Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04.03.2018
Ran by ver.lips (13-09-2018 18:38:33)
Running from C:\Users\ver.lips\Desktop
Windows 10 Home Version 1803 17134.228 (X64) (2018-06-10 11:22:15)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2580292674-1686849953-1872125729-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2580292674-1686849953-1872125729-503 - Limited - Disabled)
Guest (S-1-5-21-2580292674-1686849953-1872125729-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2580292674-1686849953-1872125729-1003 - Limited - Enabled)
postgres (S-1-5-21-2580292674-1686849953-1872125729-1004 - Limited - Enabled) => C:\Users\postgres
ver.lips (S-1-5-21-2580292674-1686849953-1872125729-1001 - Administrator - Enabled) => C:\Users\ver.lips
WDAGUtilityAccount (S-1-5-21-2580292674-1686849953-1872125729-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
Avira (HKLM-x32\...\{0C16993B-1BAF-489D-8BF7-8D38B1E113BB}) (Version: 1.2.115.14232 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{b883705a-0784-4d1e-9766-601e8d66945a}) (Version: 1.2.115.14232 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.40.12 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{FC75CF0A-54F5-4599-8169-AB1E443A0951}) (Version: 2.0.6.1378 - Avira Operations GmbH & Co. KG)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.68.1077 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.5.3606 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3.4503 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3416 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.5.3304 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2.3418 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.2.3618 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Fotogaléria (HKLM-x32\...\{08466673-3905-4437-93E8-34A221B7CA4E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.87 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\...\HPConnectedMusic) (Version: 1.1 (build 128) hp - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{80E88C5A-E96C-4842-81EC-756AD3D4C9C8}) (Version: 1.3.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7372.4698 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.57 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E959FD01-BD01-4CC4-9BB8-4EBE8309BF37}) (Version: 8.6.18.11 - HP)
HP Support Solutions Framework (HKLM-x32\...\{579A990C-3855-4838-AF23-354CE2264BC0}) (Version: 12.9.18.3 - HP)
HP System Event Utility (HKLM-x32\...\{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1}) (Version: 1.4.1 - Hewlett-Packard Company)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Utility Center (HKLM\...\{891A1782-8B20-4403-8383-458962525926}) (Version: 2.3.4 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard Company)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.00.57 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.00.57 - Softex Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3366 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{FEE09763-508F-4C10-8D7F-C224D006B662}) (Version: 4.2.41.2710 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.0.0.14 - Intel Corporation)
KB4023057 (HKLM\...\{264FDD69-C4DF-476F-B1B8-7DCEE4AF839B}) (Version: 2.4.0.0 - Microsoft Corporation)
Mediatek Bluetooth (HKLM\...\{16BCAEDC-C115-1729-07C4-7A0091C699A6}) (Version: 11.0.749.0 - Mediatek)
Mi PC Suite (HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\...\MiPhoneManager) (Version:  - Xiaomi Inc.)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.9126.2275 - Microsoft Corporation)
Microsoft Office 365 ProPlus - fr-fr (HKLM\...\O365ProPlusRetail - fr-fr) (Version: 16.0.9126.2275 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\...\OneDriveSetup.exe) (Version: 18.151.0729.0006 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{379A0618-EF50-423C-9637-EEB2D25A4BB4}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{3C5F91EF-5C0B-4D13-BCBE-0FC6FC3ED7F9}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{CFBFE244-6269-41DC-85B6-86F99C88ED02}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 61.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 61.0.2 (x64 cs)) (Version: 61.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 61.0.2.6793 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9126.2275 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2275 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2275 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.9126.2275 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.9126.2275 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.23.16038 - pdfforge GmbH)
PostgreSQL 9.5  (HKLM\...\PostgreSQL 9.5) (Version: 9.5 - PostgreSQL Global Development Group)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21244 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7154 - Realtek Semiconductor Corp.)
Shotcut (HKLM-x32\...\Shotcut) (Version:  - )
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.106 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\...\Spotify) (Version: 1.0.77.338.g758ebd78 - Spotify AB)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2580292674-1686849953-1872125729-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-10-17] (Cyberlink)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2018-09-13] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-10-17] (Cyberlink)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Intel Corporation)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2018-09-13] (Avira Operations GmbH & Co. KG)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {052FAE6B-8A45-4378-88FA-0A3B878D2292} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2017-08-18] (Synaptics Incorporated)
Task: {0A7AA876-862F-4F81-AA4B-B73950FA632C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {0C810EC7-70C7-4DDD-B2CF-F94F0F2F80FB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {0DEA3E36-52C6-4E13-9E94-B3DC18A1E5BB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {1BE07023-C3D2-4C67-BAC0-F7E21C0782FD} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink)
Task: {341BBC69-5CA1-4A5B-897F-3E54156BA044} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-09-01] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3FD89018-3C65-47AA-BE04-67C1D19B61EF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-04] (Google Inc.)
Task: {430852CB-A87C-492E-A659-075C7BF1710C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {45243784-5394-44E3-AD18-F8C296EE724F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-04-25] (HP Inc.)
Task: {47152881-B7D1-4B6D-AF42-FFAC5B216FD9} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-11-21] ()
Task: {4D4E8AA9-5B37-4CA5-B850-8BFBBC97F808} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-08-07] (Microsoft Corporation)
Task: {52F65DE6-A546-48EA-89BF-1C8E2718DC3C} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2014-09-23] ()
Task: {534D344F-534E-49BD-96E5-C051146003A7} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2014-05-19] (Hewlett-Packard Development Company, L.P.)
Task: {541BA5BF-1736-4A3E-B1E5-CE1C9EE13043} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {58170B57-E562-44A1-899C-8EFBEC20D210} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-08-07] (Microsoft Corporation)
Task: {5E445538-DAFC-4BFD-9614-1B0CF0452992} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {65A34F07-723D-4150-B109-13BD1AE3DFAA} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {74DB0AC4-2FBB-43A0-8142-8DC1694A79B1} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {78BABCCD-20B8-49B7-B4F8-87490C41C875} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {79D9B15C-98ED-4B10-976D-1736899F28AD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {873EB2C9-6A05-4E47-BF5A-C5632C6C7BA0} - System32\Tasks\GoogleUpdateTaskMachineCore1d0c00165d58af9 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-04] (Google Inc.)
Task: {8F255F88-A87A-495F-B828-A4AFEC70BDB0} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\WINDOWS\system32\dxgiadaptercache.exe [2018-04-12] (Microsoft Corporation)
Task: {9598CEB0-DF92-4CAB-81F2-DD0B11ACAD43} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-09-01] (Microsoft Corporation)
Task: {9B44601E-CD81-4704-B677-4701859727F3} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_Plugin.exe [2018-06-20] (Adobe Systems Incorporated)
Task: {A167F6E0-ED47-419C-807E-2A11ECBA98D4} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {AF9E6EDF-E12A-41CA-AD7F-1A914E830DCA} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2013-12-18] (CyberLink Corp.)
Task: {B567CF8D-208C-4928-8CED-9A8D28E1C6DA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {C1C5DB0D-E99C-4B9D-8A58-0BD231505929} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {C2098BE2-A29A-4EB1-97F6-F0C57E086D4F} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\WINDOWS\system32\speech_onecore\common\SpeechRuntime.exe [2018-06-10] (Microsoft Corporation)
Task: {C9C24D57-5EBA-4481-ACC7-5533BB8D222E} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2018-09-13] (Avira Operations GmbH & Co. KG)
Task: {D1CC320B-9A47-4DB4-AFE4-2BCE1A964E7A} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {D40F31C2-A4E1-40F5-860F-61B7CB4E0B3C} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback
Task: {D47645AE-A041-40E7-B9A1-4994F670CBEE} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-09-01] (Microsoft Corporation)
Task: {DCDED5B6-AB73-48D9-84CA-4E6D0AE8F725} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {E0B0C07C-5BCB-4676-8677-432AEBB219AF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {E6A0FAAE-E267-42C2-A004-AC956458E937} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeNowTask => C:\WINDOWS\System32\GWX\GWXUXWorker.exe
Task: {E75C7CD9-D84B-4D7A-956A-24E2EEAE0F01} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-06-20] (Adobe Systems Incorporated)
Task: {EC9CA403-FCB9-4F5A-9723-FD12236E0130} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-09-01] (Microsoft Corporation)
Task: {F125125D-B24F-4064-8655-6017960B3E69} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-09-01] (Microsoft Corporation)
Task: {F8620886-AB1B-424D-936C-30F1D758BB66} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-04] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2013-10-14 12:25 - 2013-10-14 12:25 - 002541056 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2013-10-14 12:22 - 2013-10-14 12:22 - 000021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2013-10-14 12:22 - 2013-10-14 12:22 - 000035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2013-10-14 12:22 - 2013-10-14 12:22 - 000055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2013-10-14 12:35 - 2013-10-14 12:35 - 000306064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2013-10-14 12:35 - 2013-10-14 12:35 - 001297296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2013-10-14 12:23 - 2013-10-14 12:23 - 000109568 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
2013-10-14 12:24 - 2013-10-14 12:24 - 000627200 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachedrv.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-02-12 12:51 - 2016-08-09 07:13 - 000183296 _____ () C:\Program Files\PostgreSQL\9.5\bin\LIBPQ.dll
2018-02-12 12:53 - 2016-07-27 10:08 - 002264576 _____ () C:\Program Files\PostgreSQL\9.5\bin\libxml2.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-09-01 04:01 - 2018-06-15 19:30 - 001308672 _____ () c:\windows\system32\FaceProcessor.dll
2018-09-01 03:59 - 2018-06-15 19:55 - 000542888 _____ () c:\windows\system32\FaceProcessorCore.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 001348664 _____ () c:\windows\system32\FaceTrackerInternal.dll
2013-10-14 12:30 - 2013-10-14 12:30 - 000065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2017-12-14 23:40 - 2017-12-14 23:40 - 000948736 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe\e_sqlite3.dll
2018-03-27 17:38 - 2018-03-27 17:38 - 002426040 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2018-03-27 17:38 - 2018-03-27 17:38 - 000381440 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe\Microsoft.Notes.Upgrade.dll
2017-12-05 19:41 - 2017-12-05 19:41 - 000843672 _____ () C:\Program Files\WindowsApps\Microsoft.Services.Store.Engagement_10.0.17112.0_x64__8wekyb3d8bbwe\Microsoft.Services.Store.Engagement.dll
2018-03-16 21:53 - 2018-03-16 21:54 - 000631296 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 004644864 _____ () C:\Windows\System32\Windows.UI.Input.Inking.Analysis.dll
2018-05-22 13:12 - 2018-05-22 13:16 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-05-22 13:12 - 2018-05-22 13:16 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-05-22 13:12 - 2018-05-22 13:16 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-05-22 13:12 - 2018-05-22 13:16 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll
2018-05-22 13:12 - 2018-05-22 13:16 - 000654848 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-04-16 19:44 - 2018-04-16 19:45 - 001922232 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.9328.1700.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2018-07-06 22:09 - 2018-07-06 22:09 - 027126784 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-07-06 22:09 - 2018-07-06 22:09 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-07-06 22:09 - 2018-07-06 22:09 - 006735872 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-10-04 17:21 - 2017-10-04 17:26 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-06 22:09 - 2018-07-06 22:09 - 009360384 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\EntPlat.dll
2016-09-04 21:43 - 2016-09-04 21:43 - 000157624 ____N () C:\Users\ver.lips\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe
2018-09-01 04:00 - 2018-08-03 05:09 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-06-14 20:02 - 2018-06-08 11:31 - 003912608 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2018-06-14 20:02 - 2018-06-08 11:31 - 002506680 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
2014-07-12 18:09 - 2013-08-05 09:49 - 000627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-05 15:48 - 2013-08-05 15:48 - 000016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2016-09-04 21:43 - 2016-09-04 21:43 - 000065976 ____N () C:\Users\ver.lips\AppData\Local\MiPhoneManager\main\MiFramework.dll
2016-09-04 21:43 - 2016-09-04 21:43 - 000136632 ____N () C:\Users\ver.lips\AppData\Local\MiPhoneManager\main\MiPlugin4NSIS.dll
2016-09-04 21:43 - 2016-09-04 21:43 - 000099600 ____N () C:\Users\ver.lips\AppData\Local\MiPhoneManager\main\zlib1.dll
2016-09-04 21:43 - 2016-09-04 21:43 - 000018360 ____N () C:\Users\ver.lips\AppData\Local\MiPhoneManager\main\MiTrace.dll
2018-09-13 18:14 - 2018-09-13 18:07 - 000243352 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\ssl-44.dll
2018-09-13 18:14 - 2018-09-13 18:07 - 001204472 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\crypto-42.dll
2014-07-12 18:06 - 2011-08-24 04:39 - 000081920 _____ () C:\Program Files (x86)\CyberLink\YouCam\koan\_ctypes.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\...\sharepoint.com -> hxxps://vse-files.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2018-03-08 19:07 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ver.lips\Desktop\IMG_1832.jpg
HKU\S-1-5-21-2580292674-1686849953-1872125729-1004\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\...\StartupApproved\Run: => "Spotify"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{3EEBE6F3-C97B-41B8-80F9-331C67B88171}C:\program files (x86)\avira\softwareupdater\avirasoftwareupdatertoastnotificationsbridge.exe] => (Block) C:\program files (x86)\avira\softwareupdater\avirasoftwareupdatertoastnotificationsbridge.exe
FirewallRules: [TCP Query User{974D4620-85B5-489C-8540-6131DE16DB34}C:\program files (x86)\avira\softwareupdater\avirasoftwareupdatertoastnotificationsbridge.exe] => (Block) C:\program files (x86)\avira\softwareupdater\avirasoftwareupdatertoastnotificationsbridge.exe
FirewallRules: [{0C17BDA6-83B0-4CAF-A20D-299B934ABD14}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe
FirewallRules: [{84F20B51-2B18-4C5D-A779-5B3A8C4DA4B1}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe
FirewallRules: [{902847E6-EB86-4EF3-AB90-345E6F2E39B3}] => (Allow) LPort=1900
FirewallRules: [{2BEB95D3-EAE4-419E-802D-B87685A38F49}] => (Allow) LPort=2869
FirewallRules: [{658A5C08-0097-4AAC-903F-93734AB5CADE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [UDP Query User{6C1F6A45-E4AC-41A0-95DE-CD34E12ECB7E}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe
FirewallRules: [TCP Query User{A7EC3217-6BD8-4252-A862-2A2117D2C6EE}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe
FirewallRules: [UDP Query User{FC58C34B-16C1-47FF-98F5-C6507FF52C12}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe
FirewallRules: [TCP Query User{CC787CBC-B08A-470E-8E8A-3FC7920E42C8}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe
FirewallRules: [{A01FCA15-9A87-4C11-B65B-22F0CE523833}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe
FirewallRules: [{68BC5F0E-4C62-47F5-9CF3-11602EED2673}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe
FirewallRules: [{21682824-6667-4030-B788-FB67119847BF}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe
FirewallRules: [{FD2906C1-718A-4E8B-910A-654E338C12ED}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe
FirewallRules: [{AD57F7BE-9EE6-4AB3-802D-9F5612BFF032}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe
FirewallRules: [{78F579C9-83F0-4DB1-9F46-44E795DF7C52}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe
FirewallRules: [{A07478CB-C513-42FA-BED5-B22FC93ACADE}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe
FirewallRules: [{A57D5EEC-D6FC-44A5-8A30-2B08AC97BBA6}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe
FirewallRules: [{479751EC-13E1-4737-BECB-0BC4EB9B5243}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe
FirewallRules: [{092EC2A6-195F-4F36-966D-16C250536F26}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe
FirewallRules: [UDP Query User{D703EB05-12A7-4A13-BFFC-DE85F8CC54F6}C:\users\ver.lips\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ver.lips\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{B3283417-F08F-4979-8C2D-D59774F12808}C:\users\ver.lips\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ver.lips\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D325927D-C537-4503-80C9-461E4C7642DD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{38A80A21-4327-4CF1-AFA7-4B1E3E59F0D9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{295C0F63-5711-4DCF-A02C-9E6F6567235F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{D1D0ECC7-C729-43C5-8F3E-53819A0A7273}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [UDP Query User{19B488E7-46B4-46D3-B834-FD0A4973CF89}C:\users\ver.lips\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ver.lips\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{D2A42905-8EA1-46F0-B104-331BE996DE52}C:\users\ver.lips\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ver.lips\appdata\roaming\spotify\spotify.exe
FirewallRules: [{1324397B-F9C3-4BEC-8A10-34FB73B5C841}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{14A1D292-F50A-4B94-B807-7BA3B6306BCA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{975524D7-29D1-4060-8CCC-8D7DE7D8E0DC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CAE71038-25AF-49C7-89E8-465D6AAFA534}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E0ABE381-F228-444D-98D7-3E8FDA637309}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{724D6411-7BF2-42A4-926B-37822FA754A6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{352ED490-8BF3-4FD9-A7C2-61258A250B93}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{B659442D-EC77-4CC1-857F-A5F223437ED9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{F74999B7-D5E7-4436-8D1D-CC75AC362F60}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{C59C1315-3A40-4424-A5D0-521ED47D6E9E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{71F13F59-64D5-482E-95BA-613C367782C3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{3C4A9D90-DA52-4C2B-B6D6-5B71E6EAAFB7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2841A26B-375F-4ED2-A672-EB813EB443E6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FF0251F5-A5BB-46AB-B75B-B741EC3E8098}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C2F5F336-F538-4431-B41F-77F1E3C191DD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DFD4F588-9D10-4666-BED1-85FC23538EB6}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{71A2AB7F-2271-4DC9-918B-402B467EE076}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{D6590795-1CCE-4D67-87E7-F02A942BA0CB}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{D81EF313-D2FF-491F-A32C-2C7F9594ED33}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{BBE87224-193A-46F3-8FB0-9E38D9E9D75A}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{38BD848D-E0FC-46C7-9A31-56A16B822803}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{7AA90C15-B3AD-4CA2-8436-24261C32F98F}] => (Allow) C:\Users\ver.lips\AppData\Local\MiPhoneManager\main\MiPCSuite.exe
FirewallRules: [{8CFDB8A0-E3CC-4D90-AF48-406B6AC5EBEA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4F548C20-7A9E-4A3C-A0FB-11BA0F373026}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe
FirewallRules: [{B325521D-7DB3-4ECF-9E83-320DF9C16492}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe
FirewallRules: [{1BD19058-F4BE-4733-93D8-529348154EAD}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe
FirewallRules: [{075627BD-F955-4DF1-8EE4-31F21A3DB1A1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{112B0616-FAA4-4148-84BE-6ED9ED016D04}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe
FirewallRules: [{4B64DACE-1AD5-43DD-8771-3031B00EE577}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe
FirewallRules: [{D829E45A-CEBF-4585-92D7-19C5F40B752B}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

==================== Restore Points =========================

10-06-2018 15:27:55 Windows Update
14-06-2018 19:59:24 Windows Update
01-09-2018 03:54:51 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/13/2018 05:57:00 PM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {41FD88F7-F295-4D39-91AC-A85F3149A05B} byla odmítnuta.

Error: (09/13/2018 05:57:00 PM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {95CABCC9-BC57-4C12-B8DF-BA193232AA01} byla odmítnuta.

Error: (09/13/2018 05:57:00 PM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {41FD88F7-F295-4D39-91AC-A85F3149A05B} byla odmítnuta.

Error: (09/13/2018 05:57:00 PM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {41FD88F7-F295-4D39-91AC-A85F3149A05B} byla odmítnuta.

Error: (09/01/2018 04:28:34 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2018.18041.15910.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 2608

Čas spuštění: 01d44191557f8946

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15911.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

ID hlášení: af7b0ab2-28de-4977-9af0-c8acf5c1dcd9

Úplný název balíčku s chybou: Microsoft.Windows.Photos_2018.18041.15911.0_x64__8wekyb3d8bbwe

ID aplikace související s balíčkem s chybou: App

Error: (09/01/2018 04:21:58 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program ipmgui.exe verze 15.0.36.198 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 2db0

Čas spuštění: 01d4419149f0c8c8

Čas ukončení: 203

Cesta k aplikaci: C:\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe

ID hlášení: a116255c-db26-4c6c-b286-92b5b9ef6b22

Úplný název balíčku s chybou: 

ID aplikace související s balíčkem s chybou:

Error: (09/01/2018 02:55:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.17134.1, časové razítko: 0xcb43d9c5
Název chybujícího modulu: biwinrt.dll, verze: 10.0.17134.1, časové razítko: 0x695175ab
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000000e5b7
ID chybujícího procesu: 0x25bc
Čas spuštění chybující aplikace: 0x01d4418e110f9f80
Cesta k chybující aplikaci: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\biwinrt.dll
ID zprávy: 0029da63-2579-4176-9b97-5aeb0084648b
Úplný název chybujícího balíčku: 134D4F5B.Box_2.1.4.4_neutral__2qk4zy5s3qmee
ID aplikace související s chybujícím balíčkem: Box

Error: (09/01/2018 02:36:31 AM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: Časový limit pro čekání na start serveru vypršel


System errors:
=============
Error: (09/13/2018 06:14:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/13/2018 06:07:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/13/2018 06:05:21 PM) (Source: DCOM) (EventID: 10001) (User: V)
Description: Nelze spustit server DCOM: Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy!App.AppXx4zfy1ffv3wctgdz2vypnybzjkh27jhw.mca jako Není k dispozici/Není k dispozici. Došlo k chybě: 
0
při provádění příkazu: 
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca

Error: (09/13/2018 06:05:21 PM) (Source: DCOM) (EventID: 10001) (User: V)
Description: Nelze spustit server DCOM: Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy!App.AppXx4zfy1ffv3wctgdz2vypnybzjkh27jhw.mca jako Není k dispozici/Není k dispozici. Došlo k chybě: 
0
při provádění příkazu: 
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca

Error: (09/13/2018 06:01:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID 
Windows.SecurityCenter.WscBrokerManager
 a APPID 
Není k dispozici
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/13/2018 06:00:55 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/13/2018 06:00:44 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.

Error: (09/13/2018 06:00:03 PM) (Source: DCOM) (EventID: 10001) (User: V)
Description: Nelze spustit server DCOM: Microsoft.People_10.1805.1361.0_x64__8wekyb3d8bbwe!x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x.AppXk8n013897y2z89d7v08qtryawtj0p3jg.mca jako Není k dispozici/Není k dispozici. Došlo k chybě: 
298
při provádění příkazu: 
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x.AppX368sbpk1kx658x0p332evjk2v0y02kxp.mca


Windows Defender:
===================================
Date: 2018-09-01 04:53:34.757
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80004004
Popis chyby: Operace přerušena 
Verze podpisu: 1.263.48.0;1.263.48.0
Verze modulu: 1.1.14600.4

Date: 2018-06-14 22:20:47.236
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 
Předchozí verze podpisu: 1.263.48.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.14600.4
Kód chyby: 0x80240017
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře. 

Date: 2018-06-14 22:14:43.356
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 
Předchozí verze podpisu: 1.263.48.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.14600.4
Kód chyby: 0x80240022
Popis chyby :V daném programu nelze zkontrolovat aktualizace definic. 

Date: 2018-06-14 22:14:43.355
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 
Předchozí verze podpisu: 1.263.48.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.14600.4
Kód chyby: 0x80240022
Popis chyby :V daném programu nelze zkontrolovat aktualizace definic. 

==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU N3530 @ 2.16GHz
Percentage of memory in use: 78%
Total physical RAM: 3986.95 MB
Available physical RAM: 869.42 MB
Total Virtual: 6418.95 MB
Available Virtual: 2847.02 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:447.38 GB) (Free:76.63 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:16.54 GB) (Free:1.68 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{eb1ef1df-1d2b-486e-8cca-a997c4a0fecf}\ (WINRE) (Fixed) (Total:0.39 GB) (Free:0.1 GB) NTFS
\\?\Volume{fbe23262-7fc9-4b52-b82a-e606ff602c17}\ () (Fixed) (Total:0.96 GB) (Free:0.39 GB) NTFS
\\?\Volume{f1af5f38-3fdd-410a-8b94-563edd5ea151}\ () (Fixed) (Total:0.25 GB) (Free:0.15 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 5A4D92F9)

Partition: GPT.

==================== End of Addition.txt ============================