Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.01.2018
Ran by venantius oscity (23-01-2018 11:12:47)
Running from C:\Users\venantius oscity\Desktop
Windows 10 Home Version 1709 16299.192 (X64) (2017-12-03 17:42:26)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3482208008-4189349312-1346008617-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3482208008-4189349312-1346008617-503 - Limited - Disabled)
Guest (S-1-5-21-3482208008-4189349312-1346008617-501 - Limited - Disabled)
venantius oscity (S-1-5-21-3482208008-4189349312-1346008617-1001 - Administrator - Enabled) => C:\Users\venantius oscity
WDAGUtilityAccount (S-1-5-21-3482208008-4189349312-1346008617-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {08B84BA8-CC77-5A8B-A100-3F522B1B6106}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Advanced Protection (Enabled - Up to date) {B3D9AA4C-EA4D-5505-9BB0-0420509C2BBB}
FW: COMODO Firewall (Enabled) {3083CA8D-8618-5BD3-8A5F-9667D5C8267D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
COMODO Internet Security Premium (HKLM\...\{C7C71F0C-4CC1-4B17-943C-96E5196DDA74}) (Version: 10.1.0.6476 - COMODO Security Solutions Inc.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.)
EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10240.11165 - Realtek Semiconductor Corp.)
Intel(R) Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1094 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.2.424651.94 - Comodo)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.2.0.940 - IObit)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.1.3330.01 - CyberLink Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5709.60 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5709.60 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo Solution Center (HKLM\...\{52753916-613B-4455-8022-A146CC17B1F6}) (Version: 3.2.002.00 - Lenovo)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version:  - )
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office 2016 Professional Plus (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3482208008-4189349312-1346008617-1001\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 57.0.4 (x64 sk) (HKLM\...\Mozilla Firefox 57.0.4 (x64 sk)) (Version: 57.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.4.6577 - Mozilla)
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
OpenOffice 4.1.3 (HKLM-x32\...\{03737BB6-0906-43EA-8A11-CD4E2CBCAB2F}) (Version: 4.13.9783 - Apache Software Foundation)
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.1.0.11 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7738 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0283 - REALTEK Semiconductor Corp.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.1 - Lenovo)
Skype Web Plugin (HKLM-x32\...\{AC7406B6-BB3B-4CD1-AEBA-0527B9CB16FE}) (Version: 7.27.0.105 - Skype Technologies S.A.)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{61702639-6539-473A-8FE5-618E194C0069}) (Version: 2.7.0.0 - Microsoft Corporation)
User Manuals (HKLM-x32\...\{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Driver Package - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3482208008-4189349312-1346008617-1001_Classes\CLSID\{58743271-597A-401B-AF4A-1450179151C0}\InprocServer32 -> C:\Users\venantius oscity\AppData\Local\SkypePlugin\7.27.0.105\GatewayActiveX-x64.dll (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-3482208008-4189349312-1346008617-1001_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\venantius oscity\AppData\Local\SkypePlugin\7.27.0.105\EdgeCalling.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-3482208008-4189349312-1346008617-1001_Classes\CLSID\{D0FC4B60-C60D-4908-8365-0C64C03E0291}\localserver32 -> C:\Users\venantius oscity\AppData\Local\SkypePlugin\7.27.0.105\GatewayVersion-x64.exe (Skype Technologies S.A.)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (Cyberlink)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-01-09] (COMODO)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-09-25] (Lenovo)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (Cyberlink)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-01-09] (COMODO)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> No File
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-09-25] (Lenovo)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-01-09] (COMODO)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D9D0753-936F-4D7F-9F9F-E96410841A1A} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {0EB3AFF1-BDA8-4B38-AE3E-E7F75834F4D8} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2018-01-09] (COMODO)
Task: {19401102-0C3E-4EB4-828F-133B780FF3BD} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-12-10] (Lenovo)
Task: {1944C6BB-A240-4DC3-842A-D27E188A6423} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-06-12] (Lenovo)
Task: {1C093ABD-8111-460D-8FE2-78FEA252989E} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [2015-09-11] (CyberLink Corp.)
Task: {34360DFD-EB9A-4590-86E6-6BA35032633D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {405DD002-32B6-4FFE-8D39-98E405DB1AAF} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c9176a33-251e-47a7-b296-23d95b450a20 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-11-12] (Lenovo Group Limited)
Task: {410969E3-D22B-4D43-8A20-F9CA27E242C6} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {43073DE7-AA92-4536-BBA7-408680FBA91E} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-12-10] (Lenovo)
Task: {490F14D9-286B-4A2B-A3F5-461F4D2AE2E8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {4944459A-6617-4F71-A5A8-06A152925DEA} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ff3df571-c09f-40be-9ed9-b99dae86ede5 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-11-12] (Lenovo Group Limited)
Task: {5488F262-EE53-4EC8-8072-4CA9EABD7D9A} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [2015-09-25] ()
Task: {57C2716F-DFA5-4803-90B9-B57D6FB8FEC3} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [2015-09-30] (CyberLink Corp.)
Task: {68102D9E-DC9A-48C3-9D50-9AF73A518B5A} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2018-01-09] (COMODO)
Task: {6EA36417-0EFA-4BD1-8506-F6A55A5889B1} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ba7e7845-ca62-4f73-9355-794077c64d8a => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-11-12] (Lenovo Group Limited)
Task: {7C0BF263-C590-4A09-B771-7F3D9B553E1B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {7C78322A-1F24-460E-BFC5-A3B04DD1A87D} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-01-09] (COMODO)
Task: {8BE458F7-B4DE-463B-8D2D-5037CE5A6F4C} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {B423B164-7A54-4A82-B954-06154F3FD4CC} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-01-09] (COMODO)
Task: {C302FC73-3C4E-4FFE-B217-A9A64E4612AC} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-01-09] (COMODO)
Task: {C489D9BD-BB63-4700-B09C-62FDC00E48E0} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-06-12] (Lenovo)
Task: {C6EF0C77-48AE-4DDC-810E-C96461AF4C67} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-07-07] (Lenovo)
Task: {CA13307C-BD03-4B7D-87DB-68A7372CA386} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-09] (Adobe Systems Incorporated)
Task: {CDA0479D-3AC9-4F3F-91BC-5D1785B7DDB4} - System32\Tasks\McAfee Cleanup => C:\Users\VENANT~1\AppData\Local\Temp\MCPR\mccleanup.exe <==== ATTENTION
Task: {D1C07DF9-2F1D-4BCA-A007-065654095A3C} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [2015-09-25] ()
Task: {D30388AE-5441-4F57-9367-AC2B5D337A2E} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2018-01-09] (COMODO)
Task: {DD703545-5FB1-4E89-81D0-E519CBA1984E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\35e9602d-4d10-4c23-bcbd-37d9e76b81ba => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-11-12] (Lenovo Group Limited)
Task: {DD772EFA-ED43-4F28-918F-542690D43B61} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {E1277BA9-7AED-4C71-84D4-AB6E9E01C685} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-01-09] (COMODO)
Task: {E350B7CE-64D6-4A94-8C67-C81EC4DB6300} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-01-09] (COMODO)
Task: {F4B5B352-D394-4A16-A7A7-20D4468C4022} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-01-09] (COMODO)
Task: {FC17B1D5-0C5D-4B71-B9BD-2754DF30E19C} - System32\Tasks\Uninstaller_SkipUac_venantius_oscity => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2017-02-10] (IObit)
Task: {FD4362D2-E71B-486F-8147-C12B9F3D0593} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-12-10] (Lenovo)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_venantius_oscity.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-01-11 20:31 - 2018-01-09 01:17 - 000156584 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll
2018-01-11 20:31 - 2018-01-09 01:16 - 000106408 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2018-01-11 20:31 - 2018-01-09 01:16 - 000245160 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2015-05-19 17:11 - 2015-05-19 17:11 - 000007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
2017-12-08 08:51 - 2017-09-07 09:39 - 000073920 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2017-10-20 16:42 - 2017-10-20 16:42 - 000393200 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-12-14 11:40 - 2017-11-26 13:23 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-14 11:40 - 2017-11-26 13:01 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-01-19 07:30 - 2018-01-19 07:31 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-01-19 07:30 - 2018-01-19 07:31 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-08-14 18:39 - 2016-06-21 18:30 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2017-08-14 18:39 - 2016-06-21 18:29 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2017-08-14 18:39 - 2016-06-21 18:29 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2016-05-19 20:33 - 2015-09-30 09:05 - 000081920 _____ () C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\_ctypes.pyd
2016-05-19 20:33 - 2015-09-30 09:19 - 000875960 _____ () C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\Kernel\Boomerang\UNO.dll
2016-05-19 20:33 - 2015-09-30 09:05 - 000053248 _____ () C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\_socket.pyd
2016-05-19 20:33 - 2015-09-30 09:05 - 000655360 _____ () C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\_ssl.pyd
2017-12-07 07:25 - 2017-12-07 07:25 - 000102088 _____ () C:\Users\venantius oscity\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\venantius oscity\Desktop\hdimg001.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\venantius oscity\Desktop\Photo0667.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\venantius oscity\Desktop\Photo0669.jpg:$CmdZnID [32]
AlternateDataStreams: C:\Users\venantius oscity\Downloads\advanced-systemcare-setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\venantius oscity\Downloads\advanced-systemcare-setup.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\venantius oscity\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_sk.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\venantius oscity\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_sk.exe:$CmdZnID [29]
AlternateDataStreams: C:\Users\venantius oscity\Downloads\flashplayer24_ka_install.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\venantius oscity\Downloads\flashplayer24_ka_install.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\venantius oscity\Downloads\iview444_x64_setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\venantius oscity\Downloads\iview444_x64_setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\venantius oscity\Downloads\SkypeSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\venantius oscity\Downloads\SkypeSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\venantius oscity\Downloads\STV2-Vínne-cesty-Slovenska-(10).2015-09-22.17-00.mkv:$CmdTcID [64]
AlternateDataStreams: C:\Users\venantius oscity\Downloads\STV2-Vínne-cesty-Slovenska-(10).2015-09-22.17-00.mkv:$CmdZnID [26]
AlternateDataStreams: C:\Users\venantius oscity\Documents\kox_280287_m.jpg:$CmdZnID [26]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2015-10-30 08:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3482208008-4189349312-1346008617-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "LenovoUtility"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKU\S-1-5-21-3482208008-4189349312-1346008617-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{E722C94E-F079-415B-9485-AF3B6D2DC86A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{19DCAA89-A31E-4529-8BAD-5D1D943F078C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{3863A14B-9D20-4C0A-8170-671B7DD5D37A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E7563227-0363-40FB-916C-DAF3BAD8CB04}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{FDCD90BD-B98A-4329-B78D-8BA4F141659B}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{C39EFC5F-7EF0-457B-BF8B-11A32B214F18}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{84211845-EA58-469B-8766-FBDF90B5B500}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{35B38353-F486-455A-9EFC-73F039228C03}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Restore Points =========================

02-01-2018 18:43:03 Scheduled Checkpoint
10-01-2018 02:17:38 Inštalátor modulov systému Windows
10-01-2018 02:19:03 Windows Update
11-01-2018 20:29:58 COMODO Internet Security Binary update
16-01-2018 21:00:12 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/23/2018 01:06:22 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/22/2018 07:47:01 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/21/2018 06:49:20 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/20/2018 08:20:47 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/19/2018 09:35:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: LAPTOP-4DJ9R1V5)
Description: Balík Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe+App sa ukončil, pretože jeho odstavenie trvalo príliš dlho.

Error: (01/19/2018 07:27:17 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/18/2018 02:24:09 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/17/2018 05:34:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: LAPTOP-4DJ9R1V5)
Description: Balík Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe+App sa ukončil, pretože jeho odstavenie trvalo príliš dlho.

Error: (01/17/2018 06:54:45 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/16/2018 08:25:26 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider CisWmi attempted to register query "SELECT * FROM CisFileRatingChange" whose target class "CisFileRatingChange" in //./root/cis namespace does not exist. The query will be ignored.


System errors:
=============
Error: (01/23/2018 11:07:46 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/23/2018 10:55:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Služba Windows Defender Antivirus zlyhalo kvôli nasledujúcej chybe: 
Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Error: (01/23/2018 10:53:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby AppX Deployment Service (AppXSVC) zlyhalo kvôli nasledujúcej chybe: 
The service did not respond to the start or control request in a timely fashion.

Error: (01/23/2018 10:53:02 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby AppXSvc bol dosiahnutý časový limit (30000 ms).

Error: (01/23/2018 10:52:48 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/23/2018 10:52:48 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/23/2018 10:52:36 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (01/23/2018 10:34:55 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/23/2018 10:25:06 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/23/2018 10:19:55 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


CodeIntegrity:
===================================
  Date: 2018-01-23 11:13:00.648
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2018-01-23 11:08:26.993
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2018-01-23 11:02:43.060
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2018-01-23 11:02:42.966
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2018-01-23 10:55:04.578
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2018-01-23 10:54:40.899
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2018-01-23 10:53:05.236
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2018-01-23 10:53:03.412
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2018-01-23 10:51:28.123
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2018-01-23 10:51:16.514
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: Intel(R) Celeron(R) CPU N3060 @ 1.60GHz
Percentage of memory in use: 47%
Total physical RAM: 4009.14 MB
Available physical RAM: 2114.4 MB
Total Virtual: 4713.14 MB
Available Virtual: 2724.43 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:419.94 GB) (Free:372.39 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.45 GB) NTFS
Drive f: (PEDRO3) (Removable) (Total:28.89 GB) (Free:25.16 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: AD1CBB19)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 28.9 GB) (Disk ID: 0F3499B0)
Partition 1: (Active) - (Size=28.9 GB) - (Type=0C)

==================== End of Addition.txt ============================