task-S-1-5-21-3401686264-2777813322-2188102425-1001" [%localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe] "C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task-S-1-5-21-3401686264-2777813322-2188102425-500" [%localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe] "C:\WINDOWS\SysNative\tasks\RtkAudUService64_BG" [""C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_7634c653537a72fc\RtkAudUService64.exe""] "C:\WINDOWS\SysNative\tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}" [C:\Program Files\COMODO\COMODO Internet Security\cis.exe] "C:\WINDOWS\SysNative\tasks\Agent Activation Runtime\S-1-5-21-3401686264-2777813322-2188102425-1001" [C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe] "C:\WINDOWS\SysNative\tasks\ASUS\AcPowerNotification" [C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe] "C:\WINDOWS\SysNative\tasks\ASUS\ArmourySocketServer" [C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe] "C:\WINDOWS\SysNative\tasks\ASUS\ASUSUpdateTaskMachineCore1d630f3cbc04378" [C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe] "C:\WINDOWS\SysNative\tasks\ASUS\ASUSUpdateTaskMachineUA" [C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe] "C:\WINDOWS\SysNative\tasks\ASUS\Framework Service" [C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe] "C:\WINDOWS\SysNative\tasks\ASUS\P508PowerAgent_sdk" [C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe] "C:\WINDOWS\SysNative\tasks\McAfee\McAfee OOBE Patch Telemetry" [C:\Program Files\Common Files\McAfee\ModuleCore\DayZeroOOBEFix_64.exe] "C:\WINDOWS\SysNative\tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB" [C:\Program Files\Mozilla Firefox\firefox.exe] "C:\WINDOWS\SysNative\tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB" [C:\Program Files\Mozilla Firefox\default-browser-agent.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi" [] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi" [] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== ==== Chromium Look ====================== Comodo Dragon Browser Version: 92.0.4515.159. Google Chrome Version: 94.0.4606.71 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ahkjpbeeocnddjkakilopmfdlnjdpcdm - https://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm[] efaidnbmnnnibpcajpcglclefindmkaj - No path found[] makcojoppodhcgmmchohadhpkicoafka - No path found[] mfhcmdonhekjhfbjmeacdjbhlfgpjabp - No path found[] Comodo Drag&Drop Service - filip\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo Online Security Pro - filip\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ffjgpapimgnmibnacmeilgjefnoofefp Comodo Dragon Browser Light Theme - filip\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kglppafajjeikfgmjjegogphhkjnnmgc Comodo Share Page Service - filip\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf Slides - filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Kaspersky Protection - filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm Docs - filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Honey - filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj Adobe Acrobat - filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj Sheets - filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Safe Torrent Scanner - filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\makcojoppodhcgmmchohadhpkicoafka Chrome Web Store Payments - filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=PRASU1&src=IE11TR&pc=ASTE HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=PRASU1&src=IE11TR&pc=ASTE ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit= O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\94.0.992.38\BHO\ie_to_edge_bho.dll O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll O4 - HKLM\..\Run: [Autodesk Desktop App] "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray O4 - HKLM\..\Run: [IseUI] C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe O4 - HKLM\..\Run: [Autodesk Genuine Service ] %PROGRAMDATA%\Autodesk\Genuine Service\x64\GenuineService.exe O4 - HKCU\..\Run: [OneDrive] "C:\Users\filip\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL O23 - Service: Autodesk Desktop App Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Autodesk Desktop Licensing Service (AdskLicensingService) - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\System32\DriverStore\FileRepository\u0362957.inf_amd64_47170f5efa6cd04e\B362672\atiesrxx.exe O23 - Service: AMD Log Utility - Unknown owner - C:\WINDOWS\System32\amdlogsr.exe (file missing) O23 - Service: @oem91.inf,%ServiceDisplayName%;Armoury Crate Control Interface (ArmouryCrateControlInterface) - Unknown owner - C:\WINDOWS\System32\ASUSACCI\ArmouryCrateControlInterface.exe (file missing) O23 - Service: ARMOURY CRATE Service (ArmouryCrateService) - ASUSTeK COMPUTER INC. - C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe O23 - Service: ASUS Com Service (asComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe O23 - Service: ASUS Update Service (asus) (asus) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe O23 - Service: ASUS App Service (AsusAppService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\AsusAppService\AsusAppService.exe O23 - Service: ASUS Hook Service (ASUSHookService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Hook\ASUSHookService.exe O23 - Service: ASUS Link Near (ASUSLinkNear) - ASUSTek Computer Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSLinkNear\AsusLinkNear.exe O23 - Service: ASUS Link Remote (ASUSLinkRemote) - ASUSTeK COMPUTER INC.? - C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSLinkRemote\AsusLinkRemote.exe O23 - Service: ASUS Update Service (asusm) (asusm) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe O23 - Service: ASUS Optimization (ASUSOptimization) - ASUSTeK COMPUTER INC. - C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSOptimization\AsusOptimization.exe O23 - Service: ASUS Software Manager (ASUSSoftwareManager) - ASUSTeK COMPUTER INC. - C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSoftwareManager\AsusSoftwareManager.exe O23 - Service: ASUS System Analysis (ASUSSystemAnalysis) - ASUSTeK COMPUTER INC. - C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSystemAnalysis\AsusSystemAnalysis.exe O23 - Service: ASUS System Diagnosis (ASUSSystemDiagnosis) - ASUSTek COMPUTER INC. - C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_74be8ed024c977b8\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe O23 - Service: Kaspersky Anti-Virus Service 21.3 (AVP21.3) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing) O23 - Service: CredentialEnrollmentManagerUserSvc_18f34554 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing) O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe O23 - Service: DtsApo4Service - Unknown owner - C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: FlexNet Licensing Service - Flexera - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe O23 - Service: NVIDIA FrameView SDK service (FvSvc) - NVIDIA - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\94.0.4606.71\elevation_service.exe O23 - Service: GoPro Device Detection Service (GoProDeviceDetectionService) - Unknown owner - C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: isesrv - COMODO - C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Kaspersky Volume Shadow Copy Service Bridge 21.3 (klvssbridge64_21.3) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\vssbridge64.exe O23 - Service: Kaspersky Password Manager Service (kpm_launch_service) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe O23 - Service: LightingService - ASUSTek Computer Inc. - C:\Program Files (x86)\LightingService\LightingService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_df6745aaa4048565\Display.NvContainer\NVDisplay.Container.exe O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing) O23 - Service: RefreshRateService - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe O23 - Service: ROG Live Service - ASUSTek COMPUTER INC. - C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe O23 - Service: ROG GamePlus Service (ROGOSDService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ROG GamePlus\ROGOSDService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: Realtek Audio Universal Service (RtkAudioUniversalService) - Realtek Semiconductor - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_7634c653537a72fc\RtkAudUService64.exe O23 - Service: @oem58.inf,%RtkBtManServ.SvcDesc%;Realtek Bluetooth Device Manager Service (RtkBtManServ) - Realtek Semiconductor Corp. - C:\WINDOWS\RtkBtManServ.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing) O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== C:\zoek_backup content ====================== C:\zoek_backup (files=0 folders=0 0 bytes) ==== EOF on Sun 10/10/2021 at 23:09:02.94 ======================